diff options
| author | Sam Hartman <hartmans@debian.org> | 2024-01-15 16:04:50 -0700 |
|---|---|---|
| committer | Sam Hartman <hartmans@debian.org> | 2024-01-15 16:04:50 -0700 |
| commit | a51be9d1164d6085fae716097f1977400a290c6e (patch) | |
| tree | 178a4e8d1cc204f4e4922b28c87670f7619fcc93 | |
| parent | de23289da225a424db0a8659fd778cf9ebb14548 (diff) | |
| parent | 9f629f45bb64a95958af24ae1a3ebe94530e1cc3 (diff) | |
Merge in usrmerge dep17M2 changes
| -rw-r--r-- | debian/changelog | 9 | ||||
| -rw-r--r-- | debian/libpam-modules-bin.install | 14 | ||||
| -rw-r--r-- | debian/libpam-modules-bin.lintian-overrides | 2 | ||||
| -rw-r--r-- | debian/libpam-modules.install | 2 | ||||
| -rw-r--r-- | debian/libpam-modules.lintian-overrides | 15 | ||||
| -rwxr-xr-x | debian/libpam0g-dev.install | 4 | ||||
| -rwxr-xr-x | debian/libpam0g-dev.links | 6 | ||||
| -rw-r--r-- | debian/libpam0g.install | 2 | ||||
| -rw-r--r-- | debian/not-installed | 11 | ||||
| -rwxr-xr-x | debian/rules | 10 |
10 files changed, 42 insertions, 33 deletions
diff --git a/debian/changelog b/debian/changelog index 7e4254e7..53bf1169 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,4 +1,4 @@ -pam (1.5.3-1) UNRELEASED; urgency=medium +pam (1.5.3-1) experimental; urgency=medium [ Sam Hartman ] * New upstream version @@ -36,6 +36,13 @@ pam (1.5.3-1) UNRELEASED; urgency=medium [ Sam Hartman ] * Add new common-session-* templates to pam-auth-update. + [ Chris Hofstaedtler ] + * Install into /usr/{lib,sbin} instead of /{lib,sbin}. Assumes + usrmerge aliasing symlinks are in place since bookworm to keep + compatibility with PAM modules still installing into /lib. + (DEP17 M2) (Closes: #1060160). + * Update lintian override for setgid binary. + -- Sam Hartman <hartmans@debian.org> Mon, 15 Jan 2024 15:45:50 -0700 pam (1.5.2-9.1) unstable; urgency=medium diff --git a/debian/libpam-modules-bin.install b/debian/libpam-modules-bin.install index 2f1c3914..ee73913d 100644 --- a/debian/libpam-modules-bin.install +++ b/debian/libpam-modules-bin.install @@ -1,9 +1,9 @@ -sbin/unix_chkpwd sbin -sbin/unix_update sbin -sbin/mkhomedir_helper sbin -sbin/pam_namespace_helper -sbin/pwhistory_helper -sbin/pam_timestamp_check usr/sbin -sbin/faillock usr/sbin +usr/sbin/unix_chkpwd +usr/sbin/unix_update +usr/sbin/mkhomedir_helper +usr/sbin/pam_namespace_helper +usr/sbin/pwhistory_helper +usr/sbin/pam_timestamp_check +usr/sbin/faillock modules/pam_faillock/faillock.8 usr/share/man/man8 usr/lib/systemd/system/pam_namespace.service diff --git a/debian/libpam-modules-bin.lintian-overrides b/debian/libpam-modules-bin.lintian-overrides index 895133f7..809d87f1 100644 --- a/debian/libpam-modules-bin.lintian-overrides +++ b/debian/libpam-modules-bin.lintian-overrides @@ -1,2 +1,2 @@ # yes, we know it's sgid, that's the whole point... -libpam-modules-bin: elevated-privileges *sbin/unix_chkpwd* 2755 root/shadow +libpam-modules-bin: elevated-privileges 2755 root/shadow [usr/sbin/unix_chkpwd] diff --git a/debian/libpam-modules.install b/debian/libpam-modules.install index 5fd57b44..2697bd7d 100644 --- a/debian/libpam-modules.install +++ b/debian/libpam-modules.install @@ -1,3 +1,3 @@ etc/security/* etc/security -lib/*/security/*.so +usr/lib/*/security/*.so debian/pam-configs/mkhomedir usr/share/pam-configs/ diff --git a/debian/libpam-modules.lintian-overrides b/debian/libpam-modules.lintian-overrides index 8594dd3a..cc475043 100644 --- a/debian/libpam-modules.lintian-overrides +++ b/debian/libpam-modules.lintian-overrides @@ -2,13 +2,12 @@ # fortifying. Since we know we have hardening turned on globally, suppress # them. If we ever see this warning again for *other* modules, then we know # there's a real problem. -libpam-modules: hardening-no-fortify-functions [*lib/*/security/pam_echo.so*] -libpam-modules: hardening-no-fortify-functions [*lib/*/security/pam_filter.so*] -libpam-modules: hardening-no-fortify-functions [*lib/*/security/pam_group.so*] -libpam-modules: hardening-no-fortify-functions [*lib/*/security/pam_localuser.so*] -libpam-modules: hardening-no-fortify-functions [*lib/*/security/pam_shells.so*] -libpam-modules: hardening-no-fortify-functions [*lib/*/security/pam_wheel.so*] +libpam-modules: hardening-no-fortify-functions *usr/lib/*/security/pam_echo.so* +libpam-modules: hardening-no-fortify-functions *usr/lib/*/security/pam_filter.so* +libpam-modules: hardening-no-fortify-functions *usr/lib/*/security/pam_group.so* +libpam-modules: hardening-no-fortify-functions *usr/lib/*/security/pam_localuser.so* +libpam-modules: hardening-no-fortify-functions *usr/lib/*/security/pam_shells.so* +libpam-modules: hardening-no-fortify-functions *usr/lib/*/security/pam_wheel.so* # pam_deny.so does not use any symbol from libc. -libpam-modules: shared-library-lacks-prerequisites *lib/*/security/pam_deny.so* -# lintian doesn't know what to do with manpages for pam modules +libpam-modules: shared-lib-without-dependency-information *usr/lib/*/security/pam_deny.so* libpam-modules: spare-manual-page [*] diff --git a/debian/libpam0g-dev.install b/debian/libpam0g-dev.install index 0d6f4856..beedb8fd 100755 --- a/debian/libpam0g-dev.install +++ b/debian/libpam0g-dev.install @@ -1,4 +1,4 @@ #!/usr/bin/dh-exec usr/include/security/* -lib/${DEB_HOST_MULTIARCH}/*.a usr/lib/${DEB_HOST_MULTIARCH} -lib/${DEB_HOST_MULTIARCH}/pkgconfig/*.pc usr/lib/${DEB_HOST_MULTIARCH}/pkgconfig +usr/lib/${DEB_HOST_MULTIARCH}/*.a usr/lib/${DEB_HOST_MULTIARCH} +usr/lib/${DEB_HOST_MULTIARCH}/pkgconfig/*.pc usr/lib/${DEB_HOST_MULTIARCH}/pkgconfig diff --git a/debian/libpam0g-dev.links b/debian/libpam0g-dev.links index 5cbfd6db..39a7fb78 100755 --- a/debian/libpam0g-dev.links +++ b/debian/libpam0g-dev.links @@ -1,4 +1,4 @@ #!/usr/bin/dh-exec -/lib/${DEB_HOST_MULTIARCH}/libpam.so.0 usr/lib/${DEB_HOST_MULTIARCH}/libpam.so -/lib/${DEB_HOST_MULTIARCH}/libpamc.so.0 usr/lib/${DEB_HOST_MULTIARCH}/libpamc.so -/lib/${DEB_HOST_MULTIARCH}/libpam_misc.so.0 usr/lib/${DEB_HOST_MULTIARCH}/libpam_misc.so +/usr/lib/${DEB_HOST_MULTIARCH}/libpam.so.0 usr/lib/${DEB_HOST_MULTIARCH}/libpam.so +/usr/lib/${DEB_HOST_MULTIARCH}/libpamc.so.0 usr/lib/${DEB_HOST_MULTIARCH}/libpamc.so +/usr/lib/${DEB_HOST_MULTIARCH}/libpam_misc.so.0 usr/lib/${DEB_HOST_MULTIARCH}/libpam_misc.so diff --git a/debian/libpam0g.install b/debian/libpam0g.install index 622f9ef2..3ddde584 100644 --- a/debian/libpam0g.install +++ b/debian/libpam0g.install @@ -1 +1 @@ -lib/*/lib*.so.* +usr/lib/*/lib*.so.* diff --git a/debian/not-installed b/debian/not-installed index 4aaa5853..358e4977 100644 --- a/debian/not-installed +++ b/debian/not-installed @@ -1,8 +1,9 @@ -lib/*/security/*.a -lib/*/security/*.la -lib/*/*.la -lib/*/*.so usr/share/man/man7/pam.7 +usr/lib/*/security/*.a +usr/lib/*/security/*.la +usr/lib/*/*.la +usr/lib/*/*.so +usr/share/man/man8/pam.8 etc/environment # sample filter, do not install -lib/*/security/pam_filter/upperLOWER +usr/lib/*/security/pam_filter/upperLOWER diff --git a/debian/rules b/debian/rules index d8d809b5..9e2562b9 100755 --- a/debian/rules +++ b/debian/rules @@ -28,9 +28,11 @@ endif CONFIGURE_OPTS += --enable-logind override_dh_auto_configure: + # Explicitly set libdir, sbindir to avoid upstream's override logic. dh_auto_configure -- --enable-static --enable-shared \ - --libdir=/lib/$(DEB_HOST_MULTIARCH) \ - --enable-isadir=/lib/security \ + --libdir=/usr/lib/$(DEB_HOST_MULTIARCH) \ + --sbindir=/usr/sbin \ + --enable-isadir=/usr/lib/security \ --with-systemdunitdir=/usr/lib/systemd/system \ --disable-nis \ --enable-usergroups \ @@ -68,8 +70,8 @@ override_dh_installman: override_dh_fixperms: dh_fixperms ifneq (,$(findstring libpam-modules, $(shell dh_listpackages))) - chgrp shadow $(d)/libpam-modules-bin/sbin/unix_chkpwd - chmod 02755 $(d)/libpam-modules-bin/sbin/unix_chkpwd + chgrp shadow $(d)/libpam-modules-bin/usr/sbin/unix_chkpwd + chmod 02755 $(d)/libpam-modules-bin/usr/sbin/unix_chkpwd endif override_dh_installchangelogs: |