pidentd lookups reports root user when using rlogin. This problem only occurs on RedHat6.1, it works fine on RedHat6.0. When I use rlogin to login on an remote server, pidentd reports USERID as "root". If I use telnet the USERID is correct. syslog when using rlogin: (fx: rlogin 10.0.0.229) ------------------------- Mar 14 22:43:24 host2 in.identd[6011]: reply to 10.0.0.229: 1023 , 513 : USERID : UNIX :root syslog when using telnet: (fx: telnet 10.0.0.229) ------------------------- Mar 14 22:49:42 host2 in.identd[6045]: reply to 10.0.0.229: 1833 , 23 : USERID : UNIX :hawk I have tried to upgrade and "downgrade" to different version of pidentd. I have tried the following rpm packages on both RedHat6.1 and RedHat6.0: ((XX) <== specifices which RH version the rpm originally belongs to) pidentd-2.8.5-3 (RedHat6.0) pidentd-3.0.7-5 (RedHat6.1) pidentd-3.0.10-2 (RedHat6.2beta) All my tests concludes that any version of pidentd on RedHat6.0 works perfectly, and none of the versions works on RedHat6.1.
I don't believe this is a pidentd problem, as it "works for me" when I rlogin localhost and check /var/log/messages (Red Hat 6.2/sparc with pidentd-3.0.10-5). You might want to check /etc/pam.d/rlogin, as I dimly remember a last minute change there. FWIW, here's what I have: #%PAM-1.0 auth sufficient /lib/security/pam_rhosts_auth.so auth required /lib/security/pam_securetty.so auth required /lib/security/pam_pwdb.so shadow nullok auth required /lib/security/pam_nologin.so account required /lib/security/pam_pwdb.so password required /lib/security/pam_cracklib.so password required /lib/security/pam_pwdb.so shadow nullok use_authtok session required /lib/security/pam_pwdb.so
It has nothing to do with PAM! When I rlogin to a host, the host throws a ident-lookup back at the machine I come from. If I use rlogin I get the answer 'root' not my username. But if I use telnet I get the right result. So the problem must be the suid-bit on rlogin. It must be a uid,euid problem since all identd does is lookup the uid of whoever owns the tcp-connection. -- Christoffer
OK .... mystery solved! The problem is as follows: pidentd wants the uid of a connection. It looks up i /proc/net/tcp to see who owns the given connection. The problems is that /proc/net/tcp lists the euid and not the uid. Since rlogin is suid-root it gets euid 0 and that is why identd return root and not the real name. Now the big one ... how to solve it ;) I'ev asked on linux-kernel if euid is really what should be listed in /proc/net/tcp. -- Christoffer (hall)