[Bug 117736] Re: pam_mount unable to unmount needs root priv

2020-05-24 Thread Serge Hallyn
Marking fix released for shadow based on the openssh and debian status.

** Changed in: shadow (Ubuntu)
   Status: Confirmed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/117736

Title:
  pam_mount unable to unmount needs root priv

To manage notifications about this bug go to:
https://bugs.launchpad.net/pam/+bug/117736/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 117736] Re: pam_mount unable to unmount needs root priv

2013-04-26 Thread Steve Langasek
** No longer affects: pam (Ubuntu)

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/117736

Title:
  pam_mount unable to unmount needs root priv

To manage notifications about this bug go to:
https://bugs.launchpad.net/pam/+bug/117736/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs


[Bug 117736] Re: pam_mount unable to unmount needs root priv

2013-04-26 Thread redguy
And I've been complaining that the bug has been opened for a year ... 5
years ago

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/117736

Title:
  pam_mount unable to unmount needs root priv

To manage notifications about this bug go to:
https://bugs.launchpad.net/pam/+bug/117736/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs


[Bug 117736] Re: pam_mount unable to unmount needs root priv

2013-04-26 Thread Lars Behrens
Bug confirmed here for Precise.

That bug is definitely a show stopper for Ubuntu in in large
heterogenous networks.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/117736

Title:
  pam_mount unable to unmount needs root priv

To manage notifications about this bug go to:
https://bugs.launchpad.net/pam/+bug/117736/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs


[Bug 117736] Re: pam_mount unable to unmount needs root priv

2013-04-10 Thread billdangerous
The bug is still present.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/117736

Title:
  pam_mount unable to unmount needs root priv

To manage notifications about this bug go to:
https://bugs.launchpad.net/pam/+bug/117736/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs


[Bug 117736] Re: pam_mount unable to unmount needs root priv

2012-11-28 Thread David Burke
This seems to still be a problem in 12.04. On log out I get

pam_mount(spawn.c:128): error setting uid to 0
pam_mount(mount.c:69): umount messages:
pam_mount(mount.c:73): umount: /home/me/share is not in the fstab (and you are 
not root)
pam_mount(mount.c:752): unmount of share failed

This seems to be a big problem if you log out, lose network connection,
and log in using pam-mount. The computer locks up and the user is unable
to log in without a reboot. It's easily reproducible.

With pam mount log in. Then log out. Verify mounts are still up. Bring
down networking. Log in (using su is fine). The terminal hangs. You
never log in.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/117736

Title:
  pam_mount unable to unmount needs root priv

To manage notifications about this bug go to:
https://bugs.launchpad.net/pam/+bug/117736/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs


[Bug 117736] Re: pam_mount unable to unmount needs root priv

2011-11-17 Thread Andreas Müller
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=11.10
DISTRIB_CODENAME=oneiric
DISTRIB_DESCRIPTION="Ubuntu 11.10"

Linux workstation 3.0.0-12-generic #20-Ubuntu SMP Fri Oct 7 14:50:42 UTC
2011 i686 i686 i386 GNU/Linux

andreas@workstation:/home$ exit
exit
pam_mount(spawn.c:128): error setting uid to 0

and in 11:10 its also presant. Time to fix this bug, or?

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/117736

Title:
  pam_mount unable to unmount needs root priv

To manage notifications about this bug go to:
https://bugs.launchpad.net/pam/+bug/117736/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs


[Bug 117736] Re: pam_mount unable to unmount needs root priv

2011-08-30 Thread Launchpad Bug Tracker
** Changed in: shadow (Ubuntu)
   Status: New => Confirmed

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/117736

Title:
  pam_mount unable to unmount needs root priv

To manage notifications about this bug go to:
https://bugs.launchpad.net/pam/+bug/117736/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs


[Bug 117736] Re: pam_mount unable to unmount needs root priv

2011-06-05 Thread Dirk Moermans
The bug is still present in 11.04.

pam_mount(spawn.c:128): error setting uid to 0
pmvarrun(pmvarrun.c:457): could not unlink /var/run/pam_mount/sec: Permission 
denied
pam_mount(spawn.c:128): error setting uid to 0
pam_mount(mount.c:68): umount messages:
pam_mount(mount.c:72): umount: only root can unmount /dev/sda8 from /home/sec
pam_mount(mount.c:724): unmount of /dev/sda8 failed

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.
https://bugs.launchpad.net/bugs/117736

Title:
  pam_mount unable to unmount needs root priv

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs


[Bug 117736] Re: pam_mount unable to unmount needs root priv

2010-01-04 Thread Colin Watson
** Changed in: openssh (Ubuntu)
   Status: Fix Committed => Fix Released

-- 
pam_mount unable to unmount needs root priv
https://bugs.launchpad.net/bugs/117736
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs


[Bug 117736] Re: pam_mount unable to unmount needs root priv

2009-10-04 Thread Matthew Lye
using su  will log a user in and mount the folder/drive correctly
(as root). When the session ends the unmount will be attempted as user.

su under Fedora does not have this issue.

** Also affects: shadow (Ubuntu)
   Importance: Undecided
   Status: New

-- 
pam_mount unable to unmount needs root priv
https://bugs.launchpad.net/bugs/117736
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs


[Bug 117736] Re: pam_mount unable to unmount needs root priv

2009-10-04 Thread Matthew Lye
Worth noting that libpam-mount does not have a problem. Its SU that has
the issue and the way it calls the umount as a user but mounts as root.

-- 
pam_mount unable to unmount needs root priv
https://bugs.launchpad.net/bugs/117736
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs


[Bug 117736] Re: pam_mount unable to unmount needs root priv

2009-10-04 Thread Matthew Lye
This issue was fixed in OpenSSH version 4.8. Karmic beta has 5.1.

** Changed in: openssh (Ubuntu)
   Status: Confirmed => Fix Committed

-- 
pam_mount unable to unmount needs root priv
https://bugs.launchpad.net/bugs/117736
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs


[Bug 117736] Re: pam_mount unable to unmount needs root priv

2009-10-04 Thread Matthew Lye
After checking this  bug appears to have been fixed upstream in OpenSSH
4.8

This should be rolled into Karmic Koala.

-- 
pam_mount unable to unmount needs root priv
https://bugs.launchpad.net/bugs/117736
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs


[Bug 117736] Re: pam_mount unable to unmount needs root priv

2009-10-04 Thread Matthew Lye
Also confirmed on Jaunty.

Unfortunately this is an upstream bug that may take a while for some
action to occur on.

-- 
pam_mount unable to unmount needs root priv
https://bugs.launchpad.net/bugs/117736
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs


[Bug 117736] Re: pam_mount unable to unmount needs root priv

2009-04-27 Thread Craig Szymanski
I tried a fresh install of jaunty.  The pam_mount works for my LTSP
server if I logon to the server (Active directory member (Likewise) and
the mount points show up for each user and unmount on logout), but for
the LTSP clients it does not work. I've opted out of the pam_mount
option for putting a link to their home folders under the places menu.

-- 
pam_mount unable to unmount needs root priv
https://bugs.launchpad.net/bugs/117736
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs


[Bug 117736] Re: pam_mount unable to unmount needs root priv

2009-04-26 Thread pinus
I suffer the same problem with the brand new jaunty. This security issue
is still not fixed, more than two years later?

-- 
pam_mount unable to unmount needs root priv
https://bugs.launchpad.net/bugs/117736
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs


[Bug 117736] Re: pam_mount unable to unmount needs root priv

2009-04-13 Thread RK
See Bug #48407 reported by RK on 2006-06-04 for a fix that makes it work
for me.

-- 
pam_mount unable to unmount needs root priv
https://bugs.launchpad.net/bugs/117736
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs


[Bug 117736] Re: pam_mount unable to unmount needs root priv

2009-01-23 Thread Kees Cook
** Changed in: openssh (Ubuntu)
   Status: New => Confirmed

** This bug is no longer flagged as a security issue

-- 
pam_mount unable to unmount needs root priv
https://bugs.launchpad.net/bugs/117736
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs


[Bug 117736] Re: pam_mount unable to unmount needs root priv

2008-11-06 Thread mannheim
Joachim,

No, I'm sorry, I don't know if missing root permissions is the problem
in my case. Maybe open files is the problem. (Perhaps I need to turn on
debugging in pam_mount.conf.xml to find out.)

