Comment 15 for bug 117736

I added a watcher to the upstream bug report.

Also, I added openssh-server as being affected. Not necessarily that sshd needs changes, but more for tracking and visibility.

According to my code inspection of the OpenSSH code that opens and closes PAM sessions, it looks to me that the pam_open_session() happens with uid=0, which allows pam_mount to do the things it needs to do as root (namely, (a) mount filesystems and (b) increment /var/run/pam_mount/user).

On the other hand, sshd initiates pam_close_session() with uid=non-zero. The pam_mount setuid(0) therefore fails, and the pam_mount process has insufficient privilege to (a) unmount filesystems, and (b) decrement/remove /var/run/pam_mount/user.

Various sources note that one can disable ssh's privilege separation in /etc/ssh/sshd_config to solve this problem, at the expense of lowered security. I was not able to make this work on an Ubuntu Intrepid system. In any case, lowering the security shouldn't be a viable solution.

This is a longstanding bug that could really use some attention such that pam_mount could deliver its designed functionality even over ssh connections.

:-Dustin