Bug 170397 - pam authentication fails
pam authentication fails
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: squid (Show other bugs)
3.0
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Martin Stransky
:
Depends On: 162660 582180
Blocks: 168424
  Show dependency treegraph
 
Reported: 2005-10-11 06:53 EDT by Martin Stransky
Modified: 2010-04-28 09:12 EDT (History)
1 user (show)

See Also:
Fixed In Version: RHSA-2006-0045
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-03-15 10:43:51 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Martin Stransky 2005-10-11 06:53:01 EDT
+++ This bug was initially created as a clone of Bug #162660 +++

From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-GB; rv:1.7.8) Gecko/20050512 Red
Hat/1.0.4-1.4.1 Firefox/1.0.4

Description of problem:
/usr/lib/squid/ncsa_auth and /usr/lib/squid/pam_auth are packages without setuid
root. They are therefore cannot access the shadow password file and cannot
authenticate until a manual chown has been executed.

Because of this, the package cannot be auto-updated.


Version-Release number of selected component (if applicable):
squid-2.5.STABLE6-3.4E.9

How reproducible:
Always

Steps to Reproduce:
1. Enable ncsa authentication in squid
2. Try to log in (failed)
3. chown /usr/lib/squid/ncsa_auth to setuid root
4. restart squid to restart the authenticator
5. Try to log in (success)
  

Additional info:

The previous report of this issue (56027) has just been closed without a fix.

-- Additional comment from andrew@anvil.org on 2005-07-07 07:24 EST --
Typo:

  %s/chown/chmod/g

-- Additional comment from stransky@redhat.com on 2005-07-07 07:38 EST --
You are right, but we want to avoid using setuid. I'll be working on it.

-- Additional comment from stransky@redhat.com on 2005-07-15 10:05 EST --
pam_auth and ncsa_auth have setuid in rawhide...

-- Additional comment from andrew@anvil.org on 2005-07-15 17:56 EST --
Thanks.

Any idea when this might filter through to the production RHEL4 package?

-- Additional comment from stransky@redhat.com on 2005-07-18 04:25 EST --
We want to test it in rawhide and if there isn't any problem, we'll update it to
RHEL4...
Comment 5 Red Hat Bugzilla 2006-03-15 10:43:51 EST
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2006-0045.html

Note You need to log in before you can comment on or make changes to this bug.