Red Hat Bugzilla – Bug 143570
pam_mkhomedir will not work if privilege separation is enabled openssh
Last modified: 2007-11-30 17:07:05 EST
Description of problem:
pam_mkhomedir will not work if privilege separation is enabled
openssh. more detailed description can be found here:
Version-Release number of selected component (if applicable):
add the following line to system-auth:
session required /lib/security/$ISA/pam_mkhomedir.so
Steps to Reproduce:
1. ssh as non-root to the host
sshd: fatal: PAM session setup failed: Permission denied
What package versions you've tested that with?
on the latest fully updated rhel3
So why do you report it on FC devel?
There is nothing pam_mkhomedir can do with the problem. You must
disable privilege separation.
However the newest openssh (FC3, RHEL4) doesn't exhibit this problem.
sorry about that:-( i'd like to report it on rhel. anyway i don't
think so the solution is to disable privilege separation! rather then
fix it at the ssh level even in the next rhel 3 updates.
Try packages from http://people.redhat.com/tmraz/testing/ which should
fix the problem.
Of course they are unofficial so the standard disclaimers apply. They
aren't guaranteed to work and they can eat your data or even computer.
Should be fixed with the latest errata.