Bug #43169 “RFE: Update pam to 0.99 or greater” : Bugs : pam package : Ubuntu

Revision history for this message

Dennis Kaarsemaker (dennis) wrote on 2006-05-06: Re: [Bug 43169] RFE: Update pam to 0.99 or greater

#1

status Rejected

Dapper is in upstream version freeze. Please follow the correct process
for requesting an exception.

Changed in pam:
status:	Unconfirmed → Rejected

Revision history for this message

Richard Laager (rlaager) wrote on 2006-05-06:

#2

This request said nothing of Dapper. If it isn't fixed until after Dapper, that's fine. I don't know the procedure for requesting an exception, though I'm sure I could find it. But, it's probably not worth the risk for one little pam module. For now, I'm going to investigate packaging an older version of pam_keyring (before the changes which require pam >= 0.99).

Anyway, in summary, I don't see why we can't keep this item open.

Changed in pam:
status:	Rejected → Unconfirmed

Revision history for this message

Johan Christiansen (johandc) wrote on 2006-08-01:

#3

pam_keyring would be really nice to be enabled by default, to give the user more of a "just works" sensation. If pam needs to be upgraded, it should be so in edgy. Maybe a specification for this ought to be written?

Changed in pam:
status:	Unconfirmed → Confirmed

Revision history for this message

Michaël Arnauts (michael-arnauts) wrote on 2006-10-31:

#4

pam-keyring would be great... now edgy is out, can work on this get started there are no freezes, nothing stands in its way!

Bug Watch Updater (bug-watch-updater) on 2006-12-07

Changed in pam:
status:	Unknown → Unconfirmed

Revision history for this message

Colin Watson (cjwatson) wrote on 2006-12-19:

#5

We don't have the resources at the moment to do this ourselves; we're reliant on Debian for the vast majority of our pam packaging, and they're not going to upgrade pam until etch is out. Once that's done, I expect we'll be able to move to 0.99 or greater.

Revision history for this message

Michael R. Head (burner) wrote on 2007-02-24:

#6

It's possible to use libpam-keyring in feisty with /etc/pam.d/gdm this way (quoting /usr/share/doc/libpam-keyring/README.Debian ):

To enable this pam module, add the following line
at the end of every config file of pam services you use for logging in:
@include common-pamkeyring
These config files are located in /etc/pam.d/

For more informations, please read /etc/pam.d/common-pamkeyring

There are some known limitations with this package:
- The password of the "default" keyring must be the same as your login password.
- There is currently no way to change the password of a gnome keyring.

-- Laurent Bigonville <email address hidden> Thu, 8 Feb 2007 04:24:07 +0100

Revision history for this message

Andrew Conkling (andrewski) wrote on 2007-03-26:

#7

Since there seems to be no other reason to upgrade pam than to use pam_keyring and that's included in Feisty (http://packages.ubuntu.com/feisty/admin/libpam-keyring), I'm closing this. Feel free to reopen if necessary.

Changed in pam:
status:	Confirmed → Fix Released

Revision history for this message

Eugenia Loli-Queru (eloli) wrote on 2007-03-26:

#8

The point is to offer this functionality by default. I am not interested in third party solutions from the universe repo, I am interested in making Ubuntu a good experience out of the box. Unless you move the package from universe to the main repository and CD, I consider this bug unfixed.

Revision history for this message

Markus Golser (golserma) wrote on 2007-03-26:

#9

I think we need a simple solution for everyone that works out of the box.

Revision history for this message

Bogdan Butnaru (bogdanb) wrote on 2007-03-31:

#10

There are other potential reasons for updating pam to a newer version. One is that it's a security-related module, and there are bound to have been security fixes in the mean time. Another is new functionality; for example I need pam_exec -- which was added in 0.99.4.0 -- to solve https://answers.beta.launchpad.net/ubuntu/+ticket/4443

Changed in pam:
status:	Fix Released → Unconfirmed

Revision history for this message

Ralf Nieuwenhuijsen (ralf-nieuwenhuijsen) wrote on 2007-03-31:

#11

Some usuability bugs about the gnome-keyring have been reported as duplicates of this bug as well.

In general, I would rather expect arguments for _not_ using the latest package.
Upstream usually have good reasons to create a new version. They add functionality and bug-fixes. I'm a bit surprised that the proposed default here is to stick with the old package _again_. (this dates back to dapper)

In this case, it concerns stuff like not having to provide a default password for the keyring, nor being asked to supply one. Especially for laptop users, this fixes many crucial annoyances.

Revision history for this message

Andrew Conkling (andrewski) wrote on 2007-03-31:

#12

On 3/31/07, Ralf Nieuwenhuijsen <email address hidden> wrote:
> In this case, it concerns stuff like not having to provide a default
> password for the keyring, nor being asked to supply one. Especially for
> laptop users, this fixes many crucial annoyances.

libpam-keyring works fine in Feisty as is.

Revision history for this message

Ralf Nieuwenhuijsen (ralf-nieuwenhuijsen) wrote on 2007-03-31:

#13

Andrew Conkling wrote:
> libpam-keyring works fine in Feisty as is.

Three usability bugs have been marked a duplicate of this bug.
This suggests updating pam/libpam-kerying would fix _those_ bugs.

So, there are two possibilities:

- either the duplicate bugs are not really duplicates: the bug triager made a mistake
- an updated version of libpam-keyring fixes those bugs

Which one is it? Please look at the duplicates for more information.

Revision history for this message

eppy 1 (choppy121212) wrote on 2007-06-19:

#14

Does anyone know whether this will be in Gutsy in the future? At the present I still have to type in a lot of duplicate passwords.

