-
Bug
-
Resolution: Unresolved
-
Major
-
rhel-9.4
-
pam-1.5.1-22.el9
-
None
-
Moderate
-
rhel-sst-idm-sssd
-
ssg_idm
-
0
-
False
-
-
None
-
None
-
Pass
-
Automated
-
-
All
-
None
What were you trying to do that didn't work?
pam_access is enabled, with below policy line in /etc/security/access.conf
+:bob:LOCAL
pam_access had been working up to (including) pam-1.5.1-15. The user was able to login, and there was no error message.
After upgrading to pam-1.5.1-19, the user is still able to login, however, below error message appears in /var/log/secure
pam_access(sshd:account): cannot resolve hostname "LOCAL"
Please provide the package NVR for which bug is seen:
Preparing : 1/1 Upgrading : pam-1.5.1-19.el9.x86_64 1/2 Running scriptlet: pam-1.5.1-19.el9.x86_64 1/2 Cleanup : pam-1.5.1-15.el9.x86_64 2/2 Running scriptlet: pam-1.5.1-15.el9.x86_64 2/2 Verifying : pam-1.5.1-19.el9.x86_64 1/2 Verifying : pam-1.5.1-15.el9.x86_64 2/2
How reproducible:
100%
Steps to reproduce
1. Enable pam_access
authselect enable-feature with-pamaccess
2. Add policy line to /etc/security/access.conf
-:bob:LOCAL +:bob:ALL
3. perform ssh login.
ssh bob@127.0.0.1
Expected results
No error message. This is the behaviour prior to upgrade
Actual results
Incorrect error message is printed
pam_access(sshd:account): cannot resolve hostname "LOCAL"
- is caused by
-
-
- Closed
-
- links to
-
RHSA-2024:142016
pam bug fix and enhancement update
