Bug#802212: Patch
Dear Chad, thanks for your report and your patches. The issue will be fixed in package 2.3+ds-5. Thanks for your patience, Jerome On Sun, 27 Dec 2015 12:23:14 -0800 Chad Wallace wrote: Here's another version of that patch... with a free(dotdir) after we're done with it. -- C. Chad Wallace, B.Sc. The Lodging Company http://www.lodgingcompany.com/ OpenPGP Public Key ID: 0x262208A0 -- Jerome BENOIT | calculus+at-rezozer^dot*net https://qa.debian.org/developer.php?login=calcu...@rezozer.net AE28 AE15 710D FF1D 87E5 A762 3F92 19A6 7F36 C68B OpenPGP_signature Description: OpenPGP digital signature
Bug#802212: Patch
Here's another version of that patch... with a free(dotdir) after we're done with it. -- C. Chad Wallace, B.Sc. The Lodging Company http://www.lodgingcompany.com/ OpenPGP Public Key ID: 0x262208A0 Description: avoid NO_MODULE_DATA error Author: Chad WallaceLast-Update: 2015-12-27 --- a/pam_ssh.c 2015-12-27 12:08:42.851136447 -0800 +++ b/pam_ssh.c 2015-12-27 12:12:47.619240920 -0800 @@ -1089,6 +1089,7 @@ const struct passwd *pwent; /* user's passwd entry */ struct stat sb; /* to check st_nlink */ const char *user; /* username */ + char *dotdir; /* .ssh dir name */ pam_ssh_log(LOG_DEBUG, "close session"); @@ -1108,6 +1109,21 @@ return retval; } + /* handle the per-user configuration directory and check its existence */ + + if (asprintf(, "%s/%s", pwent->pw_dir, SSH_DIR) == -1) { + pam_ssh_log(LOG_CRIT, "out of memory"); + openpam_restore_cred(pamh); + return PAM_SERVICE_ERR; + } + if ((access(dotdir,F_OK)) == -1) { + pam_ssh_log(LOG_DEBUG, "inexistent configuration directory"); + free(dotdir); + openpam_restore_cred(pamh); + return PAM_SUCCESS; + } + free(dotdir); + if (pam_get_data(pamh, "ssh_agent_env_session", (const void **)(void *)_file) == PAM_SUCCESS && env_file) unlink(env_file);
Bug#802212: Patch
Hello, I've created a patch that seems to fix this for me. All I did was copy the code that checks for ".ssh" from pam_sm_open_session() into pam_sm_close_session() so it can just not do anything, and return PAM_SUCCESS. I don't know if that's the right solution, but it seems appropriate to me. I've only tested that it works for me: it avoids printing "su: No module specific data is present" when I run /etc/cron.daily/dwww and logging in remotely using my SSH key still works. Thanks! -- C. Chad Wallace, B.Sc. The Lodging Company http://www.lodgingcompany.com/ OpenPGP Public Key ID: 0x262208A0 Description: avoid NO_MODULE_DATA error Author: Chad WallaceLast-Update: 2015-12-27 --- a/pam_ssh.c 2015-12-27 10:54:47.985792204 -0800 +++ b/pam_ssh.c 2015-12-27 10:54:08.231097492 -0800 @@ -1089,6 +1089,7 @@ const struct passwd *pwent; /* user's passwd entry */ struct stat sb; /* to check st_nlink */ const char *user; /* username */ + char *dotdir; /* .ssh dir name */ pam_ssh_log(LOG_DEBUG, "close session"); @@ -1108,6 +1109,20 @@ return retval; } + /* handle the per-user configuration directory and check its existence */ + + if (asprintf(, "%s/%s", pwent->pw_dir, SSH_DIR) == -1) { + pam_ssh_log(LOG_CRIT, "out of memory"); + openpam_restore_cred(pamh); + return PAM_SERVICE_ERR; + } + if ((access(dotdir,F_OK)) == -1) { + pam_ssh_log(LOG_DEBUG, "inexistent configuration directory"); + free(dotdir); + openpam_restore_cred(pamh); + return PAM_SUCCESS; + } + if (pam_get_data(pamh, "ssh_agent_env_session", (const void **)(void *)_file) == PAM_SUCCESS && env_file) unlink(env_file);