[Bug 926] pam_session_close called as user or not at all

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Sat Jun 24 04:33:13 EST 2006


http://bugzilla.mindrot.org/show_bug.cgi?id=926


skunk at iSKUNK.ORG changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |skunk at iSKUNK.ORG




------- Comment #19 from skunk at iSKUNK.ORG  2006-06-24 04:33 -------
I've been bitten by this bug as well. (Want to do custom session
teardown as root. Currently, only "UseLogin yes" gets me there, but of
course that costs me X11 forwarding.)

I've applied patch 1143 to an openssh_cvs tree and tested on a
Debian/unstable Linux system. My observations:

1. pam_sm_{open,close}_session() are correctly invoked as root. (uid ==
gid == euid == egid == 0 for both)

2. Messages written to stdout/stderr in pam_sm_{open,close}_session()
are not visible to the user logging in or out. (I don't know if this is
by PAM's design or not.)

3. When running "sshd -de", messages written to stderr in
pam_sm_{open,close}_session() are visible in the server's stderr log.
Messages to stdout go nowhere that I can find.




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.




More information about the openssh-bugs mailing list