The Debian Bug ( http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=360460 ) also has no new information.

Revision history for this message

Laurent Bigonville (bigon) wrote on 2007-07-04:

#15

Have a look at http://lists.debian.org/debian-devel/2007/06/msg00719.html

Debian patches has been merged with the last upstream version, but broke something. if someone with enough skills could have a look

Bug Watch Updater (bug-watch-updater) on 2007-08-21

Changed in pam:
status:	New → Fix Committed

Bug Watch Updater (bug-watch-updater) on 2007-08-27

Changed in pam:
status:	Fix Committed → Fix Released

Revision history for this message

Kees Cook (kees) wrote on 2007-09-06:

#16

I've started getting the 0.99 merge with Debian done. The first pass is available for testing with Gutsy for those interested: http://people.ubuntu.com/~kees/gutsy/

Changed in pam:
assignee:	nobody → keescook
status:	New → In Progress

Revision history for this message

Laurent Bigonville (bigon) wrote on 2007-09-06:

#17

great :)

Revision history for this message

Kees Cook (kees) wrote on 2007-09-07:

#18

Download full text (14.8 KiB)

pam (0.99.7.1-4ubuntu1~ppa1) gutsy; urgency=low

  * Resynchronise with Debian (LP: #43169, #14505, #80431). Remaining changes:
    - debian/control, debian/local/common-session{,md5sums}: use
      libpam-foreground for session management.
    - debian/rules: install unix_chkpwd setgid shadow instead of setuid root.
      The nis package handles overriding this as necessary.
    - debian/libpam-modules.postinst: Add PATH to /etc/environment if it's not
      present there or in /etc/security/pam_env.conf.
    - debian/patches-applied/ubuntu-fix_standard_types: Use standard u_int8_t
      type rather than __u8.
    - debian/patches-applied/ubuntu-rlimit_nice_correction: Explicitly
      initialise RLIMIT_NICE rather than relying on the kernel limits. Bound
      RLIMIT_NICE from below as well as from above. Fix off-by-one error when
      converting RLIMIT_NICE to the range of values used by the kernel.
      (Originally patch 101; converted to quilt.)
  * Dropped:
    - debian/rules: bashism fixes (merged upstream).
    - debian/control: Conflict on ancient nis (expired with Breezy).
    - debian/libpam-runtime.postinst: check for ancient pam (expired with
      Breezy).
    - debian/patches-applied/ubuntu-user_defined_environment: Look at
      ~/.pam_environment too, with the same format as
      /etc/security/pam_env.conf. (Originally patch 100; converted to quilt.)
      Left out of "series" for now (LP: #113586).

pam (0.99.7.1-4) unstable; urgency=low

  * libpam0g.postinst, libpam0g.templates: gdm doesn't need to be restarted
    to fix the library skew, only reloaded; special-case this daemon in the
    postinst and remove the mention of it from the debconf template, also
    tightening the language of the debconf template in the process.
    Closes: #440074.
  * Add courier-authdaemon to the list of services that need to be
    restarted; thanks to Micah Anderson for reporting.
  * New patch pam_env_ignore_garbage.patch: fix pam_env to really skip over
    garbage lines in /etc/environment and log an error, instead of failing
    with an obscure error; and ignore any PAM_BAD_ITEM values returned
    by pam_putenv(), since this is the expected error return when trying
    to delete a non-existent var. Closes: #439984.
  * Yet another thinko in hurd_no_setfsuid and in
    029_pam_limits_capabilities; this code should really be Hurd-safe at
    last...
  * getline() returns -1 on EOF, not 0; check this appropriately, to fix
    an infinite loop in pam_rhosts_auth. Thanks to Stephan Springl
    <email address hidden> for the fix. Closes: #440019.
  * Use ${misc:Depends} for libpam0g, so we get a proper dependency on
    debconf.
  * 019_pam_listfile_quiet: per discussion with upstream, don't suppress
    errors about missing files or files with wrong permissions; these are
    real errors that should not be buried.
  * Drop the remainder of 061_pam_issue_double_free, not required for the
    original bugfix.
  * Drop patch 064_pam_unix_cracklib_dictpath, which is not needed now that
    we define CRACKLIB_DICTS in debian/rules.
  * Drop patch 063_paswd_segv, superseded by a different upstream fix
  * Split 047_pam_limits_chr...

pam (0.99.7.1-4ubuntu1~ppa1) gutsy; urgency=low

* Resynchronise with Debian (LP: #43169, #14505, #80431). Remaining changes:
    - debian/control, debian/local/common-session{,md5sums}: use
      libpam-foreground for session management.
    - debian/rules: install unix_chkpwd setgid shadow instead of setuid root.
      The nis package handles overriding this as necessary.
    - debian/libpam-modules.postinst: Add PATH to /etc/environment if it's not
      present there or in /etc/security/pam_env.conf.
    - debian/patches-applied/ubuntu-fix_standard_types: Use standard u_int8_t
      type rather than __u8.
    - debian/patches-applied/ubuntu-rlimit_nice_correction: Explicitly
      initialise RLIMIT_NICE rather than relying on the kernel limits. Bound
      RLIMIT_NICE from below as well as from above. Fix off-by-one error when
      converting RLIMIT_NICE to the range of values used by the kernel.
      (Originally patch 101; converted to quilt.)
  * Dropped:
    - debian/rules: bashism fixes (merged upstream).
    - debian/control: Conflict on ancient nis (expired with Breezy).
    - debian/libpam-runtime.postinst: check for ancient pam (expired with
      Breezy).
    - debian/patches-applied/ubuntu-user_defined_environment: Look at
      ~/.pam_environment too, with the same format as
      /etc/security/pam_env.conf.  (Originally patch 100; converted to quilt.)
      Left out of "series" for now (LP: #113586).

