hellresistor
commented
4 years ago Resolved :) my bad
Closed hellresistor closed 4 years ago
hellresistor
commented
4 years ago Resolved :) my bad
cypherbits
commented
4 years ago Resolved :) my bad
Hello, how did you resolve the problem? @hellresistor
hellresistor
commented
4 years ago https://gist.github.com/hellresistor/e5a6d9cc3a138ac70603b6fdda7ea588
Find this order!
echo "auth [success=3 default=ignore] pam_unix.so nullok_secure
auth [success=2 default=ignore] pam_duress.so disallow
auth sufficient pam_duress.so
auth requisite pam_deny.so
auth required pam_permit.so" | sudo tee -a /etc/pam.d/common-authWow and check @Lqp1 PullRequest/repository
cypherbits
commented
4 years ago Sorry @hellresistor , not working for me. Even using your full script.
How did you resolve PAM unable to resolve symbol: pam_sm_setcred ?
hellresistor
commented
4 years ago What OS are you using? i have used from @Lqp1 Fork ! (Check pull requests). I have tested on ubuntu 18
cypherbits
commented
4 years ago @hellresistor , Trying on Ubuntu 20.04. @Lqp1 fork not working ...
Actually I think one of the problems is:
snprintf(dpath, sizeof dpath, "/tmp/action.XXXXX.%s", user);
ofd = mkstemps(dpath, strlen(user) + 1);Since official documentation says it should be 6, not 5 in length: "XXXXXX". I changed this part of code and one errores is gone.
hellresistor
commented
4 years ago Continue the saga here .. https://github.com/rafket/pam_duress/issues/16 ^^
hellresistor
commented
4 years ago i am with "opened mouth" :| not working :|
Hi Guys. I have installed but seems not work. I am using Debian 10 (buster) Server (no-GUI)
The /etc/pam.d/common-auth
The command to adduser was, Return no error:
sudo pam_duress_adduser tester yougone /home/tester/pam_duress/examples/delete-all.shauth.log
Feb 22 14:11:01 tester systemd-logind[1019]: New seat seat0. Feb 22 14:11:01 tester systemd-logind[1019]: Watching system buttons on /dev/input/event0 (Power Button) Feb 22 14:11:01 tester systemd-logind[1019]: Watching system buttons on /dev/input/event1 (AT Translated Set 2 keyboard) Feb 22 14:11:02 tester sshd[1210]: PAM unable to resolve symbol: pam_sm_setcred Feb 22 14:11:02 tester sshd[1210]: message repeated 3 times: [ PAM unable to resolve symbol: pam_sm_setcred] Feb 22 14:11:02 tester sshd[1210]: Please use exactly one argument with pam_duress.c, not 0 Feb 22 14:11:02 tester sshd[1210]: Accepted password for root from 192.168.1.102 port 8074 ssh2 Feb 22 14:11:02 tester sshd[1210]: pam_unix(sshd:session): session opened for user root by (uid=0) Feb 22 14:11:02 tester systemd-logind[1019]: New session 1 of user root. Feb 22 14:11:02 tester systemd: PAM unable to resolve symbol: pam_sm_setcred Feb 22 14:11:02 tester systemd: PAM unable to resolve symbol: pam_sm_setcred Feb 22 14:11:02 tester systemd: pam_unix(systemd-user:session): session opened for user root by (uid=0) ##################### NEW REBOOT ######################### Feb 22 14:16:34 tester sshd[1587]: PAM unable to resolve symbol: pam_sm_setcred Feb 22 14:16:34 tester sshd[1587]: message repeated 3 times: [ PAM unable to resolve symbol: pam_sm_setcred] Feb 22 14:16:34 tester sshd[1587]: Please use exactly one argument with pam_duress.c, not 0 Feb 22 14:16:34 tester sshd[1587]: Accepted password for root from 192.168.1.102 port 8125 ssh2 Feb 22 14:16:34 tester sshd[1587]: pam_unix(sshd:session): session opened for user root by (uid=0) Feb 22 14:16:34 tester systemd-logind[1019]: New session 4 of user root. Feb 22 14:16:39 tester sshd[1518]: Exiting on signal 15 Feb 22 14:16:49 tester sshd[1032]: Server listening on 0.0.0.0 port 22. Feb 22 14:16:49 tester systemd-logind[990]: New seat seat0. Feb 22 14:16:49 tester systemd-logind[990]: Watching system buttons on /dev/input/event0 (Power Button) Feb 22 14:16:49 tester systemd-logind[990]: Watching system buttons on /dev/input/event1 (AT Translated Set 2 keyboard) Feb 22 14:16:49 tester sshd[1090]: PAM unable to resolve symbol: pam_sm_setcred Feb 22 14:16:49 tester sshd[1090]: message repeated 3 times: [ PAM unable to resolve symbol: pam_sm_setcred] Feb 22 14:16:49 tester sshd[1090]: Please use exactly one argument with pam_duress.c, not 0 Feb 22 14:16:49 tester sshd[1090]: Accepted password for root from 192.168.1.102 port 8126 ssh2 Feb 22 14:16:49 tester sshd[1090]: pam_unix(sshd:session): session opened for user root by (uid=0) Feb 22 14:16:50 tester systemd-logind[990]: New session 1 of user root. Feb 22 14:16:50 tester systemd: PAM unable to resolve symbol: pam_sm_setcred Feb 22 14:16:50 tester systemd: PAM unable to resolve symbol: pam_sm_setcred Feb 22 14:16:50 tester systemd: pam_unix(systemd-user:session): session opened for user root by (uid=0) Feb 22 14:17:01 tester CRON[1467]: PAM unable to resolve symbol: pam_sm_setcred Feb 22 14:17:01 tester CRON[1467]: message repeated 3 times: [ PAM unable to resolve symbol: pam_sm_setcred] Feb 22 14:17:01 tester CRON[1467]: pam_unix(cron:session): session opened for user root by (uid=0) Feb 22 14:17:01 tester CRON[1467]: pam_unix(cron:session): session closed for user rootOn console try do Duress password and get on auth.log:
Feb 22 14:19:05 tester login[1124]: PAM unable to resolve symbol: pam_sm_setcred Feb 22 14:19:05 tester login[1124]: message repeated 3 times: [ PAM unable to resolve symbol: pam_sm_setcred] Feb 22 14:19:11 tester login[1124]: pam_unix(login:auth): authentication failure; logname=LOGIN uid=0 euid=0 tty=/dev/tty1 ruser= rhost= user=tester Feb 22 14:19:11 tester login[1124]: mkstemps failed for /tmp/action.XXXXX.tester: Invalid argument Feb 22 14:19:14 tester login[1124]: FAILED LOGIN (1) on '/dev/tty1' FOR 'tester', Authentication failureAre I am missing some configuration? I have read on issues someone has put working on Debian Buster.
Thank you and good work!
Update: I have tried change line position. This Accept 2 passwords. But dont run the script :(
When put the PAnic Password get zombie proccess