Bug#237392: Possible fix for Debian bugs 242236 & 237392
On Tue, Jun 01, 2004 at 01:36:38AM +1000, Darren Tucker wrote:
> A couple of days ago I wrote a crude tool[1] to try and figure out what
> PAM is doing in such cases. If you feel game, you can use it to
> simulate roughly what sshd is doing. Check it to make sure there's
> nothing nasty in it, then compile it with "gcc pam-test-harness.c -lpam"
> and run it as root with "./a.out -u yourusername -s sshd". (The
> passwords will echo so make sure no-one is watching over your shoulder).
>
> Now, run it again with "-a", which will cause it to not call
> pam_authenticate and compare its behaviour. If it hangs with -a, it's
> probably a pam_ldap bug and you have a largish testcase for the PAM
> developers. If it doesn't hang, then it's probably something in what
> sshd does different which triggers it, and more investigation of sshd is
> needed. Either way, please send the output back, minus any passwords or
> private information.
Seems to work fine.. It could be that the pam ldap module is a little buggy,
but it only ssh shows this problem ;(...
Anyway output of both runs is attached.
Sjoerd
--
Destiny is a good thing to accept when it's going your way. When it isn't,
don't call it destiny; call it injustice, treachery, or simple bad luck.
-- Joseph Heller, "God Knows"
$Id: pam-test-harness.c,v 1.9 2004/05/31 01:05:24 dtucker Exp $
pam_start(ssh, sjoerd, ...) = 0 (Success)
pam_set_item(pamh, PAM_TTY, /dev/pts/67) = 0 (Success)
pam_set_item(pamh, PAM_RHOST, vela) = 0 (Success)
pam_set_item(pamh, PAM_RUSER, sjoerd) = 0 (Success)
pam_authenticate(pamh, 0)
conversation called with 1 messages
PROMPT_ECHO_OFF: Password: = 0 (Success)
pam_acct_mgmt(pamh, 0) = 0 (Success)
pam_open_session(pamh, 0) = 0 (Success)
pam_setcred(pamh, 0) = 0 (Success)
pam_get_item(pamh, PAM_USER, ...) = 0 (Success)
PAM_USER = sjoerd (unchanged)
Standard environment variables
PAM environment variables
uid 0 euid 0 gid 0 egid 0
pam_end(pamh, 0) = 0 (Success)
$Id: pam-test-harness.c,v 1.9 2004/05/31 01:05:24 dtucker Exp $
pam_start(ssh, sjoerd, ...) = 0 (Success)
pam_set_item(pamh, PAM_TTY, /dev/pts/67) = 0 (Success)
pam_set_item(pamh, PAM_RHOST, vela) = 0 (Success)
pam_set_item(pamh, PAM_RUSER, sjoerd) = 0 (Success)
pam_acct_mgmt(pamh, 0) = 0 (Success)
pam_open_session(pamh, 0) = 0 (Success)
pam_setcred(pamh, 0) = 0 (Success)
pam_get_item(pamh, PAM_USER, ...) = 0 (Success)
PAM_USER = sjoerd (unchanged)
Standard environment variables
PAM environment variables
uid 0 euid 0 gid 0 egid 0
pam_end(pamh, 0) = 0 (Success)
Reply to: