[Bug 1067779] [NEW] missing pam_loginuid.so breaks getlogin()
Launchpad Bug Tracker
1067779 at bugs.launchpad.net
Thu Oct 18 13:46:39 UTC 2012
You have been subscribed to a public bug:
getlogin() call in new glibc checks /proc/self/loginuid presence and
trust its value as most safe source (due it's audit-related nature). But
default /etc/pam.d/common-account doesn't contains entry to
pam_loginuid.so which modify /proc/self/loginuid properly. This breaks
getlogin() at many scenarios like this:
(pam session without pam_loginuid)$ perl -e '$t=getlogin; print "$t\n";'
root
(pam session without pam_loginuid)$ id
uid=1000(...
just because /proc/self/loginuid contains '0' value
If I add pam_loginuid.so to /etc/pam.d/common-account like
http://manpages.ubuntu.com/manpages/precise/man8/pam_loginuid.8.html
recommend, everything worked as expected:
(pam session with pam_loginuid)$ perl -e '$t=getlogin; print "$t\n";'
user
(pam session with pam_loginuid)$ id
uid=1000(...
# cat /etc/lsb-release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=12.04
DISTRIB_CODENAME=precise
DISTRIB_DESCRIPTION="Ubuntu 12.04 LTS"
# dpkg -l|fgrep libpam
ii libpam-ck-connector 0.4.5-2 ConsoleKit PAM module
ii libpam-modules 1.1.3-7ubuntu2 Pluggable Authentication Modules for PAM
ii libpam-modules-bin 1.1.3-7ubuntu2 Pluggable Authentication Modules for PAM - helper binaries
ii libpam-runtime 1.1.3-7ubuntu2 Runtime support for the PAM library
ii libpam0g 1.1.3-7ubuntu2 Pluggable Authentication Modules library
** Affects: openssh (Ubuntu)
Importance: Undecided
Status: New
--
missing pam_loginuid.so breaks getlogin()
https://bugs.launchpad.net/bugs/1067779
You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openssh in Ubuntu.
More information about the Ubuntu-server-bugs
mailing list