https://bugzilla.novell.com/show_bug.cgi?id=752424
https://bugzilla.novell.com/show_bug.cgi?id=752424#c28
--- Comment #28 from C. Holm 2012-12-11 15:52:09 UTC ---
(Identical on buggy and non-buggy machines.)
---------- 8< ----------
buggy:~ # cat /etc/pam.d/sshd
#%PAM-1.0
auth requisite pam_nologin.so
auth include common-auth
account requisite pam_nologin.so
account include common-account
password include common-password
session required pam_loginuid.so
session include common-session
session optional pam_lastlog.so silent noupdate showfailed
buggy:~ # rpm -qf /etc/pam.d/sshd
openssh-6.0p1-2.3.3.x86_64
buggy:~ # rpm -V openssh
5S.T..... c /etc/ssh/ssh_config
5S.T..... c /etc/ssh/sshd_config
buggy:~ # rpm -qaV
5S.T..... c /etc/crontab
5S.T..... c /etc/apache2/httpd.conf
5S.T..... c /etc/apache2/listen.conf
5S.T..... c /etc/apache2/server-tuning.conf
5S.T..... c /etc/logrotate.d/apache2
/usr/sbin/suexec2: cannot verify root:root 0755 - not listed in
/etc/permissions
.......M. /sys
.......M. /var/lock
.......M. /var/lock/lvm
5S.T..... c /etc/rsyslog.conf
5S.T..... c /etc/rsyslog.d/remote.conf
5S.T..... c /etc/pam.d/login
..L...... c /etc/pam.d/common-account
..L...... c /etc/pam.d/common-auth
..L...... c /etc/pam.d/common-password
..L...... c /etc/pam.d/common-session
5S.T..... c /etc/securetty
5S.T..... c /etc/inittab
5S.T..... c /etc/sudoers
5S.T..... c /etc/ssh/ssh_config
5S.T..... c /etc/ssh/sshd_config
...T..... /usr/lib64/gconv/gconv-modules.cache
5S.T..... c /etc/postfix/main.cf
5S.T..... c /etc/postfix/master.cf
.....U... /var/spool/postfix
5S.T..... c /etc/audit/audit.rules
5S.T...M. c /etc/pure-ftpd/pure-ftpd.conf
5S.T..... c /etc/zypp/zypper.conf
5S.T..... c /etc/logwatch/conf/logwatch.conf
...T..... /usr/share/groff/1.21/eign
5S.T..... c /etc/motd
5S.T..... c /etc/ntp.conf
/usr/bin/wodim: cannot verify root:root 0755 - not listed in /etc/permissions
5S.T..... c /etc/pam.d/su
5S.T..... c /etc/pam.d/su-l
---------- >8 ----------
A difference between working and buggy machines that I just noticed: In
/etc/login.defs on buggy machines, there's "{U,G}ID_MIN 1000", while on the
new-and-working machines, autoyast sets these values to 2500. (My user
account's, and all others' but one, IDs are above 2500, though.)
Oh: On the buggy machine, our sshd_config contains "UsePAM no" (which we
usually don't have). When I change that, the loginuid is correct; however this
does not change the fact that I see "killed" when I enable "pam_systemd.so" in
/etc/pam.d/common_session again.
Do you think the two are connected? If so, I'll have to check with my
colleagues why the machine had "UsePAM no" and if it can be changed.
--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.