Steve Langasek wrote:
Aha, ok. So after adding two users, trying to log in via su with an empty
password *succeeds* with libpam-modules 0.79-3 here.
Trying to log in to vsftp using your exact config fails; but this problem is
specific to the authorization component of the module, not the
authentication component. The regression in the authorization component can
be explained by the fact that in Linux-PAM 0.76, pam_userdb's
pam_sm_acct_mgmt function didn't do anything except return PAM_SUCCESS. In
0.79, it attempts to verify that the user is present in the database before
returning. But if you've already authenticated the user via pam_userdb,
this check is redundant; I recommend simply dropping the 'account' line from
your vsftpd config.
Dropping 'account' line in /etc/pam.d/vsftpd didn't help.
vsftpd with libpam-modules 0.79-3 still rejects users with empty passwords.
What should I do about that behavior? File a new bugreport?
Yes, there's still a regression in pam_userdb's pam_sm_acct_mgmt(), but
since I'm not sure why this code works *at all* for empty passwords, I'm not
really in a position to track this down.
If so, who can do that?
Could you please forward this bugreport to upstream developers?
Thanks,
Max
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
