[Bug 1067779] Re: missing pam_loginuid.so breaks getlogin()

Launchpad Bug Tracker 1067779 at bugs.launchpad.net
Thu May 23 06:54:21 UTC 2013 

This bug was fixed in the package openssh - 1:6.2p2-3

---------------
openssh (1:6.2p2-3) unstable; urgency=low


  * If the running init daemon is Upstart, then, on the first upgrade to
    this version, check whether sysvinit is still managing sshd; if so,
    manually stop it so that it can be restarted under upstart.  We do this
    near the end of the postinst, so it shouldn't result in any appreciable
    extra window where sshd is not running during upgrade.

 -- Colin Watson <cjwatson at debian.org>  Wed, 22 May 2013 17:42:10 +0100

** Changed in: openssh (Ubuntu)
       Status: Confirmed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to shadow in Ubuntu.
https://bugs.launchpad.net/bugs/1067779

Title:
  missing pam_loginuid.so breaks getlogin()

Status in “at” package in Ubuntu:
  New
Status in “cron” package in Ubuntu:
  Confirmed
Status in “openssh” package in Ubuntu:
  Fix Released
Status in “shadow” package in Ubuntu:
  Confirmed
Status in “at” package in Debian:
  New
Status in “cron” package in Debian:
  New
Status in “openssh” package in Debian:
  Fix Released
Status in “shadow” package in Debian:
  New

Bug description:
  getlogin() call in new glibc checks /proc/self/loginuid presence and
  trust its value as most safe source (due it's audit-related nature).
  But default /etc/pam.d/common-account doesn't contains entry to
  pam_loginuid.so which modify /proc/self/loginuid properly. This breaks
  getlogin() at many scenarios like this:

  (pam session without pam_loginuid)$  perl -e '$t=getlogin; print "$t\n";'
  root
  (pam session without pam_loginuid)$  id
  uid=1000(...

  just because /proc/self/loginuid contains '0' value

  If I add pam_loginuid.so to /etc/pam.d/common-account like
  http://manpages.ubuntu.com/manpages/precise/man8/pam_loginuid.8.html
  recommend, everything worked as expected:

  (pam session with pam_loginuid)$  perl -e '$t=getlogin; print "$t\n";'
  user
  (pam session with pam_loginuid)$  id
  uid=1000(...

  # cat /etc/lsb-release 
  DISTRIB_ID=Ubuntu
  DISTRIB_RELEASE=12.04
  DISTRIB_CODENAME=precise
  DISTRIB_DESCRIPTION="Ubuntu 12.04 LTS"

  # dpkg -l|fgrep libpam
  ii  libpam-ck-connector                  0.4.5-2                          ConsoleKit PAM module
  ii  libpam-modules                       1.1.3-7ubuntu2                   Pluggable Authentication Modules for PAM
  ii  libpam-modules-bin                   1.1.3-7ubuntu2                   Pluggable Authentication Modules for PAM - helper binaries
  ii  libpam-runtime                       1.1.3-7ubuntu2                   Runtime support for the PAM library
  ii  libpam0g                             1.1.3-7ubuntu2                   Pluggable Authentication Modules library

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/at/+bug/1067779/+subscriptions

More information about the foundations-bugs mailing list