[Bug 564] new PAM code only calls pam_acct_mgmt for challenge-response clients

[bugzilla-daemon at mindrot.org]

http://bugzilla.mindrot.org/show_bug.cgi?id=564





------- Additional Comments From dtucker at zip.com.au  2003-08-25 11:42 -------
I've looked at patch id #369.

This part is useless:

diff -u -r1.246 session.c
--- session.c   13 Aug 2003 10:31:05 -0000      1.246
+++ session.c   24 Aug 2003 12:44:32 -0000
@@ -719,6 +719,11 @@
        if (options.use_pam && is_pam_password_change_required()) {
                print_pam_messages();
                do_pam_chauthtok();
+               
+               /* Permit forwardings if we succeed here */
+               no_port_forwarding_flag &= ~2;
+               no_agent_forwarding_flag &= ~2;
+               no_x11_forwarding_flag &= ~2;
        }
 #endif

By the time that runs, you are in the process that later execs the user's shell. 
  The forwarding flags you need to reset are in its parent.

The patch regress tested OK on Redhat 8.

Something funny is wrong on HP-UX & Solaris (dynamic forwarding tests fail, not 
sure why yet).



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.