diff options
Diffstat (limited to 'debian')
99 files changed, 15634 insertions, 0 deletions
diff --git a/debian/NEWS b/debian/NEWS new file mode 100644 index 00000000..46b11927 --- /dev/null +++ b/debian/NEWS @@ -0,0 +1,39 @@ +pam (0.99.10.0-1) unstable; urgency=low + + * pam_rhosts_auth module obsolete + + The pam_rhosts_auth module has been dropped upstream in favor of the + more featureful and better-maintained pam_rhosts module. To ease the + transition to pam_rhosts, a compatibility symlink has been provided to + map pam_rhosts_auth to pam_rhosts on your system; however, pam_rhosts + doesn't support all of the same module options and the compatibility + symlink will be dropped in a future release. You should update any + configs to use pam_rhosts instead of pam_rhosts_auth as soon as possible. + + For information on using pam_rhosts, see the pam_rhosts(8) manpage. + + -- Steve Langasek <vorlon@debian.org> Sat, 26 Jul 2008 22:01:22 -0700 + +pam (0.99.7.1-5) unstable; urgency=low + + * Default Unix minimum password length has changed + + Previous versions of pam_unix on Debian had a built-in minimum password + length of 1 character, and a minimum password length configured in + /etc/pam.d/common-password of 4 characters. This differed from the + upstream default of 6 characters. This has been changed, so the + default /etc/pam.d/common-password no longer overrides the compile-time + default and the compile-time default has been raised to 6 characters. + If you are using pam_unix but are not using the default + /etc/pam.d/common-password file, it is recommended that you drop any + min= options to pam_unix from your config unless you have stronger + local password requirements that the upstream default. + + The password length 'max' option has also been deprecated in this + version because it was never written to work as suggested in the + documentation. If you are using pam_unix but are not using the default + /etc/pam.d/common-password file, you should remove any old max= options + to pam_unix from your config as this option will be considered an error + in future versions of pam. + + -- Steve Langasek <vorlon@debian.org> Sat, 01 Sep 2007 21:27:11 -0700 diff --git a/debian/README.debian b/debian/README.debian new file mode 100644 index 00000000..276cc55e --- /dev/null +++ b/debian/README.debian @@ -0,0 +1,36 @@ +PAM for DEBIAN +-------------- + +PAM (Pluggable Authentication Modules) provides system administrators with a +powerful method of controlling system access and methods of authentication. + +The documentation for PAM is packaged in the "libpam-doc" package. The +"Linux-PAM System Administrator's Guide" covers configuring PAM, what +modules are available etc. The documentation also includes "The Linux-PAM +Application Developers' Guide" and "The Linux-PAM Module Writers' Guide". + +The Debian default configuration is to emulate the old UNIX authentication. + +The Debian PAM packages live at svn://svn.debian.org/pkg-pam/. The +current version is in the trunk directory; previous versions live in +the tags directory. + +Changes Since Debian 3.0 +------------------------ + +The pam_securetty module used to prompt for a password when it was +going to fail access. This Debian-specific patch defeats one of the +key uses of this module: to deny access to privileged accounts soon +enough in the PAM stack that the password is never requested and is +not compromised over insecure network links. If you want to ask for +the password use required not requisite in your PAM config. + +Previously, pam_rhosts allowed the .rhosts file to be a symlink. This +was a debian specific change that has been dropped because it is not +the upstream behavior nor is it the documented behavior of ruserok(3). + +Similarly, pam_listfile used to allow the user file to be a symlink. +This is no longer allowed because upstream seems to be against the +change. Please see discussion started by Sam Hartman on +pam-list@redhat.com during the May 2002 time frame. + diff --git a/debian/TODO b/debian/TODO new file mode 100644 index 00000000..056d95a9 --- /dev/null +++ b/debian/TODO @@ -0,0 +1,7 @@ +- make pam_unix.so modules have some means of allowing other than root + to auth users via unix_chkpwd (maybe unix_chkpwd needs a secure conf + file?) +- Put in some of the Hurd related fixes +- Build-Depend-Indep on fop and install PDF docs, and add them to + doc-base. This depends on fop being patched to build using Java in + main so it can move out of contrib. diff --git a/debian/changelog b/debian/changelog new file mode 100644 index 00000000..bbce4489 --- /dev/null +++ b/debian/changelog @@ -0,0 +1,1790 @@ +pam (0.99.10.0-1) UNRELEASED; urgency=low + + * New upstream version. + - pam_limits: bound RLIMIT_NICE from below. Closes: #403718. + - pam_mail: set the MAIL variable even when .hushlogin is set. + Closes: #421010. + - new minclass option introduced for pam_cracklib. Closes: #454237. + - fix a failure to check the string length when matching usernames in + pam_group. Closes: #444427. + - fix setting shell security context in pam_selinux. Closes: #451722. + - use --disable-audit, to avoid libaudit being linked in + accidentally + - pam_unix now supports SHA-256 and SHA-512 password hashes. + Closes: #484249, LP: #245786. + - pam_rhosts_auth is dropped upstream (closes: #382987); add a compat + symlink to pam_rhosts to support upgrades for a release, and give a + warning in NEWS.Debian. + - new symbol in libpam.so.0, pam_modutil_audit_write; shlibs bump, and + do another round of service restarts on upgrade. + * Drop patches 006_docs_cleanup, 015_hurd_portability, + 019_pam_listfile_quiet, 024_debian_cracklib_dict_path, 038_support_hurd, + 043_pam_unix_unknown_user_not_alert, 046_pam_group_example, + no_pthread_mutexes, limits_wrong_strncpy, misc_conv_allow_sigint.patch, + and pam_tally_audit.patch, which have been merged upstream. + * Patch 022_pam_unix_group_time_miscfixes: partially merged upstream; + now is really just "pam_group_miscfixes". + * Patch 007_modules_pam_unix partially superseded upstream; stripping + hpux-style expiry information off of password fields is now supported. + * New patch pam_unix_thread-safe_save_old_password.patch, to make sure all + our getpwnam() use in pam_unix is thread-safe (fixes an upstream + regression) + * New patch pam_unix_setreuid_juggling.patch: restore the 0.99.9.0 + behavior wrt uid changes for NIS+, since I know the old behavior was + right and don't believe anyone has tested the new code. + * New patch pam_unix_no_helper_for_nis+.patch, which restores the behavior + of doing in-process NIS+ account checking instead of unconditionally + passing it off to the unix_chkpwd helper; if it wasn't broke, don't fix + it. + * New patch pam_unix_fix_sgid_shadow_auth.patch, fixing an upstream + regression which prevents sgid shadow apps from being able to authenticate + any more because the module forces use of the helper and the helper won't + allow authentication of arbitrary users. This change does mean we're + going to be noisier for the time being in an SELinux environment, which + should be addressed but is not a regression on Debian. + * The password-changing helper functionality for SELinux systems has been + split out into a separate unix_update binary, so at long last we can + change unix_chkpwd to be sgid shadow instead of suid root. + Closes: #155583. + - Update the lintian override to match. + * Install the new unix_update helper into libpam-modules. + * Use a pristine upstream tarball instead of repacking; requires various + changes to debian/rules and debhelper files. + * Replace the Vcs-Svn field with a Vcs-Bzr field; jumping ship from svn, + and how! + * Debconf translations: + - Romanian, thanks to Igor Stirbu <igor.stirbu@gmail.com> + (closes: #491821) + * Add libpam0g.symbols, for finer-grained package dependencies with + dpkg-gensymbols. + * Fix debian/copyright to list the known copyright holders + * Fix up the doc-base sections for the libpam-doc documentation, "Apps" + should not be part of the section name + * Also fix up whitespace issues in the doc-base abstracts + * Fix a typo in the libpam0g-dev description. + * 027_pam_limits_better_init_allow_explicit_root: RLIM_INFINITY is also + invalid for RLIMIT_NOFILE, so when resetting the limits for a new session, + use the kernel default of 1024 instead. Closes: #404836. + * Create /etc/environment on initial install of libpam-modules (or on + upgrade from an old version), to quell warnings in the logs about it + being missing. Closes: #442049. + * 026_pam_unix_passwd_unknown_user: drop a redundant, and broken, check for + the NSS source of our user; this was preventing password changes for NIS + users, which otherwise should have worked. Closes: #203222, LP: #9224. + * New patch do_not_check_nis_accidentally: respect the 'nis' option + (set or unset) when looking up the user's password entry for password + changes. Thanks to Quentin Godfroy <godfroy@clipper.ens.fr> for the + patch. Closes: #469635. + * Drop patch 049_pam_unix_sane_locking, which upon review is not needed; + it reduces the length of time we hold the lock, but at the expense of + being able to enforce minimum times between password changes. + * debian/watch: upstream has hit 1.0, so we're no longer in a "pre" + directory. Fix up the regex for uscan. + * Fix the libpam0g-dev examples directory to not include a gratuitous + .cvsignore file. + + -- Steve