Bug#964580: openssh-server: ordering of /etc/pam.d/sshd inconsistent with e.g. /etc/pam.d/login

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#964580: openssh-server: ordering of /etc/pam.d/sshd inconsistent with e.g. /etc/pam.d/login
From: Michael Hudson-Doyle <michael.hudson@ubuntu.com>
Date: Thu, 09 Jul 2020 12:24:21 +1200
Message-id: <[🔎] 159425426143.395487.15770936813847119121.reportbug@anduril>
Reply-to: Michael Hudson-Doyle <michael.hudson@ubuntu.com>, 964580@bugs.debian.org

Package: openssh-server
Version: 1:8.2p1-4ubuntu0.1
Severity: normal

Dear Maintainer,

On my (Ubuntu 20.04) system, all of the pam configs that use both
pam_env.so and @include common-session configure pam_env.so before the
@include -- apart from /etc/pam.d/sshd.

Because @include common-session includes pam_systemd.so, this means that
ssh sessions don't get the environment variables set by systemd
environment generators. (See
https://bugs.launchpad.net/snappy/+bug/1659719).

Cheers,
mwh


-- System Information:
Debian Release: bullseye/sid
  APT prefers focal-updates
  APT policy: (500, 'focal-updates'), (500, 'focal-security'), (500, 'focal'), (400, 'focal-proposed'), (100, 'focal-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.4.0-40-generic (SMP w/8 CPU cores)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages openssh-server depends on:
ii  adduser                3.118ubuntu2
ii  debconf [debconf-2.0]  1.5.73
ii  dpkg                   1.19.7ubuntu3
ii  libaudit1              1:2.8.5-2ubuntu6
ii  libc6                  2.31-0ubuntu9
ii  libcom-err2            1.45.5-2ubuntu1
ii  libcrypt1              1:4.4.10-10ubuntu4
ii  libgssapi-krb5-2       1.17-6ubuntu4
ii  libkrb5-3              1.17-6ubuntu4
ii  libpam-modules         1.3.1-5ubuntu4
ii  libpam-runtime         1.3.1-5ubuntu4
ii  libpam0g               1.3.1-5ubuntu4
ii  libselinux1            3.0-1build2
ii  libssl1.1              1.1.1f-1ubuntu2
ii  libsystemd0            245.4-4ubuntu3.1
ii  libwrap0               7.6.q-30
ii  lsb-base               11.1.0ubuntu2
ii  openssh-client         1:8.2p1-4ubuntu0.1
ii  openssh-sftp-server    1:8.2p1-4ubuntu0.1
ii  procps                 2:3.3.16-1ubuntu2
ii  ucf                    3.0038+nmu1
ii  zlib1g                 1:1.2.11.dfsg-2ubuntu1

Versions of packages openssh-server recommends:
ii  libpam-systemd [logind]  245.4-4ubuntu3.1
ii  ncurses-term             6.2-0ubuntu2
ii  ssh-import-id            5.10-0ubuntu1
ii  xauth                    1:1.1-0ubuntu1

Versions of packages openssh-server suggests:
pn  molly-guard   <none>
pn  monkeysphere  <none>
pn  ssh-askpass   <none>
ii  ufw           0.36-6

-- debconf information excluded

Reply to:

Prev by Date: debianssh maintainer
Next by Date: ✍ Voordeeldagen -10% extra vanaf nu met ons huismerk of Xerox-XRC.
Previous by thread: debianssh maintainer
Next by thread: ✍ Voordeeldagen -10% extra vanaf nu met ons huismerk of Xerox-XRC.
Index(es):
- Date
- Thread