Mailing List Archive: Read this before installing sys-apps/gradm-3.0.201407162022

Read this before installing sys-apps/gradm-3.0.201407162022

Jul 23, 2014, 2:27 AM

Post #1 of 3 (1512 views)

Just a warning.
After I bumped sys-apps/gradm from 3.0.201405281853 to 3.0.201407162022, I
cannot authenticate myself as admin. I get "Invalid password" each time I
try to authenticate (non-pam).
Downgrading to the previous version solves the problem. First I thought
the pw file got corrupted. But it's the new gradm.
In my case it required booting on a CD using remote console and disabling
grsec activation on boot in order to be able to downgrade gradm, therefore
give back the control over my systems.

BR:
Dw.
--
dr TÃ³th Attila, RadiolÃ³gus, 06-20-825-8057
Attila Toth MD, Radiologist, +36-20-825-8057

Re: Read this before installing sys-apps/gradm-3.0.201407162022 [ In reply to ]

alexander at tsoy

Jul 24, 2014, 2:59 PM

Post #2 of 3 (1472 views)

Permalink

Ð’ Wed, 23 Jul 2014 11:27:40 +0200
"TÃ³th Attila" <atoth@atoth.sote.hu> Ð¿Ð¸ÑˆÐµÑ‚:

> Just a warning.
> After I bumped sys-apps/gradm from 3.0.201405281853 to
> 3.0.201407162022, I cannot authenticate myself as admin. I get
> "Invalid password" each time I try to authenticate (non-pam).
> Downgrading to the previous version solves the problem. First I
> thought the pw file got corrupted. But it's the new gradm.
> In my case it required booting on a CD using remote console and
> disabling grsec activation on boot in order to be able to downgrade
> gradm, therefore give back the control over my systems.
>
> BR:
> Dw.

Looks like this was already fixed in git and in a newer gradm snapshot:

https://grsecurity.net/gradm3-changelog.txt

commit 63017cb29510c1ded5308ca0a32b8d33f4c05d7c
Author: Brad Spengler <spender@grsecurity.net>
Date: Tue Jul 22 21:16:08 2014 -0400

fix broken password authentication caused by recent commit
4b923540573b90c0b2274d510e4948aa9c962775

It was not possible to authenticate to the RBAC system as I misread
the code and didn't notice it was stripping the trailing newline

--
Alexander Tsoy

Re: Read this before installing sys-apps/gradm-3.0.201407162022 [ In reply to ]

atoth at atoth

Jul 25, 2014, 2:41 AM

Post #3 of 3 (1468 views)

Permalink

My email got delivered with a significant delay because of some service
problems involving lists.gentoo.org. The gradm version is no longer in the
tree. So no need to watch out and anyone can go on with updating gradm.

BR: Dw.
--
dr TÃ³th Attila, RadiolÃ³gus, 06-20-825-8057
Attila Toth MD, Radiologist, +36-20-825-8057

2014.JÃºlius 24.(Cs) 23:59 idÅ‘pontban Alexander Tsoy ezt Ãrta:
> Ð’ Wed, 23 Jul 2014 11:27:40 +0200
> "TÃ³th Attila" <atoth@atoth.sote.hu> Ð¿Ð¸ÑˆÐµÑ‚:
>
>> Just a warning.
>> After I bumped sys-apps/gradm from 3.0.201405281853 to
>> 3.0.201407162022, I cannot authenticate myself as admin. I get
>> "Invalid password" each time I try to authenticate (non-pam).
>> Downgrading to the previous version solves the problem. First I
>> thought the pw file got corrupted. But it's the new gradm.
>> In my case it required booting on a CD using remote console and
>> disabling grsec activation on boot in order to be able to downgrade
>> gradm, therefore give back the control over my systems.
>>
>> BR:
>> Dw.
>
> Looks like this was already fixed in git and in a newer gradm snapshot:
>
> https://grsecurity.net/gradm3-changelog.txt
>
> commit 63017cb29510c1ded5308ca0a32b8d33f4c05d7c
> Author: Brad Spengler <spender@grsecurity.net>
> Date: Tue Jul 22 21:16:08 2014 -0400
>
> fix broken password authentication caused by recent commit
> 4b923540573b90c0b2274d510e4948aa9c962775
>
> It was not possible to authenticate to the RBAC system as I misread
> the code and didn't notice it was stripping the trailing newline
>
> --
> Alexander Tsoy
>
>