Ubuntu
pam package

Bug #1666203
Activity log

Activity log for bug #1666203

Date	Who	What changed	Old value	New value	Message
2017-02-20 12:59:03	Toru Ikezoe	bug			added bug
2017-04-21 14:49:31	Launchpad Janitor	pam (Ubuntu): status	New	Confirmed
2018-04-16 13:03:47	Toru Ikezoe	description	Dear Maintainer. I found a bug in pam_tty_audit. When Using the pam_tty_audit with other pam modules(ex, pam_ldap), it failed in pam_open_session. It was triggared by use uninitialized variable in pam_tty_audit.c::pam_open_session. * Enviroments Ubuntu 14.04.4 LTS linux-image-3.16.0-71-generic 3.16.0-71.92~14.04.1 libpam-ldap:amd64 184-8.5ubuntu3 libpam-modules:amd64 1.1.8-1ubuntu2.2 Ubuntu 16.04.2 TLS linux-image-4.4.0-62-generic 4.4.0-62.83 libpam-ldap:amd64 184-8.7ubuntu1 libpam-modules:amd64 1.1.8-3.2ubuntu2 * Reproduction method 1. Install libpam-ldap. 2. Add the following to the end of /etc/pam.d/common-sessions -------- session required pam_tty_audit.so enable=* open_only -------- 3. When logging in with ssh etc., pam_tty_audit will fail and login fails * Solution apply upstream patch https://git.fedorahosted.org/cgit/linux-pam.git/commit/modules/pam_tty_audit/pam_tty_audit.c?id=c5f829931a22c65feffee16570efdae036524bee * Logs (on Ubuntu14.04) -- auth.log -- May 18 14:47:03 vm sshd[2272]: Accepted publickey for test from 10.99.0.1 port 51398 ssh2: RSA 8f:39:1c:3a:f4:9d:ca:99:67:fc:e3:fd:1e:0c:5b:a8 May 18 14:47:03 vm sshd[2272]: pam_unix(sshd:session): session opened for user test by (uid=0) May 18 14:47:03 vm sshd[2272]: pam_tty_audit(sshd:session): error setting current audit status: Invalid argument May 18 14:47:03 vm sshd[2272]: error: PAM: pam_open_session(): Cannot make/remove an entry for the specified session May 18 14:47:03 vm sshd[2297]: Received disconnect from 10.99.0.1: 11: disconnected by user -- syslog -- May 18 14:47:03 vm audispd: node=vm type=USER_ACCT msg=audit(1463550423.399:58): pid=2272 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:accounting acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' May 18 14:47:03 vm audispd: node=vm type=CRED_ACQ msg=audit(1463550423.403:59): pid=2272 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:setcred acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' May 18 14:47:03 vm audispd: node=vm type=LOGIN msg=audit(1463550423.403:60): pid=2272 uid=0 old-auid=4294967295 auid=20299 old-ses=4294967295 ses=3 res=1 May 18 14:47:03 vm audispd: node=vm type=CONFIG_CHANGE msg=audit(1463550423.403:61): pid=2272 uid=0 auid=20299 ses=3 op=tty_set old-enabled=0 new-enabled=1 old-log_passwd=0 new-log_passwd=32743 res=0 May 18 14:47:03 vm audispd: node=vm type=USER_START msg=audit(1463550423.447:62): pid=2272 uid=0 auid=20299 ses=3 msg='op=PAM:session_open acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=failed' May 18 14:47:03 vm audispd: node=vm type=CRED_ACQ msg=audit(1463550423.447:63): pid=2297 uid=0 auid=20299 ses=3 msg='op=PAM:setcred acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' May 18 14:47:03 vm audispd: node=vm type=CRED_DISP msg=audit(1463550423.451:64): pid=2272 uid=0 auid=20299 ses=3 msg='op=PAM:setcred acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' Thanks regards.	Dear Maintainer. I found a bug in pam_tty_audit. When Using the pam_tty_audit with other pam modules(ex, pam_ldap), it failed in pam_open_session. It was triggared by use uninitialized variable in pam_tty_audit.c::pam_open_session. * Enviroments Ubuntu 14.04.4 LTS linux-image-3.16.0-71-generic 3.16.0-71.92~14.04.1 libpam-ldap:amd64 184-8.5ubuntu3 libpam-modules:amd64 1.1.8-1ubuntu2.2 Ubuntu 16.04.2 TLS linux-image-4.4.0-62-generic 4.4.0-62.83 libpam-ldap:amd64 184-8.7ubuntu1 libpam-modules:amd64 1.1.8-3.2ubuntu2 * Reproduction method 1. Install libpam-ldap. 2. Add the following to the end of /etc/pam.d/common-sessions -------- session required pam_tty_audit.so enable=* open_only -------- 3. When logging in with ssh etc., pam_tty_audit will fail and login fails * Solution (== 2018/04/16 Link updated ==) apply upstream patch https://github.com/linux-pam/linux-pam/commit/c5f829931a22c65feffee16570efdae036524bee * Logs (on Ubuntu14.04) -- auth.log -- May 18 14:47:03 vm sshd[2272]: Accepted publickey for test from 10.99.0.1 port 51398 ssh2: RSA 8f:39:1c:3a:f4:9d:ca:99:67:fc:e3:fd:1e:0c:5b:a8 May 18 14:47:03 vm sshd[2272]: pam_unix(sshd:session): session opened for user test by (uid=0) May 18 14:47:03 vm sshd[2272]: pam_tty_audit(sshd:session): error setting current audit status: Invalid argument May 18 14:47:03 vm sshd[2272]: error: PAM: pam_open_session(): Cannot make/remove an entry for the specified session May 18 14:47:03 vm sshd[2297]: Received disconnect from 10.99.0.1: 11: disconnected by user -- syslog -- May 18 14:47:03 vm audispd: node=vm type=USER_ACCT msg=audit(1463550423.399:58): pid=2272 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:accounting acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' May 18 14:47:03 vm audispd: node=vm type=CRED_ACQ msg=audit(1463550423.403:59): pid=2272 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:setcred acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' May 18 14:47:03 vm audispd: node=vm type=LOGIN msg=audit(1463550423.403:60): pid=2272 uid=0 old-auid=4294967295 auid=20299 old-ses=4294967295 ses=3 res=1 May 18 14:47:03 vm audispd: node=vm type=CONFIG_CHANGE msg=audit(1463550423.403:61): pid=2272 uid=0 auid=20299 ses=3 op=tty_set old-enabled=0 new-enabled=1 old-log_passwd=0 new-log_passwd=32743 res=0 May 18 14:47:03 vm audispd: node=vm type=USER_START msg=audit(1463550423.447:62): pid=2272 uid=0 auid=20299 ses=3 msg='op=PAM:session_open acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=failed' May 18 14:47:03 vm audispd: node=vm type=CRED_ACQ msg=audit(1463550423.447:63): pid=2297 uid=0 auid=20299 ses=3 msg='op=PAM:setcred acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' May 18 14:47:03 vm audispd: node=vm type=CRED_DISP msg=audit(1463550423.451:64): pid=2272 uid=0 auid=20299 ses=3 msg='op=PAM:setcred acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' Thanks regards.
2018-06-18 20:17:05	lnxtx	bug			added subscriber Michał Gradowski
2018-07-12 06:40:26	Tim Thompson	bug			added subscriber Tim Thompson
2019-01-13 14:45:14	Robie Basak	pam (Ubuntu): status	Confirmed	Triaged
2019-01-13 14:45:17	Robie Basak	pam (Ubuntu): importance	Undecided	Medium
2019-01-30 14:24:18	Patrik Lundquist	tags		bionic
2019-01-30 14:31:41	Patrik Lundquist	bug watch added		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778664
2019-01-30 14:31:41	Patrik Lundquist	bug task added		pam (Debian)
2019-01-30 14:57:12	Patrik Lundquist	tags	bionic	bionic trusty xen
2019-01-30 14:57:41	Patrik Lundquist	tags	bionic trusty xen	bionic cosmic disco trusty xenial
2019-01-30 15:03:01	Bug Watch Updater	pam (Debian): status	Unknown	New
2019-02-01 17:06:28	Don van der Haghen	bug			added subscriber Don
2019-02-03 01:07:30	Don van der Haghen	attachment added		bionic-fix-for-lp-1666203.debdiff https://bugs.launchpad.net/ubuntu/+source/pam/+bug/1666203/+attachment/5235473/+files/bionic-fix-for-lp-1666203.debdiff
2019-02-03 04:18:20	Ubuntu Foundations Team Bug Bot	tags	bionic cosmic disco trusty xenial	bionic cosmic disco patch trusty xenial
2019-02-03 04:18:28	Ubuntu Foundations Team Bug Bot	bug			added subscriber Ubuntu Sponsors Team
2019-02-03 09:53:41	Don van der Haghen	pam (Ubuntu): assignee		Don van der Haghen (donvdh)
2019-02-04 14:55:20	Patrik Lundquist	bug			added subscriber Patrik Lundquist
2019-02-05 21:14:19	Don van der Haghen	attachment added		bionic-fix-for-lp-1666203-v2.debdiff https://bugs.launchpad.net/ubuntu/+source/pam/+bug/1666203/+attachment/5236226/+files/bionic-fix-for-lp-1666203-v2.debdiff
2019-02-05 21:53:56	Don van der Haghen	attachment added		xenial-fix-for-lp-1666203.debdiff https://bugs.launchpad.net/debian/+source/pam/+bug/1666203/+attachment/5236239/+files/xenial-fix-for-lp-1666203.debdiff
2019-02-13 06:24:00	Steve Langasek	pam (Ubuntu): status	Triaged	Fix Released
2019-02-13 08:08:32	Bug Watch Updater	pam (Debian): status	New	Fix Released
2019-02-13 09:41:52	tranadols	description	Dear Maintainer. I found a bug in pam_tty_audit. When Using the pam_tty_audit with other pam modules(ex, pam_ldap), it failed in pam_open_session. It was triggared by use uninitialized variable in pam_tty_audit.c::pam_open_session. * Enviroments Ubuntu 14.04.4 LTS linux-image-3.16.0-71-generic 3.16.0-71.92~14.04.1 libpam-ldap:amd64 184-8.5ubuntu3 libpam-modules:amd64 1.1.8-1ubuntu2.2 Ubuntu 16.04.2 TLS linux-image-4.4.0-62-generic 4.4.0-62.83 libpam-ldap:amd64 184-8.7ubuntu1 libpam-modules:amd64 1.1.8-3.2ubuntu2 * Reproduction method 1. Install libpam-ldap. 2. Add the following to the end of /etc/pam.d/common-sessions -------- session required pam_tty_audit.so enable=* open_only -------- 3. When logging in with ssh etc., pam_tty_audit will fail and login fails * Solution (== 2018/04/16 Link updated ==) apply upstream patch https://github.com/linux-pam/linux-pam/commit/c5f829931a22c65feffee16570efdae036524bee * Logs (on Ubuntu14.04) -- auth.log -- May 18 14:47:03 vm sshd[2272]: Accepted publickey for test from 10.99.0.1 port 51398 ssh2: RSA 8f:39:1c:3a:f4:9d:ca:99:67:fc:e3:fd:1e:0c:5b:a8 May 18 14:47:03 vm sshd[2272]: pam_unix(sshd:session): session opened for user test by (uid=0) May 18 14:47:03 vm sshd[2272]: pam_tty_audit(sshd:session): error setting current audit status: Invalid argument May 18 14:47:03 vm sshd[2272]: error: PAM: pam_open_session(): Cannot make/remove an entry for the specified session May 18 14:47:03 vm sshd[2297]: Received disconnect from 10.99.0.1: 11: disconnected by user -- syslog -- May 18 14:47:03 vm audispd: node=vm type=USER_ACCT msg=audit(1463550423.399:58): pid=2272 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:accounting acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' May 18 14:47:03 vm audispd: node=vm type=CRED_ACQ msg=audit(1463550423.403:59): pid=2272 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:setcred acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' May 18 14:47:03 vm audispd: node=vm type=LOGIN msg=audit(1463550423.403:60): pid=2272 uid=0 old-auid=4294967295 auid=20299 old-ses=4294967295 ses=3 res=1 May 18 14:47:03 vm audispd: node=vm type=CONFIG_CHANGE msg=audit(1463550423.403:61): pid=2272 uid=0 auid=20299 ses=3 op=tty_set old-enabled=0 new-enabled=1 old-log_passwd=0 new-log_passwd=32743 res=0 May 18 14:47:03 vm audispd: node=vm type=USER_START msg=audit(1463550423.447:62): pid=2272 uid=0 auid=20299 ses=3 msg='op=PAM:session_open acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=failed' May 18 14:47:03 vm audispd: node=vm type=CRED_ACQ msg=audit(1463550423.447:63): pid=2297 uid=0 auid=20299 ses=3 msg='op=PAM:setcred acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' May 18 14:47:03 vm audispd: node=vm type=CRED_DISP msg=audit(1463550423.451:64): pid=2272 uid=0 auid=20299 ses=3 msg='op=PAM:setcred acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' Thanks regards.	Dear Maintainer. I found a bug in pam_tty_audit. When Using the pam_tty_audit with other pam modules(ex, pam_ldap), it failed in pam_open_session. It was triggared by use uninitialized variable in pam_tty_audit.c::pam_open_session. * Enviroments Ubuntu 14.04.4 LTS linux-image-3.16.0-71-generic 3.16.0-71.92~14.04.1 libpam-ldap:amd64 184-8.5ubuntu3 libpam-modules:amd64 1.1.8-1ubuntu2.2 Ubuntu 16.04.2 TLS linux-image-4.4.0-62-generic 4.4.0-62.83 libpam-ldap:amd64 184-8.7ubuntu1 libpam-modules:amd64 1.1.8-3.2ubuntu2 * Reproduction method 1. Install libpam-ldap. 2. Add the following to the end of /etc/pam.d/common-sessions -------- session required pam_tty_audit.so enable=* open_only -------- 3. When logging in with ssh etc., pam_tty_audit will fail and login fails * Solution (== 2018/04/16 Link updated ==) apply upstream patch https://bit.ly/2BtN52W * Logs (on Ubuntu14.04) -- auth.log -- May 18 14:47:03 vm sshd[2272]: Accepted publickey for test from 10.99.0.1 port 51398 ssh2: RSA 8f:39:1c:3a:f4:9d:ca:99:67:fc:e3:fd:1e:0c:5b:a8 May 18 14:47:03 vm sshd[2272]: pam_unix(sshd:session): session opened for user test by (uid=0) May 18 14:47:03 vm sshd[2272]: pam_tty_audit(sshd:session): error setting current audit status: Invalid argument May 18 14:47:03 vm sshd[2272]: error: PAM: pam_open_session(): Cannot make/remove an entry for the specified session May 18 14:47:03 vm sshd[2297]: Received disconnect from 10.99.0.1: 11: disconnected by user -- syslog -- May 18 14:47:03 vm audispd: node=vm type=USER_ACCT msg=audit(1463550423.399:58): pid=2272 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:accounting acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' May 18 14:47:03 vm audispd: node=vm type=CRED_ACQ msg=audit(1463550423.403:59): pid=2272 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:setcred acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' May 18 14:47:03 vm audispd: node=vm type=LOGIN msg=audit(1463550423.403:60): pid=2272 uid=0 old-auid=4294967295 auid=20299 old-ses=4294967295 ses=3 res=1 May 18 14:47:03 vm audispd: node=vm type=CONFIG_CHANGE msg=audit(1463550423.403:61): pid=2272 uid=0 auid=20299 ses=3 op=tty_set old-enabled=0 new-enabled=1 old-log_passwd=0 new-log_passwd=32743 res=0 May 18 14:47:03 vm audispd: node=vm type=USER_START msg=audit(1463550423.447:62): pid=2272 uid=0 auid=20299 ses=3 msg='op=PAM:session_open acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=failed' May 18 14:47:03 vm audispd: node=vm type=CRED_ACQ msg=audit(1463550423.447:63): pid=2297 uid=0 auid=20299 ses=3 msg='op=PAM:setcred acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' May 18 14:47:03 vm audispd: node=vm type=CRED_DISP msg=audit(1463550423.451:64): pid=2272 uid=0 auid=20299 ses=3 msg='op=PAM:setcred acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' Thanks regards. https://bit.ly/2BtN52W
2019-02-13 10:48:06	Toru Ikezoe	description	Dear Maintainer. I found a bug in pam_tty_audit. When Using the pam_tty_audit with other pam modules(ex, pam_ldap), it failed in pam_open_session. It was triggared by use uninitialized variable in pam_tty_audit.c::pam_open_session. * Enviroments Ubuntu 14.04.4 LTS linux-image-3.16.0-71-generic 3.16.0-71.92~14.04.1 libpam-ldap:amd64 184-8.5ubuntu3 libpam-modules:amd64 1.1.8-1ubuntu2.2 Ubuntu 16.04.2 TLS linux-image-4.4.0-62-generic 4.4.0-62.83 libpam-ldap:amd64 184-8.7ubuntu1 libpam-modules:amd64 1.1.8-3.2ubuntu2 * Reproduction method 1. Install libpam-ldap. 2. Add the following to the end of /etc/pam.d/common-sessions -------- session required pam_tty_audit.so enable=* open_only -------- 3. When logging in with ssh etc., pam_tty_audit will fail and login fails * Solution (== 2018/04/16 Link updated ==) apply upstream patch https://bit.ly/2BtN52W * Logs (on Ubuntu14.04) -- auth.log -- May 18 14:47:03 vm sshd[2272]: Accepted publickey for test from 10.99.0.1 port 51398 ssh2: RSA 8f:39:1c:3a:f4:9d:ca:99:67:fc:e3:fd:1e:0c:5b:a8 May 18 14:47:03 vm sshd[2272]: pam_unix(sshd:session): session opened for user test by (uid=0) May 18 14:47:03 vm sshd[2272]: pam_tty_audit(sshd:session): error setting current audit status: Invalid argument May 18 14:47:03 vm sshd[2272]: error: PAM: pam_open_session(): Cannot make/remove an entry for the specified session May 18 14:47:03 vm sshd[2297]: Received disconnect from 10.99.0.1: 11: disconnected by user -- syslog -- May 18 14:47:03 vm audispd: node=vm type=USER_ACCT msg=audit(1463550423.399:58): pid=2272 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:accounting acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' May 18 14:47:03 vm audispd: node=vm type=CRED_ACQ msg=audit(1463550423.403:59): pid=2272 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:setcred acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' May 18 14:47:03 vm audispd: node=vm type=LOGIN msg=audit(1463550423.403:60): pid=2272 uid=0 old-auid=4294967295 auid=20299 old-ses=4294967295 ses=3 res=1 May 18 14:47:03 vm audispd: node=vm type=CONFIG_CHANGE msg=audit(1463550423.403:61): pid=2272 uid=0 auid=20299 ses=3 op=tty_set old-enabled=0 new-enabled=1 old-log_passwd=0 new-log_passwd=32743 res=0 May 18 14:47:03 vm audispd: node=vm type=USER_START msg=audit(1463550423.447:62): pid=2272 uid=0 auid=20299 ses=3 msg='op=PAM:session_open acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=failed' May 18 14:47:03 vm audispd: node=vm type=CRED_ACQ msg=audit(1463550423.447:63): pid=2297 uid=0 auid=20299 ses=3 msg='op=PAM:setcred acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' May 18 14:47:03 vm audispd: node=vm type=CRED_DISP msg=audit(1463550423.451:64): pid=2272 uid=0 auid=20299 ses=3 msg='op=PAM:setcred acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' Thanks regards. https://bit.ly/2BtN52W	Dear Maintainer. I found a bug in pam_tty_audit. When Using the pam_tty_audit with other pam modules(ex, pam_ldap), it failed in pam_open_session. It was triggared by use uninitialized variable in pam_tty_audit.c::pam_open_session. * Enviroments Ubuntu 14.04.4 LTS linux-image-3.16.0-71-generic 3.16.0-71.92~14.04.1 libpam-ldap:amd64 184-8.5ubuntu3 libpam-modules:amd64 1.1.8-1ubuntu2.2 Ubuntu 16.04.2 TLS linux-image-4.4.0-62-generic 4.4.0-62.83 libpam-ldap:amd64 184-8.7ubuntu1 libpam-modules:amd64 1.1.8-3.2ubuntu2 * Reproduction method 1. Install libpam-ldap. 2. Add the following to the end of /etc/pam.d/common-sessions -------- session required pam_tty_audit.so enable=* open_only -------- 3. When logging in with ssh etc., pam_tty_audit will fail and login fails * Solution (== 2018/04/16 Link updated ==) apply upstream patch https://github.com/linux-pam/linux-pam/commit/c5f829931a22c65feffee16570efdae036524bee * Logs (on Ubuntu14.04) -- auth.log -- May 18 14:47:03 vm sshd[2272]: Accepted publickey for test from 10.99.0.1 port 51398 ssh2: RSA 8f:39:1c:3a:f4:9d:ca:99:67:fc:e3:fd:1e:0c:5b:a8 May 18 14:47:03 vm sshd[2272]: pam_unix(sshd:session): session opened for user test by (uid=0) May 18 14:47:03 vm sshd[2272]: pam_tty_audit(sshd:session): error setting current audit status: Invalid argument May 18 14:47:03 vm sshd[2272]: error: PAM: pam_open_session(): Cannot make/remove an entry for the specified session May 18 14:47:03 vm sshd[2297]: Received disconnect from 10.99.0.1: 11: disconnected by user -- syslog -- May 18 14:47:03 vm audispd: node=vm type=USER_ACCT msg=audit(1463550423.399:58): pid=2272 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:accounting acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' May 18 14:47:03 vm audispd: node=vm type=CRED_ACQ msg=audit(1463550423.403:59): pid=2272 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:setcred acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' May 18 14:47:03 vm audispd: node=vm type=LOGIN msg=audit(1463550423.403:60): pid=2272 uid=0 old-auid=4294967295 auid=20299 old-ses=4294967295 ses=3 res=1 May 18 14:47:03 vm audispd: node=vm type=CONFIG_CHANGE msg=audit(1463550423.403:61): pid=2272 uid=0 auid=20299 ses=3 op=tty_set old-enabled=0 new-enabled=1 old-log_passwd=0 new-log_passwd=32743 res=0 May 18 14:47:03 vm audispd: node=vm type=USER_START msg=audit(1463550423.447:62): pid=2272 uid=0 auid=20299 ses=3 msg='op=PAM:session_open acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=failed' May 18 14:47:03 vm audispd: node=vm type=CRED_ACQ msg=audit(1463550423.447:63): pid=2297 uid=0 auid=20299 ses=3 msg='op=PAM:setcred acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' May 18 14:47:03 vm audispd: node=vm type=CRED_DISP msg=audit(1463550423.451:64): pid=2272 uid=0 auid=20299 ses=3 msg='op=PAM:setcred acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' Thanks regards.
2019-02-15 15:50:13	Steve Langasek	nominated for series		Ubuntu Bionic
2019-02-15 15:50:13	Steve Langasek	bug task added		pam (Ubuntu Bionic)
2019-02-15 15:50:13	Steve Langasek	nominated for series		Ubuntu Xenial
2019-02-15 15:50:13	Steve Langasek	bug task added		pam (Ubuntu Xenial)
2019-02-19 15:11:23	Launchpad Janitor	pam (Ubuntu Xenial): status	New	Confirmed
2019-02-19 15:11:23	Launchpad Janitor	pam (Ubuntu Bionic): status	New	Confirmed
2019-02-26 03:58:31	Nivedita Singhvi	pam (Ubuntu Xenial): importance	Undecided	High
2019-02-26 03:58:37	Nivedita Singhvi	pam (Ubuntu Bionic): importance	Undecided	High
2019-02-26 18:02:20	Eric Desrochers	bug			added subscriber STS Sponsors
2019-02-26 18:02:33	Eric Desrochers	tags	bionic cosmic disco patch trusty xenial	bionic cosmic disco patch sts trusty xenial
2019-02-26 18:03:10	Eric Desrochers	pam (Ubuntu Bionic): assignee		Don van der Haghen (donvdh)
2019-02-26 18:03:18	Eric Desrochers	pam (Ubuntu Xenial): assignee		Don van der Haghen (donvdh)
2019-02-26 18:03:20	Eric Desrochers	pam (Ubuntu Xenial): status	Confirmed	In Progress
2019-02-26 18:03:22	Eric Desrochers	pam (Ubuntu Bionic): status	Confirmed	In Progress
2019-02-27 13:45:54	Eric Desrochers	description	Dear Maintainer. I found a bug in pam_tty_audit. When Using the pam_tty_audit with other pam modules(ex, pam_ldap), it failed in pam_open_session. It was triggared by use uninitialized variable in pam_tty_audit.c::pam_open_session. * Enviroments Ubuntu 14.04.4 LTS linux-image-3.16.0-71-generic 3.16.0-71.92~14.04.1 libpam-ldap:amd64 184-8.5ubuntu3 libpam-modules:amd64 1.1.8-1ubuntu2.2 Ubuntu 16.04.2 TLS linux-image-4.4.0-62-generic 4.4.0-62.83 libpam-ldap:amd64 184-8.7ubuntu1 libpam-modules:amd64 1.1.8-3.2ubuntu2 * Reproduction method 1. Install libpam-ldap. 2. Add the following to the end of /etc/pam.d/common-sessions -------- session required pam_tty_audit.so enable=* open_only -------- 3. When logging in with ssh etc., pam_tty_audit will fail and login fails * Solution (== 2018/04/16 Link updated ==) apply upstream patch https://github.com/linux-pam/linux-pam/commit/c5f829931a22c65feffee16570efdae036524bee * Logs (on Ubuntu14.04) -- auth.log -- May 18 14:47:03 vm sshd[2272]: Accepted publickey for test from 10.99.0.1 port 51398 ssh2: RSA 8f:39:1c:3a:f4:9d:ca:99:67:fc:e3:fd:1e:0c:5b:a8 May 18 14:47:03 vm sshd[2272]: pam_unix(sshd:session): session opened for user test by (uid=0) May 18 14:47:03 vm sshd[2272]: pam_tty_audit(sshd:session): error setting current audit status: Invalid argument May 18 14:47:03 vm sshd[2272]: error: PAM: pam_open_session(): Cannot make/remove an entry for the specified session May 18 14:47:03 vm sshd[2297]: Received disconnect from 10.99.0.1: 11: disconnected by user -- syslog -- May 18 14:47:03 vm audispd: node=vm type=USER_ACCT msg=audit(1463550423.399:58): pid=2272 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:accounting acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' May 18 14:47:03 vm audispd: node=vm type=CRED_ACQ msg=audit(1463550423.403:59): pid=2272 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:setcred acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' May 18 14:47:03 vm audispd: node=vm type=LOGIN msg=audit(1463550423.403:60): pid=2272 uid=0 old-auid=4294967295 auid=20299 old-ses=4294967295 ses=3 res=1 May 18 14:47:03 vm audispd: node=vm type=CONFIG_CHANGE msg=audit(1463550423.403:61): pid=2272 uid=0 auid=20299 ses=3 op=tty_set old-enabled=0 new-enabled=1 old-log_passwd=0 new-log_passwd=32743 res=0 May 18 14:47:03 vm audispd: node=vm type=USER_START msg=audit(1463550423.447:62): pid=2272 uid=0 auid=20299 ses=3 msg='op=PAM:session_open acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=failed' May 18 14:47:03 vm audispd: node=vm type=CRED_ACQ msg=audit(1463550423.447:63): pid=2297 uid=0 auid=20299 ses=3 msg='op=PAM:setcred acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' May 18 14:47:03 vm audispd: node=vm type=CRED_DISP msg=audit(1463550423.451:64): pid=2272 uid=0 auid=20299 ses=3 msg='op=PAM:setcred acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' Thanks regards.	[Impact] * Kernel keystroke auditing via pam_tty_audit.so not working * When Using the pam_tty_audit with other pam modules(ex, pam_ldap), it failed in pam_open_session. It was triggared by use uninitialized variable in pam_tty_audit.c::pam_open_session. [Test Case] 1. Install libpam-ldap 2. Add the following to the end of /etc/pam.d/common-sessions -------- session required pam_tty_audit.so enable=* open_only -------- 3. When logging in with ssh etc., pam_tty_audit will fail and login fails [Regression Potential] * Low, we are simply including the missing header files and copy the old status as initialization of new. It's already part of Debian and Disco. [Other Info] # Upstream fix: https://github.com/linux-pam/linux-pam/commit/c5f829931a22c65feffee16570efdae036524bee # git describe --contains c5f829931a22c65feffee16570efdae036524bee Linux-PAM-1_2_0~75 # rmadision pam => pam \| 1.1.8-1ubuntu2.2 \| trusty-updates \| source => pam \| 1.1.8-3.2ubuntu2 \| xenial \| source => pam \| 1.1.8-3.2ubuntu2.1 \| xenial-updates \| source => pam \| 1.1.8-3.6ubuntu2 \| bionic \| source => pam \| 1.1.8-3.6ubuntu2 \| cosmic \| source pam \| 1.3.1-5ubuntu1 \| disco \| source [Original Description] Dear Maintainer. I found a bug in pam_tty_audit. When Using the pam_tty_audit with other pam modules(ex, pam_ldap), it failed in pam_open_session. It was triggared by use uninitialized variable in pam_tty_audit.c::pam_open_session. * Enviroments Ubuntu 14.04.4 LTS linux-image-3.16.0-71-generic 3.16.0-71.92~14.04.1 libpam-ldap:amd64 184-8.5ubuntu3 libpam-modules:amd64 1.1.8-1ubuntu2.2 Ubuntu 16.04.2 TLS linux-image-4.4.0-62-generic 4.4.0-62.83 libpam-ldap:amd64 184-8.7ubuntu1 libpam-modules:amd64 1.1.8-3.2ubuntu2 * Reproduction method 1. Install libpam-ldap. 2. Add the following to the end of /etc/pam.d/common-sessions -------- session required pam_tty_audit.so enable=* open_only -------- 3. When logging in with ssh etc., pam_tty_audit will fail and login fails * Solution (== 2018/04/16 Link updated ==) apply upstream patch https://github.com/linux-pam/linux-pam/commit/c5f829931a22c65feffee16570efdae036524bee * Logs (on Ubuntu14.04) -- auth.log -- May 18 14:47:03 vm sshd[2272]: Accepted publickey for test from 10.99.0.1 port 51398 ssh2: RSA 8f:39:1c:3a:f4:9d:ca:99:67:fc:e3:fd:1e:0c:5b:a8 May 18 14:47:03 vm sshd[2272]: pam_unix(sshd:session): session opened for user test by (uid=0) May 18 14:47:03 vm sshd[2272]: pam_tty_audit(sshd:session): error setting current audit status: Invalid argument May 18 14:47:03 vm sshd[2272]: error: PAM: pam_open_session(): Cannot make/remove an entry for the specified session May 18 14:47:03 vm sshd[2297]: Received disconnect from 10.99.0.1: 11: disconnected by user -- syslog -- May 18 14:47:03 vm audispd: node=vm type=USER_ACCT msg=audit(1463550423.399:58): pid=2272 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:accounting acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' May 18 14:47:03 vm audispd: node=vm type=CRED_ACQ msg=audit(1463550423.403:59): pid=2272 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:setcred acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' May 18 14:47:03 vm audispd: node=vm type=LOGIN msg=audit(1463550423.403:60): pid=2272 uid=0 old-auid=4294967295 auid=20299 old-ses=4294967295 ses=3 res=1 May 18 14:47:03 vm audispd: node=vm type=CONFIG_CHANGE msg=audit(1463550423.403:61): pid=2272 uid=0 auid=20299 ses=3 op=tty_set old-enabled=0 new-enabled=1 old-log_passwd=0 new-log_passwd=32743 res=0 May 18 14:47:03 vm audispd: node=vm type=USER_START msg=audit(1463550423.447:62): pid=2272 uid=0 auid=20299 ses=3 msg='op=PAM:session_open acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=failed' May 18 14:47:03 vm audispd: node=vm type=CRED_ACQ msg=audit(1463550423.447:63): pid=2297 uid=0 auid=20299 ses=3 msg='op=PAM:setcred acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' May 18 14:47:03 vm audispd: node=vm type=CRED_DISP msg=audit(1463550423.451:64): pid=2272 uid=0 auid=20299 ses=3 msg='op=PAM:setcred acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' Thanks regards.
2019-02-27 13:46:06	Eric Desrochers	nominated for series		Ubuntu Cosmic
2019-02-27 13:46:06	Eric Desrochers	bug task added		pam (Ubuntu Cosmic)
2019-02-27 14:40:26	Eric Desrochers	pam (Ubuntu Cosmic): status	New	In Progress
2019-02-27 14:40:30	Eric Desrochers	pam (Ubuntu Cosmic): importance	Undecided	Medium
2019-02-27 14:40:32	Eric Desrochers	pam (Ubuntu Cosmic): assignee		Eric Desrochers (slashd)
2019-02-28 01:25:57	Eric Desrochers	pam (Ubuntu Bionic): assignee	Don van der Haghen (donvdh)	Eric Desrochers (slashd)
2019-02-28 01:26:09	Eric Desrochers	pam (Ubuntu Bionic): importance	High	Medium
2019-02-28 01:57:07	Eric Desrochers	description	[Impact] * Kernel keystroke auditing via pam_tty_audit.so not working * When Using the pam_tty_audit with other pam modules(ex, pam_ldap), it failed in pam_open_session. It was triggared by use uninitialized variable in pam_tty_audit.c::pam_open_session. [Test Case] 1. Install libpam-ldap 2. Add the following to the end of /etc/pam.d/common-sessions -------- session required pam_tty_audit.so enable=* open_only -------- 3. When logging in with ssh etc., pam_tty_audit will fail and login fails [Regression Potential] * Low, we are simply including the missing header files and copy the old status as initialization of new. It's already part of Debian and Disco. [Other Info] # Upstream fix: https://github.com/linux-pam/linux-pam/commit/c5f829931a22c65feffee16570efdae036524bee # git describe --contains c5f829931a22c65feffee16570efdae036524bee Linux-PAM-1_2_0~75 # rmadision pam => pam \| 1.1.8-1ubuntu2.2 \| trusty-updates \| source => pam \| 1.1.8-3.2ubuntu2 \| xenial \| source => pam \| 1.1.8-3.2ubuntu2.1 \| xenial-updates \| source => pam \| 1.1.8-3.6ubuntu2 \| bionic \| source => pam \| 1.1.8-3.6ubuntu2 \| cosmic \| source pam \| 1.3.1-5ubuntu1 \| disco \| source [Original Description] Dear Maintainer. I found a bug in pam_tty_audit. When Using the pam_tty_audit with other pam modules(ex, pam_ldap), it failed in pam_open_session. It was triggared by use uninitialized variable in pam_tty_audit.c::pam_open_session. * Enviroments Ubuntu 14.04.4 LTS linux-image-3.16.0-71-generic 3.16.0-71.92~14.04.1 libpam-ldap:amd64 184-8.5ubuntu3 libpam-modules:amd64 1.1.8-1ubuntu2.2 Ubuntu 16.04.2 TLS linux-image-4.4.0-62-generic 4.4.0-62.83 libpam-ldap:amd64 184-8.7ubuntu1 libpam-modules:amd64 1.1.8-3.2ubuntu2 * Reproduction method 1. Install libpam-ldap. 2. Add the following to the end of /etc/pam.d/common-sessions -------- session required pam_tty_audit.so enable=* open_only -------- 3. When logging in with ssh etc., pam_tty_audit will fail and login fails * Solution (== 2018/04/16 Link updated ==) apply upstream patch https://github.com/linux-pam/linux-pam/commit/c5f829931a22c65feffee16570efdae036524bee * Logs (on Ubuntu14.04) -- auth.log -- May 18 14:47:03 vm sshd[2272]: Accepted publickey for test from 10.99.0.1 port 51398 ssh2: RSA 8f:39:1c:3a:f4:9d:ca:99:67:fc:e3:fd:1e:0c:5b:a8 May 18 14:47:03 vm sshd[2272]: pam_unix(sshd:session): session opened for user test by (uid=0) May 18 14:47:03 vm sshd[2272]: pam_tty_audit(sshd:session): error setting current audit status: Invalid argument May 18 14:47:03 vm sshd[2272]: error: PAM: pam_open_session(): Cannot make/remove an entry for the specified session May 18 14:47:03 vm sshd[2297]: Received disconnect from 10.99.0.1: 11: disconnected by user -- syslog -- May 18 14:47:03 vm audispd: node=vm type=USER_ACCT msg=audit(1463550423.399:58): pid=2272 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:accounting acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' May 18 14:47:03 vm audispd: node=vm type=CRED_ACQ msg=audit(1463550423.403:59): pid=2272 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:setcred acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' May 18 14:47:03 vm audispd: node=vm type=LOGIN msg=audit(1463550423.403:60): pid=2272 uid=0 old-auid=4294967295 auid=20299 old-ses=4294967295 ses=3 res=1 May 18 14:47:03 vm audispd: node=vm type=CONFIG_CHANGE msg=audit(1463550423.403:61): pid=2272 uid=0 auid=20299 ses=3 op=tty_set old-enabled=0 new-enabled=1 old-log_passwd=0 new-log_passwd=32743 res=0 May 18 14:47:03 vm audispd: node=vm type=USER_START msg=audit(1463550423.447:62): pid=2272 uid=0 auid=20299 ses=3 msg='op=PAM:session_open acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=failed' May 18 14:47:03 vm audispd: node=vm type=CRED_ACQ msg=audit(1463550423.447:63): pid=2297 uid=0 auid=20299 ses=3 msg='op=PAM:setcred acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' May 18 14:47:03 vm audispd: node=vm type=CRED_DISP msg=audit(1463550423.451:64): pid=2272 uid=0 auid=20299 ses=3 msg='op=PAM:setcred acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' Thanks regards.	[Impact] * Kernel keystroke auditing via pam_tty_audit.so not working * When Using the pam_tty_audit with other pam modules(ex, pam_ldap), it failed in pam_open_session. It was triggared by use uninitialized variable in pam_tty_audit.c::pam_open_session. [Test Case] 1) Open a shell & escalate to root 2) Update /etc/pam.d/common-session & /etc/pam.d/common-session-noninteractive and add the following line directly after the line: "session required pam_unix.so": "session required pam_tty_audit.so enable=" 3) Start a second new shell session on the box and type a variety of commands 4) Exit the second shell session to flush the buffer? 5) In the root shell run "aureport -tty -i". The output should show the commands run in the other shell. [Regression Potential] Low, we are simply including the missing header files and copy the old status as initialization of new. It's already part of Debian and Disco. [Other Info] # Upstream fix: https://github.com/linux-pam/linux-pam/commit/c5f829931a22c65feffee16570efdae036524bee # git describe --contains c5f829931a22c65feffee16570efdae036524bee Linux-PAM-1_2_0~75 # rmadision pam => pam \| 1.1.8-1ubuntu2.2 \| trusty-updates \| source => pam \| 1.1.8-3.2ubuntu2 \| xenial \| source => pam \| 1.1.8-3.2ubuntu2.1 \| xenial-updates \| source => pam \| 1.1.8-3.6ubuntu2 \| bionic \| source => pam \| 1.1.8-3.6ubuntu2 \| cosmic \| source pam \| 1.3.1-5ubuntu1 \| disco \| source [Original Description] Dear Maintainer. I found a bug in pam_tty_audit. When Using the pam_tty_audit with other pam modules(ex, pam_ldap), it failed in pam_open_session. It was triggared by use uninitialized variable in pam_tty_audit.c::pam_open_session. * Enviroments Ubuntu 14.04.4 LTS linux-image-3.16.0-71-generic 3.16.0-71.92~14.04.1 libpam-ldap:amd64 184-8.5ubuntu3 libpam-modules:amd64 1.1.8-1ubuntu2.2 Ubuntu 16.04.2 TLS linux-image-4.4.0-62-generic 4.4.0-62.83 libpam-ldap:amd64 184-8.7ubuntu1 libpam-modules:amd64 1.1.8-3.2ubuntu2 * Reproduction method 1. Install libpam-ldap. 2. Add the following to the end of /etc/pam.d/common-sessions -------- session required pam_tty_audit.so enable=* open_only -------- 3. When logging in with ssh etc., pam_tty_audit will fail and login fails * Solution (== 2018/04/16 Link updated ==) apply upstream patch https://github.com/linux-pam/linux-pam/commit/c5f829931a22c65feffee16570efdae036524bee * Logs (on Ubuntu14.04) -- auth.log -- May 18 14:47:03 vm sshd[2272]: Accepted publickey for test from 10.99.0.1 port 51398 ssh2: RSA 8f:39:1c:3a:f4:9d:ca:99:67:fc:e3:fd:1e:0c:5b:a8 May 18 14:47:03 vm sshd[2272]: pam_unix(sshd:session): session opened for user test by (uid=0) May 18 14:47:03 vm sshd[2272]: pam_tty_audit(sshd:session): error setting current audit status: Invalid argument May 18 14:47:03 vm sshd[2272]: error: PAM: pam_open_session(): Cannot make/remove an entry for the specified session May 18 14:47:03 vm sshd[2297]: Received disconnect from 10.99.0.1: 11: disconnected by user -- syslog -- May 18 14:47:03 vm audispd: node=vm type=USER_ACCT msg=audit(1463550423.399:58): pid=2272 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:accounting acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' May 18 14:47:03 vm audispd: node=vm type=CRED_ACQ msg=audit(1463550423.403:59): pid=2272 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:setcred acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' May 18 14:47:03 vm audispd: node=vm type=LOGIN msg=audit(1463550423.403:60): pid=2272 uid=0 old-auid=4294967295 auid=20299 old-ses=4294967295 ses=3 res=1 May 18 14:47:03 vm audispd: node=vm type=CONFIG_CHANGE msg=audit(1463550423.403:61): pid=2272 uid=0 auid=20299 ses=3 op=tty_set old-enabled=0 new-enabled=1 old-log_passwd=0 new-log_passwd=32743 res=0 May 18 14:47:03 vm audispd: node=vm type=USER_START msg=audit(1463550423.447:62): pid=2272 uid=0 auid=20299 ses=3 msg='op=PAM:session_open acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=failed' May 18 14:47:03 vm audispd: node=vm type=CRED_ACQ msg=audit(1463550423.447:63): pid=2297 uid=0 auid=20299 ses=3 msg='op=PAM:setcred acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' May 18 14:47:03 vm audispd: node=vm type=CRED_DISP msg=audit(1463550423.451:64): pid=2272 uid=0 auid=20299 ses=3 msg='op=PAM:setcred acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' Thanks regards.
2019-02-28 01:58:44	Eric Desrochers	description	[Impact] * Kernel keystroke auditing via pam_tty_audit.so not working * When Using the pam_tty_audit with other pam modules(ex, pam_ldap), it failed in pam_open_session. It was triggared by use uninitialized variable in pam_tty_audit.c::pam_open_session. [Test Case] 1) Open a shell & escalate to root 2) Update /etc/pam.d/common-session & /etc/pam.d/common-session-noninteractive and add the following line directly after the line: "session required pam_unix.so": "session required pam_tty_audit.so enable=" 3) Start a second new shell session on the box and type a variety of commands 4) Exit the second shell session to flush the buffer? 5) In the root shell run "aureport -tty -i". The output should show the commands run in the other shell. [Regression Potential] Low, we are simply including the missing header files and copy the old status as initialization of new. It's already part of Debian and Disco. [Other Info] # Upstream fix: https://github.com/linux-pam/linux-pam/commit/c5f829931a22c65feffee16570efdae036524bee # git describe --contains c5f829931a22c65feffee16570efdae036524bee Linux-PAM-1_2_0~75 # rmadision pam => pam \| 1.1.8-1ubuntu2.2 \| trusty-updates \| source => pam \| 1.1.8-3.2ubuntu2 \| xenial \| source => pam \| 1.1.8-3.2ubuntu2.1 \| xenial-updates \| source => pam \| 1.1.8-3.6ubuntu2 \| bionic \| source => pam \| 1.1.8-3.6ubuntu2 \| cosmic \| source pam \| 1.3.1-5ubuntu1 \| disco \| source [Original Description] Dear Maintainer. I found a bug in pam_tty_audit. When Using the pam_tty_audit with other pam modules(ex, pam_ldap), it failed in pam_open_session. It was triggared by use uninitialized variable in pam_tty_audit.c::pam_open_session. * Enviroments Ubuntu 14.04.4 LTS linux-image-3.16.0-71-generic 3.16.0-71.92~14.04.1 libpam-ldap:amd64 184-8.5ubuntu3 libpam-modules:amd64 1.1.8-1ubuntu2.2 Ubuntu 16.04.2 TLS linux-image-4.4.0-62-generic 4.4.0-62.83 libpam-ldap:amd64 184-8.7ubuntu1 libpam-modules:amd64 1.1.8-3.2ubuntu2 * Reproduction method 1. Install libpam-ldap. 2. Add the following to the end of /etc/pam.d/common-sessions -------- session required pam_tty_audit.so enable=* open_only -------- 3. When logging in with ssh etc., pam_tty_audit will fail and login fails * Solution (== 2018/04/16 Link updated ==) apply upstream patch https://github.com/linux-pam/linux-pam/commit/c5f829931a22c65feffee16570efdae036524bee * Logs (on Ubuntu14.04) -- auth.log -- May 18 14:47:03 vm sshd[2272]: Accepted publickey for test from 10.99.0.1 port 51398 ssh2: RSA 8f:39:1c:3a:f4:9d:ca:99:67:fc:e3:fd:1e:0c:5b:a8 May 18 14:47:03 vm sshd[2272]: pam_unix(sshd:session): session opened for user test by (uid=0) May 18 14:47:03 vm sshd[2272]: pam_tty_audit(sshd:session): error setting current audit status: Invalid argument May 18 14:47:03 vm sshd[2272]: error: PAM: pam_open_session(): Cannot make/remove an entry for the specified session May 18 14:47:03 vm sshd[2297]: Received disconnect from 10.99.0.1: 11: disconnected by user -- syslog -- May 18 14:47:03 vm audispd: node=vm type=USER_ACCT msg=audit(1463550423.399:58): pid=2272 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:accounting acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' May 18 14:47:03 vm audispd: node=vm type=CRED_ACQ msg=audit(1463550423.403:59): pid=2272 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:setcred acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' May 18 14:47:03 vm audispd: node=vm type=LOGIN msg=audit(1463550423.403:60): pid=2272 uid=0 old-auid=4294967295 auid=20299 old-ses=4294967295 ses=3 res=1 May 18 14:47:03 vm audispd: node=vm type=CONFIG_CHANGE msg=audit(1463550423.403:61): pid=2272 uid=0 auid=20299 ses=3 op=tty_set old-enabled=0 new-enabled=1 old-log_passwd=0 new-log_passwd=32743 res=0 May 18 14:47:03 vm audispd: node=vm type=USER_START msg=audit(1463550423.447:62): pid=2272 uid=0 auid=20299 ses=3 msg='op=PAM:session_open acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=failed' May 18 14:47:03 vm audispd: node=vm type=CRED_ACQ msg=audit(1463550423.447:63): pid=2297 uid=0 auid=20299 ses=3 msg='op=PAM:setcred acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' May 18 14:47:03 vm audispd: node=vm type=CRED_DISP msg=audit(1463550423.451:64): pid=2272 uid=0 auid=20299 ses=3 msg='op=PAM:setcred acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' Thanks regards.	[Impact] * Kernel keystroke auditing via pam_tty_audit.so not working * When Using the pam_tty_audit with other pam modules(ex, pam_ldap), it failed in pam_open_session. It was triggared by use uninitialized variable in pam_tty_audit.c::pam_open_session. [Test Case] 1) Open a shell & escalate to root 2) Update /etc/pam.d/common-session & /etc/pam.d/common-session-noninteractive and add the following line directly after the line: "session required pam_unix.so": "session required pam_tty_audit.so enable=" 3) Start a second new shell session on the box and type a variety of commands 4) Exit the second shell session to flush the buffer? 5) In the root shell run "aureport -tty -i". The output should show the commands run in the other shell. [Regression Potential] Low, we are simply including the missing header file and copy the old status as initialization of new. The fix is already found/part of Debian and Disco. [Other Info] # Upstream fix: https://github.com/linux-pam/linux-pam/commit/c5f829931a22c65feffee16570efdae036524bee # git describe --contains c5f829931a22c65feffee16570efdae036524bee Linux-PAM-1_2_0~75 # rmadision pam => pam \| 1.1.8-1ubuntu2.2 \| trusty-updates \| source => pam \| 1.1.8-3.2ubuntu2 \| xenial \| source => pam \| 1.1.8-3.2ubuntu2.1 \| xenial-updates \| source => pam \| 1.1.8-3.6ubuntu2 \| bionic \| source => pam \| 1.1.8-3.6ubuntu2 \| cosmic \| source pam \| 1.3.1-5ubuntu1 \| disco \| source [Original Description] Dear Maintainer. I found a bug in pam_tty_audit. When Using the pam_tty_audit with other pam modules(ex, pam_ldap), it failed in pam_open_session. It was triggared by use uninitialized variable in pam_tty_audit.c::pam_open_session. * Enviroments Ubuntu 14.04.4 LTS linux-image-3.16.0-71-generic 3.16.0-71.92~14.04.1 libpam-ldap:amd64 184-8.5ubuntu3 libpam-modules:amd64 1.1.8-1ubuntu2.2 Ubuntu 16.04.2 TLS linux-image-4.4.0-62-generic 4.4.0-62.83 libpam-ldap:amd64 184-8.7ubuntu1 libpam-modules:amd64 1.1.8-3.2ubuntu2 * Reproduction method 1. Install libpam-ldap. 2. Add the following to the end of /etc/pam.d/common-sessions -------- session required pam_tty_audit.so enable=* open_only -------- 3. When logging in with ssh etc., pam_tty_audit will fail and login fails * Solution (== 2018/04/16 Link updated ==) apply upstream patch https://github.com/linux-pam/linux-pam/commit/c5f829931a22c65feffee16570efdae036524bee * Logs (on Ubuntu14.04) -- auth.log -- May 18 14:47:03 vm sshd[2272]: Accepted publickey for test from 10.99.0.1 port 51398 ssh2: RSA 8f:39:1c:3a:f4:9d:ca:99:67:fc:e3:fd:1e:0c:5b:a8 May 18 14:47:03 vm sshd[2272]: pam_unix(sshd:session): session opened for user test by (uid=0) May 18 14:47:03 vm sshd[2272]: pam_tty_audit(sshd:session): error setting current audit status: Invalid argument May 18 14:47:03 vm sshd[2272]: error: PAM: pam_open_session(): Cannot make/remove an entry for the specified session May 18 14:47:03 vm sshd[2297]: Received disconnect from 10.99.0.1: 11: disconnected by user -- syslog -- May 18 14:47:03 vm audispd: node=vm type=USER_ACCT msg=audit(1463550423.399:58): pid=2272 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:accounting acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' May 18 14:47:03 vm audispd: node=vm type=CRED_ACQ msg=audit(1463550423.403:59): pid=2272 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:setcred acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' May 18 14:47:03 vm audispd: node=vm type=LOGIN msg=audit(1463550423.403:60): pid=2272 uid=0 old-auid=4294967295 auid=20299 old-ses=4294967295 ses=3 res=1 May 18 14:47:03 vm audispd: node=vm type=CONFIG_CHANGE msg=audit(1463550423.403:61): pid=2272 uid=0 auid=20299 ses=3 op=tty_set old-enabled=0 new-enabled=1 old-log_passwd=0 new-log_passwd=32743 res=0 May 18 14:47:03 vm audispd: node=vm type=USER_START msg=audit(1463550423.447:62): pid=2272 uid=0 auid=20299 ses=3 msg='op=PAM:session_open acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=failed' May 18 14:47:03 vm audispd: node=vm type=CRED_ACQ msg=audit(1463550423.447:63): pid=2297 uid=0 auid=20299 ses=3 msg='op=PAM:setcred acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' May 18 14:47:03 vm audispd: node=vm type=CRED_DISP msg=audit(1463550423.451:64): pid=2272 uid=0 auid=20299 ses=3 msg='op=PAM:setcred acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' Thanks regards.
2019-02-28 13:30:39	Łukasz Zemczak	pam (Ubuntu Cosmic): status	In Progress	Fix Committed
2019-02-28 13:30:42	Łukasz Zemczak	bug			added subscriber Ubuntu Stable Release Updates Team
2019-02-28 13:30:43	Łukasz Zemczak	bug			added subscriber SRU Verification
2019-02-28 13:30:47	Łukasz Zemczak	tags	bionic cosmic disco patch sts trusty xenial	bionic cosmic disco patch sts trusty verification-needed verification-needed-cosmic xenial
2019-02-28 13:32:47	Łukasz Zemczak	pam (Ubuntu Bionic): status	In Progress	Fix Committed
2019-02-28 13:32:51	Łukasz Zemczak	tags	bionic cosmic disco patch sts trusty verification-needed verification-needed-cosmic xenial	bionic cosmic disco patch sts trusty verification-needed verification-needed-bionic verification-needed-cosmic xenial
2019-03-01 01:49:57	Eric Desrochers	tags	bionic cosmic disco patch sts trusty verification-needed verification-needed-bionic verification-needed-cosmic xenial	bionic cosmic disco patch sts trusty verification-done-bionic verification-needed verification-needed-cosmic xenial
2019-03-01 02:45:03	Eric Desrochers	removed subscriber STS Sponsors
2019-03-01 02:45:23	Eric Desrochers	bug			added subscriber Eric Desrochers
2019-03-01 09:59:45	Don van der Haghen	attachment added		xenial-fix-for-lp-1666203-v2.debdiff https://bugs.launchpad.net/ubuntu/+source/pam/+bug/1666203/+attachment/5242562/+files/xenial-fix-for-lp-1666203-v2.debdiff
2019-03-01 10:19:01	Don van der Haghen	tags	bionic cosmic disco patch sts trusty verification-done-bionic verification-needed verification-needed-cosmic xenial	bionic cosmic disco patch sts trusty verification-done-bionic verification-done-cosmic verification-needed xenial
2019-03-05 03:25:55	Eric Desrochers	bug			added subscriber STS Sponsors
2019-03-06 16:17:30	Eric Desrochers	description	[Impact] * Kernel keystroke auditing via pam_tty_audit.so not working * When Using the pam_tty_audit with other pam modules(ex, pam_ldap), it failed in pam_open_session. It was triggared by use uninitialized variable in pam_tty_audit.c::pam_open_session. [Test Case] 1) Open a shell & escalate to root 2) Update /etc/pam.d/common-session & /etc/pam.d/common-session-noninteractive and add the following line directly after the line: "session required pam_unix.so": "session required pam_tty_audit.so enable=" 3) Start a second new shell session on the box and type a variety of commands 4) Exit the second shell session to flush the buffer? 5) In the root shell run "aureport -tty -i". The output should show the commands run in the other shell. [Regression Potential] Low, we are simply including the missing header file and copy the old status as initialization of new. The fix is already found/part of Debian and Disco. [Other Info] # Upstream fix: https://github.com/linux-pam/linux-pam/commit/c5f829931a22c65feffee16570efdae036524bee # git describe --contains c5f829931a22c65feffee16570efdae036524bee Linux-PAM-1_2_0~75 # rmadision pam => pam \| 1.1.8-1ubuntu2.2 \| trusty-updates \| source => pam \| 1.1.8-3.2ubuntu2 \| xenial \| source => pam \| 1.1.8-3.2ubuntu2.1 \| xenial-updates \| source => pam \| 1.1.8-3.6ubuntu2 \| bionic \| source => pam \| 1.1.8-3.6ubuntu2 \| cosmic \| source pam \| 1.3.1-5ubuntu1 \| disco \| source [Original Description] Dear Maintainer. I found a bug in pam_tty_audit. When Using the pam_tty_audit with other pam modules(ex, pam_ldap), it failed in pam_open_session. It was triggared by use uninitialized variable in pam_tty_audit.c::pam_open_session. * Enviroments Ubuntu 14.04.4 LTS linux-image-3.16.0-71-generic 3.16.0-71.92~14.04.1 libpam-ldap:amd64 184-8.5ubuntu3 libpam-modules:amd64 1.1.8-1ubuntu2.2 Ubuntu 16.04.2 TLS linux-image-4.4.0-62-generic 4.4.0-62.83 libpam-ldap:amd64 184-8.7ubuntu1 libpam-modules:amd64 1.1.8-3.2ubuntu2 * Reproduction method 1. Install libpam-ldap. 2. Add the following to the end of /etc/pam.d/common-sessions -------- session required pam_tty_audit.so enable=* open_only -------- 3. When logging in with ssh etc., pam_tty_audit will fail and login fails * Solution (== 2018/04/16 Link updated ==) apply upstream patch https://github.com/linux-pam/linux-pam/commit/c5f829931a22c65feffee16570efdae036524bee * Logs (on Ubuntu14.04) -- auth.log -- May 18 14:47:03 vm sshd[2272]: Accepted publickey for test from 10.99.0.1 port 51398 ssh2: RSA 8f:39:1c:3a:f4:9d:ca:99:67:fc:e3:fd:1e:0c:5b:a8 May 18 14:47:03 vm sshd[2272]: pam_unix(sshd:session): session opened for user test by (uid=0) May 18 14:47:03 vm sshd[2272]: pam_tty_audit(sshd:session): error setting current audit status: Invalid argument May 18 14:47:03 vm sshd[2272]: error: PAM: pam_open_session(): Cannot make/remove an entry for the specified session May 18 14:47:03 vm sshd[2297]: Received disconnect from 10.99.0.1: 11: disconnected by user -- syslog -- May 18 14:47:03 vm audispd: node=vm type=USER_ACCT msg=audit(1463550423.399:58): pid=2272 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:accounting acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' May 18 14:47:03 vm audispd: node=vm type=CRED_ACQ msg=audit(1463550423.403:59): pid=2272 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:setcred acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' May 18 14:47:03 vm audispd: node=vm type=LOGIN msg=audit(1463550423.403:60): pid=2272 uid=0 old-auid=4294967295 auid=20299 old-ses=4294967295 ses=3 res=1 May 18 14:47:03 vm audispd: node=vm type=CONFIG_CHANGE msg=audit(1463550423.403:61): pid=2272 uid=0 auid=20299 ses=3 op=tty_set old-enabled=0 new-enabled=1 old-log_passwd=0 new-log_passwd=32743 res=0 May 18 14:47:03 vm audispd: node=vm type=USER_START msg=audit(1463550423.447:62): pid=2272 uid=0 auid=20299 ses=3 msg='op=PAM:session_open acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=failed' May 18 14:47:03 vm audispd: node=vm type=CRED_ACQ msg=audit(1463550423.447:63): pid=2297 uid=0 auid=20299 ses=3 msg='op=PAM:setcred acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' May 18 14:47:03 vm audispd: node=vm type=CRED_DISP msg=audit(1463550423.451:64): pid=2272 uid=0 auid=20299 ses=3 msg='op=PAM:setcred acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' Thanks regards.	[Impact] * Kernel keystroke auditing via pam_tty_audit.so not working * When Using the pam_tty_audit with other pam modules(ex, pam_ldap), it failed in pam_open_session. It was triggared by use uninitialized variable in pam_tty_audit.c::pam_open_session. [Test Case] 1) Open a shell & escalate to root 2) Update /etc/pam.d/common-session & /etc/pam.d/common-session-noninteractive and add the following line directly after the line: "session required pam_unix.so": "session required pam_tty_audit.so enable=" 3) Start a second new shell session on the box and type a variety of commands 4) Exit the second shell session to flush the buffer? 5) In the root shell run "aureport -tty -i". The output should show the commands run in the other shell. [Regression Potential] Low, we are simply including the missing header file and copy the old status as initialization of new. The fix is already found/part of Debian and Disco. [Pending SRU] All regressions found in Bionic and Cosmic looks like long standing ADT failure. Nothing has been introduce by this particular SRU. [Other Info] # Upstream fix: https://github.com/linux-pam/linux-pam/commit/c5f829931a22c65feffee16570efdae036524bee # git describe --contains c5f829931a22c65feffee16570efdae036524bee Linux-PAM-1_2_0~75 # rmadision pam => pam \| 1.1.8-1ubuntu2.2 \| trusty-updates \| source => pam \| 1.1.8-3.2ubuntu2 \| xenial \| source => pam \| 1.1.8-3.2ubuntu2.1 \| xenial-updates \| source => pam \| 1.1.8-3.6ubuntu2 \| bionic \| source => pam \| 1.1.8-3.6ubuntu2 \| cosmic \| source pam \| 1.3.1-5ubuntu1 \| disco \| source [Original Description] Dear Maintainer. I found a bug in pam_tty_audit. When Using the pam_tty_audit with other pam modules(ex, pam_ldap), it failed in pam_open_session. It was triggared by use uninitialized variable in pam_tty_audit.c::pam_open_session. * Enviroments Ubuntu 14.04.4 LTS linux-image-3.16.0-71-generic 3.16.0-71.92~14.04.1 libpam-ldap:amd64 184-8.5ubuntu3 libpam-modules:amd64 1.1.8-1ubuntu2.2 Ubuntu 16.04.2 TLS linux-image-4.4.0-62-generic 4.4.0-62.83 libpam-ldap:amd64 184-8.7ubuntu1 libpam-modules:amd64 1.1.8-3.2ubuntu2 * Reproduction method 1. Install libpam-ldap. 2. Add the following to the end of /etc/pam.d/common-sessions -------- session required pam_tty_audit.so enable=* open_only -------- 3. When logging in with ssh etc., pam_tty_audit will fail and login fails * Solution (== 2018/04/16 Link updated ==) apply upstream patch https://github.com/linux-pam/linux-pam/commit/c5f829931a22c65feffee16570efdae036524bee * Logs (on Ubuntu14.04) -- auth.log -- May 18 14:47:03 vm sshd[2272]: Accepted publickey for test from 10.99.0.1 port 51398 ssh2: RSA 8f:39:1c:3a:f4:9d:ca:99:67:fc:e3:fd:1e:0c:5b:a8 May 18 14:47:03 vm sshd[2272]: pam_unix(sshd:session): session opened for user test by (uid=0) May 18 14:47:03 vm sshd[2272]: pam_tty_audit(sshd:session): error setting current audit status: Invalid argument May 18 14:47:03 vm sshd[2272]: error: PAM: pam_open_session(): Cannot make/remove an entry for the specified session May 18 14:47:03 vm sshd[2297]: Received disconnect from 10.99.0.1: 11: disconnected by user -- syslog -- May 18 14:47:03 vm audispd: node=vm type=USER_ACCT msg=audit(1463550423.399:58): pid=2272 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:accounting acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' May 18 14:47:03 vm audispd: node=vm type=CRED_ACQ msg=audit(1463550423.403:59): pid=2272 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:setcred acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' May 18 14:47:03 vm audispd: node=vm type=LOGIN msg=audit(1463550423.403:60): pid=2272 uid=0 old-auid=4294967295 auid=20299 old-ses=4294967295 ses=3 res=1 May 18 14:47:03 vm audispd: node=vm type=CONFIG_CHANGE msg=audit(1463550423.403:61): pid=2272 uid=0 auid=20299 ses=3 op=tty_set old-enabled=0 new-enabled=1 old-log_passwd=0 new-log_passwd=32743 res=0 May 18 14:47:03 vm audispd: node=vm type=USER_START msg=audit(1463550423.447:62): pid=2272 uid=0 auid=20299 ses=3 msg='op=PAM:session_open acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=failed' May 18 14:47:03 vm audispd: node=vm type=CRED_ACQ msg=audit(1463550423.447:63): pid=2297 uid=0 auid=20299 ses=3 msg='op=PAM:setcred acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' May 18 14:47:03 vm audispd: node=vm type=CRED_DISP msg=audit(1463550423.451:64): pid=2272 uid=0 auid=20299 ses=3 msg='op=PAM:setcred acct="test" exe="/usr/sbin/sshd" hostname=10.99.0.1 addr=10.99.0.1 terminal=ssh res=success' Thanks regards.
2019-03-07 17:32:23	Launchpad Janitor	pam (Ubuntu Cosmic): status	Fix Committed	Fix Released
2019-03-07 17:32:29	Łukasz Zemczak	removed subscriber Ubuntu Stable Release Updates Team
2019-03-07 17:32:52	Launchpad Janitor	pam (Ubuntu Bionic): status	Fix Committed	Fix Released
2019-03-11 18:57:41	Eric Desrochers	removed subscriber STS Sponsors
2019-04-13 20:20:47	Mathew Hodson	tags	bionic cosmic disco patch sts trusty verification-done-bionic verification-done-cosmic verification-needed xenial	bionic cosmic disco patch sts trusty verification-done-bionic verification-done-cosmic xenial
2019-04-20 19:00:56	Simon Quigley	removed subscriber Ubuntu Sponsors Team
2019-05-01 13:30:16	Robie Basak	pam (Ubuntu Xenial): status	In Progress	Fix Committed
2019-05-01 13:30:19	Robie Basak	bug			added subscriber Ubuntu Stable Release Updates Team
2019-05-01 13:30:25	Robie Basak	tags	bionic cosmic disco patch sts trusty verification-done-bionic verification-done-cosmic xenial	bionic cosmic disco patch sts trusty verification-done-bionic verification-done-cosmic verification-needed verification-needed-xenial xenial
2020-07-28 17:51:36	Brian Murray	bug			added subscriber Brian Murray
2020-09-30 21:11:53	Steve Langasek	tags	bionic cosmic disco patch sts trusty verification-done-bionic verification-done-cosmic verification-needed verification-needed-xenial xenial	bionic cosmic disco patch sts trusty verification-done-bionic verification-done-cosmic verification-needed xenial
2020-09-30 21:11:55	Steve Langasek	pam (Ubuntu Xenial): status	Fix Committed	Won't Fix
2020-09-30 21:12:02	Steve Langasek	removed subscriber Ubuntu Stable Release Updates Team
2020-09-30 23:34:33	Michael Hudson-Doyle	pam (Ubuntu Xenial): status	Won't Fix	In Progress
2020-09-30 23:34:36	Michael Hudson-Doyle	pam (Ubuntu Xenial): assignee	Don van der Haghen (donvdh)	Michael Hudson-Doyle (mwhudson)
2020-10-01 00:14:25	Tim Thompson	removed subscriber Tim Thompson
2020-10-01 00:32:41	Brian Murray	pam (Ubuntu Xenial): status	In Progress	Fix Committed
2020-10-01 00:32:44	Brian Murray	bug			added subscriber Ubuntu Stable Release Updates Team
2020-10-01 00:32:52	Brian Murray	tags	bionic cosmic disco patch sts trusty verification-done-bionic verification-done-cosmic verification-needed xenial	bionic cosmic disco patch sts trusty verification-done-bionic verification-done-cosmic verification-needed verification-needed-xenial xenial
2020-10-01 08:21:59	Michael Hudson-Doyle	tags	bionic cosmic disco patch sts trusty verification-done-bionic verification-done-cosmic verification-needed verification-needed-xenial xenial	bionic cosmic disco patch sts trusty verification-done-bionic verification-done-cosmic verification-done-xenial xenial
2020-10-12 13:17:34	Launchpad Janitor	pam (Ubuntu Xenial): status	Fix Committed	Fix Released

Ubuntupam package

Activity log for bug #1666203

Ubuntu
pam package