[Bug 2089712] Re: pam-auth-update --remove doesn't work properly
Dave Jones
2089712 at bugs.launchpad.net
Thu Dec 5 15:21:30 UTC 2024
This does appear to be "working as designed" on jammy.
Tested with the profiles in the original report and as noted in comment
2, whilst pam-auth-update --remove will transiently disable the profiles
in the PAM configuration, any subsequent run of pam-auth-update will re-
enable them because there is no facility for disabling them (until
noble, which introduces the --disable flag), short of editing the
profile's Default setting.
Given this is "working as designed", I'm setting this to invalid status.
A case might be made to backport the "--disable" functionality from
noble, but new functionality in stable releases has a high bar to pass
SRU policy (https://canonical-sru-docs.readthedocs-
hosted.com/en/latest/reference/requirements/#requirements).
** Changed in: pam (Ubuntu)
Status: New => Invalid
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to pam in Ubuntu.
https://bugs.launchpad.net/bugs/2089712
Title:
pam-auth-update --remove doesn't work properly
Status in pam package in Ubuntu:
Invalid
Bug description:
Issue:
If use `pam-auth-update --remove profile` to remove a profile, it has no effect: the /etc/pam.d/common-auth doesn't change at all.
OS: jammy
libpam-runtime: 1.4.0-11ubuntu2.4
The profile I use
```
cat << EOF > /usr/share/pam-configs/faillock
Name: Enable pam_faillock to deny access
Default: yes
Priority: 0
Auth-Type: Primary
Auth:
[default=die] pam_faillock.so authfail
EOF
cat << EOF > /usr/share/pam-configs/faillock_notify
Name: Notify of failed login attempts and reset count upon success
Default: yes
Priority: 1024
Auth-Type: Primary
Auth:
requisite pam_faillock.so preauth
Account-Type: Primary
Account:
required pam_faillock.so
EOF
```
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam/+bug/2089712/+subscriptions
More information about the foundations-bugs
mailing list