Arch Linux

Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines

Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!
Tasklist

FS#33836 - [openssh,pam] ssh login shows motd twice

Attached to Project: Arch Linux
Opened by Sunjin Yang (lethean) - Wednesday, 13 February 2013, 05:27 GMT
Last edited by Gaetan Bisson (vesath) - Thursday, 14 February 2013, 04:58 GMT
Task Type Bug Report
Category Packages: Extra
Status Closed
Assigned To Gaetan Bisson (vesath)
Dave Reisner (falconindy)
Architecture All
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

Description: /etc/motd file is shown twice when a user login to ssh server.


Additional info:
* openssh 6.1p1-5

Steps to reproduce:

I think that fixing  FS#33696  causes this symptom, because 'PrintMotd yes' option in '/etc/ssh/sshd_config' does the same work which is already done by 'pam_motd.so' in '/etc/pam.d/system-login'. So, one of the option must be disabled or another solution is required.
This task depends upon

Closed by  Gaetan Bisson (vesath)
Thursday, 14 February 2013, 04:58 GMT
Reason for closing:  Fixed
Additional comments about closing:  openssh-6.1p1-6 in [testing]
Comment by Gaetan Bisson (vesath) - Wednesday, 13 February 2013, 06:43 GMT
I lean towards fixing this within /etc/pam.d/.

Dave: Is there anything but openssh that uses /etc/pam.d/system-remote-login? For now, /etc/pam.d/sshd, /etc/pam.d/system-remote-login, and /etc/pam.d/system-login all do exactly the same thing. Would it make sense to copy the session part of system-login into sshd except for its motd bit? Do you see a cleaner solution?
Comment by Dave Reisner (falconindy) - Wednesday, 13 February 2013, 20:08 GMT
openssh is the only user of system-remote-login right now, afaik. I think your solution makes sense if we didn't want to copy the session block all the way back to ssh itself. Consider that other (future) users of the remote login stack may not offer the same /etc/motd control that ssh does. I guess those could intentionally add pam_motd to their stack if desired.
Comment by Gaetan Bisson (vesath) - Thursday, 14 February 2013, 04:57 GMT
Thanks Dave. In fact I just changed my mind: it's easier for me to remove PrintMotd from the default sshd_config and leave the pam.d mess to you. :)

Loading...