-- 
pam_mount unable to unmount needs root priv
https://bugs.launchpad.net/bugs/117736
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs


[Bug 117736] Re: pam_mount unable to unmount needs root priv

2008-11-06 Thread Joachim Breitner
Hi Mannheim,

are you sure this is caused by problems with missing root persmissions?
In my experience, when gdm this bug does not appear (e.g. cifs mounts
are unmounted properly), while it occurs when using ssh or su.

I’m assuming that your problem is a different bug.

Greetings,
Joachim

-- 
pam_mount unable to unmount needs root priv
https://bugs.launchpad.net/bugs/117736
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 117736] Re: pam_mount unable to unmount needs root priv

2008-11-06 Thread mannheim
This bug is affecting me when logging in via gdm in hardy. My home
directory is encrypted in /dev/sda6. Steps to reproduce (after setting
up pam_mount etc. in Ubuntu 8.04.1):

1. Log in as me (bill) via gdm.
2. Log out.
3. Log in as joe, a member of admin group.
4. As joe, do
 $ sudo mkdir /mnt/bills-secrets
 $ sudo mount /dev/mapper/_dev_sda6 /mnt/bills-secrets

Actual results: the plain text partition is visible to bill.
Expected results: when bill logs out, the crypto mapping is taken down.

Other information: 

My /var/log/auth.log shows:

> Nov  4 15:11:42 foo-machine gdm[6157]: pam_mount(pam_mount.c:624)
unmount of /dev/sda6 failed

I have also noticed that logout takes a few more seconds than expected
when the home directory is mounted this way via encryption and
pam_mount. Perhaps this delay is another symptom of the problem.

The relevant line in my /etc/security/pam_mount.conf.xml is



-- 
pam_mount unable to unmount needs root priv
https://bugs.launchpad.net/bugs/117736
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs


[Bug 117736] Re: pam_mount unable to unmount needs root priv

2008-10-29 Thread Marc Gariépy
I should mention that it's working with gdm.

'su' mounts, but doesn't unmount
'ssh' doesn't mount at all

-- 
pam_mount unable to unmount needs root priv
https://bugs.launchpad.net/bugs/117736
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs


[Bug 117736] Re: pam_mount unable to unmount needs root priv

2008-10-29 Thread Marc Gariépy
With CIFS mount points, we observe the right behavior under hardy.

Oct 29 16:31:44 mxapp-126-1-1 gdm[19596]: pam_mount(misc.c:285) command: umount 
[/home/DemoElvSec]  
Oct 29 16:31:44 mxapp-126-1-1 gdm[20985]: pam_mount(misc.c:56) set_myuid: 
(uid=0, euid=0, gid=602, egid=0) 
Oct 29 16:31:44 mxapp-126-1-1 gdm[20985]: pam_mount(misc.c:56) set_myuid: 
(uid=0, euid=0, gid=602, egid=0) 
Oct 29 16:31:45 mxapp-126-1-1 gdm[19596]: pam_mount(mount.c:596) waiting for 
umount 
Oct 29 16:31:45 mxapp-126-1-1 gdm[19596]: pam_mount(pam_mount.c:635) pam_mount 
execution complete 
Oct 29 16:31:46 mxapp-126-1-1 gdm[19596]: pam_mount(pam_mount.c:116) Clean 
global config (0) 
Oct 29 16:31:46 mxapp-126-1-1 gdm[19596]: pam_mount(pam_mount.c:134) clean 
system authtok (0)

-- 
pam_mount unable to unmount needs root priv
https://bugs.launchpad.net/bugs/117736
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs


[Bug 117736] Re: pam_mount unable to unmount needs root priv

2008-08-25 Thread Joachim Breitner
Nevermind, it worked after all. The remaining problem was a left-over
/var/run/pam-mount file. It still doesn’t work for su, BTW.

-- 
pam_mount unable to unmount needs root priv
https://bugs.launchpad.net/bugs/117736
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 117736] Re: pam_mount unable to unmount needs root priv

2008-08-25 Thread Joachim Breitner
I compiled openssh 5.1 from intrepid on hardy, but it still does not
work. Strangly, I’m no longer getting an error message from mod_pam that
setuid fails, although pam_unix reports that the session is actually
closed.