Langasek <vorlon@debian.org> Tue, 22 Jul 2008 10:55:45 -0700 + +pam (0.99.7.1-7) unstable; urgency=medium + + * Medium-urgency upload for RC bugfix + * Debconf translations: + - Italian, thanks to David Paleino <d.paleino@gmail.com> (closes: #483913) + - Slovak, thanks to Ivan Masár <helix84@centrum.sk> (closes: #488908) + - Turkish, thanks to Mert Dirik <mertdirik@gmail.com> (closes: #490880) + - Basque, thanks to Piarres Beobide <pi+debian@beobide.net> + (closes: #473975) + * Drop the 'XS' from Vcs-Svn/Vcs-Browser, since these are now officially + recognized fields. + * Add a Homepage field. Closes: #473338. + * Drop -DCRACKLIB_DICTS from CFLAGS, since the referenced define is no + longer provided by cracklib2-dev 2.8 and above. This requires a + build-dependency on the corresponding version of libcrack2-dev. + Closes: #490236. + + -- Steve Langasek <vorlon@debian.org> Mon, 21 Jul 2008 11:49:59 -0700 + +pam (0.99.7.1-6) unstable; urgency=low + + * Debconf translations: + - Updated Vietnamese, thanks to Clytie Siddall <clytie@riverland.net.au> + (closes: #444437) + - Updated Spanish, thanks to Javier Fernández-Sanguino Peña + <jfs@debian.org> (closes: #444479) + - Updated German, thanks to Sven Joachim <svenjoac@gmx.de> + (closes: #444566) + - Galician, thanks to Jacobo Tarrio <jtarrio@trasno.net> (closes: #444758) + - Updated Czech, thanks to Miroslav Kure <kurem@upcase.inf.upol.cz> + (closes: #445022) + - French, thanks to Cyril Brulebois <cyril.brulebois@enst-bretagne.fr> + (closes: #445869) + - Japanese, thanks to Kenshi Muto <kmuto@debian.org> (closes: #446584) + - Dutch, thanks to Bart Cornelis <cobaco@skolelinux.no> (closes: #448930) + - Basque, thanks to Piarres Beobide <pi@beobide.net> (closes: #457042) + - Updated Finnish, thanks to Esko Arajärvi <edu@iki.fi> (closes: #458264) + - Swedish, thanks to Christer Andersson <klamm@comhem.se> + (closes: #457674) + * Make sure the "audit" option is specified in octal instead of in decimal, + so that it doesn't randomly set other options. Thanks to Corey Wright + <undefined@pobox.com> for the catch. Closes: #446327. + + -- Steve Langasek <vorlon@debian.org> Sun, 16 Mar 2008 02:06:28 -0700 + +pam (0.99.7.1-5) unstable; urgency=low + + * More lintian overrides, related to debconf prompting in the postinst + * Debconf translations: + - Brazilian Portuguese, thanks to Eder L. Marques <frolic@debian-ce.org> + (closes: #440385) + - Russian, thanks to Yuri Kozlov <kozlov.y@gmail.com> + (closes: #440390, #440953, #444039) + - Bulgarian, thanks to Damyan Ivanov <dam@modsoftsys.com> + (closes: #441863) + - Finnish, thanks to Esko Arajärvi <edu@iki.fi> (closes: #443720) + - Simplified Chinese, thanks to Ming Hua + <minghua-guest@users.alioth.debian.org> (closes: #443924) + - Updated Portuguese, thanks to Américo Monteiro <a_monteiro@netcabo.pt> + - Updated Vietnamese, thanks to Clytie Siddall <clytie@riverland.net.au> + (closes: #440800) + - Updated German, thanks to Sven Joachim <svenjoac@gmx.de> + - Updated Spanish, thanks to Javier Fernández-Sanguino Peña + <jfs@debian.org> + - Updated Czech, thanks to Miroslav Kure <kurem@debian.cz> + (closes: #441325) + * Further cleanups of 007_modules_pam_unix -- don't use a global variable + for pass_min_len, don't gratuitously move the length checking into the + "obscure" checks, and internationalize the error strings. + * Stop overriding the built-in default minimum password length in + /etc/pam.d/common-password, and also drop the "max" option which has now + been obsoleted. + * Fix up the comments in /etc/pam.d/common-password to make it clear that + the options are specific to pam_unix. Closes: #414559. + * Patch 038: fix another thinko in the getline handling. Closes: #442276. + * If there are active X logins, don't restart kdm, wdm, and xdm by default; + instead, display a debconf error if they haven't been restarted. + Closes: #441843. + * Drop the local patch for Linux capabilities in pam_limits; Linux + capabilities are not generally useful in a PAM context, and the PAM + capabilities patch has been broken through much of its life. + Closes: #440130. + * -Wl,-z,defs was never enabled correctly, drop it since upstream is + already using -no-undefined + * Pass --build and --host args to ./configure as necessary, for + cross-building support. + + -- Steve Langasek <vorlon@debian.org> Fri, 28 Sep 2007 00:17:00 -0700 + +pam (0.99.7.1-4) unstable; urgency=low + + * libpam0g.postinst, libpam0g.templates: gdm doesn't need to be restarted + to fix the library skew, only reloaded; special-case this daemon in the + postinst and remove the mention of it from the debconf template, also + tightening the language of the debconf template in the process. + Closes: #440074. + * Add courier-authdaemon to the list of services that need to be + restarted; thanks to Micah Anderson for reporting. + * New patch pam_env_ignore_garbage.patch: fix pam_env to really skip over + garbage lines in /etc/environment and log an error, instead of failing + with an obscure error; and ignore any PAM_BAD_ITEM values returned + by pam_putenv(), since this is the expected error return when trying + to delete a non-existent var. Closes: #439984. + * Yet another thinko in hurd_no_setfsuid and in + 029_pam_limits_capabilities; this code should really be Hurd-safe at + last... + * getline() returns -1 on EOF, not 0; check this appropriately, to fix + an infinite loop in pam_rhosts_auth. Thanks to Stephan Springl + <springl-rhosts@bfw-online.de> for the fix. Closes: #440019. + * Use ${misc:Depends} for libpam0g, so we get a proper dependency on + debconf. + * 019_pam_listfile_quiet: per discussion with upstream, don't suppress + errors about missing files or files with wrong permissions; these are + real errors that should not be buried. + * Drop the remainder of 061_pam_issue_double_free, not required for the + original bugfix. + * Drop patch 064_pam_unix_cracklib_dictpath, which is not needed now that + we define CRACKLIB_DICTS in debian/rules. + * Drop patch 063_paswd_segv, superseded by a different upstream fix + * Split 047_pam_limits_chroot_string_value up between + 008_modules_pam_limits_chroot and 029_pam_limits_capabilites + * Updates to patch 007_modules_pam_unix: restore the same built-in min + password len of 6 that upstream uses; fix a typo panlindrome -> + palindrome. + * The 'max=' option was never intended to be used to limit maximum password + length for users, only to declare what the number of significant + characters /is/ for a password. But we don't need a config option to + tell us that, we know the answer based on which crypt type we're using, + so drop this as a config file option. Closes: #389197. + * Debconf translations: + - Spanish, thanks to Javier Fernández-Sanguino Peña <jfs@debian.org> + - Vietnamese, thanks to Clytie Siddall <clytie@riverland.net.au> + - German, thanks to Sven Joachim <svenjoac@gmx.de> (closes: #440355) + - Czech, thanks to Miroslav Kure <kurem@upcase.inf.upol.cz> + (closes: #440362) + - Portuguese, thanks to Américo Monteiro <a_monteiro@netcabo.pt> + (closes: #440368) + + -- Steve Langasek <vorlon@debian.org> Fri, 31 Aug 2007 17:11:05 -0700 + +pam (0.99.7.1-3) unstable; urgency=low + + * New patch limits_wrong_strncpy: fix unnecessary manipulations of string + buffers, including an illegal use of strncpy(). Thanks to Paul Hampson + for reporting. Closes: #331278. + * New patch misc_conv_allow_sigint.patch: allow SIGINT to be handled by the + application, instead of blocking it when misc_conv is in use and + preventing users from being able to ^C at any PAM prompt. Closes: #1708. + * 024_debian_cracklib_dict_path: default to NULL instead of a specific + dictionary path when none is defined for consistency with the new upstream + version of cracklib, and define our path in debian/rules. + * 055_pam_unix_nullok_secure: document the pam_unix "nullok_secure" option, + a prereq for forwarding this patch upstream. Closes: #325974. + * Create /etc/security/opasswd on new installs or on upgrades from + 0.99.7.1-2 or below, so that users that enable the remember=<n> option to + pam_unix aren't left unable to change passwords. Closes: #95324. + * Fix a couple of thinkos in hurd_no_setfsuid, that were preventing the code + from compiling on the Hurd still. Thanks to Michael Banck for the catch. + * Fix a memory leak in the pam_limits capabilities patch: always + cap_free() the cap_t before returning from pam_sm_open_session(). + Closes: #153157. + * libpam0g.postinst, libpam0g.templates: on upgrades from versions + prior to 0.99.7.1-3, restart known PAM-using services so that they + get the new libpam symbols, since otherwise the newer PAM modules + will fail to load. Postinst taken from libssl0.9.8; thanks to + Christoph Martin for the fine example! Closes: #439835. + * Build-depend on po-debconf to support l10n of the debconf questions + from the above. + + -- Steve Langasek <vorlon@debian.org> Tue, 28 Aug 2007 06:33:33 -0700 + +pam (0.99.7.1-2) unstable; urgency=low + + * New upstream release; thanks to Roger Leigh and Jan Christoph Nordholz + for their extensive work in helping to prepare for this update in Debian. + Closes: #360460. + - now uses autoconf for library detection, so SELinux should not be + unconditionally enabled on non-Linux archs. Closes: #333141. + - pam_mail notice handling has been completely reworked, so there should + no longer be missing spaces in the messages. Closes: #119689. + - with libtool and autoconf, now behaves "sensibly" on unknown + platforms. Closes: #165067. + - the source now builds without warnings. Closes: #212165. + - uses automake instead of hand-rolled makefiles with indentation + bugs. Closes: #241661, #328084. + - pam_mkhomedir now creates directories recursively as needed. + Closes: #178225. + - pam_listfile now supports being used as a session module too. + Closes: #416665. + - misspelled pam_userdb log message has been corrected. Closes: #305058. + - the current pam_strerror manpage no longer mentions "Unknown + Linux-PAM error". Closes: #220157. + - the text documentation no longer uses ANSI bold sequences. + Closes: #181451. + - pam_localuser now supports being used as a session module. + Closes: #412484. + - package no longer fails to build with dash as /bin/sh. + Closes: #331208. + - All modules should now be documented in the system administrator + guide. Closes: #350620. + - pam_userdb now logs an error instead of segfaulting when no db= + option is provided. Closes: #436005. + - pam_time now warns on a missing tty instead of erroring out, + making it possible to use the module with non-console services. + Closes: #127931. + - upstream changelog is now 'ChangeLog' instead of 'CHANGELOG'; install + accordingly + - bump the shlibs + - the 'test.c' example no longer exists + - add /usr/share/locale to libpam-runtime. + - CVE-2005-2977: only uid=0 is allowed to invoke unix_chkpwd with an + arbitrary username, and then only when SELinux is active. + Closes: #336344. + * Mark myself as primary maintainer as previously discussed with Sam, and + add Roger as an uploader. + * Refactor to use quilt. + * Update to Standards-Version 3.7.2. + * Drop unnecessary build-dependency on patch, which is + build-essential (and no longer invoked directly). + * Drop patches 002_debian_no_ldconfig_call, 010_pam_cplusplus, + 018_man_fixes, 030_makefile_link_against_libpam, + 037_pam_issue_ttyname_can_be_null, 044_configure_supports_bsd, + 050_configure_in_gnu and 052_pam_unix_no_openlog, which have been + superseded upstream. + * Drop patches 005_pam_limits_099_6, + 012_pam_group_less_restrictive_charset, 023_pam_env_limits_miscfixes, + 048_pam_group_colon_valid_char, 058_pam_env_enable, 059_pam_userdb_segv, + 060_pam_tally_segv and 062_c++_safe_headers, which have been integrated + upstream. + * Patch 057: SELinux support is merged upstream, leaving only an + unrelated OOM check for pam_unix_passwd. Rename as + 057_pam_unix_passwd_OOM_check. + * Patches 006, 008, 036: update for the switch from SGML to XML. + * Patch 007: update for the switch from SGML to XML; drop some log + messages that were already added upstream; update for the pam_modutil + changes; tighten the flag handling of the 'obscure' option; drop bogus + check in unix_chkpwd for null passwords. Also fix a grammar error + along the way. Closes: #362855. + * Patch 024: CRACKLIB_DICTPATH is no longer set in configure.in, so patch + pam_cracklib.c instead to use the default dictpath already available + from crack.h; and patch configure.in to use AC_CHECK_HEADERS instead + of AC_CHECK_HEADER, so crack.h is actually included. Also remove + unnecessary string copies, which break on the Hurd due to PATH_MAX. + * Patch 038: partially merged/superseded upstream; also add new Hurd + fix for pam_xauth. + * Patch 061: partially merged upstream + * Use ${binary:Version} instead of ${Source-Version} in + debian/control. + * Remove empty maintainer scripts debian/libpam0g-dev.{postinst,prerm}, + debian/libpam0g.{postinst,prerm}, and + debian/libpam-modules.{postinst,prerm}; debhelper can autogenerate these + just fine without our help. + * Build-Depend on xsltproc, libxml2-utils, docbook-xml, docbook-xsl + and w3m instead of on linuxdoc-tools, linuxdoc-tools-latex, tetex-extra, + groff, and opensp. + * Also build-depend on flex for libfl.a. + * Updates for documentation handling: + - move debian/local/pam-*-guide to debian/libpam-doc.doc-base.foo-guide, + and invoke dh_installdocs instead of installing these by hand. + - drop libpam-doc.{postinst,prerm}, which are no longer needed. + - add an install target to debian/rules, and have binary-indep depend on + it instead of trying to install doc files individually from the source + tree + - consequently, drop libpam-doc.dirs as well which is no longer needed + and no longer accurate + - add debian/libpam-doc.install for moving the docs to the right place, + and also replace libpam-runtime.files with libpam-runtime.install; + for the moment this means we're using both dh_movefiles and + dh_install... + - libpam0g.docs: install the Debian-PAM-MiniPolicy from here, further + cleaning up debian/rules + * Drop debian/libpam0g.links, no longer needed because upstream now has a + working install target which creates the library symlinks + * Add libpam-modules.links: create pam_unix_{acct,auth,passwd,session}.so + symlinks by hand, no longer provided upstream. + * debian/patches-applied/PAM-manpage-section: "PAM" is not a daemon, manpage + belongs in section 7, not in section 8. + * Actually ship the pam, pam.conf, and pam.d manpages in libpam-runtime. + * debian/patches-applied/autoconf.patch: move all changes to autotools + generated files into a single patch at the end of the stack. + - don't touch configure in debian/rules, the quilt patch takes care + of this for us. + * New patch 064_pam_unix_cracklib_dictpath: correctly define + CRACKLIB_DICTS, since this is not defined by configure. Thanks to Jan + Christoph Nordholz. + * New patch 065_pam_unix_cracklib_disable: Debian-specific patch to disable + cracklib support in pam_unix. Thanks to Christoph Nordholz. + * debian/rules: + - Rename OS_CFLAGS to CFLAGS. + - kill off references to unused variables + - make binary-arch also depend on the install target, and streamline the + rules + - fix up the clean target to not ignore errors; thanks to Roger Leigh + - drop the local module_check target in favor of using -Wl,-z,defs + in LDFLAGS to enforce correct linkage of all objects at build time + * Drop debian/local/unix_chkpwd.8 in favor of the upstream manpage. + * libpam-modules.files: /usr/sbin/pam_tally has moved to /sbin/pam_tally + for consistency. + * Update to debhelper V5. + * Don't ship Makefiles as part of the libpam0g-dev examples. + * libpam-modules.manpages, libpam-runtime.manpages, libpam0g-dev.manpages: + put all the manpages in the correct packages. Closes: #411812, + #62193, #313486, #300773, #330545, #184270. + * Drop libpam{0g,0g-dev,-modules,-runtime}.dirs, not needed for anything + because we aren't trying to ship empty directories in the packages + * Build-Conflict with fop, to avoid unreproducible builds of pdf + documentation from a tool in contrib. + * libpam-cracklib should depend on a real wordlist package, per policy; + use wamerican as the default. + * Drop local/pam-undocumented.7 from the package, since we no longer have + a reason to ship it + * Add lintian overrides for known false-positives + * Conflicts/Replaces/Provides libpam-umask, now included upstream. + Closes: #436222. + * Upstream no longer marks unix_chkpwd suid-root for us, so set the perms + by hand in debian/rules. In the process, unix_chkpwd is now writable + by the owner, as expected by policy. Closes: #368100. + * Migrate from db4.3 to db4.6; once again, no administrator action should + be needed for upgrading on-disk database formats. Closes: #354309. + * Add XS-Vcs-Svn and XS-Vcs-Browser fields to debian/control; thanks to + Laurent Bigonville for the hint. Closes: #439038. + * Add a watch file for use with uscan; thanks to Laurent Bigonville for + this patch as well. Closes: #439040. + * Rewrite of 031_pam_include, fixing a memory leak and letting us drop + patch 056_no_label_at_end; thanks to Jan Christoph Nordholz + <hesso@pool.math.tu-berlin.de> for this much-improved version! + * New patch no_pthread_mutexes: don't use pthread mutexes in + pam_modutil functions, they're not needed because pam handles + themselves should not be used concurrently by multiple threads and + using pthreads causes problems for portable linking. + * New patch hurd_no_setfsuid: if we don't have sys/fsuid.h, work around + using setreuid instead. + + -- Steve Langasek <vorlon@debian.org> Sun, 26 Aug 2007 19:15:09 -0700 + +pam (0.79-4) unstable; urgency=medium + + * Medium-urgency upload; at least one RC bugfix, but also a + significant number of changes, hence not urgency=high. + * Move libpam-modules and libpam0g to Section: libs and libpam-runtime + to section: admin, to match the overrides in the archive. + * Move old changelog entries (well, entry) that don't follow the current + format to debian/changelog.old, since there's no way to figure out a + timestamp for an 8-year-old upload, and this is the most effective + way to clear a glut of lintian warnings. + * Fix the formatting of the libpam-cracklib package description. + * Patch 010: remove parts of the patch that aren't necessary for C++ + compatibility. + * Patch 060: fix a segfault in pam_tally caused by misuse of + pam_get_data(); already fixed upstream. Closes: #335273. + * Patch 061: fix a double free in pam_issue, caused by overuse (and misuse) + of strdup (similar to patch 059). Already fixed upstream. + Closes: #327272. + * Don't build-depend on libselinux1-dev and libcap-dev on kfreebsd archs. + Closes: #352329. + * Patch 005: sync pam_limits with upstream: + - support "-" (unlimited) for all limit types except process priority. + - support the additional aliases "-1", "unlimited", and "infinity" for + clearing the limits; closes: #122400, #149027. + - restrict the range of process priority, login count, and system login + count settings to (INT_MIN,INT_MAX) (heh). + - special-case RLIM_INFINITY when applying multipliers to values from + the config. + - document maxsyslogins in the default limits.conf; closes: #149883. + - use the current process priority as a default instead of resetting to + 0; closes: #241663. + - add support for (and document) new RLIMIT_NICE and RLIMIT_RTPRIO + settings in Linux 2.6.12 and above; closes: #313542, #313588. + - allow imposing limits on uid=0. + * Patch 027: only set RLIM_INFINITY as the default for the limits where + we know this is sensible, so that recompiling in an environment with new + limits doesn't create a security hole -- as happened with RLIMIT_NICE and + RLIMIT_RTPRIO! Thanks to Ville Hallik for the initial patch. + Closes: #388431. + * Patch 029, 047: Fix up the broken pam_limits capabilities patch so it + actually works -- which may well be a first... Closes: #318452. + + -- Steve Langasek <vorlon@debian.org> Mon, 23 Oct 2006 05:36:08 -0700 + +pam (0.79-3.2) unstable; urgency=low + + * Non-maintainer upload to fix important bug, that makes passwd segfault + when CTRL-D is pressed at the password prompt. Applied the patch + provided by Dann Frazier. (Closes: #360657) + + -- Margarita Manterola <marga@debian.org> Sat, 5 Aug 2006 02:11:22 -0300 + +pam (0.79-3.1) unstable; urgency=low + + * Non-maintainer upload. + * Linux-PAM/libpamc/include/security/pam_client.h, + Linux-PAM/libpamc/pamc_converse.c: Apply patch from + latest upstream version to remove redefinition of internal + glibc/libstdc++ types. Closes: #344447. + + -- Roger Leigh <rleigh@debian.org> Sun, 5 Feb 2006 21:46:59 +0000 + +pam (0.79-3) unstable; urgency=low + + * Patch 059 + - Fix a segfault in pam_userdb when the new "crypt=" option + is unset, as will be the case for all existing users; already fixed + upstream. Closes: #330829. + - Fix a memory leak in the same code due to gratuitous strdup()s. + * Further regression in pam_env: don't treat a missing /etc/environment + as a fatal error, either. Amend patch 058 accordingly. Closes: #330852. + + -- Steve Langasek <vorlon@debian.org> Fri, 30 Sep 2005 01:17:53 -0700 + +pam (0.79-2) unstable; urgency=low + + The ".c.o: rm -rf $@" release + * Fix debian/rules so that make clean doesn't remove ./configure when the + timestamp on configure.in is newer (!). + * Switch pam_userdb from db3 to db4.3, which according to the libdb + maintainers should require no manual intervention for upgrading on-disk + database formats. Closes: #165068. + * Patch 058: yes, of course we want to read /etc/environment by + default. Grr! Revert upstream change which disables this for no + apparent reason (closes: #330458). + * Tweak selinux rootok code to use the version of the function call that + doesn't pollute namespace + + -- Steve Langasek <vorlon@debian.org> Tue, 27 Sep 2005 02:44:36 -0700 + +pam (0.79-1) unstable; urgency=low + + * New upstream version (closes: #284954, #300775). + - includes some fixes for typos (closes: #319026). + - pam_unix should now be LSB 3.0-compliant (closes: #323982). + - fixes segfaults in libpam on config file syntax errors + (closes: #330097). + * Drop patches 000_bootstrap, 004_libpam_makefile_static_works, + 011_pam_access, 013_pam_filter_termio_to_termios, 017_misc_fixes, + 025_pam_group_conffile_name, 028_pam_mail_delete_only_when_set, + 033_use_gcc_not_ld, 034_pam_dispatch_ignore_PAM_IGNORE, + 035_pam_unix_security, 039_pam_mkhomedir_no_maxpathlen_required, + 041_call_bootstrap, 042_pam_mkhomedir_dest_not_source_for_errors, + 051_32_bit_pam_lastlog_ll_time, and + 053_pam_unix_user_known_returns_user_unknown which have been + integrated upstream. + * Merge one last bit of patch 053 into patch 043, where it should have + been in the first place + * Patch 057: SELinux support: + - add support to pam_unix for copying SELinux security contexts when + writing out new passwd/shadow files and creating lockfiles + - support calling unix_chkpwd if opening /etc/shadow fails due to + SELinux permissions + - allow unix_chkpwd to authenticate for any user when in an SELinux + context (hurray!); we depend on SELinux policies to prevent the + helper's use as a brute force tool + - also support querying user expiration info via unix_chkpwd + - misc cleanup: clean up file descriptors when invoking unix_chkpwd + (closes: #248310) + - make pam_rootok check the SELinux passwd class permissions, not just + the uid + - add new pam_selinux module (closes: #249499) + * Build-depend on libselinux1-dev. + * Fix pam_getenv, so that it can read the actual format of /etc/environment + instead of trying to read it using the syntax of + /etc/security/pam_env.conf; thanks to Colin Watson for the patch. + Closes: #327876. + * Set LC_COLLATE=C when using alphabetic range expressions in + debian/rules; bah, so *that's* what kept happening to my README file + when trying to build out of svn! Closes: #295296. + * Add a reference to the text of the GPL to debian/copyright. + + -- Steve Langasek <vorlon@debian.org> Sun, 25 Sep 2005 22:08:20 -0700 + +pam (0.76-23) unstable; urgency=low + + * Fix Gcc 3.4 compilation, Closes: #259634 + * Note that pam.conf is not read if /etc/pam.d exists, Closes: #248928 + * Fix typo in pam_env.conf, Closes: #277633 + + -- Sam Hartman <hartmans@debian.org> Sun, 10 Jul 2005 16:42:25 -0400 + +pam (0.76-22) unstable; urgency=medium + + * Add uploaders + * Document location of repository + * Fix options containing arguments in pam_unix, Closes: #254904 + + -- Sam Hartman <hartmans@debian.org> Mon, 28 Jun 2004 14:28:08 -0400 + +pam (0.76-21) unstable; urgency=medium + + * Fix patch 055 again because -20 was broken and didn't actually fix the + problem. + + -- Sam Hartman <hartmans@debian.org> Tue, 4 May 2004 21:37:38 -0400 + +pam (0.76-20) unstable; urgency=medium + + * Update to patch 55 to only check securetty when we are sure the + password is null, Closes: #243698 + * Medium urgency because the version now in testing has confusing and + verbose log messages. + * Include pam_getenv script which hopefully will be used by some people + somewhere for some purpose + + -- Sam Hartman <hartmans@debian.org> Wed, 28 Apr 2004 22:51:18 -0400 + +pam (0.76-19) unstable; urgency=low + + * Oops, too busy testing the upgrade from woody to make sure the upgrade + from -16 to -18 worked. Thanks to all those who reported, + Closes: #243413 + + -- Sam Hartman <hartmans@debian.org> Tue, 13 Apr 2004 16:08:54 -0400 + +pam (0.76-18) unstable; urgency=low + + * Manipulate conffiles to avoid unnecessary prompt in woody to sarge + upgrade, Closes: #218318 + + -- Sam Hartman <hartmans@debian.org> Sat, 10 Apr 2004 18:10:35 -0400 + +pam (0.76-17) unstable; urgency=low + + * common-password now includes length restrictions and cracklib + examples, Closes: #227681, #237537 + * Patch 054: abstract out the logic from pam_securetty to determine if a + tty is in /etc/securetty into a library function + * Patch 55: Add nullok_secure option to pam_unix. If set, then null + passwords are accepted from terminals in /etc/securetty. + * common-auth now includes nullok_secure, Closes: #228114 + + + -- Sam Hartman <hartmans@debian.org> Sun, 4 Apr 2004 23:10:11 -0400 + +pam (0.76-16) unstable; urgency=low + + * Patch 51 from the x86-64 folks to support 32-bit ll_time in + pam_lastlog even if time_t is 64-bits + * Don't call openlog in pam_unix (patch 52), Closes: #213566 + * Return PAM_USER_UNKNOWN for unknown users in pam_unix (patch 53), Closes: #204506 + + -- Sam Hartman <hartmans@debian.org> Tue, 23 Mar 2004 22:26:04 -0500 + +pam (0.76-15) unstable; urgency=low + + * Fix description of libpam-runtime, Closes: #209755 + * Fix description of libpam-cracklib, Closes: #210014 + * Depend on libc6-dev|libc-dev not libc6-dev, Closes: #212354 + * Clean up binaries, Thanks Russell, Closes: #212158 + * Depend on sufficiently new cracklib2-dev, Closes: #214092 + * Treate GNU/* as GNU for OS variable to make pam_limits compile, + (patch 050) Closes: #220980 + * No longer build-depend on latex2html, Closes: #221318 + * Allow : in tty specification for pam_group, (patch 048) Closes: #220439 + * Pull in locking patch from Linux-PAM CVS; this ended up causing + 021_pam_nis_locking to be reworked and that patch now no longer + contains locking fixes, but just NIS cleanup in general. See + 049_pam_unix_sane_locking for the locking changes, Closes: #220158 + + -- Sam Hartman <hartmans@debian.org> Mon, 12 Jan 2004 02:23:59 -0500 + +pam (0.76-14) unstable; urgency=low + + * Pull in NMU diff from 13.1, Closes: #186011 + * Split out common-password into its own file, Closes: #207497 + * Make other a conffile again and update to @include stuff + * Add missing symlink, Closes: #196605 + * Remove undocumented manpages + * Update PAM mini-policy + + -- Sam Hartman <hartmans@debian.org> Mon, 1 Sep 2003 18:08:54 -0400 + +pam (0.76-13.1) unstable; urgency=low + + * NMU with maintainer's permission. + * Add three new config files (/etc/pam.d/common-{auth,account,session}) + to libpam-runtime. Other packages which depend on libpam-runtime + can now @include these files from their own PAM configs. + * Convert /etc/pam.d/other from a conffile to a non-conffile config + file. Closes: #186011. + * Remove empty libpam-runtime.prerm script (debhelper will autocreate if needed) + + -- Steve Langasek <vorlon@debian.org> Tue, 19 Aug 2003 19:41:03 -0500 + +pam (0.76-13) unstable; urgency=low + + * Nope, that dependency didn't work, so let's remove it. If we run into other module versioning issues, I now have an arm build environment to debug with. Closes: #198618 + + -- Sam Hartman <hartmans@debian.org> Mon, 7 Jul 2003 00:22:34 -0400 + +pam (0.76-12) unstable; urgency=low + + * Fix group.conf example, (patch 046) Closes: #197080 + * Ignore module return value in jumps, (patch 045) Closes: #176693 + * Accept string value for chroot limit, thanks Andrei Pelinescu-Onciul, + Patch (047), Closes: #196903 + * Depend on libpam-modules instead of conflicting with older versions. + This creates a circular dependency between libpam0g and + libpam-modules. James says this works fine; we hope he's right. + Closes: #196949 + -- Sam Hartman <hartmans@debian.org> Sat, 21 Jun 2003 17:19:29 -0400 + +pam (0.76-11) unstable; urgency=low + + * Don't allow db4 to satisfy build-depends because it doesn't actually + work, and sometimes building with it would be wrong. + * Don't depend on libpcap-dev on Debian BSD + * Conflict with old libpam-modules, Closes: #191906 + * Incorrect username should not be logged at alert (patch 43), + Closes: #175900 + * Patch to support FreeBSD (patch 44, thanks Robert), Closes: #191906 + + -- Sam Hartman <hartmans@debian.org> Sat, 31 May 2003 19:55:26 -0400 + +pam (0.76-10) unstable; urgency=low + + * Don't double list conffiles, Closes: #190954 + * Only install example sources not executables, Closes: #185286 + * Display correct directory in error message for pam_mkhomedir, patch + 042 thanks to Akira TAGOH, Closes: #165240 + * Don't log EPERM when setting NOFILE limit as Linux doesn't let you + set that to -1, Closes: #180310 + * Add newline to end of distributed time.conf, Closes: #172229 + * Up our standards version and support noopt in DEB_BUILD_OPTIONS + + -- Sam Hartman <hartmans@debian.org> Sat, 3 May 2003 22:28:37 -0400 + +pam (0.76-9) unstable; urgency=low + + * Fix pam_rhosts hurd patch so it actually works, Closes: #172914 + * Fix patch 040 not to clobber errno when logging the error fails, + Closes: #172186 + * Fix dependency for linuxdoc-tools, Closes: #173097 + + -- Sam Hartman <hartmans@debian.org> Sun, 15 Dec 2002 17:10:58 -0500 + +pam (0.76-8) unstable; urgency=low + + * Have makefile appropriately depend on bootstrap-libpam + * Install pam minipolicy, Closes: #167798 + * Don't segfault if ttyname is null; this avoids the segfault but does + not actually make pam_issue useful for ssh. I believe the way + pam_issue works is fundamentally incompatible with what sshd expects + from PAM (patch 037), Closes: #153152 + * We actually fixed passwords containing , in 0.76-6, but failed to + document it. They do work, Closes: #164713 + * Note that /etc/pam.d/other is a fall back for each service + * Patches from Michal 'hramrach' Suchanek" <hramrach_l@centrum.cz> to + make HURD work, Closes: #165066 (patch 038 and 039) + * Don't depend on gs and other doc prep tools for build-depends, just + build-depends-indep, Closes: #165065 + * Patch from Eric Anderson <anderse@hpl.hp.com> to log failures of + setrlimit (patch 040), Closes: #169836 + * Build pam_limits on hurd, Closes: #165190 + + -- Sam Hartman <hartmans@debian.org> Sun, 24 Nov 2002 22:04:28 -0500 + +pam (0.76-7) unstable; urgency=low + + * Fix handling of pam_ignore in case where we're skipping modules; + update to patch 034 + + -- Sam Hartman <hartmans@debian.org> Sun, 20 Oct 2002 21:49:22 -0400 + +pam (0.76-6) unstable; urgency=low + + * The "No, I don't think I actually want any of what upstream is + smoking" release + * If this were already in testing, this would be an severity emergency + upload + * pam_unix currently treats * in shadow file as no password not + disabled; major security issue; fixed in upstream CVS, (patch 035) Closes: #164659 + * OK, I think this actually fixes the rest of the manpage symlinks, + Closes: #163839, #164298 + * You don't want to use getlogin for pam_wheel because utmp may be wrong or for xterm have no entry, pull forward patch from the 0.72 packages (patch 036), Closes: #163787 + + -- Sam Hartman <hartmans@debian.org> Tue, 15 Oct 2002 10:44:56 -0400 + +pam (0.76-5) unstable; urgency=low + + * Fix library links from 0.75 to 0.76 + * Ignore PAM_IGNORE in _pam_dispatch_aux (patch 34), Closes: #163841 + * Fix man page symlinks, Closes: #163839 + + -- Sam Hartman <hartmans@debian.org> Fri, 11 Oct 2002 01:08:06 -0400 + +pam (0.76-4) unstable; urgency=low + + * Upstream correctly states that one should use gcc not ld when + linking and then hapilly proceeds to actually use ld, fixed, Closes: #163711 + + * Remove experimental warning from readme, Closes: 163742 + + -- Sam Hartman <hartmans@debian.org> Mon, 7 Oct 2002 23:45:53 -0400 + +pam (0.76-3) unstable; urgency=low + + * Oops, let's try building -fpic. This currently builds everything + -fpic which is somewhat wrong, but doing more than that requires + significant build system hacking (touch every makefile for dynamic + objects), so it will wait, Closes: #163600 + + -- Sam Hartman <hartmans@debian.org> Sun, 6 Oct 2002 23:33:12 -0400 + +pam (0.76-2) unstable; urgency=low + + * Link against appropriate libraries so we find the symbols we need, + Closes: #162175 + * The if everyone's going to complain when I upload broken software to + experimental release, I might as well upload to unstable and give them + something worth actually complaining about release. + * Also the remove the scourge of dbs release + * Include patch 034 from the 0.72 packages, meaning that we've included + all the patches we need before release + * Reject the patch to pam_wheel as I cannot find out what reasonable + thing it was trying to do and it seemed broken + * libpam-cracklib should depend on wordlist so it actually works; + thanks Olaf Meeuwissen, + Closes: #112965 + * Merge build-depends and build-depends-indep because I'm a bad person + and was too lazy to make docs build in a separate pass. I'll deal in + a few versions. + + -- Sam Hartman <hartmans@debian.org> Sun, 6 Oct 2002 18:52:13 -0400 + +pam (0.76-1) experimental; urgency=low + + * New upstream version + * Upstream includes fix to not break cron, Closes: 160566 + * New Upstream correctly handles priority < 0 for pam_limits, Closes: #126251 + * .cvsignores removed, Closes: #159961 + + -- Sam Hartman <hartmans@debian.org> Sun, 22 Sep 2002 16:11:35 -0400 + +pam (0.75-3) experimental; urgency=low + + * Apply patch 027 pam_limits so that we initialize to wide open not + current limits. + * In pam_mail, don't complain about deleting environment variable if + we never set it, Closes: #58429 + * Don't set default max procs limit in pam_limits, Closes: #116874 + * libpam-runtime now arch all since it has no arch-specific files, + Closes: #132545 + * Update mini policy to reflect confusion on debian-devel + + -- Sam Hartman <hartmans@debian.org> Tue, 16 Jul 2002 09:30:50 -0400 + +pam (0.75-2) experimental; urgency=low + + * Fix pam_userdb to build and to build against db3, fixes patch 020 + * Fix upstream makefile so pam_group has valid configuration, closes: #148657 + * time.conf reference to logoutd removed, closes: #143801 + * The static library contains all the appropriate symbols in this + version. You may find the complete lack of PAM modules somewhat + frustrating; currently the static pam library is only useful if you + register your own modules. Fixing this would require annoying hacking + on the upstream build system, closes: #103495 + * unix_chkpwd.8 typo fixes thanks to dancer@anthill.echidna.id.au, + Closes: #139949 + * Since we're working on the new upstream version, we also have the new docs, closes: #147763 + * Patch from Martin Schwenke <martin@meltin.net> to only change + passwords in pam_unix when they exist in the password file; hopefully + does not break NIS, closes: #135990 + * Another patch from Martin to return PAM_USER_UNKNOWN if we ever + actually do get into the password changing routine only to find that + we have no password to change, closes: #135604 + * .cvsignore no longer installed, closes: #120795 + * We're using debhelper 3, just in time to be obselete, Closes: #93414 + + -- Sam Hartman <hartmans@debian.org> Sat, 8 Jun 2002 18:04:40 -0400 + +pam (0.75-1) experimental; urgency=low + + * Preliminary test packages + * New upstream version + * Hopefully works mostly the same as 0.72 except for upstream bug + fixes and for the fact that pam_limits is fairly broken right now. + * If it breaks you are lucky if you get to keep both pieces release. + + -- Sam Hartman <hartmans@debian.org> Sat, 25 May 2002 22:57:57 -0400 + +pam (0.72-35) unstable; urgency=medium + + * Fix like_auth to make libpam-krb5 and libpam-heimdal actually useful, + patch from RISKO Gergely , closes: #126251 + + -- Sam Hartman <hartmans@debian.org> Mon, 21 Jan 2002 15:20:22 -0500 + +pam (0.72-34) unstable; urgency=medium + + * Note that HOME may not be useful in pam_environment, closes: #109281 + * Don't smash case domains (groups/users) in pam_limits, closes: #119893 + * Remove double the from description, closes: #107705 + * Fix typo on mail message, closes: #119689 + * Medium since these are small fixes that should go into woody + + -- Sam Hartman <hartmans@debian.org> Fri, 