ports/126185: security/pam_af should assume OpenPAM
Tsurutani Naoki
turutani at scphys.kyoto-u.ac.jp
Sat Aug 2 08:50:02 UTC 2008
>Number: 126185
>Category: ports
>Synopsis: security/pam_af should assume OpenPAM
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Sat Aug 02 08:50:02 UTC 2008
>Closed-Date:
>Last-Modified:
>Originator: Tsurutani Naoki
>Release: FreeBSD 7.0-STABLE i386
>Organization:
>Environment:
System: FreeBSD h120.65.226.10.32118.vlan.kuins.net 7.0-STABLE FreeBSD 7.0-STABLE #15: Sun Jul 20 21:06:33 JST 2008 turutani at h120.65.226.10.32118.vlan.kuins.net:/usr/local/work/usr/obj/usr/src/sys/POLYMER i386
>Description:
ftp/wu-ftpd+ipv6 with security/pam_af does not works well
after upgrading from 6-STABLE to 7-STABLE.
security/pam_af uses syslog after openlog() by default,
and this spoils the wu-ftpd's syslog().
>How-To-Repeat:
after upgrading all the userlands, kernel, and all the ports.
install ftp/wu-ftpd+ipv6 with "WITH_PAM=1".
add a line to /etc/pam.d/ftp about pam_af.so.
then, clients are refused to connect to teh server (sudden loss of the
connection).
>Fix:
add "-D_OPENPAM" to the CFLAGS of security/pam_af.
here is a patch, which should be stored as security/pam_af/files/patch-Makefile:
--- Makefile.orig 2008-08-02 17:15:42.000000000 +0900
+++ Makefile 2008-08-02 16:57:22.000000000 +0900
@@ -71,7 +71,7 @@
-Wshadow -Wchar-subscripts -Winline -Wnested-externs -fPIC
CFLAGS_SUN = -KPIC -xO2 -D_SUN_PAM_ -D_HAVE_USERDEFS_H_
CFLAGS_HP = -Ae +w1 +W 474,486,542 +z +O2
-CFLAGS_BSD = -D_HAVE_PATHS_H_ -D_HAVE_ERR_H_ -D_HAVE_GETPROGNAME_ -D_USE_MODULE_ENTRY_ -D_HAVE_SALEN_
+CFLAGS_BSD = -D_HAVE_PATHS_H_ -D_HAVE_ERR_H_ -D_HAVE_GETPROGNAME_ -D_USE_MODULE_ENTRY_ -D_HAVE_SALEN_ -D_OPENPAM
CFLAGS_GNU = -D_GNU_SOURCE -D_HAVE_PATHS_H_ -D_HAVE_ERR_H_ -D_HAVE_FLOCK_ \
-D_HAVE_SYS_FILE_H_
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list