Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. OpenSSH>
  3. Bugs
[Bug 1215] sshd requires entry from getpwnam for PAM accounts
bugzilla-daemon at mindrot
Aug 9, 2006, 7:27 AM
Post #1 of 4 (1058 views)
Permalink
http://bugzilla.mindrot.org/show_bug.cgi?id=1215

Summary: sshd requires entry from getpwnam for PAM accounts
Product: Portable OpenSSH
Version: 4.3p2
Platform: Other
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P2
Component: PAM support
AssignedTo: bitbucket@mindrot.org
ReportedBy: dtucker@zip.com.au


sshd requires that a user exists in /etc/passwd or similar (eg nss).

With some changes, it should be possible to track PAM_USER as it
changes and adjust the authctxt accordingly.

I'm not sure that this is a good idea, but I wanted to investigate
what's involved.




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
http://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 1215] sshd requires entry from getpwnam for PAM accounts [ In reply to ]
bugzilla-daemon at mindrot
Aug 9, 2006, 7:38 AM
Post #2 of 4 (1038 views)
Permalink
http://bugzilla.mindrot.org/show_bug.cgi?id=1215





------- Comment #1 from dtucker@zip.com.au 2006-08-10 00:38 -------
Created an attachment (id=1170)
--> (http://bugzilla.mindrot.org/attachment.cgi?id=1170&action=view)
attempt to make sshd handle when getpwnam doesn't know about the user
but PAM does

Warning: this is not production-quality code. I wrote it based on
hacking one of my test modules to behave as I think the RADIUS/TACACS
PAM modules would. It leaks like a sieve and is barely tested.

It would be interesting to know if it works, though.




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
http://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 1215] sshd requires entry from getpwnam for PAM accounts [ In reply to ]
bugzilla-daemon at mindrot
Aug 9, 2006, 8:59 AM
Post #3 of 4 (1009 views)
Permalink
http://bugzilla.mindrot.org/show_bug.cgi?id=1215


t8m@centrum.cz changed:

What |Removed |Added
----------------------------------------------------------------------------
CC| |t8m@centrum.cz






------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
http://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 1215] sshd requires entry from getpwnam for PAM accounts [ In reply to ]
bugzilla-daemon at mindrot
Aug 9, 2006, 3:01 PM
Post #4 of 4 (1016 views)
Permalink
http://bugzilla.mindrot.org/show_bug.cgi?id=1215


dtucker@zip.com.au changed:

What |Removed |Added
----------------------------------------------------------------------------
Attachment #1170 is|0 |1
obsolete| |




------- Comment #2 from dtucker@zip.com.au 2006-08-10 08:01 -------
Created an attachment (id=1171)
--> (http://bugzilla.mindrot.org/attachment.cgi?id=1171&action=view)
make sshd handle when getpwnam doesn't know about the user but PAM does

Updated patch (against 4.3p2). Leaks less (but still leaks) and copies
passwd struct when PAM changes the username (the old one should have,
but didn't).




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
http://lists.mindrot.org/mailman/listinfo/openssh-bugs

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal