[Pkg-shadow-devel] Bug#505071: Bug#505071: closed ... fixed in shadow 1:4.1.3-1
Paul Szabo
psz at maths.usyd.edu.au
Sun Apr 26 20:51:11 UTC 2009
Dear Nicolas,
>> But mainly, "exec login" cannot possibly work in a PAM environment, but
>> will fail/die and "lose" the user session; users should not be tricked
>> into doing that. Presumably the user logged in with login (e.g. telnet,
>> may not apply for ssh or xterm); then login done a fork before running
>> the shell; any utmp entry refers to the PID of the parent login.
>
> I don't get your point.
> At least when login was setuid on debian, "exec login" used to work on PAM
> environments.
Please do the simple test (which "works" regardless whether login is
setuid or not):
anyone at anywhere:~$ /usr/bin/telnet bari
Trying 129.78.69.145...
Connected to bari.maths.usyd.edu.au.
Escape character is '^]'.
Debian GNU/Linux 4.0
bari.maths.usyd.edu.au login: psz
Password:
...
psz at bari:~$ /bin/login
No utmp entry. You must exec "login" from the lowest level "sh"
psz at bari:~$ exec /bin/login
No utmp entry. You must exec "login" from the lowest level "sh"
Connection closed by foreign host.
anyone at anywhere:~$
Surely your memory of "used to work" is wrong?
Cheers, Paul
Paul Szabo psz at maths.usyd.edu.au http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics University of Sydney Australia
More information about the Pkg-shadow-devel
mailing list