warn about unsupported option UsePAM=no (#757545)
This commit is contained in:
parent
ff8c66b9a4
commit
c905a284c1
28
openssh-5.8p2-log-usepam-no.patch
Normal file
28
openssh-5.8p2-log-usepam-no.patch
Normal file
@ -0,0 +1,28 @@
|
|||||||
|
diff --git a/sshd.c b/sshd.c
|
||||||
|
index 8dcfdf2..95b63ad 100644
|
||||||
|
--- a/sshd.c
|
||||||
|
+++ b/sshd.c
|
||||||
|
@@ -1592,6 +1592,10 @@ main(int ac, char **av)
|
||||||
|
parse_server_config(&options, rexeced_flag ? "rexec" : config_file_name,
|
||||||
|
&cfg, NULL, NULL, NULL);
|
||||||
|
|
||||||
|
+ /* 'UsePAM no' is not supported in Fedora */
|
||||||
|
+ if (! options.use_pam)
|
||||||
|
+ logit("WARNING: 'UsePAM no' is not supported in Fedora and may cause several problems.");
|
||||||
|
+
|
||||||
|
seed_rng();
|
||||||
|
|
||||||
|
/* Fill in default values for those options not explicitly set. */
|
||||||
|
diff --git a/sshd_config b/sshd_config
|
||||||
|
index 8c16754..9f28b04 100644
|
||||||
|
--- a/sshd_config
|
||||||
|
+++ b/sshd_config
|
||||||
|
@@ -92,6 +92,8 @@ GSSAPICleanupCredentials yes
|
||||||
|
# If you just want the PAM account and session checks to run without
|
||||||
|
# PAM authentication, then enable this but set PasswordAuthentication
|
||||||
|
# and ChallengeResponseAuthentication to 'no'.
|
||||||
|
+# WARNING: 'UsePAM no' is not supported in Fedora and may cause several
|
||||||
|
+# problems.
|
||||||
|
#UsePAM no
|
||||||
|
UsePAM yes
|
||||||
|
|
@ -198,6 +198,8 @@ Patch67: openssh-5.8p2-unconfined.patch
|
|||||||
Patch69: openssh-5.8p2-askpass-ld.patch
|
Patch69: openssh-5.8p2-askpass-ld.patch
|
||||||
#https://bugzilla.redhat.com/show_bug.cgi?id=739989
|
#https://bugzilla.redhat.com/show_bug.cgi?id=739989
|
||||||
Patch70: openssh-5.8p2-copy-id-restorecon.patch
|
Patch70: openssh-5.8p2-copy-id-restorecon.patch
|
||||||
|
# warn users for unsupported UsePAM=no
|
||||||
|
Patch71: openssh-5.8p2-log-usepam-no.patch
|
||||||
#---
|
#---
|
||||||
#https://bugzilla.mindrot.org/show_bug.cgi?id=1604
|
#https://bugzilla.mindrot.org/show_bug.cgi?id=1604
|
||||||
# sctp
|
# sctp
|
||||||
@ -437,6 +439,7 @@ popd
|
|||||||
%patch67 -p1 -b .unconfined
|
%patch67 -p1 -b .unconfined
|
||||||
%patch69 -p1 -b .askpass-ld
|
%patch69 -p1 -b .askpass-ld
|
||||||
%patch70 -p1 -b .restorecon
|
%patch70 -p1 -b .restorecon
|
||||||
|
%patch71 -p1 -b .log-usepam-no
|
||||||
|
|
||||||
autoreconf
|
autoreconf
|
||||||
pushd pam_ssh_agent_auth-%{pam_ssh_agent_ver}
|
pushd pam_ssh_agent_auth-%{pam_ssh_agent_ver}
|
||||||
|
Loading…
Reference in New Issue
Block a user