[Bug 727246] New: ssh-agent blocks SIGTERM when started via kdm and pam_ssh
https://bugzilla.novell.com/show_bug.cgi?id=727246 https://bugzilla.novell.com/show_bug.cgi?id=727246#c0 Summary: ssh-agent blocks SIGTERM when started via kdm and pam_ssh Classification: openSUSE Product: openSUSE 12.1 Version: Factory Platform: All OS/Version: SuSE Other Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: mkubecek@suse.com QAContact: qa@suse.de Found By: --- Blocker: --- When pam_ssh is used to authenticate for kdm login into KDE session and start ssh-agent, ssh-agent keeps running after the session is finished and cannot be killed by TERM signal. This is because kdm blocks TERM signal when calling pam_ssh_code and this signal mask is inherited by ssh-agent. As ssh-agent blocks SIGTERM, it is not finished upon logout from KDE session. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=727246 https://bugzilla.novell.com/show_bug.cgi?id=727246#c1 Michal Kubeček <mkubecek@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|bnc-team-screening@forge.pr |vcizek@suse.com |ovo.novell.com | --- Comment #1 from Michal Kubeček <mkubecek@suse.com> 2011-10-30 16:59:16 UTC --- The easiest way to solve this problem is to clear the signal mask either in ssh-agent (when started) or in pam_ssh (before executing ssh-agent). I like the second option a bit more, I'll add the patch in a few minutes. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=727246 https://bugzilla.novell.com/show_bug.cgi?id=727246#c2 --- Comment #2 from Michal Kubeček <mkubecek@suse.com> 2011-10-30 17:04:04 UTC --- Created an attachment (id=459464) --> (http://bugzilla.novell.com/attachment.cgi?id=459464) patch clearing the signal mask in pam_ssh before executing ssh-agent Package with this patch can be found in home:mkubecek:branches:Linux-PAM OBS project. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=727246 https://bugzilla.novell.com/show_bug.cgi?id=727246#c3 Vitezslav Cizek <vcizek@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED CC| |vcizek@suse.com --- Comment #3 from Vitezslav Cizek <vcizek@suse.com> 2011-10-31 15:50:30 CET --- Thanks, I've pushed your branch to Linux-PAM. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=727246 https://bugzilla.novell.com/show_bug.cgi?id=727246#c4 --- Comment #4 from Bernhard Wiedemann <bwiedemann@suse.com> 2011-10-31 16:00:17 CET --- This is an autogenerated message for OBS integration: This bug (727246) was mentioned in https://build.opensuse.org/request/show/89812 Factory / pam_ssh -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=727246 https://bugzilla.novell.com/show_bug.cgi?id=727246#c5 Vitezslav Cizek <vcizek@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Resolution| |FIXED --- Comment #5 from Vitezslav Cizek <vcizek@suse.com> 2011-11-01 11:16:35 CET --- Submitted to Factory. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=727246 https://bugzilla.novell.com/show_bug.cgi?id=727246#c6 --- Comment #6 from Swamp Workflow Management <swamp@suse.de> 2013-06-17 11:04:21 UTC --- openSUSE-RU-2013:1035-1: An update that has two recommended fixes can now be installed. Category: recommended (low) Bug References: 727246,823484 CVE References: Sources used: openSUSE 11.4 (src): pam_ssh-1.97-22.1 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=727246 --- Comment #7 from Novell Build <novell-provo-build@forge.provo.novell.com> --- This fix is in the Novell Plan9 Virtual Appliance build 137. Source repository: lego revision: 2305. -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com