View Issue Details

IDProjectCategoryView StatusLast Update
0016257CentOS-7pampublic2019-07-10 16:50
Reporterdkozei 
PrioritynormalSeveritymajorReproducibilityalways
Status newResolutionopen 
PlatformxOSOS Version
Product Version7.6.1810 
Target VersionFixed in Version 
Summary0016257: pam_loginuid prevents login in unprivileged containers
Descriptionpam_loginuid prevents login via ssh in unprivileged containers because it can't write /proc/self/loginuid even as namespaced root. Upstream had been patched (https://github.com/linux-pam/linux-pam/commit/2e62d5aea3f5ac267cfa54f0ea1f8c07ac85a95a#diff-8322fbd4507ee14b865167c196cb78d2) years ago to work around the issue in user namespaces.
Could you please apply the patch?

Thanks.
Steps To ReproduceRun sshd in a container with user namespace mapping enabled (example 0 100000 65536), try to connect from another host, session gets closed with debug message "debug3: PAM session not opened, exiting".
TagsNo tags attached.
abrt_hash
URL

Activities

TrevorH

TrevorH

2019-07-10 16:36

manager   ~0034801

CentOS is a rebuild of the sources used to create RHEL. We do not modify anything except to remove branding and logos. You will need to submit your request to Redhat via bugzilla.redhat.com and if/when RH accepts it and incorporates it into RHEL and releases a patched version, then CentOS will pick it up and rebuild it.
dkozei

dkozei

2019-07-10 16:50

reporter   ~0034802

Thanks. Reported bug #1728777 with RH.

Issue History

Date Modified Username Field Change
2019-07-10 16:33 dkozei New Issue
2019-07-10 16:36 TrevorH Note Added: 0034801
2019-07-10 16:50 dkozei Note Added: 0034802