Bug 164833 - RFE: pam_laus PAM module requires a man-page
RFE: pam_laus PAM module requires a man-page
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: laus (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Steve Grubb
Jay Turner
: FutureFeature
Depends On:
  Show dependency treegraph
Reported: 2005-08-01 14:05 EDT by Jason Vas Dias
Modified: 2015-01-07 19:10 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2011-02-15 10:16:23 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Jason Vas Dias 2005-08-01 14:05:11 EDT
Description of problem:

The pam_laus PAM module can be very confusing to use when there is no
documentation for the 'detach' pam_laus control flag.

If a process may invoke pam_open_session / pam_authenticate within the same
process, the 'detach' control flag must be given to the pam_laus module in
the control file, as in:
  'session optional pam_laus.so detach'
to allow _pam_audit_login to perform a laus_detach() on an already open
laus connection before the laus_attach(), which will fail if the process
has an open laus connection. 

Without the detach control flag, all laus messages for the process will be 
for the first user to set the PAM_USER item with pam_authenticate.

The only way to discover the detach flag up till now is to read the source code.
Comment 1 Jason Vas Dias 2005-08-01 14:52:44 EDT
Fixed with laus-0.1-72RHEL3+ 
Comment 2 Jason Vas Dias 2005-08-19 11:19:17 EDT
laus-0.1-72RHEL3 is now built, and available from:
errata RHBA-2005:752 generated.

Note You need to log in before you can comment on or make changes to this bug.