openssh-3.9p1: no pam_close_session() invocation
Dr. Carsten Benecke
Carsten.Benecke at rrz.uni-hamburg.de
Thu Sep 16 01:44:17 EST 2004
Hello,
I have tested the patch and traced the pam_xxx() calls. With
"UsePrivilegeSeparation no" in the config file the pam_close_session()
function now is called after closing a session:
3.9p1 without patch, without Privsep:
debug_sm_authenticate: entered (<no comment>)
pid = 19406, ppid = 19345, uid = 0, euid = 0
debug_sm_acct_mgmt: entered (<no comment>)
pid = 19406, ppid = 19345, uid = 0, euid = 0
debug_sm_setcred: entered (<no comment>)
pid = 19406, ppid = 19345, uid = 0, euid = 0
debug_sm_open_session: entered (<no comment>)
pid = 19410, ppid = 19406, uid = 0, euid = 0
debug_sm_setcred: entered (<no comment>)
pid = 19410, ppid = 19406, uid = 0, euid = 0
debug_sm_setcred: entered (<no comment>)
pid = 19406, ppid = 19345, uid = 0, euid = 0
3.9p1 with patch, without Privsep:
debug_sm_authenticate: entered (<no comment>)
pid = 20184, ppid = 20179, uid = 0, euid = 0
debug_sm_acct_mgmt: entered (<no comment>)
pid = 20184, ppid = 20179, uid = 0, euid = 0
debug_sm_setcred: entered (<no comment>)
pid = 20184, ppid = 20179, uid = 0, euid = 0
debug_sm_open_session: entered (<no comment>)
pid = 20188, ppid = 20184, uid = 0, euid = 0
debug_sm_setcred: entered (<no comment>)
pid = 20188, ppid = 20184, uid = 0, euid = 0
debug_sm_setcred: entered (<no comment>)
pid = 20184, ppid = 20179, uid = 0, euid = 0
debug_sm_close_session: entered (<no comment>)
pid = 20184, ppid = 20179, uid = 0, euid = 0
By putting "UsePrivilegeSeparation yes" in the config file the call to
pam_close_session() leaks root privileges (which are necessary in my case):
3.9p1 with patch, with Privsep:
debug_sm_authenticate: entered (<no comment>)
pid = 20123, ppid = 20116, uid = 0, euid = 0
debug_sm_acct_mgmt: entered (<no comment>)
pid = 20123, ppid = 20116, uid = 0, euid = 0
debug_sm_open_session: entered (<no comment>)
pid = 20128, ppid = 20123, uid = 0, euid = 0
debug_sm_setcred: entered (<no comment>)
pid = 20128, ppid = 20123, uid = 0, euid = 0
debug_sm_setcred: entered (<no comment>)
pid = 20128, ppid = 20123, uid = 1002, euid = 1002
debug_sm_close_session: entered (<no comment>)
pid = 20128, ppid = 20123, uid = 1002, euid = 1002
Another problem remains. Even without priviledge separation the process
that calls pam_start_session() ist not the same process which calls
pam_close_session(). In my case this is necessary as I pass some
information in the pam environment that is used by successive pam modules.
So it would be perfect to have a single process that
* has root privileges and
* does _all_ pam_xxx() calls.
Is that possible?
Best regards
CB
Darren Tucker schrieb:
> Dr. Carsten Benecke wrote:
>
>> After closing a ssh-session the pam_close_session() function is not
>> invoked. Enabling PrivilegeSeparation (UsePrivilegeSeparation yes)
>> does not help.
>
>
> That appears to be the case. I have opened a bug (with patch):
> http://bugzilla.mindrot.org/show_bug.cgi?id=926
>
> Could you please try the patch and let us know if it resolves the problem?
>
--
Dr. Carsten Benecke, Regionales Rechenzentrum, Universität Hamburg,
Schlüterstr. 70, D-20146 Hamburg, Tel.: ++49 40 42838 3097,
Fax: ++49 40 42838 3096, mailto: Carsten.Benecke at rrz.uni-hamburg.de
More information about the openssh-unix-dev
mailing list