[SGVLUG] On a currently patched CentOS5 host, PAM_USER not always being set

Matthew Campbell dvdmatt at gmail.com
Mon May 11 10:22:32 PDT 2015


Does this happen on CentOS 7?  It may be that this fix was not back-ported
to 5.11 (that's fairly old now).

If you apply the patch documented in the bug report does 5.1 start to work?

Matt
On May 9, 2015 9:38 PM, "Scott Packard" <spackard at gmail.com> wrote:

> > ssh localhost
> $ cat /tmp/outfile
> /usr/local/src/test.sh is running at Sat May  9 20:56:37 PDT 2015
> PAM_SERVICE=sshd
> PAM_RHOST=localhost.localdomain
> PAM_USER=packard
> PAM_TYPE=auth
> PAM_TTY=ssh
>
> > gnome login
> /usr/locaGUI l/src/test.sh is running at Sat May  9 20:58:30 PDT 2015
> PAM_SERVICE=gdm
> PAM_TYPE=auth
> PAM_TTY=:0
>
>
> On a CentOS5.11 x64 host, fully patched,
> during authentication, I've shimmed a pam_exec call to a simple script that
> env | grep PAM >> /tmp/outfile
>
> If I'm already logged in, and ssh localhost, then PAM_USER is set,
> but if I log out, then try logging in via GNOME, PAM_USER is not set.
>
>
> This works on CentOS6 and Solaris 10x64.
> There was a bug reported about this on an earlier pam rpm, but was fixed
> in 2013
> and I have the latest pam rpm, pam-0.99.6.2-12.el5, which was in at
> least RHEL5.9.
> Any idea why?
> Has anyone bumped into this?
> I thought maybe it was an anomaly on another machine so I spent time
> tonight
> building up a fresh CentOS5.11x64 install into virtualbox.  No change.
>
> Regards, Scott
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://sgvlug.net/pipermail/sgvlug/attachments/20150511/21252bca/attachment.html>


More information about the SGVLUG mailing list