Bug#444419: marked as done (libpam-mount: umount fails and login count not decremented if last logout is done from 'su')

Wed, 03 Oct 2007 05:30:55 -0700 

Your message dated Wed, 03 Oct 2007 12:17:02 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#444419: fixed in libpam-mount 0.29-1
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message --- 
Package: libpam-mount
Version: 0.28-1
Severity: normal


Hi,

when logging in as root and then su-ing to a user account everything works fine.
But at logout the su-command seems to have dropped root privileges, so umount 
fails.
The login count is not decremented.


        pam_mount(pam_mount.c:586) received order to close things
        pam_mount(misc.c:55) Session close: (uid=1000, euid=1000, gid=1000, 
egid=1000)
        pam_mount(misc.c:284) command: /usr/sbin/pmvarrun [-u] [ingo] [-o] [-1]
        pam_mount(misc.c:55) set_myuid<pre>: (uid=1000, euid=1000, gid=1000, 
egid=1000)
        pam_mount(misc.c:357) error setting uid to 0
        pam_mount(pam_mount.c:424) pmvarrun says login count is 0
        pam_mount(pam_mount.c:618) going to unmount
        pam_mount(mount.c:413) information for mount:
        pam_mount(mount.c:414) ----------------------
        pam_mount(mount.c:415) (defined by globalconf)
        pam_mount(mount.c:416) user:          ingo
        pam_mount(mount.c:417) server:
        pam_mount(mount.c:418) volume:        /home/ingo:crypt.img
        pam_mount(mount.c:419) mountpoint:    /home/ingo/crypt
        pam_mount(mount.c:420) options:       fsck,loop,nodev,nosuid,
        pam_mount(mount.c:421) fs_key_cipher:
        pam_mount(mount.c:422) fs_key_path:
        pam_mount(mount.c:423) use_fstab:     0
        pam_mount(mount.c:424) ----------------------
        pam_mount(misc.c:284) command: lsof [/home/ingo/crypt]
        lsof: WARNING: can't stat() ext3 file system /dev/.static/dev
              Output information may be incomplete.
        pam_mount(mount.c:103) pam_mount(mount.c:135) waiting for lsof
        pam_mount(misc.c:284) command: /sbin/umount.crypt [/home/ingo/crypt]
        pam_mount(misc.c:55) set_myuid<pre>: (uid=1000, euid=1000, gid=1000, 
egid=1000)
        pam_mount(misc.c:357) error setting uid to 0
        pam_mount(mount.c:100) umount errors:
        pam_mount(mount.c:103) You have to be root to use cryptsetup!
        pam_mount(mount.c:103) umount: /home/ingo/crypt is not in the fstab 
(and you are not root)
        pam_mount(mount.c:103) umount.crypt: error unmounting /home/ingo/crypt
        pam_mount(mount.c:598) waiting for umount
        pam_mount(pam_mount.c:621) unmount of /home/ingo:crypt.img failed
        pam_mount(pam_mount.c:632) pam_mount execution complete
        pam_mount(pam_mount.c:115) Clean global config (0)


The decrement of the login count does work if 'su' is not the last session
to go away (and thus no umount attempted).  I suppose this is most often the 
case.


Ah, and i noticed that when the mounting of the crypto loop device
fails (such as when root is guessing the wrong password when su-ing to
the user account) a loop device is leaked.
Anyway this setup is rather useless so i only would make another
detailed bug report if you want me to.


Regards, ingo



-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 2.6.22.9-cfs-v22
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/bash

Versions of packages libpam-mount depends on:
ii  libc6                      2.6.1-5       GNU C Library: Shared libraries
ii  libhx10                    1.10.1-1      A library providing queue, tree, I
ii  libpam0g                   0.99.7.1-4    Pluggable Authentication Modules l
ii  libssl0.9.8                0.9.8e-8      SSL shared libraries
ii  libxml-writer-perl         0.603-1       Perl module for writing XML docume
ii  libxml2                    2.6.30.dfsg-2 GNOME XML library
ii  mount                      2.13-7        Tools for mounting and manipulatin

libpam-mount recommends no packages.

-- debconf-show failed

--- End Message ---
--- Begin Message --- 
Source: libpam-mount
Source-Version: 0.29-1

We believe that the bug you reported is fixed in the latest version of
libpam-mount, which is due to be installed in the Debian FTP archive:

libpam-mount_0.29-1.diff.gz
  to pool/main/libp/libpam-mount/libpam-mount_0.29-1.diff.gz
libpam-mount_0.29-1.dsc
  to pool/main/libp/libpam-mount/libpam-mount_0.29-1.dsc
libpam-mount_0.29-1_i386.deb
  to pool/main/libp/libpam-mount/libpam-mount_0.29-1_i386.deb
libpam-mount_0.29.orig.tar.gz
  to pool/main/libp/libpam-mount/libpam-mount_0.29.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Bastian Kleineidam <[EMAIL PROTECTED]> (supplier of updated libpam-mount 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Mon, 01 Oct 2007 15:55:23 +0200
Source: libpam-mount
Binary: libpam-mount
Architecture: source i386
Version: 0.29-1
Distribution: unstable
Urgency: low
Maintainer: Bastian Kleineidam <[EMAIL PROTECTED]>
Changed-By: Bastian Kleineidam <[EMAIL PROTECTED]>
Description: 
 libpam-mount - PAM module that can mount volumes for a user session
Closes: 444419
Changes: 
 libpam-mount (0.29-1) unstable; urgency=low
 .
   * New upstream release.
   * Dropped patches:
     + 04_spawn_pipes, applied upstream
   * First release with only Debian specific patches. Yay!
   * Added bugs.txt to documentation, which also lists PAM applications that
     drop root privileges, and thus fail to unmount properly on logout.
     Closes: #444419
Files: 
 f2936bbee269b655628f84be771c95cc 711 admin extra libpam-mount_0.29-1.dsc
 1307bb297679ee919e80c812e34379a1 407789 admin extra 
libpam-mount_0.29.orig.tar.gz
 e618495f4ccbd8831508908822f78355 17821 admin extra libpam-mount_0.29-1.diff.gz
 ac3f1033d2bfc0bb50d3490ca901ebda 83826 admin extra libpam-mount_0.29-1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHARvzeBwlBDLsbz4RAhjRAKCJrIRFWvqk7z1QRntmsEJpKMFe2wCffEaz
zrQztewnM/TJ40FmS0EWRMs=
=AO6O
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to