pam_krb5 broken
Ansar Mohammed
ansarm at gmail.com
Sun Feb 1 05:46:49 UTC 2015
Hello There,
I am testing the pam_krb5 module on FreeBSD 10.1.
it seems that the code to save the Kerberos ticket on disk is broken.
The call to pam_get_data in pam_sm_setcred is failing.
As a result a user can login with Kerberos but running kinit does not
show any cached tickets.
I was reviewing the apple code here :
http://www.opensource.apple.com/source/pam_modules/pam_modules-76/pam_krb5/pam_krb5.c
and that appears insanely broken. I think they were also trying to fix
the same error as they replaced pam_get_data/pam_set_data with
pam_getenv/pam_setenv (but only halfway through the code)
More information about the freebsd-bugs
mailing list