-- 
pam_mount unable to unmount needs root priv
https://bugs.launchpad.net/bugs/117736
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 117736] Re: pam_mount unable to unmount needs root priv

2008-08-21 Thread Bug Watch Updater
** Changed in: debian
   Status: Unknown => Fix Released

-- 
pam_mount unable to unmount needs root priv
https://bugs.launchpad.net/bugs/117736
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs


[Bug 117736] Re: pam_mount unable to unmount needs root priv

2008-08-21 Thread Joachim Breitner
iI have linked a related Debian bug. This seems to be fixed in the new
openssh version 5.1, according to
http://packages.qa.debian.org/o/openssh/news/20080725T104703Z.html

Is this fix important enough to warrant a backport for hardy?

** Bug watch added: Debian Bug tracker #372680
   http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=372680

** Also affects: debian via
   http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=372680
   Importance: Unknown
   Status: Unknown

-- 
pam_mount unable to unmount needs root priv
https://bugs.launchpad.net/bugs/117736
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs


[Bug 117736] Re: pam_mount unable to unmount needs root priv

2008-06-15 Thread Bug Watch Updater
** Changed in: pam
   Status: Unknown => In Progress

-- 
pam_mount unable to unmount needs root priv
https://bugs.launchpad.net/bugs/117736
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs


[Bug 117736] Re: pam_mount unable to unmount needs root priv

2008-06-13 Thread Dustin Kirkland
I added a watcher to the upstream bug report.

Also, I added openssh-server as being affected.  Not necessarily that
sshd needs changes, but more for tracking and visibility.

According to my code inspection of the OpenSSH code that opens and
closes PAM sessions, it looks to me that the pam_open_session() happens
with uid=0, which allows pam_mount to do the things it needs to do as
root (namely, (a) mount filesystems and (b) increment
/var/run/pam_mount/user).

On the other hand, sshd initiates pam_close_session() with uid=non-zero.
The pam_mount setuid(0) therefore fails, and the pam_mount process has
insufficient privilege to (a) unmount filesystems, and (b)
decrement/remove /var/run/pam_mount/user.

Various sources note that one can disable ssh's privilege separation in
/etc/ssh/sshd_config to solve this problem, at the expense of lowered
security.  I was not able to make this work on an Ubuntu Intrepid
system.  In any case, lowering the security shouldn't be a viable
solution.

This is a longstanding bug that could really use some attention such
that pam_mount could deliver its designed functionality even over ssh
connections.


:-Dustin

-- 
pam_mount unable to unmount needs root priv
https://bugs.launchpad.net/bugs/117736
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs


[Bug 117736] Re: pam_mount unable to unmount needs root priv

2008-06-13 Thread Dustin Kirkland
** Also affects: pam via
   https://bugzilla.mindrot.org/show_bug.cgi?id=926
   Importance: Unknown
   Status: Unknown

** Also affects: openssh (Ubuntu)
   Importance: Undecided
   Status: New

-- 
pam_mount unable to unmount needs root priv
https://bugs.launchpad.net/bugs/117736
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs


[Bug 117736] Re: pam_mount unable to unmount needs root priv

2008-06-12 Thread Dustin Kirkland
This is perhaps a problem with Debian's pam policy.

Running a Fedora9 KVM, the following /etc/pam.d/system-auth works for me
(+++ denotes "added" to stock config):

#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
authrequired  pam_env.so
+++authrequired  pam_mount.so try_first_pass
authsufficientpam_unix.so nullok try_first_pass
authrequisite pam_succeed_if.so uid >= 500 quiet
authrequired  pam_deny.so

account required  pam_unix.so
account sufficientpam_localuser.so
account sufficientpam_succeed_if.so uid < 500 quiet
account required  pam_permit.so

passwordrequisite pam_cracklib.so try_first_pass retry=3
passwordsufficientpam_unix.so sha512 shadow nullok try_first_pass 
use_authtok
passwordrequired  pam_deny.so

session optional  pam_keyinit.so revoke
session required  pam_limits.so
session [success=1 default=ignore] pam_succeed_if.so service in crond quiet 
use_uid
session required  pam_unix.so
+++session optional  pam_mount.so try_first_pass

-- 
pam_mount unable to unmount needs root priv
https://bugs.launchpad.net/bugs/117736
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs


[Bug 117736] Re: pam_mount unable to unmount needs root priv

2008-06-12 Thread Dustin Kirkland
Also, see:
 * http://dev.computergmbh.de/gitweb.cgi?p=pam_mount;a=blob;f=doc/faq.txt

Specifically, " Q.  Why does pam_mount not work right with OpenSSH?"

I am only seeing this behavior on ssh logins.  Console logins seem to
work.

:-Dustin

-- 
pam_mount unable to unmount needs root priv
https://bugs.launchpad.net/bugs/117736
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs


[Bug 117736] Re: pam_mount unable to unmount needs root priv

2008-06-12 Thread Dustin Kirkland
Hmm, it seems that this is a well known, and long-standing problem...

 * 
http://www.derkeiler.com/Mailing-Lists/securityfocus/Secure_Shell/2004-09/0008.html
 * https://bugzilla.mindrot.org/show_bug.cgi?id=926
 * http://www.redhat.com/archives/pam-list/2003-April/msg00015.html

:-Dustin

-- 
pam_mount unable to unmount needs root priv
https://bugs.launchpad.net/bugs/117736
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs


[Bug 117736] Re: pam_mount unable to unmount needs root priv

2008-06-12 Thread Dustin Kirkland
I'm experiencing this problem on Hardy and Intrepid.  Marking Confirmed.

:-Dustin

** Changed in: libpam-mount (Ubuntu)
   Importance: Undecided => Medium
   Status: New => Confirmed

-- 
pam_mount unable to unmount needs root priv
https://bugs.launchpad.net/bugs/117736
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs


[Bug 117736] Re: pam_mount unable to unmount needs root priv

2008-06-11 Thread Craig Szymanski
I am also having the same problem on a Hardy LTSP server. I have pam_mount 
connecting to cifs filesystems. The users network folders are mounted 3 
different locations: ~/MyDocuments, ~/Public, ~/MultimediaShare
They show up on the desktop as a mounted drive. I can unmount them as the user 
in a terminal with umount.cifs "path".
As a workaround I tried adding umount.cifs commands to: 
/etc/gdm/PostSession/Default, but these do not seem to work from a LTSP client 
or from the server.

-- 
pam_mount unable to unmount needs root priv
https://bugs.launchpad.net/bugs/117736
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs


[Bug 117736] Re: pam_mount unable to unmount needs root priv

2008-06-06 Thread Marc Gariépy
I have tested the pam_mount on madriva 2007.0, build it from the ubuntu
source and it work fine on mandriva. The problem seem really to be in
pam under Ubuntu.

-- 
pam_mount unable to unmount needs root priv
https://bugs.launchpad.net/bugs/117736
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs


[Bug 117736] Re: pam_mount unable to unmount needs root priv

2008-06-06 Thread Marc Gariépy
I've been looking in the diff of the pam source package for the
parameter causing the privilege drop, but i've not been able to find
such parameter. I looked for "drop" and "privilege" and "root" and found
nothing useful. Configure from "rules" file doesn't have options that
apprents to drop privileges. I didn't saw any reference to this options
in the documentation of PAM. So, what is different between pam in Ubuntu
and in other distributions?

-- 
pam_mount unable to unmount needs root priv
https://bugs.launchpad.net/bugs/117736
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs


[Bug 117736] Re: pam_mount unable to unmount needs root priv

2008-06-05 Thread redguy
"pam_mount *needs* the root privileges, but Ubuntu's PAM configuration
 decided to throw them away after the login sequence completed."

Isn't this trivial to fix? Come on, this bug has been open for almost a
year...

-- 
pam_mount unable to unmount needs root priv
https://bugs.launchpad.net/bugs/117736
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs


[Bug 117736] Re: pam_mount unable to unmount needs root priv

2008-04-26 Thread Jeremy Kerr
The login-count bug mentioned in comment 1 is also a symptom of the
early-priv-dropping problem. When pam_mount decreases the login count to
0, it tries to remove the /var/run/pam_mount/$USER file, but can't as it
doesn't have the privileges to do so. This results in a stale login
count file.

