Public bug reported:
Line 99 of openssh-4.6p1/debian/rules:
$(MAKE) -C build-deb -j 2 ASKPASS_PROGRAM='/usr/bin/ssh-askpass'
CFLAGS='$(OPTFLAGS) $(PIE_CFLAGS) -g -Wall -Wpointer-arith
-Wuninitialized -Wsign-compare -Wno-pointer-sign -std=gnu99
-DLOGIN_PROGRAM=\"/bin/login\" -DLOGIN_NO_ENDOPT
-DSSHD_PAM_SERVICE=\"ssh\" -DSSH_EXTRAVERSION="\"
$(SSH_EXTRAVERSION)\""'
>From auth-pam.h:
#if !defined(SSHD_PAM_SERVICE)
# define SSHD_PAM_SERVICE __progname
#endif
This macro is then used in the pam_start() call in auth-pam.c. The
results of this is that there is no way to have two separate sshd
processes with different PAM configurations. You can specify different
sshd_config-files, sure, but they end up using the same PAM config file
no matter what. The expected behaviour is that if you symlink /usr/sbin
/sshd-opie to /usr/sbin/sshd and start it using the sshd-opie symlink,
it should be using /etc/pam.d/sshd-opie instead of the default.
It would be much better if the binary didn't hardcode this, or at least
provided some way of overriding the PAM service name at run-time.
I think this bug stems from Debian. I know it's not unusual for Debian
packages to have eccentric limitations and modifications added, but I
hope it can be fixed in Ubuntu anyway.
Tore
** Affects: openssh (Ubuntu)
Importance: Undecided
Status: New
--
sshd hardcodes SSHD_PAM_SERVICE
https://bugs.launchpad.net/bugs/189183
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug contact for Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
