[Bug 117736] Re: pam_mount unable to unmount needs root priv
Marking fix released for shadow based on the openssh and debian status. ** Changed in: shadow (Ubuntu) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/117736 Title: pam_mount unable to unmount needs root priv To manage notifications about this bug go to: https://bugs.launchpad.net/pam/+bug/117736/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 117736] Re: pam_mount unable to unmount needs root priv
** No longer affects: pam (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/117736 Title: pam_mount unable to unmount needs root priv To manage notifications about this bug go to: https://bugs.launchpad.net/pam/+bug/117736/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 117736] Re: pam_mount unable to unmount needs root priv
And I've been complaining that the bug has been opened for a year ... 5 years ago -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/117736 Title: pam_mount unable to unmount needs root priv To manage notifications about this bug go to: https://bugs.launchpad.net/pam/+bug/117736/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 117736] Re: pam_mount unable to unmount needs root priv
Bug confirmed here for Precise. That bug is definitely a show stopper for Ubuntu in in large heterogenous networks. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/117736 Title: pam_mount unable to unmount needs root priv To manage notifications about this bug go to: https://bugs.launchpad.net/pam/+bug/117736/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 117736] Re: pam_mount unable to unmount needs root priv
The bug is still present. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/117736 Title: pam_mount unable to unmount needs root priv To manage notifications about this bug go to: https://bugs.launchpad.net/pam/+bug/117736/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 117736] Re: pam_mount unable to unmount needs root priv
This seems to still be a problem in 12.04. On log out I get pam_mount(spawn.c:128): error setting uid to 0 pam_mount(mount.c:69): umount messages: pam_mount(mount.c:73): umount: /home/me/share is not in the fstab (and you are not root) pam_mount(mount.c:752): unmount of share failed This seems to be a big problem if you log out, lose network connection, and log in using pam-mount. The computer locks up and the user is unable to log in without a reboot. It's easily reproducible. With pam mount log in. Then log out. Verify mounts are still up. Bring down networking. Log in (using su is fine). The terminal hangs. You never log in. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/117736 Title: pam_mount unable to unmount needs root priv To manage notifications about this bug go to: https://bugs.launchpad.net/pam/+bug/117736/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 117736] Re: pam_mount unable to unmount needs root priv
DISTRIB_ID=Ubuntu DISTRIB_RELEASE=11.10 DISTRIB_CODENAME=oneiric DISTRIB_DESCRIPTION="Ubuntu 11.10" Linux workstation 3.0.0-12-generic #20-Ubuntu SMP Fri Oct 7 14:50:42 UTC 2011 i686 i686 i386 GNU/Linux andreas@workstation:/home$ exit exit pam_mount(spawn.c:128): error setting uid to 0 and in 11:10 its also presant. Time to fix this bug, or? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/117736 Title: pam_mount unable to unmount needs root priv To manage notifications about this bug go to: https://bugs.launchpad.net/pam/+bug/117736/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 117736] Re: pam_mount unable to unmount needs root priv
** Changed in: shadow (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/117736 Title: pam_mount unable to unmount needs root priv To manage notifications about this bug go to: https://bugs.launchpad.net/pam/+bug/117736/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 117736] Re: pam_mount unable to unmount needs root priv
The bug is still present in 11.04. pam_mount(spawn.c:128): error setting uid to 0 pmvarrun(pmvarrun.c:457): could not unlink /var/run/pam_mount/sec: Permission denied pam_mount(spawn.c:128): error setting uid to 0 pam_mount(mount.c:68): umount messages: pam_mount(mount.c:72): umount: only root can unmount /dev/sda8 from /home/sec pam_mount(mount.c:724): unmount of /dev/sda8 failed -- You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. https://bugs.launchpad.net/bugs/117736 Title: pam_mount unable to unmount needs root priv -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 117736] Re: pam_mount unable to unmount needs root priv
** Changed in: openssh (Ubuntu) Status: Fix Committed => Fix Released -- pam_mount unable to unmount needs root priv https://bugs.launchpad.net/bugs/117736 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 117736] Re: pam_mount unable to unmount needs root priv
using su will log a user in and mount the folder/drive correctly (as root). When the session ends the unmount will be attempted as user. su under Fedora does not have this issue. ** Also affects: shadow (Ubuntu) Importance: Undecided Status: New -- pam_mount unable to unmount needs root priv https://bugs.launchpad.net/bugs/117736 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 117736] Re: pam_mount unable to unmount needs root priv
Worth noting that libpam-mount does not have a problem. Its SU that has the issue and the way it calls the umount as a user but mounts as root. -- pam_mount unable to unmount needs root priv https://bugs.launchpad.net/bugs/117736 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 117736] Re: pam_mount unable to unmount needs root priv
This issue was fixed in OpenSSH version 4.8. Karmic beta has 5.1. ** Changed in: openssh (Ubuntu) Status: Confirmed => Fix Committed -- pam_mount unable to unmount needs root priv https://bugs.launchpad.net/bugs/117736 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 117736] Re: pam_mount unable to unmount needs root priv
After checking this bug appears to have been fixed upstream in OpenSSH 4.8 This should be rolled into Karmic Koala. -- pam_mount unable to unmount needs root priv https://bugs.launchpad.net/bugs/117736 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 117736] Re: pam_mount unable to unmount needs root priv
Also confirmed on Jaunty. Unfortunately this is an upstream bug that may take a while for some action to occur on. -- pam_mount unable to unmount needs root priv https://bugs.launchpad.net/bugs/117736 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 117736] Re: pam_mount unable to unmount needs root priv
I tried a fresh install of jaunty. The pam_mount works for my LTSP server if I logon to the server (Active directory member (Likewise) and the mount points show up for each user and unmount on logout), but for the LTSP clients it does not work. I've opted out of the pam_mount option for putting a link to their home folders under the places menu. -- pam_mount unable to unmount needs root priv https://bugs.launchpad.net/bugs/117736 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 117736] Re: pam_mount unable to unmount needs root priv
I suffer the same problem with the brand new jaunty. This security issue is still not fixed, more than two years later? -- pam_mount unable to unmount needs root priv https://bugs.launchpad.net/bugs/117736 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 117736] Re: pam_mount unable to unmount needs root priv
See Bug #48407 reported by RK on 2006-06-04 for a fix that makes it work for me. -- pam_mount unable to unmount needs root priv https://bugs.launchpad.net/bugs/117736 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 117736] Re: pam_mount unable to unmount needs root priv
** Changed in: openssh (Ubuntu) Status: New => Confirmed ** This bug is no longer flagged as a security issue -- pam_mount unable to unmount needs root priv https://bugs.launchpad.net/bugs/117736 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 117736] Re: pam_mount unable to unmount needs root priv
Joachim, No, I'm sorry, I don't know if missing root permissions is the problem in my case. Maybe open files is the problem. (Perhaps I need to turn on debugging in pam_mount.conf.xml to find out.) -- pam_mount unable to unmount needs root priv https://bugs.launchpad.net/bugs/117736 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 117736] Re: pam_mount unable to unmount needs root priv
Hi Mannheim, are you sure this is caused by problems with missing root persmissions? In my experience, when gdm this bug does not appear (e.g. cifs mounts are unmounted properly), while it occurs when using ssh or su. I’m assuming that your problem is a different bug. Greetings, Joachim -- pam_mount unable to unmount needs root priv https://bugs.launchpad.net/bugs/117736 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 117736] Re: pam_mount unable to unmount needs root priv
