From owner-freebsd-current  Mon May  7 19:31:32 2001
Delivered-To: freebsd-current@freebsd.org
Received: from wall.polstra.com (rtrwan160.accessone.com [206.213.115.74])
	by hub.freebsd.org (Postfix) with ESMTP id 4DD8137B423
	for <current@freebsd.org>; Mon,  7 May 2001 19:31:28 -0700 (PDT)
	(envelope-from jdp@wall.polstra.com)
Received: from vashon.polstra.com (vashon.polstra.com [206.213.73.13])
	by wall.polstra.com (8.11.3/8.11.1) with ESMTP id f482VI052621;
	Mon, 7 May 2001 19:31:18 -0700 (PDT)
	(envelope-from jdp@wall.polstra.com)
Received: (from jdp@localhost)
	by vashon.polstra.com (8.11.3/8.11.0) id f482VIX65895;
	Mon, 7 May 2001 19:31:18 -0700 (PDT)
	(envelope-from jdp)
Date: Mon, 7 May 2001 19:31:18 -0700 (PDT)
Message-Id: <200105080231.f482VIX65895@vashon.polstra.com>
To: current@freebsd.org
From: John Polstra <jdp@polstra.com>
Cc: knu@iDaemons.org
Subject: Re: OpenSSH 2.9 problems
In-Reply-To: <86g0ekxevw.wl@archon.local.idaemons.org>
References: <86g0ekxevw.wl@archon.local.idaemons.org>
Organization: Polstra & Co., Seattle, WA
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

In article <86g0ekxevw.wl@archon.local.idaemons.org>,
Akinori MUSHA <knu@iDaemons.org> wrote:
> I have some problems with the newly updated OpenSSH 2.9.
> 
> 1. Sshd fails to authenticate via PAM.
> 
> May  5 19:18:07 archon sshd[803]: fatal: PAM setcred failed[6]: Permission denied

If you would just like to get it to work until the person who broke it
fixes it properly, the patch below will accomplish that.  This is _not_
a correct fix, and it should definitely not be committed.

John

Index: auth-pam.c
===================================================================
RCS file: /home/ncvs/src/crypto/openssh/auth-pam.c,v
retrieving revision 1.3
diff -u -r1.3 auth-pam.c
--- auth-pam.c	2001/05/05 01:12:45	1.3
+++ auth-pam.c	2001/05/08 02:24:45
@@ -151,11 +151,13 @@
 				pam_retval, PAM_STRERROR(pamh, pam_retval));
 		}
 
+#if 0 /* XXX */
 		pam_retval = pam_setcred(pamh, PAM_DELETE_CRED);
 		if (pam_retval != PAM_SUCCESS) {
 			debug("Cannot delete credentials[%d]: %.200s", 
 				pam_retval, PAM_STRERROR(pamh, pam_retval));
 		}
+#endif
 
 		pam_retval = pam_end(pamh, pam_retval);
 		if (pam_retval != PAM_SUCCESS) {
@@ -261,6 +263,7 @@
 /* Set PAM credentials */ 
 void do_pam_setcred(void)
 {
+#if 0 /* XXX */
 	int pam_retval;
  
 	debug("PAM establishing creds");
@@ -269,6 +272,7 @@
 		fatal("PAM setcred failed[%d]: %.200s", 
 			pam_retval, PAM_STRERROR(pamh, pam_retval));
 	}
+#endif
 }
 
 /* accessor function for file scope static variable */

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message