pam (0.99.7.1-4) unstable; urgency=low

* libpam0g.postinst, libpam0g.templates: gdm doesn't need to be restarted
    to fix the library skew, only reloaded; special-case this daemon in the
    postinst and remove the mention of it from the debconf template, also
    tightening the language of the debconf template in the process.
    Closes: #440074.
  * Add courier-authdaemon to the list of services that need to be
    restarted; thanks to Micah Anderson for reporting.
  * New patch pam_env_ignore_garbage.patch: fix pam_env to really skip over
    garbage lines in /etc/environment and log an error, instead of failing
    with an obscure error; and ignore any PAM_BAD_ITEM values returned
    by pam_putenv(), since this is the expected error return when trying
    to delete a non-existent var.  Closes: #439984.
  * Yet another thinko in hurd_no_setfsuid and in
    029_pam_limits_capabilities; this code should really be Hurd-safe at
    last...
  * getline() returns -1 on EOF, not 0; check this appropriately, to fix
    an infinite loop in pam_rhosts_auth.  Thanks to Stephan Springl
    <springl-rhosts@bfw-online.de> for the fix.  Closes: #440019.
  * Use ${misc:Depends} for libpam0g, so we get a proper dependency on
    debconf.
  * 019_pam_listfile_quiet: per discussion with upstream, don't suppress
    errors about missing files or files with wrong permissions; these are
    real errors that should not be buried.
  * Drop the remainder of 061_pam_issue_double_free, not required for the
    original bugfix.
  * Drop patch 064_pam_unix_cracklib_dictpath, which is not needed now that
    we define CRACKLIB_DICTS in debian/rules.
  * Drop patch 063_paswd_segv, superseded by a different upstream fix
  * Split 047_pam_limits_chroot_string_value up between
    008_modules_pam_limits_chroot and 029_pam_limits_capabilites
  * Updates to patch 007_modules_pam_unix: restore the same built-in min
    password len of 6 that upstream uses; fix a typo panlindrome ->
    palindrome.
  * The 'max=' option was never intended to be used to limit maximum password
    length for users, only to declare what the number of significant
    characters /is/ for a password.  But we don't need a config option to
    tell us that, we know the answer based on which crypt type we're using,
    so drop this as a config file option.  Closes: #389197.
  * Debconf translations:
    - Spanish, thanks to Javier Fernández-Sanguino Peña <jfs@debian.org>
    - Vietnamese, thanks to Clytie Siddall <clytie@riverland.net.au>
    - German, thanks to Sven Joachim <svenjoac@gmx.de> (closes: #440355)
    - Czech, thanks to Miroslav Kure <kurem@upcase.inf.upol.cz>
      (closes: #440362)
    - Portuguese, thanks to Américo Monteiro <a_monteiro@netcabo.pt>
      (closes: #440368)

pam (0.99.7.1-3) unstable; urgency=low

* New patch limits_wrong_strncpy: fix unnecessary manipulations of string
    buffers, including an illegal use of strncpy().  Thanks to Paul Hampson
    for reporting.  Closes: #331278.
  * New patch misc_conv_allow_sigint.patch: allow SIGINT to be handled by the
    application, instead of blocking it when misc_conv is in use and
    preventing users from being able to ^C at any PAM prompt.  Closes: #1708.
  * 024_debian_cracklib_dict_path: default to NULL instead of a specific
    dictionary path when none is defined for consistency with the new upstream
    version of cracklib, and define our path in debian/rules.
  * 055_pam_unix_nullok_secure: document the pam_unix "nullok_secure" option,
    a prereq for forwarding this patch upstream.  Closes: #325974.
  * Create /etc/security/opasswd on new installs or on upgrades from
    0.99.7.1-2 or below, so that users that enable the remember=<n> option to
    pam_unix aren't left unable to change passwords.  Closes: #95324.
  * Fix a couple of thinkos in hurd_no_setfsuid, that were preventing the code
    from compiling on the Hurd still.  Thanks to Michael Banck for the catch.
  * Fix a memory leak in the pam_limits capabilities patch: always
    cap_free() the cap_t before returning from pam_sm_open_session().
    Closes: #153157.
  * libpam0g.postinst, libpam0g.templates: on upgrades from versions
    prior to 0.99.7.1-3, restart known PAM-using services so that they
    get the new libpam symbols, since otherwise the newer PAM modules
    will fail to load.  Postinst taken from libssl0.9.8; thanks to
    Christoph Martin for the fine example!  Closes: #439835.
  * Build-depend on po-debconf to support l10n of the debconf questions
    from the above.