This bug is affecting me when logging in via gdm in hardy. My home directory is encrypted in /dev/sda6. Steps to reproduce (after setting up pam_mount etc. in Ubuntu 8.04.1): 1. Log in as me (bill) via gdm. 2. Log out. 3. Log in as joe, a member of admin group. 4. As joe, do $ sudo mkdir /mnt/bills-secrets $ sudo mount /dev/mapper/_dev_sda6 /mnt/bills-secrets Actual results: the plain text partition is visible to bill. Expected results: when bill logs out, the crypto mapping is taken down. Other information: My /var/log/auth.log shows: > Nov 4 15:11:42 foo-machine gdm[6157]: pam_mount(pam_mount.c:624) unmount of /dev/sda6 failed I have also noticed that logout takes a few more seconds than expected when the home directory is mounted this way via encryption and pam_mount. Perhaps this delay is another symptom of the problem. The relevant line in my /etc/security/pam_mount.conf.xml is -- pam_mount unable to unmount needs root priv https://bugs.launchpad.net/bugs/117736 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 117736] Re: pam_mount unable to unmount needs root priv
I should mention that it's working with gdm. 'su' mounts, but doesn't unmount 'ssh' doesn't mount at all -- pam_mount unable to unmount needs root priv https://bugs.launchpad.net/bugs/117736 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 117736] Re: pam_mount unable to unmount needs root priv
With CIFS mount points, we observe the right behavior under hardy. Oct 29 16:31:44 mxapp-126-1-1 gdm[19596]: pam_mount(misc.c:285) command: umount [/home/DemoElvSec] Oct 29 16:31:44 mxapp-126-1-1 gdm[20985]: pam_mount(misc.c:56) set_myuid: (uid=0, euid=0, gid=602, egid=0) Oct 29 16:31:44 mxapp-126-1-1 gdm[20985]: pam_mount(misc.c:56) set_myuid: (uid=0, euid=0, gid=602, egid=0) Oct 29 16:31:45 mxapp-126-1-1 gdm[19596]: pam_mount(mount.c:596) waiting for umount Oct 29 16:31:45 mxapp-126-1-1 gdm[19596]: pam_mount(pam_mount.c:635) pam_mount execution complete Oct 29 16:31:46 mxapp-126-1-1 gdm[19596]: pam_mount(pam_mount.c:116) Clean global config (0) Oct 29 16:31:46 mxapp-126-1-1 gdm[19596]: pam_mount(pam_mount.c:134) clean system authtok (0) -- pam_mount unable to unmount needs root priv https://bugs.launchpad.net/bugs/117736 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 117736] Re: pam_mount unable to unmount needs root priv
Nevermind, it worked after all. The remaining problem was a left-over /var/run/pam-mount file. It still doesn’t work for su, BTW. -- pam_mount unable to unmount needs root priv https://bugs.launchpad.net/bugs/117736 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 117736] Re: pam_mount unable to unmount needs root priv
I compiled openssh 5.1 from intrepid on hardy, but it still does not work. Strangly, I’m no longer getting an error message from mod_pam that setuid fails, although pam_unix reports that the session is actually closed. -- pam_mount unable to unmount needs root priv https://bugs.launchpad.net/bugs/117736 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 117736] Re: pam_mount unable to unmount needs root priv
** Changed in: debian Status: Unknown => Fix Released -- pam_mount unable to unmount needs root priv https://bugs.launchpad.net/bugs/117736 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 117736] Re: pam_mount unable to unmount needs root priv
iI have linked a related Debian bug. This seems to be fixed in the new openssh version 5.1, according to http://packages.qa.debian.org/o/openssh/news/20080725T104703Z.html Is this fix important enough to warrant a backport for hardy? ** Bug watch added: Debian Bug tracker #372680 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=372680 ** Also affects: debian via http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=372680 Importance: Unknown Status: Unknown -- pam_mount unable to unmount needs root priv https://bugs.launchpad.net/bugs/117736 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 117736] Re: pam_mount unable to unmount needs root priv
** Changed in: pam Status: Unknown => In Progress -- pam_mount unable to unmount needs root priv https://bugs.launchpad.net/bugs/117736 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 117736] Re: pam_mount unable to unmount needs root priv
I added a watcher to the upstream bug report. Also, I added openssh-server as being affected. Not necessarily that sshd needs changes, but more for tracking and visibility. According to my code inspection of the OpenSSH code that opens and closes PAM sessions, it looks to me that the pam_open_session() happens with uid=0, which allows pam_mount to do the things it needs to do as root (namely, (a) mount filesystems and (b) increment /var/run/pam_mount/user). On the other hand, sshd initiates pam_close_session() with uid=non-zero. The pam_mount setuid(0) therefore fails, and the pam_mount process has insufficient privilege to (a) unmount filesystems, and (b) decrement/remove /var/run/pam_mount/user. Various sources note that one can disable ssh's privilege separation in /etc/ssh/sshd_config to solve this problem, at the expense of lowered security. I was not able to make this work on an Ubuntu Intrepid system. In any case, lowering the security shouldn't be a viable solution. This is a longstanding bug that could really use some attention such that pam_mount could deliver its designed functionality even over ssh connections. :-Dustin -- pam_mount unable to unmount needs root priv https://bugs.launchpad.net/bugs/117736 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 117736] Re: pam_mount unable to unmount needs root priv
