duo_unix
duo_unix copied to clipboard
duosecurity
Wrong path for duo configuration file in duo_unix-2.0.3
After building duo_unix-2.0.3 from source, I find that the duo configuration file is not being used. Probing further into the logs, i see the following error Couldn't open /etc/pam_duo.conf: No such file or directory This is of course true as the duo configuration path is supposed to be located in /etc/duo/pam_duo.conf
Description
Duo's configuration file is located in /etc/duo/pam_duo.conf but duo_unix-2.0.3 searches for it in the /etc/pam_duo.conf path
Expected Behavior
Duo should find its config file in /etc/duo/pam_duo.conf and load parameters from there
Actual Behavior
Duo attempts to load configuration from /etc/pam_duo.conf
Steps to Reproduce
- Build duo_unix-2.0.3 from source
- Configure sshd to use duo for MFA
- Attempt to login to node
- Check authentication log file
Workarounds
Downgrading to duo_unix-2.0.2 works as normal
@demiph Can you specify what you used for the source build? did you download the tar file from our documentation, from the 2.0.3 release here on github, or did you clone the repo?
I ask because we did make a change to the config file directory in https://github.com/duosecurity/duo_unix/commit/1c0a8d613953c480483003f22229f9c63ed28974 but that should not have been included in the 2.0.3 release. So I'm wondering if you somehow picked up that change, or if it somehow snuck into 2.0.3 when it shouldn't have.
I cloned the repo so I imagine this is not a bug in that case. Is the plan to change the config path in the next release?
@demiph Yes, that's our current plan! If you clone from the 2.0.3 tag/branch you should be ok. Just avoid master.
Turns out that we missed a spot. https://github.com/duosecurity/duo_unix/pull/276 should fix that