Bugzilla – Bug 1144056
Please add "pam_keyinit.so" to the /etc/pam.d/proftpd configuration file
Last modified: 2020-01-13 20:12:01 UTC
In the near future, the use of kernel keyrings will be enabled by systemd.
To fully support this feature, the proftpd package must include the pam_keyinit.so
module in its /etc/pam.d/proftpd configuration file.
Please add this module to the /etc/pam.d/proftpd configuration file with the
session optional pam_keyinit.so revoke [force]
Changed codestream to TW where it belongs.
(In reply to Bernhard Wiedemann from comment #2)
> like this?
I'm sorry ... I lost track of this:
I'd add "force" as ftp will cahnge from "root" to the user that wants to download files. That user might need access to his(her keys, so a new keyring MUST be built (possibly linking to existing keyrings of that user).
This is an autogenerated message for OBS integration:
This bug (1144056) was mentioned in
https://build.opensuse.org/request/show/759945 15.1+Backports:SLE-15+Backports:SLE-15-SP1 / proftpd
openSUSE-SU-2020:0031-1: An update that solves 5 vulnerabilities and has two fixes is now available.
Category: security (moderate)
Bug References: 1113041,1144056,1154600,1155834,1156210,1157798,1157803
CVE References: CVE-2017-7418,CVE-2019-12815,CVE-2019-18217,CVE-2019-19269,CVE-2019-19270
openSUSE Leap 15.1 (src): proftpd-1.3.6b-lp220.127.116.11
openSUSE Backports SLE-15-SP1 (src): proftpd-1.3.6b-bp18.104.22.168
openSUSE Backports SLE-15 (src): proftpd-1.3.6b-bp22.214.171.124