From owner-freebsd-bugs@FreeBSD.ORG  Tue Jun  5 11:00:18 2007
Return-Path: <owner-freebsd-bugs@FreeBSD.ORG>
X-Original-To: freebsd-bugs@hub.freebsd.org
Delivered-To: freebsd-bugs@hub.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 25FDB16A400
	for <freebsd-bugs@hub.freebsd.org>;
	Tue,  5 Jun 2007 11:00:18 +0000 (UTC)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org [69.147.83.40])
	by mx1.freebsd.org (Postfix) with ESMTP id 1010113C4AE
	for <freebsd-bugs@hub.freebsd.org>;
	Tue,  5 Jun 2007 11:00:17 +0000 (UTC)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1])
	by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id l55B0H1u007960
	for <freebsd-bugs@freefall.freebsd.org>; Tue, 5 Jun 2007 11:00:17 GMT
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.13.4/8.13.4/Submit) id l55B0HeF007959;
	Tue, 5 Jun 2007 11:00:17 GMT (envelope-from gnats)
Date: Tue, 5 Jun 2007 11:00:17 GMT
Message-Id: <200706051100.l55B0HeF007959@freefall.freebsd.org>
To: freebsd-bugs@FreeBSD.org
From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@des.no>
Cc: 
Subject: Re: bin/112574: sshd(8) ignores nologin(5) if using PAM and public
	key
X-BeenThere: freebsd-bugs@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@des.no>
List-Id: Bug reports <freebsd-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-bugs>
List-Post: <mailto:freebsd-bugs@freebsd.org>
List-Help: <mailto:freebsd-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Jun 2007 11:00:18 -0000

The following reply was made to PR bin/112574; it has been noted by GNATS.

From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@des.no>
To: Yar Tikhiy <yar@comp.chem.msu.su>
Cc: bug-followup@freebsd.org
Subject: Re: bin/112574: sshd(8) ignores nologin(5) if using PAM and public key
Date: Tue, 05 Jun 2007 12:42:04 +0200

 Yar Tikhiy <yar@comp.chem.msu.su> writes:
 > Second, it adds an account management function identical to the
 > authentication one so that pam_nologin can always work for sshd.
 
 Strictly speaking, pam_nologin should implement pam_sm_acct_mgmt() and
 *not* implement pam_sm_authenticate().  However, doing so at this point
 would break existing configurations.  You may want to discuss the
 possibility of doing just that for 7.0 with re@.
 
 DES
 --=20
 Dag-Erling Sm=C3=B8rgrav - des@des.no