From owner-freebsd-ports-bugs@FreeBSD.ORG Thu Apr 27 23:00:40 2006 Return-Path: X-Original-To: freebsd-ports-bugs@hub.freebsd.org Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D22A516A425 for ; Thu, 27 Apr 2006 23:00:40 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2CD1C43D46 for ; Thu, 27 Apr 2006 23:00:40 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id k3RN0ZXw087198 for ; Thu, 27 Apr 2006 23:00:40 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.4/8.13.4/Submit) id k3RN0YXr087197; Thu, 27 Apr 2006 23:00:34 GMT (envelope-from gnats) Resent-Date: Thu, 27 Apr 2006 23:00:34 GMT Resent-Message-Id: <200604272300.k3RN0YXr087197@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, "Boris B. Samorodov" Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3476116A400 for ; Thu, 27 Apr 2006 22:56:05 +0000 (UTC) (envelope-from bsam@ipt.ru) Received: from mail.ipt.ru (mail.ipt.ru [80.253.10.82]) by mx1.FreeBSD.org (Postfix) with ESMTP id BABB343D45 for ; Thu, 27 Apr 2006 22:56:04 +0000 (GMT) (envelope-from bsam@ipt.ru) Received: from stat.sem.ipt.ru ([192.168.12.1] helo=srv.sem.ipt.ru) by mail.ipt.ru with esmtp (Exim 4.54 (FreeBSD)) id 1FZFP0-000K1Y-Ur for FreeBSD-gnats-submit@freebsd.org; Fri, 28 Apr 2006 02:56:03 +0400 Received: from bsam by srv.sem.ipt.ru with local (Exim 4.61 (FreeBSD)) (envelope-from ) id 1FZFOo-000Jt5-Qz for FreeBSD-gnats-submit@freebsd.org; Fri, 28 Apr 2006 02:55:50 +0400 Message-Id: Date: Fri, 28 Apr 2006 02:55:50 +0400 From: "Boris B. Samorodov" To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Cc: Subject: ports/96436: [patch] x11/xorg-clients: logging on xdm with pam_krb does not create a ticket file X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: "Boris B. Samorodov" List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 Apr 2006 23:00:40 -0000 >Number: 96436 >Category: ports >Synopsis: [patch] x11/xorg-clients: logging on xdm with pam_krb does not create a ticket file >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Thu Apr 27 23:00:34 GMT 2006 >Closed-Date: >Last-Modified: >Originator: Boris B. Samorodov >Release: FreeBSD 6.1-RC i386 >Organization: InPharmTech, Co. http://www.ipt.ru >Environment: System: FreeBSD srv.sem.ipt.ru 6.1-RC FreeBSD 6.1-RC #1: Fri Apr 14 18:29:53 MSD 2006 bsam@srv.sem.ipt.ru:/usr/obj/usr/src/sys/SRV i386 >Description: Current xdm code doesn't create a ticket file when logging on xdm using pam_krb5. You are authenticated by kerberos, get the GUI. But not the ticket file. The function pam_setcred() at xdm/session.c is never reached. Note: I can't say that it is a good solution -- just to copy the code which is never reached to a new place. But it works for me. >How-To-Repeat: 1. Install x11/xorg-clients. 2. Create a kerberos account at KDC. 3. Uncomment next line at /etc/pam.d/xdm: auth sufficient pam_krb5.so try_first_pass 4. Load xdm. 5. Login on xdm with kerberos account. 6. Run klist. (No ticket file) >Fix: The patch is relative to the port: # cd ports/x11 # patch -p0 < _the_patch_ ===== the patch begins here ===== diff -ruN xorg-clients.orig/Makefile xorg-clients/Makefile --- xorg-clients.orig/Makefile Fri Apr 28 02:28:18 2006 +++ xorg-clients/Makefile Fri Apr 28 02:29:30 2006 @@ -7,7 +7,7 @@ PORTNAME= xorg-clients PORTVERSION= 6.9.0 -PORTREVISION= 2 +PORTREVISION= 3 CATEGORIES= x11 MASTER_SITES= ${MASTER_SITE_XORG} MASTER_SITE_SUBDIR= X11R${PORTVERSION}/src diff -ruN xorg-clients.orig/files/patch-xdm_session.c xorg-clients/files/patch-xdm_session.c --- xorg-clients.orig/files/patch-xdm_session.c Fri Apr 28 02:28:18 2006 +++ xorg-clients/files/patch-xdm_session.c Fri Apr 28 01:46:29 2006 @@ -8,7 +8,7 @@ #endif #ifdef K5AUTH # include -@@ -529,6 +528,7 @@ +@@ -533,6 +532,7 @@ int pid; #ifdef HAS_SETUSERCONTEXT struct passwd* pwd; @@ -16,7 +16,20 @@ #endif #ifdef USE_PAM pam_handle_t *pamh = thepamh (); -@@ -610,6 +610,8 @@ +@@ -576,6 +576,12 @@ + for(i = 0; pam_env && pam_env[i]; i++) { + verify->userEnviron = putEnv(pam_env[i], verify->userEnviron); + } ++ pam_error = pam_setcred (pamh, PAM_ESTABLISH_CRED); ++ if (pam_error != PAM_SUCCESS) { ++ LogError ("pam_setcred for \"%s\" failed: %s\n", ++ name, pam_strerror(pamh, pam_error)); ++ return(0); ++ } + } + #endif + +@@ -648,6 +654,8 @@ * Set the user's credentials: uid, gid, groups, * environment variables, resource limits, and umask. */ @@ -25,7 +38,7 @@ pwd = getpwnam(name); if (pwd) { if (setusercontext(NULL, pwd, pwd->pw_uid, LOGIN_SETALL) < 0) { -@@ -617,6 +619,7 @@ +@@ -655,6 +663,7 @@ errno); return (0); } ===== the patch ends here ===== WBR -- bsam >Release-Note: >Audit-Trail: >Unformatted: