Hello,
I am using the latest Ngircd on an Ubuntu 64 bit vps.
I am trying to setup Ngircd with PAM.
I've read the documentation for PAM here:
http://ngircd.barton.de/doc/PAM.txt but I am having a few questions and
issues:
- I've set up /etc/pam.d/ngircd as follows:
#%PAM-1.0
auth required pam_userdb.so db=/etc/ngircd/ngircd-vuser.db
account required pam_userdb.so db=/etc/ngircd/ngircd-vuser.db
session required pam_loginuid.so
Ngircd is running under the user irc but I am not sure if the user has
permissions to use this pam file as specified in the PAM.txt file?
- I see the following message in /var/log/syslog:
==> /var/log/auth.log <==
Aug 23 10:41:12 mail ngircd[8733]: PAM _pam_init_handlers: could not
open /etc/pam.conf
Aug 23 10:41:12 mail ngircd[8733]: PAM pam_start: failed to initialize
handlers
==> /var/log/syslog <==
Aug 23 10:41:12 mail ngircd[8733]: PAM: Failed to create authenticator! (26)
Why is it looking in the empty file /etc/pam.conf and not
/etc/pam.d/ngircd ?
My relevant config sniplet:
# Use PAM if ngIRCd has been compiled with support for it.
PAM = yes
PAMIsOptional = no
Can I force Ngircd to look for /etc/pam.d/ngricd (world readable) ?
I am using this berkley vuser setup the same way with vsftpd.
Regards,
Michiel
Hello!
A severe bug in ngIRCd 18 up to and including 20.2 has been discovered which
will crash the daemon (denial of service) and can happen when the daemon fails
to send the optional "notice auth" message to new clients connecting to the
server (CVE-2013-5580).
So here it is, our next release: ngIRCd 20.3.
Please note that only setups having the configuration option "NoticeAuth"
enabled are affected, which is not the default.
The only change in ngIRCd 20.3 is the fix for the above bug, all installations
should upgrade.
But please stay tuned, ngIRCd 21 including new features like SSL fingerprints,
and include directory for configuration files, better systemd(8) support etc.
is the the works, too, and I hope that we can soon release a beta version for
testing. I'll keep you informed!
Changes in ngIRCd 20.3:
• Security: Fix a denial of service bug (server crash) which could happen
when the configuration option "NoticeAuth" is enabled (which is NOT the
default) and ngIRCd failed to send the "notice auth" messages to new
clients connecting to the server (CVE-2013-5580).
More information can be found on the homepage <http://ngircd.barton.de/>
and its mirror <http://ngircd.berlios.de/>.
The primary download locations are:
• <ftp://ftp.berlios.de/pub/ngircd/>
• <http://ngircd.barton.de/pub/ngircd/>
Regards
Alex
