Bug 1144056 - Please add "pam_keyinit.so" to the /etc/pam.d/proftpd configuration file
Please add "pam_keyinit.so" to the /etc/pam.d/proftpd configuration file
Status: RESOLVED FIXED
Classification: openSUSE
Product: openSUSE Tumbleweed
Classification: openSUSE
Component: Basesystem
Current
All openSUSE Factory
: P5 - None : Normal (vote)
: Current
Assigned To: Josef Möllers
E-mail List
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2019-08-02 15:10 UTC by Josef Möllers
Modified: 2020-01-13 20:12 UTC (History)
3 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Josef Möllers 2019-08-02 15:10:40 UTC
In the near future, the use of kernel keyrings will be enabled by systemd.
To fully support this feature, the proftpd package must include the pam_keyinit.so
module in its /etc/pam.d/proftpd configuration file.
Please add this module to the /etc/pam.d/proftpd configuration file with the
appropriate parameters:
session optional pam_keyinit.so revoke [force]
Thanks.
Comment 1 Josef Möllers 2019-08-15 07:49:45 UTC
Changed codestream to TW where it belongs.
Comment 2 Bernhard Wiedemann 2019-10-02 15:04:46 UTC
like this?
https://build.opensuse.org/request/show/734642
Comment 3 Josef Möllers 2019-10-08 06:28:23 UTC
(In reply to Bernhard Wiedemann from comment #2)
> like this?
> https://build.opensuse.org/request/show/734642

I'm sorry ... I lost track of this:
I'd add "force" as ftp will cahnge from "root" to the user that wants to download files. That user might need access to his(her keys, so a new keyring MUST be built (possibly linking to existing keyrings of that user).
Comment 4 Josef Möllers 2019-12-12 14:40:02 UTC
See https://build.opensuse.org/request/show/734642
Comment 5 Swamp Workflow Management 2019-12-29 23:40:42 UTC
This is an autogenerated message for OBS integration:
This bug (1144056) was mentioned in
https://build.opensuse.org/request/show/759945 15.1+Backports:SLE-15+Backports:SLE-15-SP1 / proftpd
Comment 6 Swamp Workflow Management 2020-01-13 20:12:01 UTC
openSUSE-SU-2020:0031-1: An update that solves 5 vulnerabilities and has two fixes is now available.

Category: security (moderate)
Bug References: 1113041,1144056,1154600,1155834,1156210,1157798,1157803
CVE References: CVE-2017-7418,CVE-2019-12815,CVE-2019-18217,CVE-2019-19269,CVE-2019-19270
Sources used:
openSUSE Leap 15.1 (src):    proftpd-1.3.6b-lp151.3.6.1
openSUSE Backports SLE-15-SP1 (src):    proftpd-1.3.6b-bp151.4.6.2
openSUSE Backports SLE-15 (src):    proftpd-1.3.6b-bp150.3.6.1