Our products use CentOS 6.5 and we would like to deploy them with custom openssh RPMs. I have downloaded the sources from http://athena.caslab.queensu.ca/pub/OpenBSD/OpenSSH/portable and built the RPMs, but the PAM configuration file is wrong after installation.
When I install the default openssh-5.3p1 RPMs from the CentOS 6.5 repository, the configuration looks like this:
> cat /etc/pam.d/sshd
#%PAM-1.0
auth required pam_sepermit.so
auth include password-auth
account required pam_nologin.so
account include password-auth
password include password-auth
# pam_selinux.so close should be the first session rule
session required pam_selinux.so close
session required pam_loginuid.so
# pam_selinux.so open should only be followed by sessions to be executed in the
user context
session required pam_selinux.so open env_params
session optional pam_keyinit.so force revoke
session include password-auth
However, when I rebuild this exact RPM from the source and install it, I get the following:
> cat /etc/pam.d/sshd
#%PAM-1.0
auth required pam_stack.so service=system-auth
account required pam_nologin.so
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth
session required pam_stack.so service=system-auth
I was wondering if there are any build logs that would show how the openssh RPMs were built from the source for CentOS 6.5. Perhaps there is some type of configuration I am missing that would ensure that I get the same PAM configuration.
Thanks!