pam (0.99.7.1-2) unstable; urgency=low

* New upstream release; thanks to Roger Leigh and Jan Christoph Nordholz
    for their extensive work in helping to prepare for this update in Debian.
    Closes: #360460.
    - now uses autoconf for library detection, so SELinux should not be
      unconditionally enabled on non-Linux archs.  Closes: #333141.
    - pam_mail notice handling has been completely reworked, so there should
      no longer be missing spaces in the messages.  Closes: #119689.
    - with libtool and autoconf, now behaves "sensibly" on unknown
      platforms.  Closes: #165067.
    - the source now builds without warnings.  Closes: #212165.
    - uses automake instead of hand-rolled makefiles with indentation
      bugs.  Closes: #241661, #328084.
    - pam_mkhomedir now creates directories recursively as needed.
      Closes: #178225.
    - pam_listfile now supports being used as a session module too.
      Closes: #416665.
    - misspelled pam_userdb log message has been corrected.  Closes: #305058.
    - the current pam_strerror manpage no longer mentions "Unknown
      Linux-PAM error".  Closes: #220157.
    - the text documentation no longer uses ANSI bold sequences.
      Closes: #181451.
    - pam_localuser now supports being used as a session module.
      Closes: #412484.
    - package no longer fails to build with dash as /bin/sh.
      Closes: #331208.
    - All modules should now be documented in the system administrator
      guide.  Closes: #350620.
    - pam_userdb now logs an error instead of segfaulting when no db=
      option is provided.  Closes: #436005.
    - pam_time now warns on a missing tty instead of erroring out,
      making it possible to use the module with non-console services.
      Closes: #127931.
    - upstream changelog is now 'ChangeLog' instead of 'CHANGELOG'; install
      accordingly
    - bump the shlibs
    - the 'test.c' example no longer exists
    - add /usr/share/locale to libpam-runtime.
    - CVE-2005-2977: only uid=0 is allowed to invoke unix_chkpwd with an
      arbitrary username, and then only when SELinux is active.
      Closes: #336344.
  * Mark myself as primary maintainer as previously discussed with Sam, and
    add Roger as an uploader.
  * Refactor to use quilt.
  * Update to Standards-Version 3.7.2.
  * Drop unnecessary build-dependency on patch, which is
    build-essential (and no longer invoked directly).
  * Drop patches 002_debian_no_ldconfig_call, 010_pam_cplusplus,
    018_man_fixes, 030_makefile_link_against_libpam,
    037_pam_issue_ttyname_can_be_null, 044_configure_supports_bsd,
    050_configure_in_gnu and 052_pam_unix_no_openlog, which have been
    superseded upstream.
  * Drop patches 005_pam_limits_099_6,
    012_pam_group_less_restrictive_charset, 023_pam_env_limits_miscfixes,
    048_pam_group_colon_valid_char, 058_pam_env_enable, 059_pam_userdb_segv,
    060_pam_tally_segv and 062_c++_safe_headers, which have been integrated
    upstream.
  * Patch 057: SELinux support is merged upstream, leaving only an
    unrelated OOM check for pam_unix_passwd.  Rename as
    057_pam_unix_passwd_OOM_check.
  * Patches 006, 008, 036: update for the switch from SGML to XML.
  * Patch 007: update for the switch from SGML to XML; drop some log
    messages that were already added upstream; update for the pam_modutil
    changes; tighten the flag handling of the 'obscure' option; drop bogus
    check in unix_chkpwd for null passwords.  Also fix a grammar error
    along the way.  Closes: #362855.
  * Patch 024: CRACKLIB_DICTPATH is no longer set in configure.in, so patch
    pam_cracklib.c instead to use the default dictpath already available
    from crack.h; and patch configure.in to use AC_CHECK_HEADERS instead
    of AC_CHECK_HEADER, so crack.h is actually included.  Also remove
    unnecessary string copies, which break on the Hurd due to PATH_MAX.
  * Patch 038: partially merged/superseded upstream; also add new Hurd
    fix for pam_xauth.
  * Patch 061: partially merged upstream
  * Use ${binary:Version} instead of ${Source-Version} in
    debian/control.
  * Remove empty maintainer scripts debian/libpam0g-dev.{postinst,prerm},
    debian/libpam0g.{postinst,prerm}, and
    debian/libpam-modules.{postinst,prerm}; debhelper can autogenerate these
    just fine without our help.
  * Build-Depend on xsltproc, libxml2-utils, docbook-xml, docbook-xsl
    and w3m instead of on linuxdoc-tools, linuxdoc-tools-latex, tetex-extra,
    groff, and opensp.
  * Also build-depend on flex for libfl.a.
  * Updates for documentation handling:
    - move debian/local/pam-*-guide to debian/libpam-doc.doc-base.foo-guide,
      and invoke dh_installdocs instead of installing these by hand.
    - drop libpam-doc.{postinst,prerm}, which are no longer needed.
    - add an install target to debian/rules, and have binary-indep depend on
      it instead of trying to install doc files individually from the source
      tree
    - consequently, drop libpam-doc.dirs as well which is no longer needed
      and no longer accurate
    - add debian/libpam-doc.install for moving the docs to the right place,
      and also replace libpam-runtime.files with libpam-runtime.install;
      for the moment this means we're using both dh_movefiles and
      dh_install...
    - libpam0g.docs: install the Debian-PAM-MiniPolicy from here, further
      cleaning up debian/rules
  * Drop debian/libpam0g.links, no longer needed because upstream now has a
    working install target which creates the library symlinks
  * Add libpam-modules.links: create pam_unix_{acct,auth,passwd,session}.so
    symlinks by hand, no longer provided upstream.
  * debian/patches-applied/PAM-manpage-section: "PAM" is not a daemon, manpage
    belongs in section 7, not in section 8.
  * Actually ship the pam, pam.conf, and pam.d manpages in libpam-runtime.
  * debian/patches-applied/autoconf.patch: move all changes to autotools
    generated files into a single patch at the end of the stack.
    - don't touch configure in debian/rules, the quilt patch takes care
      of this for us.
  * New patch 064_pam_unix_cracklib_dictpath: correctly define
    CRACKLIB_DICTS, since this is not defined by configure.  Thanks to Jan
    Christoph Nordholz.
  * New patch 065_pam_unix_cracklib_disable: Debian-specific patch to disable
    cracklib support in pam_unix.  Thanks to Christoph Nordholz.
  * debian/rules:
    - Rename OS_CFLAGS to CFLAGS.
    - kill off references to unused variables
    - make binary-arch also depend on the install target, and streamline the
      rules
    - fix up the clean target to not ignore errors; thanks to Roger Leigh
    - drop the local module_check target in favor of using -Wl,-z,defs
      in LDFLAGS to enforce correct linkage of all objects at build time
  * Drop debian/local/unix_chkpwd.8 in favor of the upstream manpage.
  * libpam-modules.files: /usr/sbin/pam_tally has moved to /sbin/pam_tally
    for consistency.
  * Update to debhelper V5.
  * Don't ship Makefiles as part of the libpam0g-dev examples.
  * libpam-modules.manpages, libpam-runtime.manpages, libpam0g-dev.manpages:
    put all the manpages in the correct packages.  Closes: #411812,
    #62193, #313486, #300773, #330545, #184270.
  * Drop libpam{0g,0g-dev,-modules,-runtime}.dirs, not needed for anything
    because we aren't trying to ship empty directories in the packages
  * Build-Conflict with fop, to avoid unreproducible builds of pdf
    documentation from a tool in contrib.
  * libpam-cracklib should depend on a real wordlist package, per policy;
    use wamerican as the default.
  * Drop local/pam-undocumented.7 from the package, since we no longer have
    a reason to ship it
  * Add lintian overrides for known false-positives
  * Conflicts/Replaces/Provides libpam-umask, now included upstream.
    Closes: #436222.
  * Upstream no longer marks unix_chkpwd suid-root for us, so set the perms
    by hand in debian/rules.  In the process, unix_chkpwd is now writable
    by the owner, as expected by policy.  Closes: #368100.
  * Migrate from db4.3 to db4.6; once again, no administrator action should
    be needed for upgrading on-disk database formats.  Closes: #354309.
  * Add XS-Vcs-Svn and XS-Vcs-Browser fields to debian/control; thanks to
    Laurent Bigonville for the hint.  Closes: #439038.
  * Add a watch file for use with uscan; thanks to Laurent Bigonville for
    this patch as well.  Closes: #439040.
  * Rewrite of 031_pam_include, fixing a memory leak and letting us drop
    patch 056_no_label_at_end; thanks to Jan Christoph Nordholz
    <hesso@pool.math.tu-berlin.de> for this much-improved version!
  * New patch no_pthread_mutexes: don't use pthread mutexes in
    pam_modutil functions, they're not needed because pam handles
    themselves should not be used concurrently by multiple threads and
    using pthreads causes problems for portable linking.
  * New patch hurd_no_setfsuid: if we don't have sys/fsuid.h, work around
    using setreuid instead.

-- Kees Cook <kees@ubuntu.com>   Wed, 05 Sep 2007 15:18:36 -0700

Changed in pam:
status:	In Progress → Fix Released

Revision history for this message

Kees Cook (kees) wrote on 2007-09-08:

#19

Bleh. PPA upload caused this to auto-close. :(

Changed in pam:
status:	Fix Released → In Progress

Revision history for this message

Kees Cook (kees) wrote on 2007-09-09:

#20

For those of you interested in testing a gutsy PAM 0.99 package, please read and comment on bug 138047. Thanks!

Revision history for this message

Kees Cook (kees) wrote on 2007-09-11:

#21

Download full text (14.7 KiB)

pam (0.99.7.1-4ubuntu1) gutsy; urgency=low

  * Resynchronise with Debian (LP: #43169, #14505, #80431). Remaining changes:
    - debian/control, debian/local/common-session{,md5sums}: use
      libpam-foreground for session management.
    - debian/rules: install unix_chkpwd setgid shadow instead of setuid root.
      The nis package handles overriding this as necessary.
    - debian/libpam-modules.postinst: Add PATH to /etc/environment if it's not
      present there or in /etc/security/pam_env.conf.
    - debian/patches-applied/ubuntu-fix_standard_types: Use standard u_int8_t
      type rather than __u8.
    - debian/patches-applied/ubuntu-rlimit_nice_correction: Explicitly
      initialise RLIMIT_NICE rather than relying on the kernel limits. Bound
      RLIMIT_NICE from below as well as from above. Fix off-by-one error when
      converting RLIMIT_NICE to the range of values used by the kernel.
      (Originally patch 101; converted to quilt.)
    - debian/patches-applied/ubuntu-user_defined_environment: Look at
      ~/.pam_environment too, with the same format as
      /etc/security/pam_env.conf. (Originally patch 100; converted to quilt.)
  * Dropped:
    - debian/rules: bashism fixes (merged upstream).
    - debian/control: Conflict on ancient nis (expired with Breezy).
    - debian/libpam-runtime.postinst: check for ancient pam (expired with
      Breezy).

pam (0.99.7.1-4) unstable; urgency=low

  * libpam0g.postinst, libpam0g.templates: gdm doesn't need to be restarted
    to fix the library skew, only reloaded; special-case this daemon in the
    postinst and remove the mention of it from the debconf template, also
    tightening the language of the debconf template in the process.
    Closes: #440074.
  * Add courier-authdaemon to the list of services that need to be
    restarted; thanks to Micah Anderson for reporting.
  * New patch pam_env_ignore_garbage.patch: fix pam_env to really skip over
    garbage lines in /etc/environment and log an error, instead of failing
    with an obscure error; and ignore any PAM_BAD_ITEM values returned
    by pam_putenv(), since this is the expected error return when trying
    to delete a non-existent var. Closes: #439984.
  * Yet another thinko in hurd_no_setfsuid and in
    029_pam_limits_capabilities; this code should really be Hurd-safe at
    last...
  * getline() returns -1 on EOF, not 0; check this appropriately, to fix
    an infinite loop in pam_rhosts_auth. Thanks to Stephan Springl
    <email address hidden> for the fix. Closes: #440019.
  * Use ${misc:Depends} for libpam0g, so we get a proper dependency on
    debconf.
  * 019_pam_listfile_quiet: per discussion with upstream, don't suppress
    errors about missing files or files with wrong permissions; these are
    real errors that should not be buried.
  * Drop the remainder of 061_pam_issue_double_free, not required for the
    original bugfix.
  * Drop patch 064_pam_unix_cracklib_dictpath, which is not needed now that
    we define CRACKLIB_DICTS in debian/rules.
  * Drop patch 063_paswd_segv, superseded by a different upstream fix
  * Split 047_pam_limits_chroot_string_value up between
    008_modules_pam_limits_...

pam (0.99.7.1-4ubuntu1) gutsy; urgency=low

* Resynchronise with Debian (LP: #43169, #14505, #80431). Remaining changes:
    - debian/control, debian/local/common-session{,md5sums}: use
      libpam-foreground for session management.
    - debian/rules: install unix_chkpwd setgid shadow instead of setuid root.
      The nis package handles overriding this as necessary.
    - debian/libpam-modules.postinst: Add PATH to /etc/environment if it's not
      present there or in /etc/security/pam_env.conf.
    - debian/patches-applied/ubuntu-fix_standard_types: Use standard u_int8_t
      type rather than __u8.
    - debian/patches-applied/ubuntu-rlimit_nice_correction: Explicitly
      initialise RLIMIT_NICE rather than relying on the kernel limits. Bound
      RLIMIT_NICE from below as well as from above. Fix off-by-one error when
      converting RLIMIT_NICE to the range of values used by the kernel.
      (Originally patch 101; converted to quilt.)
    - debian/patches-applied/ubuntu-user_defined_environment: Look at
      ~/.pam_environment too, with the same format as
      /etc/security/pam_env.conf.  (Originally patch 100; converted to quilt.)
  * Dropped:
    - debian/rules: bashism fixes (merged upstream).
    - debian/control: Conflict on ancient nis (expired with Breezy).
    - debian/libpam-runtime.postinst: check for ancient pam (expired with
      Breezy).

pam (0.99.7.1-4) unstable; urgency=low

* libpam0g.postinst, libpam0g.templates: gdm doesn't need to be restarted
    to fix the library skew, only reloaded; special-case this daemon in the
    postinst and remove the mention of it from the debconf template, also
    tightening the language of the debconf template in the process.
    Closes: #440074.
  * Add courier-authdaemon to the list of services that need to be
    restarted; thanks to Micah Anderson for reporting.
  * New patch pam_env_ignore_garbage.patch: fix pam_env to really skip over
    garbage lines in /etc/environment and log an error, instead of failing
    with an obscure error; and ignore any PAM_BAD_ITEM values returned
    by pam_putenv(), since this is the expected error return when trying
    to delete a non-existent var.  Closes: #439984.
  * Yet another thinko in hurd_no_setfsuid and in
    029_pam_limits_capabilities; this code should really be Hurd-safe at
    last...
  * getline() returns -1 on EOF, not 0; check this appropriately, to fix
    an infinite loop in pam_rhosts_auth.  Thanks to Stephan Springl
    <springl-rhosts@bfw-online.de> for the fix.  Closes: #440019.
  * Use ${misc:Depends} for libpam0g, so we get a proper dependency on
    debconf.
  * 019_pam_listfile_quiet: per discussion with upstream, don't suppress
    errors about missing files or files with wrong permissions; these are
    real errors that should not be buried.
  * Drop the remainder of 061_pam_issue_double_free, not required for the
    original bugfix.
  * Drop patch 064_pam_unix_cracklib_dictpath, which is not needed now that
    we define CRACKLIB_DICTS in debian/rules.
  * Drop patch 063_paswd_segv, superseded by a different upstream fix
  * Split 047_pam_limits_chroot_string_value up between
    008_modules_pam_limits_chroot and 029_pam_limits_capabilites
  * Updates to patch 007_modules_pam_unix: restore the same built-in min
    password len of 6 that upstream uses; fix a typo panlindrome ->
    palindrome.
  * The 'max=' option was never intended to be used to limit maximum password
    length for users, only to declare what the number of significant
    characters /is/ for a password.  But we don't need a config option to
    tell us that, we know the answer based on which crypt type we're using,
    so drop this as a config file option.  Closes: #389197.
  * Debconf translations:
    - Spanish, thanks to Javier Fernández-Sanguino Peña <jfs@debian.org>
    - Vietnamese, thanks to Clytie Siddall <clytie@riverland.net.au>
    - German, thanks to Sven Joachim <svenjoac@gmx.de> (closes: #440355)
    - Czech, thanks to Miroslav Kure <kurem@upcase.inf.upol.cz>
      (closes: #440362)
    - Portuguese, thanks to Américo Monteiro <a_monteiro@netcabo.pt>
      (closes: #440368)

