View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0010635 | CentOS-7 | pam | public | 2016-03-30 21:18 | 2016-03-30 21:18 |
Reporter | tvaughan | Assigned To | |||
Priority | normal | Severity | major | Reproducibility | always |
Status | new | Resolution | open | ||
Product Version | 7.2.1511 | ||||
Summary | 0010635: ANOM_ABEND Error is raised when SELinux is enabled, pam_oddjob_mkhomedir is above pam_sss, and using SSH | ||||
Description | When a system is using SELinux and pam_oddjob_mkhomedir comes above pam_sss in the 'session' section of the PAM configuration then SSH sessions using PAM will fail with the following error: Mar 30 20:34:01 hostname audispd[992]: node=hostname type=ANOM_ABEND msg=audit(1459370041.594:534): auid=10000 uid=0 gid=0 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 pid=3697 comm="sshd" reason="memory violation" sig=6 | ||||
Steps To Reproduce | 1) Place pam_oddjob_mkhomedir above pam_sss in the system PAM configuration. 2) Configure sshd to use PAM 3) Ensure that SELinux is enforcing 4) Attempt to login over SSH | ||||
Additional Information | kernel.x86_64 3.10.0-327.el7 selinux-policy.noarch 3.13.1-60.el7 pam.x86_64 1.1.8-12.el7_1.1 openssh.x86_64 6.6.1p1-22.el7 oddjob.x86_64 0.31.5-4.el7 Moving pam_oddjob_mkhomedir below pam_sss appears to permanently fix the issue. | ||||
Tags | No tags attached. | ||||
abrt_hash | |||||
URL | https://simp-project.atlassian.net/browse/SIMP-970 | ||||
Date Modified | Username | Field | Change |
---|---|---|---|
2016-03-30 21:18 | tvaughan | New Issue |