[Bug 918] ssh_gssapi_storecreds called to late to be usable by PAM in sesion.c
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Sat Sep 11 20:02:17 EST 2004
http://bugzilla.mindrot.org/show_bug.cgi?id=918
------- Additional Comments From dtucker at zip.com.au 2004-09-11 20:02 -------
sshd.c calls do_setusercontext() to set up the post-auth privsep credentials,
and do_setusercontext has the pam_setcred() calls. The second call to
do_setusercontext in session.c is a no-op for the privsep case (ie if uid != 0
&& euid != 0).
I whacked some debugs in at the #ifdef GSSAPI points and gssapi_storecreds(),
the interesting bits are:
debug3: PAM: opening session
debug2: User child is on pid 5313
debug3: mm_request_receive entering
debug1: PAM: reinitializing credentials
debug1: permanently_set_uid: 500/500
[...]
debug3: GSSAPI: ssh_gssapi_storecreds()
debug1: PAM: setting PAM_TTY to "/dev/pts/2"
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the openssh-bugs
mailing list