Bug 9966

Summary: pppd does not check what pam_session_open return
Product: [Retired] Red Hat Linux Reporter: Leonid Kanter <leon>
Component: pppAssignee: Nalin Dahyabhai <nalin>
Status: CLOSED RAWHIDE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 6.2   
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2000-03-07 16:12:41 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
Patch to fix the problem none

Description Leonid Kanter 2000-03-04 22:04:37 UTC 
I'm administrator of modem pool. I'm using mgetty+pppd+pap to authorize
users. Some users share login and password with friends and try to log
twice. To prevent this, I decided to add "session required pam_limits.so"
to /etc/pam.d/ppp and set maxlogins to 1 in /etc/security/limits.conf. It
worked for all other services, but not for pppd. Looking at pppd sources, I
found that it call pam_open_session, but doesn't check what this function
return. With my patch everything is OK

This bug is present even in 5.2 and maybe before. Looks like nobody tried
to use pam_limits with pppd...
Comment 1 Leonid Kanter 2000-03-04 22:06:59 UTC 
Created attachment 141 [details]
Patch to fix the problem
Comment 2 Nalin Dahyabhai 2000-03-06 13:42:59 UTC 
Applied the patch, after changing the '==' to a '='.  This will be fixed in
ppp-2.3.11-4 and put into our tree as soon as possible.
Comment 3 Nalin Dahyabhai 2000-03-07 16:12:59 UTC 
The fix is now in the devel tree, and will propagate to Raw Hide whenever we
next we refresh it.