Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 384603 - sys-auth/pam_ssh-1.97-r2 (and r3) forgets to set gids in session start
Summary: sys-auth/pam_ssh-1.97-r2 (and r3) forgets to set gids in session start
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: [OLD] Core system (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: PAM Gentoo Team (OBSOLETE)
Depends on:
Reported: 2011-09-27 06:09 UTC by Alexander E. Patrakov
Modified: 2013-11-10 12:52 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Alexander E. Patrakov 2011-09-27 06:09:41 UTC
This is a copy-paste from :

Before ssh-agent is started as user, pam_ssh does not
set the gid/grouplist. Therefore ssh-agent runs with gid 0.

Gentoo currently does not carry their patch, and the issue reported there can be demonstrated to exist in Gentoo, too.

Reproducible: Always

Steps to Reproduce:
1. emerge pambase with the pam_ssh USE flag
2. login as yourself, using your ssh key passphrase
3. ls -ld /proc/`pidof ssh-agent`
Actual Results:  
dr-xr-xr-x 7 aep root 0 Сен 27 12:09 /proc/9794

Expected Results:  
dr-xr-xr-x 7 aep aep 0 Сен 27 12:09 /proc/9794

aep@aep-desktop ~ $ cat /etc/pam.d/system-auth 
auth		required 
auth		sufficient
auth		required try_first_pass likeauth nullok 
auth		optional
account		required 
account		optional
password	required difok=2 minlen=8 dcredit=2 ocredit=2 retry=3 
password	required try_first_pass use_authtok nullok sha512 shadow 
password	optional
session		optional
session		required 
session		required 
session		required 
session		optional
Comment 1 Pacho Ramos gentoo-dev 2013-11-06 20:27:52 UTC
+*pam_ssh-1.98 (06 Nov 2013)
+  06 Nov 2013; Pacho Ramos <> +pam_ssh-1.98.ebuild:
+  Version bump

Try with this version please
Comment 2 Alexander E. Patrakov 2013-11-10 12:52:40 UTC
Fixed indeed.