** Also affects: pam via https://bugzilla.mindrot.org/show_bug.cgi?id=926 Importance: Unknown Status: Unknown ** Also affects: openssh (Ubuntu) Importance: Undecided Status: New -- pam_mount unable to unmount needs root priv https://bugs.launchpad.net/bugs/117736 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 117736] Re: pam_mount unable to unmount needs root priv
This is perhaps a problem with Debian's pam policy. Running a Fedora9 KVM, the following /etc/pam.d/system-auth works for me (+++ denotes "added" to stock config): #%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authconfig is run. authrequired pam_env.so +++authrequired pam_mount.so try_first_pass authsufficientpam_unix.so nullok try_first_pass authrequisite pam_succeed_if.so uid >= 500 quiet authrequired pam_deny.so account required pam_unix.so account sufficientpam_localuser.so account sufficientpam_succeed_if.so uid < 500 quiet account required pam_permit.so passwordrequisite pam_cracklib.so try_first_pass retry=3 passwordsufficientpam_unix.so sha512 shadow nullok try_first_pass use_authtok passwordrequired pam_deny.so session optional pam_keyinit.so revoke session required pam_limits.so session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid session required pam_unix.so +++session optional pam_mount.so try_first_pass -- pam_mount unable to unmount needs root priv https://bugs.launchpad.net/bugs/117736 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 117736] Re: pam_mount unable to unmount needs root priv
Also, see: * http://dev.computergmbh.de/gitweb.cgi?p=pam_mount;a=blob;f=doc/faq.txt Specifically, " Q. Why does pam_mount not work right with OpenSSH?" I am only seeing this behavior on ssh logins. Console logins seem to work. :-Dustin -- pam_mount unable to unmount needs root priv https://bugs.launchpad.net/bugs/117736 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 117736] Re: pam_mount unable to unmount needs root priv
Hmm, it seems that this is a well known, and long-standing problem... * http://www.derkeiler.com/Mailing-Lists/securityfocus/Secure_Shell/2004-09/0008.html * https://bugzilla.mindrot.org/show_bug.cgi?id=926 * http://www.redhat.com/archives/pam-list/2003-April/msg00015.html :-Dustin -- pam_mount unable to unmount needs root priv https://bugs.launchpad.net/bugs/117736 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 117736] Re: pam_mount unable to unmount needs root priv
I'm experiencing this problem on Hardy and Intrepid. Marking Confirmed. :-Dustin ** Changed in: libpam-mount (Ubuntu) Importance: Undecided => Medium Status: New => Confirmed -- pam_mount unable to unmount needs root priv https://bugs.launchpad.net/bugs/117736 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 117736] Re: pam_mount unable to unmount needs root priv
I am also having the same problem on a Hardy LTSP server. I have pam_mount connecting to cifs filesystems. The users network folders are mounted 3 different locations: ~/MyDocuments, ~/Public, ~/MultimediaShare They show up on the desktop as a mounted drive. I can unmount them as the user in a terminal with umount.cifs "path". As a workaround I tried adding umount.cifs commands to: /etc/gdm/PostSession/Default, but these do not seem to work from a LTSP client or from the server. -- pam_mount unable to unmount needs root priv https://bugs.launchpad.net/bugs/117736 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 117736] Re: pam_mount unable to unmount needs root priv
I have tested the pam_mount on madriva 2007.0, build it from the ubuntu source and it work fine on mandriva. The problem seem really to be in pam under Ubuntu. -- pam_mount unable to unmount needs root priv https://bugs.launchpad.net/bugs/117736 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 117736] Re: pam_mount unable to unmount needs root priv
I've been looking in the diff of the pam source package for the parameter causing the privilege drop, but i've not been able to find such parameter. I looked for "drop" and "privilege" and "root" and found nothing useful. Configure from "rules" file doesn't have options that apprents to drop privileges. I didn't saw any reference to this options in the documentation of PAM. So, what is different between pam in Ubuntu and in other distributions? -- pam_mount unable to unmount needs root priv https://bugs.launchpad.net/bugs/117736 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 117736] Re: pam_mount unable to unmount needs root priv
