Your message dated Sun, 14 Nov 2021 13:08:50 +0100
with message-id
<cak0odpwohcqrsv9sseyok5xvmtmtjk2btpjds+gikmzebd5...@mail.gmail.com>
and subject line Re: [Pkg-shadow-devel] Bug#998694: Don't timeout if you
haven't asked for password yet
has caused the Debian Bug report #998694,
regarding Don't timeout if you haven't asked for password yet
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
998694: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=998694
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: login
Version: 1:4.8.1-1.1
(/usr/share/doc/login/copyright says
This is Debian GNU/Linux's prepackaged version of the shadow utilities.
It was downloaded from: <ftp://ftp.pld.org.pl/software/shadow/>.
As of May 2007, this site is no longer available.)
OK, I'll report the bug here:
Let's say the system is so overloaded that...
Login: root
Login timed out after 60 seconds
Yes, that's right, even before the password prompt appeared!
So that timeout will prevent access to the whole system!
So: at least don't timeout if you haven't asked for password yet!
Thanks.
--- End Message ---
--- Begin Message ---
Control: tags -1 wontfix
Hi Dan,
積丹尼 Dan Jacobson <[email protected]> ezt írta (időpont: 2021. nov.
6., Szo, 19:00):
>
> Package: login
> Version: 1:4.8.1-1.1
>
> (/usr/share/doc/login/copyright says
> This is Debian GNU/Linux's prepackaged version of the shadow utilities.
>
> It was downloaded from: <ftp://ftp.pld.org.pl/software/shadow/>.
> As of May 2007, this site is no longer available.)
The Homepage: https://github.com/shadow-maint/shadow info is up to
date, but the copyright file should be updated, I agree.
> OK, I'll report the bug here:
>
> Let's say the system is so overloaded that...
>
> Login: root
>
> Login timed out after 60 seconds
>
> Yes, that's right, even before the password prompt appeared!
>
> So that timeout will prevent access to the whole system!
>
> So: at least don't timeout if you haven't asked for password yet!
The timer is set right before calling pam_start() in login.c, thus it
would not be easy to delay that. If you have a system unable to show
password prompt for 1 minute it is unlikely that you can get in even
with a timeout started later.
Cheers,
Balint
> Thanks.
>
> _______________________________________________
> Pkg-shadow-devel mailing list
> [email protected]
> https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-shadow-devel
--- End Message ---
_______________________________________________
Pkg-shadow-devel mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-shadow-devel
