Public bug reported:
Binary package hint: apparmor
I have pam_apparmor set up for sshd as follows.
session optional pam_apparmor.so order=user,group,default debug
It never searches group or default. It thinks it finds a hat the user
whether a hat exists for the user or not.
In complain mode, the debug messages are:
Aug 17 16:21:03 zeno sshd[22113]: pam_apparmor(sshd:session): Using username
'gray'
Aug 17 16:21:03 zeno sshd[22113]: pam_apparmor(sshd:session): Successfully
changed to hat 'gray'
Note, there is not a hat 'gray' defined. If I put it in enforce mode:
Aug 17 17:02:36 zeno sshd[3955]: pam_apparmor(sshd:session): Using username
'gray'
Aug 17 17:02:36 zeno sshd[3955]: pam_apparmor(sshd:session): Unknown error
occurred changing to gray hat: No such file or directory
Maybe we're doing something wrong, but I think its broken.
ProblemType: Bug
DistroRelease: Ubuntu 10.04
Package: libpam-apparmor 2.5-0ubuntu3
ProcVersionSignature: Ubuntu 2.6.32-21.32-generic-pae 2.6.32.11+drm33.2
Uname: Linux 2.6.32-21-generic-pae i686
Architecture: i386
Date: Tue Aug 17 18:30:58 2010
InstallationMedia: Ubuntu-Server 10.04 LTS "Lucid Lynx" - Release i386
(20100427)
ProcEnviron:
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: apparmor
** Affects: apparmor (Ubuntu)
Importance: Undecided
Status: New
** Tags: apport-bug i386 lucid
--
pam_apparmor fails to hunt through the hats
https://bugs.launchpad.net/bugs/619521
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
