Skip site navigation (1)Skip section navigation (2) 
Date:      2 Sep 2009 17:05:49 -0000
From:      Ben Schumacher <me@benschumacher.com>
To:        FreeBSD-gnats-submit@FreeBSD.org
Subject:   ports/138483: pam_pwdfile port doesn't work post update to 0.99
Message-ID:  <20090902170549.59738.qmail@hiro.blahr.com>
Resent-Message-ID: <200909021800.n82I0GOR069832@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 

>Number:         138483
>Category:       ports
>Synopsis:       pam_pwdfile port doesn't work post update to 0.99
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Sep 02 18:00:16 UTC 2009
>Closed-Date:
>Last-Modified:
>Originator:     Ben Schumacher
>Release:        FreeBSD 7.2-RELEASE amd64
>Organization:
>Environment:
System: FreeBSD lagos.blahr.com 7.2-RELEASE FreeBSD 7.2-RELEASE #1: Mon May 4 12:50:51 MDT 2009 ben@lagos.blahr.com:/usr/obj/data/FreeBSD/RELENG_7_2/src/sys/SMPx2 amd64

>Description:
        After upgrade of pam_pwdfile to 0.99 it no longer works.

        Attempting to use it for an authentication mechanism yields the
        following error in /var/log/messages:
                pamtester: in openpam_load_module(): no /usr/local/lib/pam_pwdfile.so found

        My belief is this has to do with pam_pwdfile addition of an md5.h
        and various friends at version 0.97 (from changelog):
                * added md5.h, md5.c, md5_crypt.c and bigcrypt.c from the
                  pam_unix.c module.  This fixes the bug where crypt() would
                  not be able to do md5 crypting if an SSL library was linked
                  into the calling application.  Several users reported this,
                  but the report (and possible patch, which I chose not to use,
                  opting instead to emulate pam_unix) of
                  Yu Guanghui <ygh@dlut.edu.cn> was most useful.

        The custom Makefile.bsd in 'files' doesn't account for these new
        source files.


>How-To-Repeat:
        Build and install pam_pwdfile.so 0.99. Configure it to be used with
        some PAM-based system (from /usr/local/etc/pam.d/vsftpd):

        # auth
        auth required   pam_nologin.so                no_warn
        auth sufficient /usr/local/lib/pam_pwdfile.so pwdfile /usr/local/etc/vsftpd.passwd
        auth required   pam_unix.so                   no_warn try_first_pass

        Attempt to autenticate using service:

        $ pamtester vsftpd username auth
        pamtester: Initialization failure

>Fix:


>Release-Note:
>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090902170549.59738.qmail>