[ubuntu/karmic] pam 1.1.0-2ubuntu1 (Accepted)
Steve Langasek
steve.langasek at ubuntu.com
Fri Sep 4 09:20:12 BST 2009
pam (1.1.0-2ubuntu1) karmic; urgency=low
* Merge from Debian, remaining changes:
- debian/libpam-modules.postinst: Add PATH to /etc/environment if it's not
present there or in /etc/security/pam_env.conf. (should send to Debian).
- debian/libpam0g.postinst: only ask questions during update-manager when
there are non-default services running.
- debian/patches-applied/series: Ubuntu patches are as below ...
- debian/patches-applied/ubuntu-no-error-if-missingok: add a new, magic
module option 'missingok' which will suppress logging of errors by
libpam if the module is not found.
- debian/patches-applied/ubuntu-regression_fix_securetty: prompt for
password on bad username.
- debian/patches-applied/ubuntu-rlimit_nice_correction: Explicitly
initialise RLIMIT_NICE rather than relying on the kernel limits.
- Change Vcs-Bzr to point at the Ubuntu branch.
- Make libpam-modules depend on base-files (>= 5.0.0ubuntu6), to ensure
run-parts does the right thing in /etc/update-motd.d.
- debian/patches-applied/pam_motd-legal-notice: display the contents of
/etc/legal once, then set a flag in the user's homedir to prevent showing
it again.
- debian/local/common-{auth,account,password}.md5sums: include the
Ubuntu-specific intrepid,jaunty md5sums for use during the
common-session-noninteractive upgrade.
* Changes merged in Debian:
- debian/local/common-password, debian/pam-configs/unix: switch from
"md5" to "sha512" as password crypt default.
pam (1.1.0-2) unstable; urgency=low
[ Steve Langasek ]
* debian/patches/pam_unix_dont_trust_chkpwd_caller.patch: fix this patch
to call setregid() instead of always returning an error on username
mismatch in unix_chkpwd, needed in the SELinux case and in some corner
cases with the broken_shadow option. Thanks to Michael Spang for the
analysis. Closes: #543589.
* fix the PAM mini-policy to not tell app maintainers that they don't need
to depend on libpam-modules if they reference modules from there.
* make libpam-runtime depend on libpam-modules (>= 1.0.1-6) - nothing else
guarantees that we have pam_unix available for use by pam-auth-update.
* Use /bin/sh instead of /bin/bash for libpam0g.postinst, since we've
confirmed there are no longer any bashisms there. Closes: #519973.
* Clean up the libpam0g postinst a bit; invoke-rc.d has been a guaranteed
interface for two stable release cycles now
* debian/patches/namespace_with_awk_not_gawk: fix the sample
namespace.init script's dependency on non-POSIX features of gawk, since
we don't use gawk by default. Closes; #518908.
* Updated debconf translations:
- German, thanks to Sven Joachim <svenjoac at gmx.de> (closes: #544464)
[ Kees Cook ]
* debian/local/common-password, debian/pam-configs/unix: switch from "md5"
to "sha512" as password crypt default.
Date: Fri, 04 Sep 2009 01:11:48 -0700
Changed-By: Steve Langasek <steve.langasek at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Steve Langasek <steve.langasek at canonical.com>
https://launchpad.net/ubuntu/karmic/+source/pam/1.1.0-2ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Fri, 04 Sep 2009 01:11:48 -0700
Source: pam
Binary: libpam0g libpam-modules libpam-runtime libpam0g-dev libpam-cracklib libpam-doc
Architecture: source
Version: 1.1.0-2ubuntu1
Distribution: karmic
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Steve Langasek <steve.langasek at ubuntu.com>
Description:
libpam-cracklib - PAM module to enable cracklib support
libpam-doc - Documentation of PAM
libpam-modules - Pluggable Authentication Modules for PAM
libpam-runtime - Runtime support for the PAM library
libpam0g - Pluggable Authentication Modules library
libpam0g-dev - Development files for PAM
Closes: 519973 543589 544464
Changes:
pam (1.1.0-2ubuntu1) karmic; urgency=low
.
* Merge from Debian, remaining changes:
- debian/libpam-modules.postinst: Add PATH to /etc/environment if it's not
present there or in /etc/security/pam_env.conf. (should send to Debian).
- debian/libpam0g.postinst: only ask questions during update-manager when
there are non-default services running.
- debian/patches-applied/series: Ubuntu patches are as below ...
- debian/patches-applied/ubuntu-no-error-if-missingok: add a new, magic
module option 'missingok' which will suppress logging of errors by
libpam if the module is not found.
- debian/patches-applied/ubuntu-regression_fix_securetty: prompt for
password on bad username.
- debian/patches-applied/ubuntu-rlimit_nice_correction: Explicitly
initialise RLIMIT_NICE rather than relying on the kernel limits.