-- 
pam_mount unable to unmount needs root priv
https://bugs.launchpad.net/bugs/117736
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs


[Bug 117736] Re: pam_mount unable to unmount needs root priv

2008-04-26 Thread Jeremy Kerr
Also present in hardy. pam_mount can't unmount on logout:

pam_mount(misc.c:285) command: /sbin/umount.crypt [/home/crypt/]
pam_mount(misc.c:56) set_myuid: (uid=1001, euid=1001, gid=1001, egid=1001)
pam_mount(misc.c:358) error setting uid to 0
pam_mount(mount.c:104) umount errors:
pam_mount(mount.c:107) You have to be root to use cryptsetup!
pam_mount(mount.c:107) umount: only root can unmount 
UUID=3d6517a4-b0b1-4e74-8b29-47853e187a13 from /home/crypt
pam_mount(mount.c:107) umount.crypt: error unmounting /home/crypt/
pam_mount(mount.c:596) waiting for umount
pam_mount(pam_mount.c:624) unmount of /dev/sda6 failed
pam_mount(pam_mount.c:635) pam_mount execution complete

This leaves the encrypted volume mounted, and attached to the device
mapper (/dev/mapper/_dev_sda6 allows access to the unencrypted data).
This allows access to the volume in plaintext after the user has logged
out.

-- 
pam_mount unable to unmount needs root priv
https://bugs.launchpad.net/bugs/117736
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs


[Bug 117736] Re: pam_mount unable to unmount needs root priv

2008-01-05 Thread David Tomaschik
** Changed in: libpam-mount (Ubuntu)
   Status: Incomplete => New

-- 
pam_mount unable to unmount needs root priv
https://bugs.launchpad.net/bugs/117736
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug contact for Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs


[Bug 117736] Re: pam_mount unable to unmount needs root priv

2007-12-21 Thread Etienne Goyer
Yes, confirmed in gutsy.

-- 
pam_mount unable to unmount needs root priv
https://bugs.launchpad.net/bugs/117736
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug contact for Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs


[Bug 117736] Re: pam_mount unable to unmount needs root priv

2007-12-11 Thread Jamie Strandboge
Thank you for reporting the issue and helping to make Ubuntu even
better.  Is this still an issue on Ubuntu Gutsy?

** Changed in: pam (Ubuntu)
   Status: Confirmed => Invalid

** Changed in: libpam-mount (Ubuntu)
   Status: New => Incomplete

-- 
pam_mount unable to unmount needs root priv
https://bugs.launchpad.net/bugs/117736
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug contact for Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs


[Bug 117736] Re: pam_mount unable to unmount needs root priv

2007-06-01 Thread Kalisto
Bug is caused by pam dropping root priv on pam_mount routine too early.

** Changed in: pam (Ubuntu)
Sourcepackagename: libpam-mount => pam

-- 
pam_mount unable to unmount needs root priv
https://bugs.launchpad.net/bugs/117736
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug contact for Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs


[Bug 117736] Re: pam_mount unable to unmount needs root priv

2007-06-01 Thread Kalisto
Confirmed!

>Dameon Wagner schrieb:
>> pam_mount(misc.c:264) command: /usr/local/sbin/pmvarrun [-u] [tester]
>> [-o] [-1]
>> pam_mount(misc.c:341) set_myuid(pre): real uid/gid=1004:1004,
>> effective uid/gid=1004:1004
>> pam_mount(misc.c:346) error setting uid to 0
>> pam_mount(pam_mount.c:360) pmvarrun says login count is 1

>Before unmount, the login count must be zero, not 1. This is the reason
>pam_mount does no unmount.

But the problem is that the effective gid is not 0 anymore. I think this
privilegue-dropping is a bug ('feature gone wrong') in ubuntu.

>To reset the login count, remove the file /var/run/pam_mount/$USER. Then
>a login as $USER should increase the value in this file to one, and the
>logout decreases it again to zero. Then the volumes will be unmounted.
>
>Regards,
> Bastian
>pam-mount-user mailing list
>[EMAIL PROTECTED]
>https://lists.sourceforge.net/lists/listinfo/pam-mount-user
>

** Changed in: libpam-mount (Ubuntu)
   Status: Unconfirmed => Confirmed

-- 
pam_mount unable to unmount needs root priv
https://bugs.launchpad.net/bugs/117736
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug contact for Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs