I’m trying to create a pam module to be used for authorization with SSH.
Unfortunately every goroutine does not start within the PAM module, if it was used within SSH flow. It does indeed work with pamtester
without any issues.
Here is the code:
package main
/*
#include <security/pam_modules.h>
typedef const char cchar_t;
*/
import "C"
import (
"log"
"time"
)
func main() {}
//export pam_sm_authenticate
func pam_sm_authenticate(pamh *C.pam_handle_t, flags C.int, argc C.int, argv **C.cchar_t) C.int {
log.Printf("golib.so: before start goroutine")
go func() {
// This will not happen and the whole program will hang from
// here on...
log.Printf("golib.so: something out of the goroutine")
}()
log.Printf("golib.so: after start goroutine")
return C.PAM_SUCCESS
}
//export pam_sm_setcred
func pam_sm_setcred(pamh *C.pam_handle_t, flags C.int, argc C.int, argv **C.cchar_t) C.int {
return C.PAM_IGNORE
}
Environment
- OS: Ubuntu 22.04.4 LTS
- SSH: OpenSSH_8.9p1 Ubuntu-3ubuntu0.10, OpenSSL 3.0.2 15 Mar 2022
- Go: go version go1.22.5 linux/amd64
- pemtester: 0.1.2
Similar issues
- golang/go#57394
- golang/go#15538
- golang/go#15556
So far non of those tickets helped me to solve the issue.
My main problem is not that I even intent to use goroutines but if I’m using http.Client
goroutines are everywhere.
BTW: Do not focus that much on what is happening inside of the methods. The goroutine does not even start. Not even golib.so: goroutine begin
will be visible.
So: I’m happy for proposals to make the goroutines in the context of a PAM modules within SSH work or to do HTTP requests without goroutines.
Thanks for your support!