- Change Vcs-Bzr to point at the Ubuntu branch.
- Make libpam-modules depend on base-files (>= 5.0.0ubuntu6), to ensure
run-parts does the right thing in /etc/update-motd.d.
- debian/patches-applied/pam_motd-legal-notice: display the contents of
/etc/legal once, then set a flag in the user's homedir to prevent showing
it again.
- debian/local/common-{auth,account,password}.md5sums: include the
Ubuntu-specific intrepid,jaunty md5sums for use during the
common-session-noninteractive upgrade.
* Changes merged in Debian:
- debian/local/common-password, debian/pam-configs/unix: switch from
"md5" to "sha512" as password crypt default.
.
pam (1.1.0-2) unstable; urgency=low
.
[ Steve Langasek ]
* debian/patches/pam_unix_dont_trust_chkpwd_caller.patch: fix this patch
to call setregid() instead of always returning an error on username
mismatch in unix_chkpwd, needed in the SELinux case and in some corner
cases with the broken_shadow option. Thanks to Michael Spang for the
analysis. Closes: #543589.
* fix the PAM mini-policy to not tell app maintainers that they don't need
to depend on libpam-modules if they reference modules from there.
* make libpam-runtime depend on libpam-modules (>= 1.0.1-6) - nothing else
guarantees that we have pam_unix available for use by pam-auth-update.
* Use /bin/sh instead of /bin/bash for libpam0g.postinst, since we've
confirmed there are no longer any bashisms there. Closes: #519973.
* Clean up the libpam0g postinst a bit; invoke-rc.d has been a guaranteed
interface for two stable release cycles now
* debian/patches/namespace_with_awk_not_gawk: fix the sample
namespace.init script's dependency on non-POSIX features of gawk, since
we don't use gawk by default. Closes; #518908.
* Updated debconf translations:
- German, thanks to Sven Joachim <svenjoac at gmx.de> (closes: #544464)
.
[ Kees Cook ]
* debian/local/common-password, debian/pam-configs/unix: switch from "md5"
to "sha512" as password crypt default.
Checksums-Sha1:
6232ad7bdfb7c3e890e653e9748ab8665c76e2f4 2233 pam_1.1.0-2ubuntu1.dsc
04cf08e9035303c8d4cc4914e19a708ce135cec9 258722 pam_1.1.0-2ubuntu1.diff.gz
Checksums-Sha256:
a69989ea8d885e08548cc26d01d46b611633840440b372889504e6b07d453f09 2233 pam_1.1.0-2ubuntu1.dsc
07cd02783619110fe2b9ba0cbf5550f33cd4924ac05555e5e1cc5a1502ff5046 258722 pam_1.1.0-2ubuntu1.diff.gz
Files:
7d9e4543ab42062bc618d1acf6faca5b 2233 libs optional pam_1.1.0-2ubuntu1.dsc
d5888cc5322613ad76bf37d5b7623f29 258722 libs optional pam_1.1.0-2ubuntu1.diff.gz
Original-Maintainer: Steve Langasek <vorlon at debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iQIVAwUBSqDMolaNMPMhshM9AQiiBQ/9F5PEDlM3FQSme8CepA5lohyovWj3aXBg
MkFh3y4XoHzbIuqxeZ6iWZnjulnVBw92DC1eSG8w9uovdllRVZa8w8lxoad7C8ru
pvTSKE9/Vv/kEL9sctGC7KG5pV7MrkQYbyVdTxLxbTGZwWKBXkTLHTFUlXTPxzID
Nw7c4HYg7xYFbddDCxxfqInuzfzGXtrLj0U6jcseB4hhqBI3j1zwAFKzXx4vJKRw
jCYZ+hwb1B4uLJLwSQUBgw9AKEqEkv5UxtorgS79JxSCgO+gI27hboIxmOq8luh7
1N+qoZX/ljTtc5m6aRtvOLmY/EHMjY2UTo0kro7FFMDP36TdJHehVoa13S10LJbM
Q1QXVpve/KLZzdomnonHF8NsuLXRo7ijmELwi52/q+TuwHj5PdrtoL9vm/I7SKmH
y/j4pVtCchST0sJGC1TJ5N34/yKuDBL5iteMRMYt+T94ymVMa6lOQlx3YwkJuzuK
bvCMZzXcbqBP3IZ5XwoGTO+o8/c6Afjrx5bhqJ+tbuZSNp3JPYLI20F7iodjTWRQ
HQr13pziRsrq62rgSie/GiH9DBQkHSZk1mqxtVrCw9K3AjWSn+ScCV4U18TrC7Zb
vY1Gl2T4I8Qx5OYB2NTauReenha10ly/SUhB1kDr1BFoCFTPAx8tOJPm59AXLqyB
e1EdYOmGlwk=
=qSoo
-----END PGP SIGNATURE-----
More information about the Karmic-changes
mailing list