Package: libpam-abl
Version: 0.4.3-1
Severity: normal
The libpam-abl.conf man page says:
If host_db or user_db is omitted the corresponding auto blacklisting
will be disabled.
When I comment out my user_* entries from the configuration file, I get
these log messages for each attempt:
Mar 31 06:17:34 tassie pam_abl[30420]: check_user: No host database found
in config.
Mar 31 06:17:34 tassie pam_abl[30420]: Failed to check user.
If I comment out the user rules, there shouldn't be any logging output
with respect to user rules.
As a workaround, I tried uncommenting out just the user_db line and got
these errors instead:
Apr 1 04:12:48 tassie kernel: [2488949.181580] sshd[30882]: segfault at 0
ip 00007f751a96c83a sp 00007fff52e492a0 error 4 in pam_abl.so[7f751a968000+6000]
So I uncommented out the rest of the user rules and changed the * to
nobody in the user_rule:
user_rule=nobody:3/1h,30/1d
There aren't any more segmentation violations and hopefully, I won't be
hit by DOS attacks on my login.
-- System Information:
Debian Release: 6.0.7
APT prefers stable
APT policy: (600, 'stable'), (500, 'stable-updates'), (90, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) (ignored: LC_ALL
set to en_US.UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages libpam-abl depends on:
ii libc6 2.11.3-4 Embedded GNU C Library: Shared lib
ii libdb5.1 5.1.29-5 Berkeley v5.1 Database Libraries [
libpam-abl recommends no packages.
libpam-abl suggests no packages.
-- Configuration Files:
/etc/security/pam_abl.conf changed:
db_home=/var/lib/abl/
host_db=/var/lib/abl/hosts.db
host_purge=2d
host_rule=*:3/1h,30/1d
-- no debconf information
--
Bill Wohler <woh...@newt.com> aka <bill.woh...@nasa.gov>
http://www.newt.com/wohler/
GnuPG ID:610BD9AD
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
