From: bugzilla at busybox.net <bugzilla@busybox.net>
To: buildroot@busybox.net
Subject: [Buildroot] [Bug 12181] dropbear: norootlogin (-w) no longer works when PAM is enabled
Date: Wed, 04 Sep 2019 20:02:43 +0000 [thread overview]
Message-ID: <bug-12181-163-sqswDrMilm@https.bugs.busybox.net/> (raw)
In-Reply-To: <bug-12181-163@https.bugs.busybox.net/>
https://bugs.busybox.net/show_bug.cgi?id=12181
--- Comment #2 from Peter Korsgaard <jacmet@uclibc.org> ---
(In reply to Jan Dumon from comment #1)
So that presumably means that it has gotten fixed upstream. Looking at the git
history:
git shortlog DROPBEAR_2018.76..DROPBEAR_2019.78 -- svr-authpam.c
Matt Johnston (1):
Wait to fail invalid usernames
vincentto13 (1):
Fix for issue successfull login of disabled user (#78)
Presumably this is fixed by the 2nd patch. Can you try applying this patch to
the 2019.02.x version and test:
commit a0aa2749813331134452f80bb8a808bdc871ba41
Author: vincentto13 <33652988+vincentto13@users.noreply.github.com>
Date: Wed Mar 20 15:03:40 2019 +0100
This commit introduces fix for scenario:
1. Root login disabled on dropbear
2. PAM authentication model enabled
While login as root user, after prompt for password
user is being notified about login failrue, but
after second attempt of prompt for password within
same session, login becames succesfull.
Signed-off-by: Pawel Rapkiewicz <pawel.rapkiewicz@gmail.com>
---
svr-authpam.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/svr-authpam.c b/svr-authpam.c
index d201bc9..e236db4 100644
--- a/svr-authpam.c
+++ b/svr-authpam.c
@@ -275,6 +275,7 @@ void svr_auth_pam(int valid_user) {
/* PAM auth succeeded but the username isn't allowed in for
another reason
(checkusername() failed) */
send_msg_userauth_failure(0, 1);
+ goto cleanup;
}
/* successful authentication */
--
You are receiving this mail because:
You are on the CC list for the bug.
next prev parent reply other threads:[~2019-09-04 20:02 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-09-04 14:06 [Buildroot] [Bug 12181] New: dropbear: norootlogin (-w) no longer works when PAM is enabled bugzilla at busybox.net
2019-09-04 14:10 ` [Buildroot] [Bug 12181] " bugzilla at busybox.net
2019-09-04 19:57 ` bugzilla at busybox.net
2019-09-04 20:02 ` bugzilla at busybox.net [this message]
2019-09-05 7:58 ` bugzilla at busybox.net
2019-09-05 10:16 ` bugzilla at busybox.net
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=bug-12181-163-sqswDrMilm@https.bugs.busybox.net/ \
--to=bugzilla@busybox.net \
--cc=buildroot@busybox.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox