Package: schroot
Version: 1.1.6-1
Severity: normal
schroot invokes PAM in the host machine before entering into the chroot.
This results in the host machine's session modules getting run, which is
causing problems for me with PAM session modules that are not idempotent
(in particular, I was problems with this causing a new OpenAFS PAG to be
created when entering a build chroot so that the build didn't have the
credentials to copy the new .deb out of the chroot, until I changed
/etc/pam.d/schroot to only run the pam_unix.so session module).
While it makes sense to me that schroot might want to use PAM for auth,
account, etc. modules, I'm not aware of situations when schroot would
benefit from running the common-session modules on the host machine -- it
seems like perhaps schroot should only run the pam_unix session module.
But not knowing that the schroot PAM support is used for, I can't really
be sure.
-Tim Abbott
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
