Description of problem: The pam_loginuid session module fails if the high bit in the UID is set. Version-Release number of selected component (if applicable): pam-0.77-66.25 How reproducible: 100% Steps to Reproduce: 1. Create a user with a large UID. IE: biguser:x:4294967294:10001:Big User:/home/biguser:/bin/bash 2. Insure that: session required pam_loginuid.so is in /etc/pam.d/login 3. Log into the machine as "biguser". Actual results: You'll see the message: pam_open_session failed: Cannot make/remove an entry for the specified session and the session will be closed. Expected results: Login successfully. Additional info: Works fine if you change the UID to a 31 bit number: 2147483646
There is a wrong format in snprintf() in pam_loginuid causing it to write negative numbers in such case which are not accepted by kernel.
This request was evaluated by Red Hat Product Management for inclusion in a Red Hat Enterprise Linux maintenance release. Product Management has requested further review of this request by Red Hat Engineering, for potential inclusion in a Red Hat Enterprise Linux Update release for currently deployed products. This request is not yet committed for inclusion in an Update release.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2009-0995.html