244844 – Cron does not support PAM sessions

Bug 244844 - Cron does not support PAM sessions

Summary: Cron does not support PAM sessions

Status:	New

Alias:	None

Product:	Base System
Classification:	Unclassified
Component:	bin (show other bugs)
Version:	12.1-STABLE
Hardware:	Any Any

Importance:	--- Affects Only Me
Assignee:	freebsd-bugs (Nobody)

URL:
Keywords:

Depends on:
Blocks:

Reported:	2020-03-16 11:37 UTC by Kevin Lyda
Modified:	2020-03-16 11:37 UTC (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Kevin Lyda 2020-03-16 11:37:43 UTC

Some distributions of Linux have configured and activated pam_env[0] from the LinuxPAM project. The OpenPAM project lacks this module but it's easy enough to write.  It sets environment variables for an authenticated session from a file named /etc/environment by default.

A similar module for OpenPAM works just fine for ssh and several other cases, but not for cron.  Checking the diff between do_command.c in FreeBSD cron[1] and the current Vixie cron[2], it's clear that the pam_open_session and pam_close_session calls are missing in FreeBSD cron.

Would there be any interest in patches to fix this?

[0] http://www.linux-pam.org/Linux-PAM-html/sag-pam_env.html
[1] https://github.com/freebsd/freebsd/blob/master/usr.sbin/cron/cron/do_command.c
[2] https://github.com/svagner/vixie-cron/blob/master/do_command.c