misc/101075: pam_group always fails

Michael Reynolds michael.reynolds at gmail.com
Mon Jul 31 04:10:17 UTC 2006

>Number:         101075
>Category:       misc
>Synopsis:       pam_group always fails
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Jul 31 04:10:16 GMT 2006
>Originator:     Michael Reynolds
>Release:        6.1-RELEASE
FreeBSD lithium.delinked.us 6.1-RELEASE FreeBSD 6.1-RELEASE #0: Sun May  7 04:32:43 UTC 2006     root at opus.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC  i386
pam_group fails in the following context:
auth            optional        pam_group.so            group=users
Where, by failure, it does not cause the chain to fail as it's the last member of the chain

auth           requisite       pam_group.so            group=suspended deny
Where, by failure, it rejects everyone, regardless of group membership

(These were tested in /etc/pam.d/sshd)
Place the lines into your sshd pam config file and login with appropriate group memberships.


More information about the freebsd-bugs mailing list