Bug#255870: ssh: defining SSHD_PAM_SERVICE breaks ability to set PAM service
Package: ssh
Version: 1:3.8.1p1-4
Severity: normal
The Debian ssh package is compiled with '-DSSHD_PAM_SERVICE=\"ssh\"'.
This breaks the ability to configure what PAM service is used, as that
is normally decided by the name of the binary.
I rolled a patch to make this settable at runtime without having to
symlink or rename the binary, but it doesn't seem like it will likely
be included in the portability release.
So, the best option would be to remove the above define when building
the package, and rename /etc/pam.d/ssh to /etc/pam.d/sshd. This will
allow the Debian packaged binary to still function as it currently does,
and allow it to use alternate PAM service names if someone synlinks to
the binary.
Any chance of making this change to the package?
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (990, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.7a
Locale: LANG=C, LC_CTYPE=C
Versions of packages ssh depends on:
ii adduser 3.57 Add and remove users and groups
ii debconf 1.4.28 Debian configuration management sy
ii dpkg 1.10.22 Package maintenance system for Deb
ii libc6 2.3.2.ds1-13 GNU C Library: Shared libraries an
ii libpam-modules 0.76-21 Pluggable Authentication Modules f
ii libpam-runtime 0.76-21 Runtime support for the PAM librar
ii libpam0g 0.76-21 Pluggable Authentication Modules l
ii libssl0.9.7 0.9.7d-3 SSL shared libraries
ii libwrap0 7.6.dbs-4 Wietse Venema's TCP wrappers libra
ii zlib1g 1:1.2.1.1-3 compression library - runtime
-- debconf information:
ssh/insecure_rshd:
ssh/privsep_ask: true
* ssh/user_environment_tell:
* ssh/forward_warning:
ssh/insecure_telnetd:
ssh/new_config: true
* ssh/use_old_init_script: true
* ssh/SUID_client: true
* ssh/privsep_tell:
ssh/ssh2_keys_merged:
* ssh/protocol2_only: true
ssh/encrypted_host_key_but_no_keygen:
* ssh/run_sshd: true
Reply to: