Bug 1144051 - Please add "pam_keyinit.so" to the /etc/pam.d/mrsh and /etc/pam.d/mrlogin configuration files
Please add "pam_keyinit.so" to the /etc/pam.d/mrsh and /etc/pam.d/mrlogin con...
Status: RESOLVED FIXED
Classification: openSUSE
Product: openSUSE Tumbleweed
Classification: openSUSE
Component: Basesystem
Current
All openSUSE Factory
: P5 - None : Normal (vote)
: Current
Assigned To: Egbert Eich
E-mail List
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2019-08-02 15:00 UTC by Josef Möllers
Modified: 2020-05-28 22:16 UTC (History)
2 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---
eich: needinfo? (josef.moellers)


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Josef Möllers 2019-08-02 15:00:36 UTC
In the near future, the use of kernel keyrings will be enabled by systemd.
To fully support this feature, the mrsh package must include the pam_keyinit.so
module in its /etc/pam.d/mrsh and /etc/pam.d/mrlogin configuration files.
Please add this module to the /etc/pam.d/mrsh and /etc/pam.d/mrlogin configuration files with the appropriate parameters:
session optional pam_keyinit.so revoke [force]
Thanks.
Comment 1 Egbert Eich 2019-08-05 06:36:21 UTC
You've opened this for SLE-15 - this product has been released already.
Are you saying this feature gets added to a released product?
Can you point me to the ECO describing possible side effects as well as
risk and risk mitigation?
Comment 2 Josef Möllers 2019-08-05 07:24:43 UTC
(In reply to Egbert Eich from comment #1)
> You've opened this for SLE-15 - this product has been released already.
> Are you saying this feature gets added to a released product?
> Can you point me to the ECO describing possible side effects as well as
> risk and risk mitigation?

Please add it to factory for future releases.
I couldn't find the appropriate release.
Comment 3 Josef Möllers 2019-08-05 07:31:12 UTC
(In reply to Josef Möllers from comment #2)
> (In reply to Egbert Eich from comment #1)
> > You've opened this for SLE-15 - this product has been released already.
> > Are you saying this feature gets added to a released product?
> > Can you point me to the ECO describing possible side effects as well as
> > risk and risk mitigation?
> 
> Please add it to factory for future releases.
> I couldn't find the appropriate release.


Changesd the target to openSUSE factory.
Comment 4 Josef Möllers 2019-08-15 07:47:33 UTC
Changed codestream to TW where it belongs.
Comment 5 Josef Möllers 2019-10-08 06:31:54 UTC
ping!
Any progress?
Comment 6 Josef Möllers 2019-12-05 14:04:16 UTC
Since the product is not SLE-15 any more, is there any progress?
The systemd folks want to enable keyrings.
Comment 7 Egbert Eich 2019-12-05 17:48:43 UTC
Done. SR#754486
Comment 9 Swamp Workflow Management 2019-12-05 18:20:06 UTC
This is an autogenerated message for OBS integration:
This bug (1144051) was mentioned in
https://build.opensuse.org/request/show/754486 Factory / mrsh
Comment 11 Egbert Eich 2019-12-06 11:17:09 UTC
Ok, thanks!
Comment 16 Swamp Workflow Management 2020-05-12 19:15:46 UTC
SUSE-RU-2020:1259-1: An update that has one recommended fix can now be installed.

Category: recommended (moderate)
Bug References: 1144051
CVE References: 
Sources used:
SUSE Linux Enterprise Module for HPC 12 (src):    mrsh-2.12-6.3.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 17 Swamp Workflow Management 2020-05-25 16:13:47 UTC
SUSE-RU-2020:1402-1: An update that has one recommended fix can now be installed.

Category: recommended (moderate)
Bug References: 1144051
CVE References: 
Sources used:
SUSE Linux Enterprise Module for HPC 15-SP1 (src):    mrsh-2.12-4.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 18 Swamp Workflow Management 2020-05-28 22:16:00 UTC
openSUSE-RU-2020:0729-1: An update that has one recommended fix can now be installed.

Category: recommended (moderate)
Bug References: 1144051
CVE References: 
Sources used:
openSUSE Leap 15.1 (src):    mrsh-2.12-lp151.4.3.1