"pam_mount *needs* the root privileges, but Ubuntu's PAM configuration decided to throw them away after the login sequence completed." Isn't this trivial to fix? Come on, this bug has been open for almost a year... -- pam_mount unable to unmount needs root priv https://bugs.launchpad.net/bugs/117736 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 117736] Re: pam_mount unable to unmount needs root priv
The login-count bug mentioned in comment 1 is also a symptom of the early-priv-dropping problem. When pam_mount decreases the login count to 0, it tries to remove the /var/run/pam_mount/$USER file, but can't as it doesn't have the privileges to do so. This results in a stale login count file. -- pam_mount unable to unmount needs root priv https://bugs.launchpad.net/bugs/117736 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 117736] Re: pam_mount unable to unmount needs root priv
Also present in hardy. pam_mount can't unmount on logout: pam_mount(misc.c:285) command: /sbin/umount.crypt [/home/crypt/] pam_mount(misc.c:56) set_myuid: (uid=1001, euid=1001, gid=1001, egid=1001) pam_mount(misc.c:358) error setting uid to 0 pam_mount(mount.c:104) umount errors: pam_mount(mount.c:107) You have to be root to use cryptsetup! pam_mount(mount.c:107) umount: only root can unmount UUID=3d6517a4-b0b1-4e74-8b29-47853e187a13 from /home/crypt pam_mount(mount.c:107) umount.crypt: error unmounting /home/crypt/ pam_mount(mount.c:596) waiting for umount pam_mount(pam_mount.c:624) unmount of /dev/sda6 failed pam_mount(pam_mount.c:635) pam_mount execution complete This leaves the encrypted volume mounted, and attached to the device mapper (/dev/mapper/_dev_sda6 allows access to the unencrypted data). This allows access to the volume in plaintext after the user has logged out. -- pam_mount unable to unmount needs root priv https://bugs.launchpad.net/bugs/117736 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 117736] Re: pam_mount unable to unmount needs root priv
** Changed in: libpam-mount (Ubuntu) Status: Incomplete => New -- pam_mount unable to unmount needs root priv https://bugs.launchpad.net/bugs/117736 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 117736] Re: pam_mount unable to unmount needs root priv
Yes, confirmed in gutsy. -- pam_mount unable to unmount needs root priv https://bugs.launchpad.net/bugs/117736 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 117736] Re: pam_mount unable to unmount needs root priv
Thank you for reporting the issue and helping to make Ubuntu even better. Is this still an issue on Ubuntu Gutsy? ** Changed in: pam (Ubuntu) Status: Confirmed => Invalid ** Changed in: libpam-mount (Ubuntu) Status: New => Incomplete -- pam_mount unable to unmount needs root priv https://bugs.launchpad.net/bugs/117736 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 117736] Re: pam_mount unable to unmount needs root priv
Bug is caused by pam dropping root priv on pam_mount routine too early. ** Changed in: pam (Ubuntu) Sourcepackagename: libpam-mount => pam -- pam_mount unable to unmount needs root priv https://bugs.launchpad.net/bugs/117736 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 117736] Re: pam_mount unable to unmount needs root priv
Confirmed!
>Dameon Wagner schrieb:
>> pam_mount(misc.c:264) command: /usr/local/sbin/pmvarrun [-u] [tester]
>> [-o] [-1]
>> pam_mount(misc.c:341) set_myuid(pre): real uid/gid=1004:1004,
>> effective uid/gid=1004:1004
>> pam_mount(misc.c:346) error setting uid to 0
>> pam_mount(pam_mount.c:360) pmvarrun says login count is 1
>Before unmount, the login count must be zero, not 1. This is the reason
>pam_mount does no unmount.
But the problem is that the effective gid is not 0 anymore. I think this
privilegue-dropping is a bug ('feature gone wrong') in ubuntu.
>To reset the login count, remove the file /var/run/pam_mount/$USER. Then
>a login as $USER should increase the value in this file to one, and the
>logout decreases it again to zero. Then the volumes will be unmounted.
>
>Regards,
> Bastian
>pam-mount-user mailing list
>[EMAIL PROTECTED]
>https://lists.sourceforge.net/lists/listinfo/pam-mount-user
>
** Changed in: libpam-mount (Ubuntu)
Status: Unconfirmed => Confirmed
--
pam_mount unable to unmount needs root priv
https://bugs.launchpad.net/bugs/117736
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug contact for Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
