Skip to content

[v15] Restore interactive PAM authentication#49520

Merged
rosstimothy merged 1 commit intobranch/v15from
tross/backport-49487/v15
Nov 27, 2024
Merged

[v15] Restore interactive PAM authentication#49520
rosstimothy merged 1 commit intobranch/v15from
tross/backport-49487/v15

Conversation

@rosstimothy
Copy link
Copy Markdown
Contributor

Backport #49487 to branch/v15

Changelog: Restore interactive PAM authentication functionality when use_pam_auth is applied.

#29279 caused PAM to
deadlock when performing interactive authentication. To restore
the previous semblance of functional PAM, this reverts waiting
for PAM to be complete if BPF is disabled. #29279 was specifically
added to prevent systemd, which may be invoked via a PAM module,
from moving the exec subprocess to a different cgroup. Since
cgroups are not used outside of Enhanced Session Recording this
is a stop-gap measure that can allow mose users of PAM to get an
immediate restoration of behavior while a more long term and sane
approach to performing PAM during the SSH handshake can be
considered, evaluated, and tested.

Closes #49028.
@aws-amplify-us-west-2
Copy link
Copy Markdown

This pull request is automatically being deployed by Amplify Hosting (learn more).

Access this pull request here: https://pr-49520.d1v2yqnl3ruxch.amplifyapp.com

@rosstimothy rosstimothy added this pull request to the merge queue Nov 27, 2024
Merged via the queue into branch/v15 with commit 8ea8eb9 Nov 27, 2024
@rosstimothy rosstimothy deleted the tross/backport-49487/v15 branch November 27, 2024 20:58
@camscale camscale mentioned this pull request Dec 6, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants