Re: OpenPAM Figwort broke PAM modules from ports

From: Jeremie Le Hen (jeremie_at_le-hen.org)
Date: 06/27/05

  • Next message: Artem Ignatiev: "Re: lock problems with uaudio full-duplex" 
    Date: Mon, 27 Jun 2005 15:04:49 +0200
To: Dag-Erling Smørgrav <des@des.no>

    Hi Dag-Erling,

    > > This prevents PAM modules installed in /usr/local/lib from being
    > > dlopen(3)'d. I'm not sure whether FreeBSD really wants this new
    > > ``feature'' or not, but actually I think this needs a note in
    > > src/UPDATING to be issued, explaining that PAM modules installed from
    > > ports need to be specified with their full path now.
    >
    > They always did.

    With all respect I owe you you, the last upgrade of my -CURRENT box
    constrained me to use the following patch to make pam_alreadyloggedin.so
    work again :
    %%%
        --- login.old Mon Jun 27 16:13:34 2005
        +++ login Mon Jun 27 01:12:30 2005
        @@ -6,7 +6,7 @@
         
         # auth
         auth required pam_nologin.so no_warn
        -auth sufficient pam_alreadyloggedin.so no_root
        +auth sufficient /usr/local/lib/pam_alreadyloggedin.so no_root
         auth sufficient pam_self.so no_warn
         auth include system
    %%%

    It can be verified by hacking src/contrib/openpam/lib/openpam_dynamic.c
    (this trivially reverts the diff I posted in my previous email) :
    %%%
        Index: openpam_dynamic.c
        ===================================================================
        RCS file: /nfs/donald/repo/FreeBSD/src/contrib/openpam/lib/openpam_dynamic.c,v
        retrieving revision 1.1.1.8
        diff -u -r1.1.1.8 openpam_dynamic.c
        --- openpam_dynamic.c 17 Jun 2005 08:11:42 -0000 1.1.1.8
        +++ openpam_dynamic.c 27 Jun 2005 14:16:45 -0000
        @@ -71,6 +71,7 @@
                         prefix = OPENPAM_MODULES_DIR;
                 else
                         prefix = "";
        + prefix = "";
         
                 /* try versioned module first, then unversioned module */
                 if (asprintf(&vpath, "%s%s.%d", prefix, path, LIB_MAJ) < 0)
    %%%

    Compiling libpam with this patch allows me to use pam_alreadyloggedin.so
    without specifying its full path, like it was before the upgrade to
    OpenPAM Figwort. I think this is due to rc.d/ldconfig default settings
    which add the content of /usr/local/lib into rtld(1) standard hints file.
    Now that the path is fully specified in libpam, this doesn't work any
    longer. It would be nice to have a note in src/UPDATING about this.

    Best regards, 

    -- 
Jeremie Le Hen
< jeremie at le-hen dot org >< ttz at chchile dot org >
_______________________________________________
freebsd-current@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org"
  • Next message: Artem Ignatiev: "Re: lock problems with uaudio full-duplex"

    Relevant Pages

    • My table column widths wont behave
      ... I have recently upgrade to FP2003 from 2002. ... I have created a page with a table in it and have set the column width by dragging them to the width i want. ... I have also tried specifying the column widths in table properties with no improvement. ...
      (microsoft.public.frontpage.client)
    • make distribution and cap_mkdb -l from 5 to 6
      ... I was giving a try to the sysutils/etcmerge port in order to ease the ... upgrade of /etc from RELENG_5 to RELENG_6. ... Jeremie Le Hen ... < jeremie at le-hen dot org>< ttz at chchile dot org> ...
      (freebsd-current)
    • Re: Unable to do mdconfig(8) early in boot
      ... I booted up in single-usr and it fails. ... and it's working fine (I haven't had time to upgrade since yet). ... Jeremie Le Hen ... < jeremie at le-hen dot org>< ttz at chchile dot org> ...
      (freebsd-current)