Red Hat Bugzilla – Bug 445606
multiple rshd bugs: arg_max, audit, pam_rhosts
Last modified: 2013-04-30 19:39:37 EDT
Description of problem:
Recent patches to rsh package introduced 2 new bugs: one due to a missed line in
the arg_max patch, one due to incorrect return code checks in the audit patch.
Also, recent pam versions changed name of pam_rhosts_auth.so module to
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. try running "rsh localhost w" (or similar short command)
2. try running "rsh localhost some_long_command"
3. check log entries in /var/log/messages
(This is after taking all necessary steps to enable rsh service, allow "rsh" in
/etc/securetty, setting up .rhosts, etc.)
Commands fail due to missing pam_rhosts_auth.so module specified in
/etc/pam.d/rsh (and rlogin too). After fixing that, short commands fail with
bogus message "Error sending audit event." Long commands fail with message
"command too long".
Commands should work.
See attached patch to fix 2 code bugs. (Change in pam module name is a trivial
edit of rsh.pam and rlogin.pam source files, and is not included.)
Created attachment 304812 [details]
fix arg_max and audit bugs
Thanks for your report, all problems are fixed in latest build
(rsh-server-0.17-50.fc9). I'm not sure if it will be part of F9 GA or it will be
released as F9 update. I'm going to let you know.
rsh-0.17-50.fc9 has been submitted as an update for Fedora 9
It's too late for F9, fixes will be available after F9 release.
rsh-0.17-50.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report.