** Description changed:
[Impact]
* libpam-mysql is unable to be used because of an upstream symbol
change in libmysqlclient.
* Upstream libpam-mysql has fixed this by updating the source to use
the now-exported API.
[Test Case]
- Steps to reproduce (with vsftpd):
+ Steps to reproduce (with vsftpd):
Installation requirements: mysqlserver 5.7.x, libpam-mysql, vsftpd
- create vsftpd user:
+ create vsftpd user:
useradd --home /home/vsftpd --gid nogroup -m --shell /bin/false vsftpd
- create mysql database and user:
+ create mysql database and user:
== // Start SQL
-
- CREATE DATABASE vsftpd;
- GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP ON vsftpd.* TO
'vsftpd'@'localhost' IDENTIFIED BY 'ftpdpass';
- GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP ON vsftpd.* TO
'vsftpd'@'localhost.localdomain' IDENTIFIED BY 'ftpdpass';
- FLUSH PRIVILEGES;
- USE vsftpd;
+ CREATE DATABASE vsftpd;
+ GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP ON vsftpd.* TO
'vsftpd'@'localhost' IDENTIFIED BY 'ftpdpass';
+ GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP ON vsftpd.* TO
'vsftpd'@'localhost.localdomain' IDENTIFIED BY 'ftpdpass';
+ FLUSH PRIVILEGES;
- CREATE TABLE `accounts` (
- `id` INT NOT NULL AUTO_INCREMENT PRIMARY KEY ,
- `username` VARCHAR( 30 ) NOT NULL ,
- `pass` VARCHAR( 50 ) NOT NULL ,
- UNIQUE (
- `username`
- ));
- insert into accounts(username,pass) values('user',password('password'));
+ USE vsftpd;
+
+ CREATE TABLE `accounts` (
+ `id` INT NOT NULL AUTO_INCREMENT PRIMARY KEY ,
+ `username` VARCHAR( 30 ) NOT NULL ,
+ `pass` VARCHAR( 50 ) NOT NULL ,
+ UNIQUE (
+ `username`
+ ));
+ insert into accounts(username,pass) values('user',password('password'));
==// End SQL
- Configure PAM:
- insert into /etc/pam.d/vsftpd:
+ Configure PAM:
+ insert into /etc/pam.d/vsftpd:
- auth required pam_mysql.so verbose=1 user=vsftpd host=localhost db=vsftpd
table=accounts usercolumn=username passwdcolumn=pass crypt=3 passwd=ftpdpass
- account required pam_mysql.so verbose=1 user=vsftpd host=localhost
db=vsftpd table=accounts usercolumn=username passwdcolumn=pass crypt=3
passwd=ftpdpass
+ auth required pam_mysql.so verbose=1 user=vsftpd host=localhost db=vsftpd
table=accounts usercolumn=username passwdcolumn=pass crypt=2 passwd=ftpdpass
+ account required pam_mysql.so verbose=1 user=vsftpd host=localhost
db=vsftpd table=accounts usercolumn=username passwdcolumn=pass crypt=2
passwd=ftpdpass
Configure vsftpd (/etc/vsftpd.conf) :
- listen=YES
- anonymous_enable=NO
- local_enable=YES
- write_enable=YES
- local_umask=022
- dirmessage_enable=YES
- xferlog_enable=YES
- connect_from_port_20=YES
- nopriv_user=vsftpd
- chroot_local_user=YES
- secure_chroot_dir=/var/run/vsftpd
- pam_service_name=vsftpd
- guest_enable=YES
- guest_username=vsftpd
- local_root=/home/vsftpd/$USER
- user_sub_token=$USER
- virtual_use_local_privs=YES
+ listen=YES
+ anonymous_enable=NO
+ local_enable=YES
+ write_enable=YES
+ local_umask=022
+ dirmessage_enable=YES
+ xferlog_enable=YES
+ connect_from_port_20=YES
+ nopriv_user=vsftpd
+ chroot_local_user=YES
+ secure_chroot_dir=/var/run/vsftpd
+ pam_service_name=vsftpd
+ guest_enable=YES
+ guest_username=vsftpd
+ local_root=/home/vsftpd/$USER
+ user_sub_token=$USER
+ virtual_use_local_privs=YES
restart vsftpd:
- /etc/init.d/vsftpd restart
+ /etc/init.d/vsftpd restart
check /var/log/auth.log
[Regression Potential]
* There is currently no fix or workaround, as the library is basically
broken as installed from Ubuntu.
* I believe the regression potential to be very low because the current
code does not work.
---
In Ubuntu 16.04, the libpam-mysql package does not work. It crashes
with the below error:
PAM unable to dlopen(pam_mysql.so): /lib/security/pam_mysql.so:
undefined symbol: make_scrambled_password
I fixed this issue by download the source for the package and applying
the patches that come from this source RPM:
http://dinofly.com/files/linux/pam_mysql-0.7-0.20.rc1.fc23.src.rpm
I then created unofficial packages after applying the patch. They can
be downloaded here:
http://www.dinofly.com/files/linux/libpam-mysql_0.7~RC1-4ubuntu3_amd64.deb
http://www.dinofly.com/files/linux/libpam-mysql_0.7~RC1-4ubuntu3_i386.deb
libpam-mysql now works again on Ubuntu 16.04 x86 and x64.
Here is the initial RedHat bug report:
https://bugzilla.redhat.com/show_bug.cgi?id=709534
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1574900
Title:
libpam-mysql undefined symbol: make_scrambled_password
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574900/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
