Bug#599399: Incorrect effective groups when logging in with NIS and pubkey auth

To: submit@bugs.debian.org
Subject: Bug#599399: Incorrect effective groups when logging in with NIS and pubkey auth
From: Arto Jantunen <viiru@debian.org>
Date: Thu, 07 Oct 2010 12:22:06 +0300
Message-id: <8762xetl1d.fsf@viiru.iki.fi>
Reply-to: Arto Jantunen <viiru@debian.org>, 599399@bugs.debian.org

Package: openssh-server
Severity: important
Version: 1:5.5p1-4

On current squeeze when I login using pubkey auth to a machine that uses NIS,
I end up with only the primary group and none of the others that my user is a
member of. I can add the others using newgrp (without any passwords). If I
disable pubkey and login via password (adding -O PubkeyAuthentication=no to
the command line), the rest of the groups appear. None of the involved groups
exist in /etc/group, they all come through NIS.

This may very well be a bug in PAM or NIS, but I can't get a good enough
handle on the problem to be able to tell. I'm using the fact that an ssh
option changes the behavior as justification for filing this against it..

-- 
Arto Jantunen

Reply to:

Follow-Ups:
- Bug#599399: Incorrect effective groups when logging in with NIS and pubkey auth
  - From: Russ Allbery <rra@debian.org>

Prev by Date: Bug#599240: openssh-server: error message snot logged unless PrivilegeSeparation off
Next by Date: Bug#599399: Incorrect effective groups when logging in with NIS and pubkey auth
Previous by thread: Bug#599240: openssh-server: error message snot logged unless PrivilegeSeparation off
Next by thread: Bug#599399: Incorrect effective groups when logging in with NIS and pubkey auth
Index(es):
- Date
- Thread