PAM on Solaris
Gunnar Brading
gunnar at Astrogator.se
Mon Apr 22 12:03:58 EST 2002
I have been having problems with openssh and PAM on my Solaris 8 box. I needed
to use pam_krb5, and I always got the wrong owner on my credentials file
/tmp/krb5cc_xxxx. The owner became root...
It seems to me that the settings of uid should be before actually calling
pam_setcred() in session.c, and when I do change around those lines, it
started to work.
From what I can see this is not really good behaviour from Sun's pam-module.
It should realize the problem and verify ownership of the credential-file,
but.. Simply changing UID works, so why not, even if giving Sun a hard time
about it would be fun.
Anyway... If this change seems appropriate, I am appending my diff.
-- Gunnar
--
Gunnar Brading, Astrogator AB - High Performance Networks & Interactive Media
Email; gunnar at astrogator.se Address; Rörstrandsgatan 30A, 113 40 STOCKHOLM
Office: +46 8 5456 0010 Fax: +46 8 5456 0011 Cellular: +46 70 778 2 877
The scientist describes what is; the engineer creates what never was
- Theodore von Karman
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: session.c-PATCH
Url: http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20020422/7c18afc8/attachment.ksh
More information about the openssh-unix-dev
mailing list