Bug#1087644: openssh-server: no tty associated with login session
On Mon, Nov 18, 2024 at 01:11:41AM +0100, Chris Hofstaedtler wrote:
> On Sun, Nov 17, 2024 at 07:02:53AM +0100, Chris Hofstaedtler wrote:
> > * Colin Watson <cjwatson@debian.org> [241117 00:32]:
> > > Control: forwarded -1 https://github.com/openssh/openssh-portable/pull/403
> > > While reading up on this I ran across
> > > https://github.com/openssh/openssh-portable/pull/403, whose description
> > > sounds like the same thing.
> >
> > Possible
>
> I've now read up on the PR, and I think it will not solve the
> problem. Having the session recorded in wtmpdb is nice, but we
> already have pam_wtmpdb for that.
>
> who(1) talks to logind for getting currently logged in sessions.
> wtmpdb is irrelevant for this.
Fair enough.
> > If PAM knows about the tty, pam_systemd.so and pam_wtmpdb.so should
> > hopefully just record it.
>
> We need that part to work (again?).
I suspect this may be related to PAM_TTY_KLUDGE, then
(https://anongit.mindrot.org/openssh.git/tree/auth-pam.c#n760). Maybe
as well as setting a kludged PAM_TTY for pam_auth, sshd needs to set a
proper one for pam_session?
> (I also think linking libwtmpdb.so into sshd is not a good idea.)
It would be sshd-session, not sshd, so much less problematic than
pre-auth linkage.
--
Colin Watson (he/him) [cjwatson@debian.org]
Reply to: