[Bug 1852997] [NEW] /etc/krb5.conf options seem to be ignored by pam_krb5.so
Thomas Schweikle
1852997 at bugs.launchpad.net
Mon Nov 18 12:36:09 UTC 2019
Public bug reported:
Looks like set [appdefaults] for pam are ignored by pam_krb5.so:
[appdefaults]
forwardable = true
noaddresses = true
proxiable = true
pam = {
minimum_uid = 1000
alt_auth_map=root/%s
ccache_dir = /tmp/krb5cc
ccache = DIR:/tmp/krb5cc/%u_XXXXXX
}
I'd expect this to create
/tmp/krb5cc/1000_NvfDse
but:
/tmp/krb5cc_<uid> is used.
Same if I add these options to
-rw-r--r-- 1 root root 1360 Nov 18 12:25 /etc/pam.d/common-account
-rw-r--r-- 1 root root 1383 Nov 18 12:24 /etc/pam.d/common-auth
-rw-r--r-- 1 root root 1690 Nov 18 12:25 /etc/pam.d/common-password
-rw-r--r-- 1 root root 1675 Nov 18 12:25 /etc/pam.d/common-session
-rw-r--r-- 1 root root 1483 Nov 18 12:26 /etc/pam.d/common-session-noninteractive
"man pam_krb5" states:
[appdefaults]
forwardable = true
pam = {
minimum_uid = 1000
EXAMPLE.COM = {
ignore_k5login = true
}
}
It should work. But does not. It just does not make any difference if
[appdefaults] is there or not.
ProblemType: Bug
DistroRelease: Ubuntu 19.10
Package: libpam-krb5:amd64 4.8-2
ProcVersionSignature: Ubuntu 5.3.0-23.25-generic 5.3.7
Uname: Linux 5.3.0-23-generic x86_64
ApportVersion: 2.20.11-0ubuntu8.2
Architecture: amd64
Date: Mon Nov 18 13:24:53 2019
InstallationDate: Installed on 2019-09-09 (69 days ago)
InstallationMedia: Xubuntu 19.04 "Disco Dingo" - Release amd64 (20190416)
ProcEnviron:
LANGUAGE=de_DE
TERM=screen
PATH=(custom, no user)
LANG=de_DE.UTF-8
SHELL=/bin/bash
SourcePackage: libpam-krb5
UpgradeStatus: No upgrade log present (probably fresh install)
** Affects: libpam-krb5 (Ubuntu)
Importance: Undecided
Status: New
** Tags: amd64 apport-bug eoan
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to libpam-krb5 in Ubuntu.
https://bugs.launchpad.net/bugs/1852997
Title:
/etc/krb5.conf options seem to be ignored by pam_krb5.so
Status in libpam-krb5 package in Ubuntu:
New
Bug description:
Looks like set [appdefaults] for pam are ignored by pam_krb5.so:
[appdefaults]
forwardable = true
noaddresses = true
proxiable = true
pam = {
minimum_uid = 1000
alt_auth_map=root/%s
ccache_dir = /tmp/krb5cc
ccache = DIR:/tmp/krb5cc/%u_XXXXXX
}
I'd expect this to create
/tmp/krb5cc/1000_NvfDse
but:
/tmp/krb5cc_<uid> is used.
Same if I add these options to
-rw-r--r-- 1 root root 1360 Nov 18 12:25 /etc/pam.d/common-account
-rw-r--r-- 1 root root 1383 Nov 18 12:24 /etc/pam.d/common-auth
-rw-r--r-- 1 root root 1690 Nov 18 12:25 /etc/pam.d/common-password
-rw-r--r-- 1 root root 1675 Nov 18 12:25 /etc/pam.d/common-session
-rw-r--r-- 1 root root 1483 Nov 18 12:26 /etc/pam.d/common-session-noninteractive
"man pam_krb5" states:
[appdefaults]
forwardable = true
pam = {
minimum_uid = 1000
EXAMPLE.COM = {
ignore_k5login = true
}
}
It should work. But does not. It just does not make any difference if
[appdefaults] is there or not.
ProblemType: Bug
DistroRelease: Ubuntu 19.10
Package: libpam-krb5:amd64 4.8-2
ProcVersionSignature: Ubuntu 5.3.0-23.25-generic 5.3.7
Uname: Linux 5.3.0-23-generic x86_64
ApportVersion: 2.20.11-0ubuntu8.2
Architecture: amd64
Date: Mon Nov 18 13:24:53 2019
InstallationDate: Installed on 2019-09-09 (69 days ago)
InstallationMedia: Xubuntu 19.04 "Disco Dingo" - Release amd64 (20190416)
ProcEnviron:
LANGUAGE=de_DE
TERM=screen
PATH=(custom, no user)
LANG=de_DE.UTF-8
SHELL=/bin/bash
SourcePackage: libpam-krb5
UpgradeStatus: No upgrade log present (probably fresh install)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libpam-krb5/+bug/1852997/+subscriptions
More information about the foundations-bugs
mailing list