pam (0.99.7.1-3) unstable; urgency=low

* New patch limits_wrong_strncpy: fix unnecessary manipulations of string
    buffers, including an illegal use of strncpy().  Thanks to Paul Hampson
    for reporting.  Closes: #331278.
  * New patch misc_conv_allow_sigint.patch: allow SIGINT to be handled by the
    application, instead of blocking it when misc_conv is in use and
    preventing users from being able to ^C at any PAM prompt.  Closes: #1708.
  * 024_debian_cracklib_dict_path: default to NULL instead of a specific
    dictionary path when none is defined for consistency with the new upstream
    version of cracklib, and define our path in debian/rules.
  * 055_pam_unix_nullok_secure: document the pam_unix "nullok_secure" option,
    a prereq for forwarding this patch upstream.  Closes: #325974.
  * Create /etc/security/opasswd on new installs or on upgrades from
    0.99.7.1-2 or below, so that users that enable the remember=<n> option to
    pam_unix aren't left unable to change passwords.  Closes: #95324.
  * Fix a couple of thinkos in hurd_no_setfsuid, that were preventing the code
    from compiling on the Hurd still.  Thanks to Michael Banck for the catch.
  * Fix a memory leak in the pam_limits capabilities patch: always
    cap_free() the cap_t before returning from pam_sm_open_session().
    Closes: #153157.
  * libpam0g.postinst, libpam0g.templates: on upgrades from versions
    prior to 0.99.7.1-3, restart known PAM-using services so that they
    get the new libpam symbols, since otherwise the newer PAM modules
    will fail to load.  Postinst taken from libssl0.9.8; thanks to
    Christoph Martin for the fine example!  Closes: #439835.
  * Build-depend on po-debconf to support l10n of the debconf questions
    from the above.

