Description of problem: pam_mkhomedir will not work if privilege separation is enabled openssh. more detailed description can be found here: http://www.linuxquestions.org/questions/archive/4/2004/11/4/169325 Version-Release number of selected component (if applicable): all How reproducible: add the following line to system-auth: session required /lib/security/$ISA/pam_mkhomedir.so skel=/etc/skel-null umask=0077 Steps to Reproduce: 1. ssh as non-root to the host 2. 3. Actual results: sshd[17977]: fatal: PAM session setup failed[6]: Permission denied Expected results: login:-) Additional info:
What package versions you've tested that with?
on the latest fully updated rhel3
So why do you report it on FC devel? There is nothing pam_mkhomedir can do with the problem. You must disable privilege separation. However the newest openssh (FC3, RHEL4) doesn't exhibit this problem.
sorry about that:-( i'd like to report it on rhel. anyway i don't think so the solution is to disable privilege separation! rather then fix it at the ssh level even in the next rhel 3 updates. yours.
Try packages from http://people.redhat.com/tmraz/testing/ which should fix the problem. Of course they are unofficial so the standard disclaimers apply. They aren't guaranteed to work and they can eat your data or even computer.
Should be fixed with the latest errata.