Date: Mon, 11 Jun 2001 13:15:04 -0700 (PDT) From: Pete Carah <pete@ns.altadena.net> To: stable@freebsd.org Subject: Re: Patch for PAM/ssh problem (was Re: sshd failing Message-ID: <200106112015.f5BKF4M45688@ns.altadena.net> In-Reply-To: <20010611132736.B14299@vger.bsdhome.com> References: <200106111552.f5BFqAB20461@earth.backplane.com> <20010611105748.A14299@vger.bsdhome.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Looks like Mark backed the PAM updates out, this morning. Looks to me like they required too many changes to other utilities, like sshd (among other things). He told me that he wasn't prepared to bring in *all* the changes yet in an answer to my earlier note about sshd. Since sshd works in -current (but is V2.9), with the same PAM version, I presume they handle loading *some* module in the PKI login case (this appears to be the problem with 2.3-green and the new PAM; either no module gets loaded and PAM fails the setcred (perm is the right error code for this case), or something like pam_unix gets loaded and didn't get used (i.e. no auth, and the saved return code defaults to perm). I'd presume they need a pam_permit or such in the PKI login case, or use pam_ssh (which doesn't appear to be used in -current yet, at least in pam.conf)). I haven't done any tracing of this like Matt has, so may be all (or partly) wet... Thanks, Matt, for the workaround... -- Pete To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200106112015.f5BKF4M45688>