Red Hat Bugzilla – Bug 9966
pppd does not check what pam_session_open return
Last modified: 2008-05-01 11:37:54 EDT
I'm administrator of modem pool. I'm using mgetty+pppd+pap to authorize
users. Some users share login and password with friends and try to log
twice. To prevent this, I decided to add "session required pam_limits.so"
to /etc/pam.d/ppp and set maxlogins to 1 in /etc/security/limits.conf. It
worked for all other services, but not for pppd. Looking at pppd sources, I
found that it call pam_open_session, but doesn't check what this function
return. With my patch everything is OK
This bug is present even in 5.2 and maybe before. Looks like nobody tried
to use pam_limits with pppd...
Created attachment 141 [details]
Patch to fix the problem
Applied the patch, after changing the '==' to a '='. This will be fixed in
ppp-2.3.11-4 and put into our tree as soon as possible.
The fix is now in the devel tree, and will propagate to Raw Hide whenever we
next we refresh it.