From owner-freebsd-ports@FreeBSD.ORG Mon Jun 27 13:04:37 2005 Return-Path: X-Original-To: freebsd-ports@FreeBSD.org Delivered-To: freebsd-ports@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B0E8216A41C; Mon, 27 Jun 2005 13:04:37 +0000 (GMT) (envelope-from tataz@tataz.chchile.org) Received: from postfix3-1.free.fr (postfix3-1.free.fr [213.228.0.44]) by mx1.FreeBSD.org (Postfix) with ESMTP id CF38743D5D; Mon, 27 Jun 2005 13:04:36 +0000 (GMT) (envelope-from tataz@tataz.chchile.org) Received: from tatooine.tataz.chchile.org (vol75-8-82-233-239-98.fbx.proxad.net [82.233.239.98]) by postfix3-1.free.fr (Postfix) with ESMTP id 62B7F1734E1; Mon, 27 Jun 2005 15:04:35 +0200 (CEST) Received: by tatooine.tataz.chchile.org (Postfix, from userid 1000) id D7915405B; Mon, 27 Jun 2005 15:04:49 +0200 (CEST) Date: Mon, 27 Jun 2005 15:04:49 +0200 From: Jeremie Le Hen To: Dag-Erling =?iso-8859-1?Q?Sm=F8rgrav?= Message-ID: <20050627130449.GQ1283@obiwan.tataz.chchile.org> References: <20050626211011.GH1283@obiwan.tataz.chchile.org> <86d5q8113a.fsf@xps.des.no> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <86d5q8113a.fsf@xps.des.no> User-Agent: Mutt/1.5.9i Cc: freebsd-current@FreeBSD.org, Jeremie Le Hen , freebsd-ports@FreeBSD.org Subject: Re: OpenPAM Figwort broke PAM modules from ports X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Jun 2005 13:04:37 -0000 Hi Dag-Erling, > > This prevents PAM modules installed in /usr/local/lib from being > > dlopen(3)'d. I'm not sure whether FreeBSD really wants this new > > ``feature'' or not, but actually I think this needs a note in > > src/UPDATING to be issued, explaining that PAM modules installed from > > ports need to be specified with their full path now. > > They always did. With all respect I owe you you, the last upgrade of my -CURRENT box constrained me to use the following patch to make pam_alreadyloggedin.so work again : %%% --- login.old Mon Jun 27 16:13:34 2005 +++ login Mon Jun 27 01:12:30 2005 @@ -6,7 +6,7 @@ # auth auth required pam_nologin.so no_warn -auth sufficient pam_alreadyloggedin.so no_root +auth sufficient /usr/local/lib/pam_alreadyloggedin.so no_root auth sufficient pam_self.so no_warn auth include system %%% It can be verified by hacking src/contrib/openpam/lib/openpam_dynamic.c (this trivially reverts the diff I posted in my previous email) : %%% Index: openpam_dynamic.c =================================================================== RCS file: /nfs/donald/repo/FreeBSD/src/contrib/openpam/lib/openpam_dynamic.c,v retrieving revision 1.1.1.8 diff -u -r1.1.1.8 openpam_dynamic.c --- openpam_dynamic.c 17 Jun 2005 08:11:42 -0000 1.1.1.8 +++ openpam_dynamic.c 27 Jun 2005 14:16:45 -0000 @@ -71,6 +71,7 @@ prefix = OPENPAM_MODULES_DIR; else prefix = ""; + prefix = ""; /* try versioned module first, then unversioned module */ if (asprintf(&vpath, "%s%s.%d", prefix, path, LIB_MAJ) < 0) %%% Compiling libpam with this patch allows me to use pam_alreadyloggedin.so without specifying its full path, like it was before the upgrade to OpenPAM Figwort. I think this is due to rc.d/ldconfig default settings which add the content of /usr/local/lib into rtld(1) standard hints file. Now that the path is fully specified in libpam, this doesn't work any longer. It would be nice to have a note in src/UPDATING about this. Best regards, -- Jeremie Le Hen < jeremie at le-hen dot org >< ttz at chchile dot org >