pam (0.99.7.1-2) unstable; urgency=low

* New upstream release; thanks to Roger Leigh and Jan Christoph Nordholz
    for their extensive work in helping to prepare for this update in Debian.
    Closes: #360460.
    - now uses autoconf for library detection, so SELinux should not be
      unconditionally enabled on non-Linux archs.  Closes: #333141.
    - pam_mail notice handling has been completely reworked, so there should
      no longer be missing spaces in the messages.  Closes: #119689.
    - with libtool and autoconf, now behaves "sensibly" on unknown
      platforms.  Closes: #165067.
    - the source now builds without warnings.  Closes: #212165.
    - uses automake instead of hand-rolled makefiles with indentation
      bugs.  Closes: #241661, #328084.
    - pam_mkhomedir now creates directories recursively as needed.
      Closes: #178225.
    - pam_listfile now supports being used as a session module too.
      Closes: #416665.
    - misspelled pam_userdb log message has been corrected.  Closes: #305058.
    - the current pam_strerror manpage no longer mentions "Unknown
      Linux-PAM error".  Closes: #220157.
    - the text documentation no longer uses ANSI bold sequences.
      Closes: #181451.
    - pam_localuser now supports being used as a session module.
      Closes: #412484.
    - package no longer fails to build with dash as /bin/sh.
      Closes: #331208.
    - All modules should now be documented in the system administrator
      guide.  Closes: #350620.
    - pam_userdb now logs an error instead of segfaulting when no db=
      option is provided.  Closes: #436005.
    - pam_time now warns on a missing tty instead of erroring out,
      making it possible to use the module with non-console services.
      Closes: #127931.
    - upstream changelog is now 'ChangeLog' instead of 'CHANGELOG'; install
      accordingly
    - bump the shlibs
    - the 'test.c' example no longer exists
    - add /usr/share/locale to libpam-runtime.
    - CVE-2005-2977: only uid=0 is allowed to invoke unix_chkpwd with an
      arbitrary username, and then only when SELinux is active.
      Closes: #336344.
  * Mark myself as primary maintainer as previously discussed with Sam, and
    add Roger as an uploader.
  * Refactor to use quilt.
  * Update to Standards-Version 3.7.2.
  * Drop unnecessary build-dependency on patch, which is
    build-essential (and no longer invoked directly).
  * Drop patches 002_debian_no_ldconfig_call, 010_pam_cplusplus,
    018_man_fixes, 030_makefile_link_against_libpam,
    037_pam_issue_ttyname_can_be_null, 044_configure_supports_bsd,
    050_configure_in_gnu and 052_pam_unix_no_openlog, which have been
    superseded upstream.
  * Drop patches 005_pam_limits_099_6,
    012_pam_group_less_restrictive_charset, 023_pam_env_limits_miscfixes,
    048_pam_group_colon_valid_char, 058_pam_env_enable, 059_pam_userdb_segv,
    060_pam_tally_segv and 062_c++_safe_headers, which have been integrated
    upstream.
  * Patch 057: SELinux support is merged upstream, leaving only an
    unrelated OOM check for pam_unix_passwd.  Rename as
    057_pam_unix_passwd_OOM_check.
  * Patches 006, 008, 036: update for the switch from SGML to XML.
  * Patch 007: update for the switch from SGML to XML; drop some log
    messages that were already added upstream; update for the pam_modutil
    changes; tighten the flag handling of the 'obscure' option; drop bogus
    check in unix_chkpwd for null passwords.  Also fix a grammar error
    along the way.  Closes: #362855.
  * Patch 024: CRACKLIB_DICTPATH is no longer set in configure.in, so patch
    pam_cracklib.c instead to use the default dictpath already available
    from crack.h; and patch configure.in to use AC_CHECK_HEADERS instead
    of AC_CHECK_HEADER, so crack.h is actually included.  Also remove
    unnecessary string copies, which break on the Hurd due to PATH_MAX.
  * Patch 038: partially merged/superseded upstream; also add new Hurd
    fix for pam_xauth.
  * Patch 061: partially merged upstream
  * Use ${binary:Version} instead of ${Source-Version} in
    debian/control.
  * Remove empty maintainer scripts debian/libpam0g-dev.{postinst,prerm},
    debian/libpam0g.{postinst,prerm}, and
    debian/libpam-modules.{postinst,prerm}; debhelper can autogenerate these
    just fine without our help.
  * Build-Depend on xsltproc, libxml2-utils, docbook-xml, docbook-xsl
    and w3m instead of on linuxdoc-tools, linuxdoc-tools-latex, tetex-extra,
    groff, and opensp.
  * Also build-depend on flex for libfl.a.
  * Updates for documentation handling:
    - move debian/local/pam-*-guide to debian/libpam-doc.doc-base.foo-guide,
      and invoke dh_installdocs instead of installing these by hand.
    - drop libpam-doc.{postinst,prerm}, which are no longer needed.
    - add an install target to debian/rules, and have binary-indep depend on
      it instead of trying to install doc files individually from the source
      tree
    - consequently, drop libpam-doc.dirs as well which is no longer needed
      and no longer accurate
    - add debian/libpam-doc.install for moving the docs to the right place,
      and also replace libpam-runtime.files with libpam-runtime.install;
      for the moment this means we're using both dh_movefiles and
      dh_install...
    - libpam0g.docs: install the Debian-PAM-MiniPolicy from here, further
      cleaning up debian/rules
  * Drop debian/libpam0g.links, no longer needed because upstream now has a
    working install target which creates the library symlinks
  * Add libpam-modules.links: create pam_unix_{acct,auth,passwd,session}.so
    symlinks by hand, no longer provided upstream.
  * debian/patches-applied/PAM-manpage-section: "PAM" is not a daemon, manpage
    belongs in section 7, not in section 8.
  * Actually ship the pam, pam.conf, and pam.d manpages in libpam-runtime.
  * debian/patches-applied/autoconf.patch: move all changes to autotools
    generated files into a single patch at the end of the stack.
    - don't touch configure in debian/rules, the quilt patch takes care
      of this for us.
  * New patch 064_pam_unix_cracklib_dictpath: correctly define
    CRACKLIB_DICTS, since this is not defined by configure.  Thanks to Jan
    Christoph Nordholz.
  * New patch 065_pam_unix_cracklib_disable: Debian-specific patch to disable
    cracklib support in pam_unix.  Thanks to Christoph Nordholz.
  * debian/rules:
    - Rename OS_CFLAGS to CFLAGS.
    - kill off references to unused variables
    - make binary-arch also depend on the install target, and streamline the
      rules
    - fix up the clean target to not ignore errors; thanks to Roger Leigh
    - drop the local module_check target in favor of using -Wl,-z,defs
      in LDFLAGS to enforce correct linkage of all objects at build time
  * Drop debian/local/unix_chkpwd.8 in favor of the upstream manpage.
  * libpam-modules.files: /usr/sbin/pam_tally has moved to /sbin/pam_tally
    for consistency.
  * Update to debhelper V5.
  * Don't ship Makefiles as part of the libpam0g-dev examples.
  * libpam-modules.manpages, libpam-runtime.manpages, libpam0g-dev.manpages:
    put all the manpages in the correct packages.  Closes: #411812,
    #62193, #313486, #300773, #330545, #184270.
  * Drop libpam{0g,0g-dev,-modules,-runtime}.dirs, not needed for anything
    because we aren't trying to ship empty directories in the packages
  * Build-Conflict with fop, to avoid unreproducible builds of pdf
    documentation from a tool in contrib.
  * libpam-cracklib should depend on a real wordlist package, per policy;
    use wamerican as the default.
  * Drop local/pam-undocumented.7 from the package, since we no longer have
    a reason to ship it
  * Add lintian overrides for known false-positives
  * Conflicts/Replaces/Provides libpam-umask, now included upstream.
    Closes: #436222.
  * Upstream no longer marks unix_chkpwd suid-root for us, so set the perms
    by hand in debian/rules.  In the process, unix_chkpwd is now writable
    by the owner, as expected by policy.  Closes: #368100.
  * Migrate from db4.3 to db4.6; once again, no administrator action should
    be needed for upgrading on-disk database formats.  Closes: #354309.
  * Add XS-Vcs-Svn and XS-Vcs-Browser fields to debian/control; thanks to
    Laurent Bigonville for the hint.  Closes: #439038.
  * Add a watch file for use with uscan; thanks to Laurent Bigonville for
    this patch as well.  Closes: #439040.
  * Rewrite of 031_pam_include, fixing a memory leak and letting us drop
    patch 056_no_label_at_end; thanks to Jan Christoph Nordholz
    <hesso@pool.math.tu-berlin.de> for this much-improved version!
  * New patch no_pthread_mutexes: don't use pthread mutexes in
    pam_modutil functions, they're not needed because pam handles
    themselves should not be used concurrently by multiple threads and
    using pthreads causes problems for portable linking.
  * New patch hurd_no_setfsuid: if we don't have sys/fsuid.h, work around
    using setreuid instead.

-- Kees Cook <kees@ubuntu.com>   Wed, 05 Sep 2007 15:18:36 -0700

Changed in pam:
status:	In Progress → Fix Released

Affects		Status	Importance	Assigned to	Milestone
	pam (Debian)	Fix Released	Unknown	debbugs #360460
	pam (Ubuntu)	Fix Released	Wishlist	Kees Cook

Ubuntu
pam package

RFE: Update pam to 0.99 or greater

Bug Description

Related branches

CVE References

Duplicates of this bug

Other bug subscribers

Remote bug watches

Ubuntupam package

RFE: Update pam to 0.99 or greater

Bug Description

Related branches

CVE References

Duplicates of this bug

Other bug subscribers

Remote bug watches

Ubuntu
pam package