pam_env doesn't accept /etc/environment files that don't end with newline anymore (PAM 1.4.x behaviour change/regression)
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| PAM |
Fix Released
|
Unknown
|
|||
| pam (Ubuntu) |
Fix Released
|
Low
|
Simon Chopin | ||
Bug Description
Since PAM 1.4.x, pam_env's behaviour has silently changed and now it fails to parse/doesn't accept /etc/environment files that don't end with a newline.
It's easy to reproduce:
$ lxc launch ubuntu-daily:jammy pam-env-test --vm
$ lxc shell pam-env-test
# # Note that pam-1.4.x is currently in jammy-proposed as I write this bug.
# cat <<EOF >/etc/apt/
# Enable Ubuntu proposed archive
deb http://
EOF
# apt update
# apt install libpam-modules libpam-runtime libpam-systemd -y
# reboot
$ lxc shell pam-env-test
# apt policy libpam-modules
libpam-modules:
Installed: 1.4.0-10ubuntu1
Candidate: 1.4.0-10ubuntu1
Version table:
*** 1.4.0-10ubuntu1 500
500 http://
100 /var/lib/
# echo 'http_proxy=http://
# printf 'no_proxy=gnu.org' >> /etc/environment
# su -
# curl gnu.org
curl: (5) Could not resolve proxy: invalid.address
The right output should have been similar to:
# curl gnu.org
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://
<hr>
<address>
</body></html>
This bug has impacted autopkgtest.u.c; see the following MP:
https:/
Related branches
- Simon Chopin (community): Approve
- Canonical Server: Pending requested
-
Diff: 62 lines (+40/-0)3 files modifieddebian/changelog (+8/-0)
debian/patches-applied/pam_env-allow-environment-files-without-EOL-at-EOF.patch (+30/-0)
debian/patches-applied/series (+2/-0)
| Steve Langasek (vorlon) wrote | #1 |
| Changed in pam (Ubuntu): | |
| assignee: | nobody → Simon Chopin (schopin) |
| importance: | High → Low |
| Sergio Durigan Junior (sergiodj) wrote | #2 |
| Changed in pam: | |
| status: | Unknown → Fix Released |
| Launchpad Janitor (janitor) wrote | #3 |
| Changed in pam (Ubuntu): | |
| status: | Confirmed → Fix Released |
FWIW I'm going to mark this bug 'low' instead of high, on the basis that Debian has shipped pam 1.4.0 in a stable release and there hasn't even been a single bug report about this issue, it was only caught because of a bug in the Ubuntu autopkgtest-cloud implementation that was writing entries to /etc/environment without a final newline.
Also assigning the bug to Simon who did the Debian merge (thanks!), so he can assess whether this is something we should prioritize fixing.