Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 317659 - sys-auth/pambase add pam_abl support
Summary: sys-auth/pambase add pam_abl support
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Lowest enhancement (vote)
Assignee: Mikle Kolyada (RETIRED)
Keywords: NeedPatch
Depends on:
Reported: 2010-04-28 18:32 UTC by Sergio Bevilacqua
Modified: 2020-06-09 18:02 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---

ebuild diff (pam_abl.diff,228 bytes, patch)
2010-04-28 18:34 UTC, Sergio Bevilacqua
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Sergio Bevilacqua 2010-04-28 18:32:42 UTC
pam_abl provides auto blacklisting of hosts and users responsible for repeated failed authentication attempts

Reproducible: Always
Comment 1 Sergio Bevilacqua 2010-04-28 18:34:20 UTC
Created attachment 229555 [details, diff]
ebuild diff

added abl use flag at the openssh ebuild
Comment 2 Jeroen Roovers (RETIRED) gentoo-dev 2010-04-28 21:44:55 UTC
Erm, so the only thing you're changing is setting a USE flag to automatically depend on another package? Isn't it sufficient to just emerge the package itself instead of requiring other packages to pull it in, or does the openssh ebuild then configure and compile in support for pam_abl? In the latter case, the econf call should be changed accordingly and your diff (which should preferably be a unified diff, by the way) would be only half the work.
Comment 3 Sergio Bevilacqua 2010-04-29 06:40:07 UTC
the only required step is to add the following line to /etc/pam.d/system-auth
auth 	 required 	 /lib/security/ config=/etc/security/pam_abl.conf

no other steps are required
Comment 4 Diego Elio Pettenò (RETIRED) gentoo-dev 2010-04-29 12:20:04 UTC
No you definitely *don't* want to add this to OpenSSH. I'll take it as a pambase feaure request but very _very_ low on priority for now if you don't mind.
Comment 5 Gilles Dartiguelongue (RETIRED) gentoo-dev 2010-11-08 13:06:57 UTC
FTR, I'm having this setup on my router:

system-remote-login:auth                required config=/etc/security/pam_abl.conf
Comment 6 Diego Elio Pettenò (RETIRED) gentoo-dev 2010-11-08 13:16:41 UTC
I'm integrating this already in the new m4 branch of pambase.
Comment 7 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2020-06-09 18:02:07 UTC
Hmmm, rather not.