debcrafters-packages team mailing list archive

Thread
Date

[Bug 2068729] Re: pam_radius_auth: Failed to open RADIUS IPv6 socket: Address family not supported by protocol

To: debcrafters-packages@xxxxxxxxxxxxxxxxxxx
From: jerry bonner <2068729@xxxxxxxxxxxxxxxxxx>
Date: Wed, 04 Jun 2025 19:05:29 -0000
Reply-to: Bug 2068729 <2068729@xxxxxxxxxxxxxxxxxx>
Sender: noreply@xxxxxxxxxxxxx

> Now, what I found is that this crash is unrelated to this bug. You can
reproduce it using the version of > libpam-radius-auth that's currently
in the archive on Noble *and* Oracular. Plucky has a newer version of >
the package, which I haven't tested.

https://github.com/FreeRADIUS/pam_radius/commit/8d373539bb9f13b0abfe8bcae0095a930a00fad0

This is the commit that fixes this issue. Notice that it is applied the
the 3.0 branch. This version isn't available until plucky. Since both
noble and oracular are still using the 2.0 branch, it would follow this
issue would affect both.

> I believe this crash deserves its own separate bug report, and should
probably be fixed before addressing this particular bug.

I disagree this is a separate bug.

-- 
You received this bug notification because you are a member of
Debcrafters packages, which is subscribed to shadow in Ubuntu.
https://bugs.launchpad.net/bugs/2068729

Title:
  pam_radius_auth: Failed to open RADIUS IPv6 socket: Address family not
  supported by protocol

Status in libpam-radius-auth package in Ubuntu:
  Triaged
Status in shadow package in Ubuntu:
  Confirmed

Bug description:
  New and fully updated 24.04 LTS with disabled IPv6 (The CISA secure
  config states that IPv6 is to be disabled unless it's in use).

  lsb_release -rd:
  No LSB modules are available.
  Description:    Ubuntu 24.04 LTS
  Release:        24.04

  apt-cache policy libpam-radius-auth
  libpam-radius-auth:
    Installed: 2.0.1-1
    Candidate: 2.0.1-1
    Version table:
   *** 2.0.1-1 500
          500 http://au.archive.ubuntu.com/ubuntu noble/universe amd64 Packages
          100 /var/lib/dpkg/status

  What you expected to happen:
  Based on https://github.com/FreeRADIUS/pam_radius/blob/master/src/pam_radius_auth.c, the pam_radius_auth module must support ipv6 and ipv4 options.

  /etc/pam.d/sshd:
  auth       sufficient   pam_radius_auth.so  conf=/etc/pam_radius_auth.conf retry=3 ipv4=yes ipv6=no debug

  What happened instead:
  2024-06-07T22:07:57.499460+10:00 ubuntu sshd[584305]: pam_radius_auth: 2.0.1, built on Aug 19 2023 at 14:08:42
  2024-06-07T22:07:57.499672+10:00 ubuntu sshd[584305]: pam_radius_auth: unrecognized option 'ipv4=yes'
  2024-06-07T22:07:57.499880+10:00 ubuntu sshd[584305]: pam_radius_auth: unrecognized option 'ipv6=no'
  2024-06-07T22:07:57.500051+10:00 ubuntu sshd[584305]: pam_radius_auth: DEBUG: conf_file='/etc/pam_radius_auth.conf' use_first_pass=no try_first_pass=no skip_passwd=no retry=3 localifdown=no client_id='' accounting_bug=no ruser=no prompt='Password: ' force_prompt=no prompt_attribute=no max_challenge=0 privilege_level=no
  2024-06-07T22:07:57.500279+10:00 ubuntu sshd[584305]: pam_radius_auth: Got user name: 'test'
  2024-06-07T22:07:57.502892+10:00 ubuntu sshd[584305]: pam_radius_auth: Failed to open RADIUS IPv6 socket: Address family not supported by protocol

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libpam-radius-auth/+bug/2068729/+subscriptions