Bug 246619 - sshd needs to store forwarded gssapi creds before opening the pam session
sshd needs to store forwarded gssapi creds before opening the pam session
Status: CLOSED DUPLICATE of bug 216689
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: openssh (Show other bugs)
4.5
All Linux
medium Severity medium
: ---
: ---
Assigned To: Tomas Mraz
Brian Brock
:
Depends On:
Blocks: 201265
  Show dependency treegraph
 
Reported: 2007-07-03 09:47 EDT by Nalin Dahyabhai
Modified: 2007-11-16 20:14 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-07-10 17:42:14 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Nalin Dahyabhai 2007-07-03 09:47:46 EDT
This is more or less the same as bug #201341, and was originally upstream #918
(https://bugzilla.mindrot.org/show_bug.cgi?id=918).  Basically sshd doesn't
store forwarded GSSAPI credentials to disk before opening the PAM session for
the user, so modules don't have access to the credentials even when they may
have use for them.
Comment 2 Tomas Mraz 2007-07-10 17:42:14 EDT
Actually the patch I have to fix bug 216689 will solve this one as well.


*** This bug has been marked as a duplicate of 216689 ***
Comment 3 Nalin Dahyabhai 2007-07-11 09:31:34 EDT
You're right, it looks like it will.  Thanks!
Comment 4 Tomas Mraz 2007-07-23 07:10:45 EDT
Nalin, could you please test the latest openssh in dist-4E-qu-candidate whether
it fixes the problem?
Comment 5 Nalin Dahyabhai 2007-07-23 17:24:46 EDT
Seems to work properly in combination with the corresponding
dist-4E-qu-candidate pam_krb5 2.1.15-1 and later.  Thanks!
Comment 6 Dave Botsch 2007-09-14 00:42:40 EDT
Hi. What's the status and expected release of a fix for RHEL4 on this? The bug
this is marked as a duplicate of (bug 216689) is restricted, so the rest of the
community has no idea what's going on.

thanks!
Comment 7 Nalin Dahyabhai 2007-09-14 11:30:49 EDT
This should be fixed (well, #216689 is called out as fixed in the changelog) in
the openssh packages in the beta channel.

Note You need to log in before you can comment on or make changes to this bug.