summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSteve Langasek <vorlon@debian.org>2019-01-08 17:25:08 -0800
committerSteve Langasek <vorlon@debian.org>2019-01-08 17:27:06 -0800
commitb793c72560535d64ff441e5af5b1ad832c9f5e1f (patch)
treec7db4a00aefb8dba66c79e6fe3588ab607876c4b
parent318174e367b3b8d192c3f05b81f3e27921c24e1b (diff)
fix-up commit to match 1.1.0-6 from the archive
-rw-r--r--TODO25
-rw-r--r--debian/changelog3
-rw-r--r--debian/libpam-cracklib.postinst2
-rw-r--r--debian/libpam-modules.postrm7
-rw-r--r--debian/libpam-runtime.postinst2
5 files changed, 37 insertions, 2 deletions
diff --git a/TODO b/TODO
new file mode 100644
index 00000000..df748cba
--- /dev/null
+++ b/TODO
@@ -0,0 +1,25 @@
+-----------------------------------
+
+when calling the helper: call setuid(0) unconditionally? (saves us a
+syscall)
+
+'nullok' is totally redundant in the passwd phase, and I never noticed
+this :(
+
+refactor passverify.c a bit more, helper_log_err() is used in places it
+doesn't need to be
+
+longstanding goofiness (duplication) in the shadow verification code:
+
+ if ((curdays - spent->sp_lstchg > spent->sp_max)
+ && (curdays - spent->sp_lstchg > spent->sp_inact)
+ && (curdays - spent->sp_lstchg > spent->sp_max + spent->sp_inact)
+
+
+sepermit README.xml listed as 'entity pamaccess'?
+sepermit example is SHIT!
+
+go over all the XML and fix the English :P
+
+unix_update should eventually support suid root operation as well,
+maybe?
diff --git a/debian/changelog b/debian/changelog
index d6ed50ca..3fd03520 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -8,6 +8,9 @@ pam (1.0.1-6) UNRELEASED; urgency=low
pass; this Linux-PAM deviation from the original PAM spec causes a
number of problems, in particular causing wrong return values when
using the refactored pam-auth-update stack. LP: #303515, #305882.
+ * debian/local/pam-auth-update (et al): new interface for managing
+ /etc/pam.d/common-*, using drop-in config snippets provided by module
+ packages.
-- Steve Langasek <vorlon@debian.org> Fri, 27 Feb 2009 16:20:24 -0800
diff --git a/debian/libpam-cracklib.postinst b/debian/libpam-cracklib.postinst
index 637d38f2..cf52f262 100644
--- a/debian/libpam-cracklib.postinst
+++ b/debian/libpam-cracklib.postinst
@@ -2,7 +2,7 @@
set -e
-if dpkg --compare-versions "$2" lt 1.0.1-5; then
+if dpkg --compare-versions "$2" lt 1.0.1-6; then
pam-auth-update --package
fi
diff --git a/debian/libpam-modules.postrm b/debian/libpam-modules.postrm
new file mode 100644
index 00000000..20fdf998
--- /dev/null
+++ b/debian/libpam-modules.postrm
@@ -0,0 +1,7 @@
+#!/bin/sh
+
+set -e
+
+if [ "$1" = "purge" ]; then
+ rm -f /etc/environment
+fi
diff --git a/debian/libpam-runtime.postinst b/debian/libpam-runtime.postinst
index e684db9a..f5d28a34 100644
--- a/debian/libpam-runtime.postinst
+++ b/debian/libpam-runtime.postinst
@@ -4,7 +4,7 @@
# -- only create on package install.
force=
-if [ -z "$2" ] || dpkg --compare-versions "$2" lt 1.0.1-5
+if [ -z "$2" ] || dpkg --compare-versions "$2" lt 1.0.1-6
then
force=--force
for configfile in common-auth common-account common-session \