Bug 4765 - xdm doesn't work with the pam_krb5 module
Summary: xdm doesn't work with the pam_krb5 module
Status: RESOLVED FIXED
Alias: None
Product: xorg
Classification: Unclassified
Component: App/xdm (show other bugs)
Version: unspecified
Hardware: x86 (IA32) Linux (All)
: high normal
Assignee: Alan Coopersmith
QA Contact:
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2005-10-13 09:39 UTC by Constantine Sapuntzakis
Modified: 2006-04-07 17:25 UTC (History)
0 users

See Also:
i915 platform:
i915 features:


Attachments
Patch to set environmental variables after set credentials (1.22 KB, patch)
2005-10-13 09:41 UTC, Constantine Sapuntzakis
no flags Details | Splinter Review

Description Constantine Sapuntzakis 2005-10-13 09:39:22 UTC
Symptom: KRB5CCNAME is set incorrectly

In session.c, xdm first populates the environmental variables from PAM and then
calls setcred. In the pam_krb5 module, the setcred call causes a new ticket file
to be written and the KRB5CCNAME environmental variable to be set to the new
value. However, since xdm populates the environmental variables before calling
setcred, it uses the old value for KRB5CCNAME.

-Costa
Comment 1 Constantine Sapuntzakis 2005-10-13 09:41:26 UTC
Created attachment 3555 [details] [review]
Patch to set environmental variables after set credentials
Comment 2 Dag Bakke 2005-11-06 03:16:54 UTC
I compile with USE="-pam", yet I have a somewhat similar problem with 7.0 rc1

xdm error (pid 21149): /usr/lib/X11/xdm/libXdmGreet.so: undefined symbol:
SessionPingFailed while loading /usr/lib/X11/xdm/libXdmGreet.so

dagb-home ~ # readelf -s /usr/lib/X11/xdm/libXdmGreet.so | grep Sess
    28: 00000000     0 NOTYPE  GLOBAL DEFAULT  UND SessionPingFailed
    88: 00000000     0 NOTYPE  GLOBAL DEFAULT  UND SessionExit

Should I open a new bug for this, or is it just more of the same as the original?
Comment 3 Alan Coopersmith 2006-04-07 09:01:49 UTC
The problem in comment #2 is completely unrelated to this bug
(and should be fixed in 7.0 final).
Comment 4 Alan Coopersmith 2006-04-08 10:25:51 UTC
Thanks for the patch - I checked with my local PAM guru had he agreed it was 
correct, so I've checked into CVS HEAD - should be included in modular xdm 1.0.4
release/X11R7.1:

CVSROOT:	/cvs/xorg
Module name:	app
Changes by:	alanc@kemper.freedesktop.org	06/04/08 00:22:23

Log message:
  2006-04-07  Alan Coopersmith  <alan.coopersmith@sun.com>
  
  	* session.c:
  	Xorg bug #4765 <https://bugs.freedesktop.org/show_bug.cgi?id=4765>
  	Patch #3555 <https://bugs.freedesktop.org/attachment.cgi?id=3555>
  	xdm doesn't work with the pam_krb5 module (call pam_getenvlist
  	after pam_setcred)  (Constantine Sapuntzakis)

Modified files:
      app/xdm/:
        session.c 
  
  Revision      Changes    Path
  1.6           +11 -12    app/xdm/session.c
  http://webcvs.freedesktop.org/xorg/app/xdm/session.c



Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.