Bug 244844 - Cron does not support PAM sessions
Summary: Cron does not support PAM sessions
Status: New
Alias: None
Product: Base System
Classification: Unclassified
Component: bin (show other bugs)
Version: 12.1-STABLE
Hardware: Any Any
: --- Affects Only Me
Assignee: freebsd-bugs (Nobody)
Depends on:
Reported: 2020-03-16 11:37 UTC by Kevin Lyda
Modified: 2020-03-16 11:37 UTC (History)
0 users

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description Kevin Lyda 2020-03-16 11:37:43 UTC
Some distributions of Linux have configured and activated pam_env[0] from the LinuxPAM project. The OpenPAM project lacks this module but it's easy enough to write.  It sets environment variables for an authenticated session from a file named /etc/environment by default.

A similar module for OpenPAM works just fine for ssh and several other cases, but not for cron.  Checking the diff between do_command.c in FreeBSD cron[1] and the current Vixie cron[2], it's clear that the pam_open_session and pam_close_session calls are missing in FreeBSD cron.

Would there be any interest in patches to fix this?

[0] http://www.linux-pam.org/Linux-PAM-html/sag-pam_env.html
[1] https://github.com/freebsd/freebsd/blob/master/usr.sbin/cron/cron/do_command.c
[2] https://github.com/svagner/vixie-cron/blob/master/do_command.c