Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-20571

pam_auth_v2 still doesn't work in 10.4.8

    Details

      Description

      Per https://mariadb.com/kb/en/library/authentication-plugin-pam/

      modified to echo the password

      tee /tmp/pam_log_script.sh <<EOF
      #!/bin/bash
      PASS=$(cat -)
      echo $PASS
      echo "\${PAM_SERVICE}:\${PAM_TYPE} - \${PAM_RUSER}@\${PAM_RHOST} is authenticating as \${PAM_USER}" 
      EOF
      chmod 0775 /tmp/pam_log_script.sh
      

      Added the following into /etc/pam.d/mysql so it will send password too

      auth optional pam_exec.so debug expose_authtok log=/tmp/pam_output.txt /tmp/pam_log_script.sh
      

      V1 test:

      INSTALL SONAME 'auth_pam_v1'
      <authenticate from PHP with mysqli_connect("mariadb-alpine", "test_account", "uGBXHxID3dJRALw2", "test_account")>
      # cat /tmp/pam_output.txt
      *** Thu Sep 12 13:16:11 2019
      /tmp/pam_log_script.sh: line 2: warning: command substitution: ignored null byte in input
      uGBXHxID3dJRALw2
      mysql:auth - @ is authenticating as test_account
      

      V2 test:

      UNINSTALL SONAME 'auth_pam_v1'
      INSTALL SONAME 'auth_pam'
      <authenticate from PHP with mysqli_connect("mariadb-alpine", "test_account", "uGBXHxID3dJRALw2", "test_account")>
      # cat /tmp/pam_output.txt
      *** Thu Sep 12 13:16:35 2019
      /tmp/pam_log_script.sh: line 2: warning: command substitution: ignored null byte in input
      uGBXHxID3dJRALw  <<<< LAST CHARACTER MISSING
      mysql:auth - @ is authenticating as test_account
      

      Auth fails ofc. Where did the last character from the password go?

      Please fix. Thanks

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                serg Sergei Golubchik
                Reporter:
                laca Laszlo Soos
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: