Bug 119676

Summary: pam_chroot does not work with openssh
Product: Red Hat Enterprise Linux 3 Reporter: Florian Brand <florian.brand>
Component: opensshAssignee: Tomas Mraz <tmraz>
Status: CLOSED ERRATA QA Contact: Brian Brock <bbrock>
Severity: medium Docs Contact:
Priority: medium    
Version: 3.0CC: redhat
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: openssh-3.6.1p2-33.30.4 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2005-06-16 09:15:37 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Florian Brand 2004-04-01 13:30:25 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4.1)
Gecko/20031114

Description of problem:
it is not possible to use pam_chroot with ssh.
The configuration works with a local login.
I suspect the priviledge separation code is the culprit.
See bug 98330. Could be a duplicate.

I tried to use it with the priv. sep. turned off, but still it remains.
After username and password, the login hangs.

/var/log/security states that the chdir and chroot was done sucessful.

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1. configure pam_chroot 
2. try to login as chrooted user
3.
    

Actual Results:  ssh login hangs

Expected Results:  chrooted access

Additional info:
Comment 1 Tomas Mraz 2005-02-16 15:44:41 UTC 
Please try if packages from http://people.redhat.com/tmraz/testing/
work. However as they aren't official they aren't supported so use
them only for testing.
Comment 2 Tomas Mraz 2005-05-16 18:44:41 UTC 
No response from the reporter.
Comment 3 Florian Brand 2005-05-17 00:51:02 UTC 
(In reply to comment #2)
> No response from the reporter.
> 

Sorry, forgot about the bugzilla update. The test version works nicely.
(both pam_chroot and password aging)