-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Anders Lennartsson wrote: > Package: libpam-heimdal > Version: 1.2.0-1 > Tags: patch > > I have noticed some problems with libpam-heimdal leaving credentials > for users in files owned by root:root with permissions 600 and not > named according to the environment variable KRB5CCNAME. (A variable > PAM_KRB5CCNAME was introduced with the correct name.) This mostly > don't show up for local logins, but is repeatable for logins over ssh. > I have however experienced the erratic also for console logins. > > I sent some more details to debian-user [1], before I found out what I > believe causes the problem. > > Further, the credentials obtained by logging in via kdm are (still) > not deleted on closing the kde session. This was reported in #344927, > which is about to be archived, but I don't think 1.2.0-1 fixed it. > > It seems a minor typo caused a functional discrepancy between > pam_krb5_auth.c in libpam-heimdal and libpam-krb5, which is the cause > of this behaviour. The included patch is against (the dpatched) > pam_krb5_auth.c in libpam-heimdal, and if built with this patch, I > have not noticed any of the erratic behaviour described above. > > Anders > Hi,
Thank you for the information and the patch, I've tested it through and you are right about it. Regards, Matthijs Mohlmann -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFESg+l2n1ROIkXqbARAv1LAKCoE2rGn1ZZHGQzH2KZ4OuD2zKQ3gCfUZYn IdfHqjeuAAYbGv28uA34ZpM= =C4pw -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
