Bug#1087644: openssh-server: no tty associated with login session

[Chris Hofstaedtler <zeha@debian.org>]

Control: forwarded -1 https://github.com/openssh/openssh-portable/pull/433

On Mon, Nov 18, 2024 at 07:51:35AM +0000, Colin Watson wrote:
> On Mon, Nov 18, 2024 at 01:11:41AM +0100, Chris Hofstaedtler wrote:
> > On Sun, Nov 17, 2024 at 07:02:53AM +0100, Chris Hofstaedtler wrote:
> > > * Colin Watson <cjwatson@debian.org> [241117 00:32]:
> > > > Control: forwarded -1 https://github.com/openssh/openssh-portable/pull/403
> > > > While reading up on this I ran across
> > > > https://github.com/openssh/openssh-portable/pull/403, whose description
> > > > sounds like the same thing.
> > > 
> > > Possible
> > 
> > I've now read up on the PR, and I think it will not solve the
> > problem.  Having the session recorded in wtmpdb is nice, but we
> > already have pam_wtmpdb for that.
> > 
> > who(1) talks to logind for getting currently logged in sessions.
> > wtmpdb is irrelevant for this.
> 
> Fair enough.
> 
> > > If PAM knows about the tty, pam_systemd.so and pam_wtmpdb.so should
> > > hopefully just record it.
> > 
> > We need that part to work (again?).
> 
> I suspect this may be related to PAM_TTY_KLUDGE, then
> (https://anongit.mindrot.org/openssh.git/tree/auth-pam.c#n760).  Maybe
> as well as setting a kludged PAM_TTY for pam_auth, sshd needs to set a
> proper one for pam_session?

I think so? Is it easy for you to build an sshd that does this?
The last time I looked at the openssh code trying to understand
where this might need to be patched in I got lost very quickly.

I just found another upstream PR, which would directly talk to
logind. Upstream doesn't seem to like it:
https://github.com/openssh/openssh-portable/pull/433

Chris