23 Nov 2001 21:24:20 -0500 + +pam (0.72-33) unstable; urgency=low + + * Fix pam_mail to look in /var/mail not /var/spool/mail, thanks mjb. + + -- Sam Hartman <hartmans@debian.org> Thu, 11 Oct 2001 15:44:32 -0400 + +pam (0.72-32) unstable; urgency=medium + + * This should probably get into testing before freeze; medium. + * Patch from Volker Stolz to fix bug in previous pam_group patch, + closes: #111854 + + -- Sam Hartman <hartmans@debian.org> Sat, 22 Sep 2001 06:32:29 -0400 + +pam (0.72-31) unstable; urgency=low + + * Add support for credential reinitialization in pam_group, closes: #108697 + + -- Sam Hartman <hartmans@debian.org> Fri, 31 Aug 2001 13:16:39 -0400 + +pam (0.72-30) unstable; urgency=low + + * Include patch from robbe@orcus.priv.at to build pam_limits on hurd, + closes: #103556 + * Start installing limits.conf for hurd (may not work quite right) + + -- Sam Hartman <hartmans@debian.org> Mon, 16 Jul 2001 09:35:51 -0400 + +pam (0.72-29) unstable; urgency=low + + * Correctly declare uint32 type for ia64, closes: #104584 + + -- Sam Hartman <hartmans@debian.org> Sat, 14 Jul 2001 01:30:39 -0400 + +pam (0.72-28) unstable; urgency=low + + * Fix scanf string so pam_limits chroot works, closes: #100812 + * Only log unknown user at warning, not alert, closes: #95220 + * By default do complete matches not substring matches for pam_time. + You can include explicit wildcard for substring, closes: #66152 + + -- Sam Hartman <hartmans@debian.org> Tue, 3 Jul 2001 17:31:45 -0400 + +pam (0.72-27) unstable; urgency=low + + * Fix typo in last patch + + -- Sam Hartman <hartmans@debian.org> Mon, 25 Jun 2001 18:27:42 -0400 + +pam (0.72-26) unstable; urgency=low + + * Block SIGCHLD when calling unix password verification program, patch from mdz@debian.org, fixes pam part of #97977 + + -- Sam Hartman <hartmans@debian.org> Mon, 25 Jun 2001 08:47:12 -0400 + +pam (0.72-25) unstable; urgency=medium + + * Depend on opensp, working around #89063, closes: #100125 + * This is urgency medium to get docs back into testing. + + -- Sam Hartman <hartmans@debian.org> Fri, 8 Jun 2001 11:44:12 -0400 + +pam (0.72-24) unstable; urgency=low + + * New NIS double locking and root password patch from Philippe Troin + <phil@fifi.org>, fixes bug in unreleased patch submitted for + 0.72-23. Also improves changing root password so it does something; + ongoing discussion on whether this is right. + + -- Sam Hartman <hartmans@debian.org> Mon, 21 May 2001 08:06:05 -0400 + +pam (0.72-23) unstable; urgency=low + + * Patch from Benoit Gaussen <ben@trez42.net> , Don't trim from , to end + of string in user input, only trim from salt + grabbed from passwd file, closes: #96779 + * Fix NIS double locking, closes: #96736 + + -- Sam Hartman <hartmans@debian.org> Wed, 16 May 2001 15:46:34 -0400 + +pam (0.72-22) unstable; urgency=low + + * Fix pam.8 to be pam.7, closes: #92874 + + -- Sam Hartman <hartmans@debian.org> Tue, 17 Apr 2001 23:04:04 -0400 + +pam (0.72-21) unstable; urgency=low + + * Don't depend on libcap for hurd, closes: #91998 + * Don't list scurity/limits.conf as a conffile for hurd + + -- Sam Hartman <hartmans@debian.org> Mon, 9 Apr 2001 12:30:18 -0400 + +pam (0.72-20) unstable; urgency=low + + * Install pam-undocumented in -runtime not -dev, closes: #93063 + * Mark pam-runtime as replacing files from -dev in case you installed + -19 and have pam-undocumented in the wrong place + + -- Sam Hartman <hartmans@debian.org> Fri, 6 Apr 2001 06:38:15 -0400 + + + +pam (0.72-19) unstable; urgency=low + + * New maintainer, closes: #92353 + * Install pam-undocumented; somehow it was not installed in -18 + + -- Sam Hartman <hartmans@debian.org> Wed, 4 Apr 2001 21:32:17 -0400 + +pam (0.72-18) unstable; urgency=low + + * pam_securetty: log failed tty checks. Normally this was only done if + the "debug" option was on...do it regardless now, closes: #89390 + * Get rid of log message for when "root" is not applied to group checks. + closes: #88825 + * Add quiet option to pam_listfile, closes: #84428 + * pam(8) should be pam(7), pam.conf(8) should be pam.conf(5), closes: + #89322 + * Added groff to Build-Depends-Indep, closes: #88794 + + -- Ben Collins <bcollins@debian.org> Sun, 25 Mar 2001 21:40:32 -0500 + +pam (0.72-17) unstable; urgency=low + + * Fixed login in pam_limits where the max logins could be ignored. + + -- Ben Collins <bcollins@debian.org> Fri, 9 Mar 2001 09:14:48 -0500 + +pam (0.72-16) unstable; urgency=low + + * New pam limits cap patch from Topi Miettinen + <Topi.Miettinen@koti.tpo.fi>, closes: #88401, #88406, #88525, #88399, + #86197 + * pwdb no longer used, closes: #59917 + * fix patch 023 for gethostbyname build failure, closes: #86156 + * Make sure unix_chkpwd gets installed as suid root, closes: #88519 + * Fix whatis parse of manpages, closes: #86203 + * pam_listfile, fix arg parsing when arg does not contain '=', closes: + #86070 + + -- Ben Collins <bcollins@debian.org> Sun, 4 Mar 2001 22:45:58 -0500 + +pam (0.72-15) unstable; urgency=low + + * Doh, added build-depends for libcap, closes: #85352 + * Change section of libpam-cracklib from admin to libs to match + overrides. + + -- Ben Collins <bcollins@debian.org> Fri, 9 Feb 2001 09:06:40 -0500 + +pam (0.72-14) unstable; urgency=low + + * Added fix to pam_access for gethostname decleration. closes: #82100 + * Just name the lib/security directory instead of all the modules + seperately for dh_movefiles. closes: #76119 + * Fix pam_env corruption, closes: #66849, #77229 + * Add patch to allow recursive /etc/skel copy in pam_mkhomedir, closes: + #67211 + * remove dh_suidregister call, added conflict for old suidregister + package + * Applied patch for Linux capabilities in pam_limits, closes: #74176 + * pam_issue.so works for me, without segv, and even with escapes. This + is with login. Note, things like pam_issue do not work with ssh simply + because ssh is not able to work in that way (does not support + arbiitrary conversations). So if you want it to work there, file a bug + on ssh, not on libpam-modules. closes: #77228 + * unix_chkpwd: check for NULL password, closes: #69960 + + -- Ben Collins <bcollins@debian.org> Thu, 8 Feb 2001 11:06:03 -0500 + +pam (0.72-13) unstable; urgency=low + + * Fix grammar in pam_source.sgml, closes: #78959 + * pam_undocumented.7: Fix escaped 's, closes: #75987 + * Fix build ordering, closes: #71442, #80397, #77017 + * Applied Hurd patch, closes: #76119 + * Use gcc for linking, not ld. closes: #71941 + * Pretty sure this was fixed, closes: #67172 + * Applied spealang fixes to Debian-mini-policy. closes: #80249 + * Applied patch to allow devfs style terminal devices with pam_group, + closes: #77661 + * Could not reproduce, even using md5 passwords. User, if you still have + * this problem, you need to tell me with what service (login, which I + tested, sshd, telnet, etc...) and also send me the entire pam.d file + for that service. closes: #76087 + * Fixed awhile back, closes: #72858 + * Closing this since I am not going to include any modules in this + package that aren't in upstream. If someone else wants to package + these modules seperately, they can do so. closes: #69550 + * For correct usage, pam_wheel.so should be used with "sufficient" and + not "required". This is documented. If you use "required", then you + must also use the "trust" option, but that doesn't give you the + results you want. closes: #76236 + + -- Ben Collins <bcollins@debian.org> Sun, 31 Dec 2000 05:38:23 -0500 + +pam (0.72-12) frozen unstable; urgency=low + + * Recompile against db2 for glibc change + * Add db2 to build-deps + + -- Ben Collins <bcollins@debian.org> Wed, 27 Sep 2000 12:08:11 -0400 + +pam (0.72-11) frozen unstable; urgency=low + + * Removed all traces of pwdb in packages. libpwdb has been removed from + the archive. This means that the pam_pwdb and pam_radius modules are + no longer available (from the libpam-pwdb package). + * doc/modules/pam_wheel.sgml: Really spell out that being a member of a + group meands the user is listed in /etc/group, closes: #69242 + * doc/*: s/PAM_AUTHOK_RECOVERY_ERR/PAM_AUTHOK_RECOVER_ERR/g, + closes: #64473 + * pam_wheel: PAM does not distinguish it, the libc calls make the + distinction. The users gid is returned in their passwd info, while + getgrent() returns only the members of the group listed in /etc/group. + This is ok, because if it's really that important, you can actually + have it in both places. The fact that it's documented should suffice + in making this clear, closes: #69236 + * Sorry, but seperate modules generally need to be packaged seperately. + I don't want to overload this package with everyone's pet module, so I + have to put my foot down, closes: #61759 + * Actually, I'm going to move in Woody to make packages depend more on + the defaults in /etc/pam.d/other, so that admins have less to + maintain. For one, all packages should not have a password service + listed, closes: #70000 (YAY! I got the 70k rollover bug number!) + * Sorry, I can't include this. "," is a legitimate char in a password + salt/hash. If you can code up something that is super intelligent + about lenghts of the field, I can go for it, maybe, closes: #59459 + * modules/pam_limits: Added chroot feature patch, closes: #61090 + * modules/pam_access: Allow last field to contain ':', closes: #67291 + * modules/pam_limits: Allow explicit limits for root, closes: #62448 + * modules/pam_unix: Do not zero old/new password fields, libpam does + this itself, and doing so in the module breaks stacking, + closes: #66270 + * modules/pam_group: Allow alpha *and* numeric in tty field (duh), + closes: #63752 + * modules/pam_access: Enable NIS, closes: #64854 + * libpam0g-dbg: removed, useless anyway + + -- Ben Collins <bcollins@debian.org> Wed, 30 Aug 2000 18:39:32 -0400 + +pam (0.72-10) frozen unstable; urgency=low + + * Update build depends + * Fixed logic for showing non-existent user names when auth failed in + pam_unix.so, closes: #67786 (thanks to Jim Breton for being patient in + helping track this down). It would sometimes show them, even if we + didn't want to. + + -- Ben Collins <bcollins@debian.org> Thu, 27 Jul 2000 09:17:08 -0400 + +pam (0.72-9) frozen unstable; urgency=low + + * pam_unix: do not call obscure_msg() of pass_old is NULL, + closes: #65321 + * pam_access: check for from[0] == '\0' so that tty logic is actually + used, closes: #65401 + + -- Ben Collins <bcollins@debian.org> Wed, 14 Jun 2000 11:38:35 -0400 + +pam (0.72-8) frozen unstable; urgency=low + + * Build depends added in previous version, closes: #60817, #61439 + * Allow use of ":0" in group.conf, closes: #61966 + * Added syslog entry to notify that a user succesfully changed their + password, closes: #61724 + * Make pam_unix compatible with HP-UX style NIS+ password information, + patch from ldaffner@rsn.hp.com, closes: #61942 + * If "audit" is not enabled, don't let pam_unix print the names of + unknown users for auth attempts, closes: #61942 + * Fixed ttyname() parsing in pam_access to match that of the old shadow + access.conf s,/dev/,, closes: #61644 + * Set some sane defaults for pam_limits.so instead of carrying over + potentially bad defaults, patch from Peter Paluch + <peterp@frcatel.fri.utc.sk> closes: #63230 + * Allow explicit (e.g. specified specifically for) limits for root, + patch from Topi Miettinen <Topi.Miettinen@nic.fi>, closes: #62448 + * Added information to time.conf about logoutd, which is now enabled via + this file. + * cracklib maintainer claims this isn't a bug, closes: #54180 + * fixed control syntax handling which was causing segfaults, closes: #62237 + + -- Ben Collins <bcollins@debian.org> Sat, 29 Apr 2000 11:39:59 -0400 + +pam (0.72-7) frozen unstable; urgency=low + + * pam_limits: fix parsing of users which explicitly removes limits, + closes: #59911, #60287 + * Added build-depends + + -- Ben Collins <bcollins@debian.org> Mon, 20 Mar 2000 16:06:28 -0500 + +pam (0.72-6) frozen unstable; urgency=low + + * Remove conflict for libpam0g-util from libpam0g and put it in + libpam-runtime. This should fix a problem with upgrades that apt + experiences, closes: #58677 + + -- Ben Collins <bcollins@debian.org> Mon, 28 Feb 2000 14:05:28 -0500 + +pam (0.72-5) frozen unstable; urgency=low + + * Added obscure password checks to pam_unix. Required for shadow to be + able to emulate the pre-PAM setup (referenced in a bug on passwd). + * Applied patch from #57800 to fix NIS/NIS+ shadow accounting checks, + closes: #57800, #58164 + * Fixed two typos in the PAM System Administrators Guide, + closes: #56578, #56587 + + -- Ben Collins <bcollins@debian.org> Mon, 28 Feb 2000 10:58:09 -0500 + +pam (0.72-4) frozen unstable; urgency=low + + * unix_chkpwd: check for NULL on stdin aswell as 0 reads, closes: #56375 + * pam_unix/Makefile: removed bashism, closes: #56370 + * fixed in shadow upload, closes: #49832 + + -- Ben Collins <bcollins@debian.org> Sat, 29 Jan 2000 00:27:28 -0500 + +pam (0.72-3) unstable; urgency=low + + * Added cpluplus wraps in all the headers, closes: #53653 + + -- Ben Collins <bcollins@debian.org> Sun, 2 Jan 2000 15:15:40 -0500 + +pam (0.72-2) unstable; urgency=low + + * Well, this is an odd one. A recompile fixes it. So it must have been a + problem from linking with 0.71 when this is version 0.72. All of this + build daemons seem to have compiled the latest 0.72, so this should be + resolved after this gets recompiled on all of them, closes: #51619, #49584 + * This is from a very old version (0.56) of libpam0. It is not relevant + to the latest version, closes: #47162 + + -- Ben Collins <bcollins@debian.org> Sun, 26 Dec 1999 09:10:13 -0500 + +pam (0.72-1) unstable; urgency=low + + * New upstream source release, lots of patches merged upstream (thanks + Andrew). + * libpam-doc: now provides pam-doc, closes: #45631 + * cleanups to the build system + * shlibs.local: bumped shlib deps + + -- Ben Collins <bcollins@debian.org> Tue, 14 Dec 1999 11:17:36 -0500 + +pam (0.71-3) unstable; urgency=low + + * Debian-PAM-MiniPolicy: new document describing how PAM is implemented + in Debian + + -- Ben Collins <bcollins@debian.org> Fri, 26 Nov 1999 17:26:40 -0500 + +pam (0.71-2) unstable; urgency=low + + * pam_listfile: lstat -> stat, closes: #49833 + * pam_tally: install the pam_tally program, closes: #50314 + * debian/control: libpam-modules, replaces libpam0g-util, closes: #50716 + + -- Ben Collins <bcollins@debian.org> Thu, 25 Nov 1999 21:02:23 -0500 + +pam (0.71-1) unstable; urgency=low + + * New upstream release, merges lots of patches from the Debian source, + also merges the pam_{motd,mkhomedir,issue} modules into the main + source. Lots of minor bugs fixed, and compiler warnings + * pam_mail: Reimplemented the authentication handlers, so now this works + as both (changes nothing in Debian, but was required to get the patch + accepted upstream) + * general: Lots of small edits to fix compiler warnings + * pam_userdb: fixed potential usage of an unitialized value as + PAM_AUTHTOK, doesn't look particularly exploitable, but better safe + than sorry + + -- Ben Collins <bcollins@debian.org> Mon, 8 Nov 1999 19:21:52 -0500 + +pam (0.70-4) unstable; urgency=low + + * pam_wheel/pam_wheel.c: change to use getpwuid(getuid()) by default, so + avoid the problems associated with getlogin() + + -- Ben Collins <bcollins@debian.org> Mon, 1 Nov 1999 13:33:10 -0500 + +pam (0.70-3) unstable; urgency=low + + * Applied patch from Herbert Xu to enable PAM_CONV_AGAIN support in + pam_ftp, closes: #47288 + + -- Ben Collins <bcollins@debian.org> Wed, 13 Oct 1999 13:25:21 -0400 + +pam (0.70-2) unstable; urgency=low + + * 100_pam_pwdb_security_fix: new patch fixes security problem with + regard to NIS accounts + + -- Ben Collins <bcollins@debian.org> Wed, 13 Oct 1999 11:42:41 -0400 + +pam (0.70-1) unstable; urgency=low + + * New upstream release + * Seems there were a lot of fixes merged/matches upstream, looks good, + (maybe it's time I start sending my patches in, since the maintainer + is active again). + * libpamc: new library (libpam client library), this actually used to be + in the Debian packages for a few versions, but it was removed upstream. + Guess what, it's back :) + + -- Ben Collins <bcollins@debian.org> Sun, 10 Oct 1999 01:07:43 -0400 + +pam (0.69-11) unstable; urgency=low + + * {pwdb,unix}_chkpwd.8: fixed format to get rid of "no whatis" warnings + from mandb, closes: #47004 + * pam_unix.sgml: new file, documents the pam_unix.so module, + closes: #46511 + + -- Ben Collins <bcollins@debian.org> Sat, 9 Oct 1999 12:41:58 -0400 + +pam (0.69-10) unstable; urgency=low + + * libpam/pam_item.c: fixed debug message being in wrong place + * 013_pam_issue: new patch, provides issue file parsing for PAM + applications (helps to replace lost functionality in login). + + -- Ben Collins <bcollins@debian.org> Wed, 6 Oct 1999 20:30:17 -0400 + +pam (0.69-9) unstable; urgency=low + + * Fix typo in pam_mail.so module's "no" return + + -- Ben Collins <bcollins@debian.org> Sun, 3 Oct 1999 15:08:56 -0400 + +pam (0.69-8) unstable; urgency=low + + * docs/modules/pam_mkhomedir.sgml: Fixed module name + * changed build system structure + * libpam/Makefile: add -lcrypt to the linked libs, closes: #46104 + * increase shlib deps to 0.69-7, closes: #45801 + * pam_motd.c: close motd file after reading, closes: #46122 + * pam_motd.c: fix setting \0 in the wrong place when motd file is + zero length, closes: #45686, #45632 + * pam_unix_acct.c: allow '0' to denote disabled for some expiry fields + since chage(1) documents it this way, closes: #45446 + * pam_mail.c|modules/pam_mail.sgml: added 2 options, one "standard" to + give the old style "You have ..." response and "quiet" which only + reports new mail for both formats, documented both options, + closes: #45670 + * with the new pam_unix module, this bug is fixed, closes: #42230 + * pam_limits.c: make sure that we not only ignore limits on root, we + also remove them just in case we are su'ing from a limited user to + the root account (since as root they can remove the limits anyway), + closes: #35302 + + -- Ben Collins <bcollins@debian.org> Sun, 3 Oct 1999 12:07:28 -0400 + +pam (0.69-7) unstable; urgency=low + + * debian/rules: fixed module_check + * pam_env/pam_env.c: fixed env parsing to include values wrapped in '' + and also allow continued lines with a trailing '\'. + * pam_motd,pam_mail: converted to session modules, so that they could + be ordered with the lastlog module + * updated default pam.d/login to reflect above change (now login looks + the same as the non-PAM version, lastlog, then motd, and then mail + check) + * pam_motd: removed extraneous \n from output + * modules/pam_limits/pam_limits.c: Fixed parsing of lines with only + "domain -", which was documented as being able to get rid of limits + for that user or group. + * debian/control: (libpam-cracklib) Added depends for cracklib-runtime, + closes: #45488 + * modules/pam_env.c: Fixed /etc/environment parsing causing segfaults on + long lines, closes: #45408 + + -- Ben Collins <bcollins@debian.org> Sun, 19 Sep 1999 13:50:40 -0400 + +pam (0.69-6) unstable; urgency=low + + * Install unix_chkpwd suid root, it's needed for NIS to work without + modification to the binary. + * modules/pam_limits/pam_limits.c: hmm, some how I got a strange broken + patch left over from the source upgrade...removed all but the pwdb + purging, closes: #45088 + * modules/pam_env/pam_env.c: Changed to a debug message, instead of a + syslog message when /etc/environment does not exist. + + -- Ben Collins <bcollins@debian.org> Wed, 15 Sep 1999 04:25:21 -0400 + +pam (0.69-5) unstable; urgency=low + + * Removed libpam0g's preinst check for full paths in the pam.d files, + this should really be a lintian check at build (i think the old libpam + could not work like this, but hey...things change for the better some + times. This PAM works fine like that). closes: #45001 + +NOTE: Debian packages should not reference modules by the full path + so they don't break if I ever decide to move the modules to a different + default directory. Only the admin should reference full paths and only + for locally installed modules. I have submitted a request to check for + this in lintian along with a few other devious things. + * debian/patches/008_pam_mkhomedir: Fix title of sgml doc + * modules/pam_userdb/Makefile: added patch for building against glibc 2.0 + (request from Roman Hodek), closes: #45064 + + -- Ben Collins <bcollins@debian.org> Tue, 14 Sep 1999 06:12:34 -0400 + +pam (0.69-4) unstable; urgency=low + + * Link all dynamic modules with libpam. For some reason, alpha doesn't + like it when we don't + + -- Ben Collins <bcollins@debian.org> Mon, 13 Sep 1999 06:01:40 -0400 + +pam (0.69-3) unstable; urgency=low + + * doc/modules/pam_cracklib.sgml: changed to correct path for + cracklib_dict reference. + * modules/pam_env/pam_env.c: now groks bash style env's from + /etc/environment to be compatible with other programs that use it. + * modules/pam_securetty/pam_securetty.c: don't just plain fail when + root isn't allowed to login, fake a password request just like any + good auth module would. Keeps us from letting them know that they + are doing something bad :) + * modules/pam_{motd,mkhomedir}: merged these two modules into this + source, also wrote corresponding sgml files for libpam-doc, + closes: #40754 + * debian/control: Moved libpam0g, libpam-modules and libpam-runtime + to base with required priority since login depends on them and + policy will require this + + -- Ben Collins <bcollins@debian.org> Sat, 11 Sep 1999 08:06:02 -0400 + +pam (0.69-2) unstable; urgency=low + + * Modified build so that it uses libs and headers in the build tree + rather than on the local system. This involved changint the build + order slightly and should make it easier to compile on new archs. + * Modified pam_limits so that it was invoked during pam_sm_setcred() + instead of during pam_sm_session_open() so that it will work with + shadow's su. + * Fixed missing symbols in libpam.so, they were caused by it thinking + it was supposed to have static modules built in. + * Fixed problem where libpam was getting built with -DDEBUG + * pam_unix_passwd.c: Changed the perms on shadow to be 0.42 and 0640 + instead of 0.0 and 0600 + * unix_chkpwd: fix it not being sgid shadow + + -- Ben Collins <bcollins@debian.org> Thu, 9 Sep 1999 13:52:01 -0400 + +pam (0.69-1) unstable; urgency=low + + * New upstream source + - Now with a new and improved pam_unix module, closes: #38631 + - Lot's of documentation cleanups + * Converted build system to dbs (doogie's build system, aka Adam Heath) + * Fixed libpam.so compilation so that it did not link with any of the + modules (this was causing lot's of problems, closes; #43913, #40739 + * modules/pam_ftp/pam_ftp.c: Fixed sizeof, to use strlen, + closes: #44054, #41845, #44142, #39129, #39871, #44412 + * Postscript pages are now generated correctly, closes: #41608 + * Moved to FHS compliance (including use of debhelper 2.0.40), + this also raises the policy version to 3.0.1.1 + * Don't check the paths in /etc/pam.d files anymore. This is old + and causes nothing but complaints, closes: #39747 + * Build libpam0g-dbg with debuggable static and shared libraries, also + enabled the internal DEBUG_REL compile flag for these so that the + debugging messages will also be output + + -- Ben Collins <bcollins@debian.org> Tue, 7 Sep 1999 17:45:20 -0400 + +pam (0.66-10) unstable; urgency=low + + * Added ability for pam_env to parse /etc/environment and updated + docs to reflect it + * Applied patch for pwdb_chkpwd man page, closes: #38976 + * Merged pam_unix_*.so modules into one pam_unix.so with symlinks + for backward compatibility. This helps centralize this module the + same way the pam_pwdb.so is and the way pam_unix.so is on other + operating systems (commercial ones specifically). + * Closed by pam-apps upload, closes: #38632 + * Fixed `sgml2latex' syntax, closes: #39119 + * Added doc-base support, closes: #37627 + + -- Ben Collins <bcollins@debian.org> Wed, 16 Jun 1999 01:20:23 -0400 + +pam (0.66-9.1) unstable; urgency=low + + * SPARC NMU to fix chown symbols when compiling with glibc 2.1.1 + + -- Ben Collins <bcollins@debian.org> Tue, 11 May 1999 13:33:33 +0000 + +pam (0.66-9) unstable; urgency=low + + * Changed the debian/rules to not mess with the library symlinks (ie + running ldconfig in the lib dir) and all is well, closes: #36169 + + -- Ben Collins <bcollins@debian.org> Sun, 18 Apr 1999 09:09:51 -0400 + +pam (0.66-8) unstable; urgency=low + + * Compiled with libpam_client.so now (seperate lib in libpam0g) + * Made regex for libpam0g postinst a little more specific so it + didn't flag false problems. closes: #34626 + * Applied patch to fix pam_ftp, closes: #35388 + * Modified pam_mail and pam_lastlog to honor PAM_SILENT in order to + enable apps to use hushlogin/PAM_SILENT + * Fixed problem with libpam_client.so being static + + -- Ben Collins <bcollins@debian.org> Mon, 15 Mar 1999 20:54:23 -0500 + +pam (0.66-7) unstable; urgency=low + + * Fixed XCASE in pam_filter.c (not really in glibc 2.1 by default) + + -- Ben Collins <bcollins@debian.org> Sat, 6 Mar 1999 18:46:56 -0500 + +pam (0.66-6) unstable; urgency=low + + * Removed empty /lib/security/ from libpam0g (is created in + libpam-runtime) + * Added a depends for libpam-runtime to libpam0g (was supposed to be + there, must have deleted it) + * Removed empty /usr/bin from libpam-runtime (old directory where + upperLOWER was) + + -- Ben Collins <bcollins@debian.org> Wed, 24 Feb 1999 13:14:25 -0500 + +pam (0.66-5) unstable; urgency=low + + * Removed harcoded libc6 dependency from libpam0g-dev and changed it to + libc6-dev. closes: #33615 + * Added md5 flag for pam_unix_passwd.so + * Removed upperLOWER program since it is just an example. Moved it's + source to the examples directory in libpam-modules + * Fixed documentation of pam_strerror() and examples. closes #31142 + * Made pam_unix_passwd.so leave /etc/shadow mode 640 and root.shadow + after changes + * Fixed problem in pam_unix_auth that didn't let you su from a normal + user to another normal user (ie. neither one was root) + * Closing misc fixed bugs. closes #32809, #32274 (have been fixed, + just need closing) + * Tested lockvc with pam support, works for normal users (pam_pwdb) + closes: #31150 + * Changed /var/log/wtmp in pam_lastlog docs to reflect correct + /var/log/lastlog file. closes: #26544 + * Added -ldl to libpam.so, so apps don't have to + + -- Ben Collins <bcollins@debian.org> Fri, 19 Feb 1999 18:47:30 -0500 + +pam (0.66-4) unstable; urgency=low + + * Changed pwdb_chkpwd to sgid shadow instead of suid root since it only + needs read permissions to /etc/shadow and not write. + * Moved a lot of files arouns to get rid of libpam-runtime dependencies + * Put libpam-pwdb into it's own package + * Removed -lpwdb links for modules since libpwdb is somewhat buggy (or + alteast it's interaction with libpam is) + * Fixed bug in pam_unix_passwd.so that caused it to never authenticate + the correct passwd, making it so you couldn't change the passwd + + -- Ben Collins <bcollins@debian.org> Tue, 16 Feb 1999 15:50:28 -0500 + +pam (0.66-3) unstable; urgency=low + + * Fixed defaults in /etc/pam.d/other to be pam_unix_*.so modules instead + of the accidental pam_pwdb.so module + * Fixed suid of pwdb_chkpwd (had to move dh_fixperms after + dh_suidregister) + * Added Replaces: libpam0g-util in order to help dpkg upgrade from + older packages + * Applied glibc 2.1 patch from Christian Meder. closes: #32809 + * Moved libpam-doc to Section doc. closes: #32274 + + -- Ben Collins <bcollins@debian.org> Fri, 12 Feb 1999 02:01:43 -0500 + +pam (0.66-2) unstable; urgency=low + + * Removed all of the versioned module stuff. Modules are now in + /lib/security and stay there. Seems after discussion, that modules may + not change as often as thought + * Fixed suidregister for pwdb_chkpwd + * Fixed incomplete descriptions in control file + * This is a kludge to close some bugs since the last upload was yanked + before being installed in the archive, closes: #16882, #30862, #7725, + #10234, #10406, #12210, #14291, #15528, #15529, #20660, #25330, + #29868, #31088, #31128, #9131, #9919, #19383, #5132, #14533, #25915, + #28075, #31548, #31191 + + -- Ben Collins <bcollins@debian.org> Tue, 2 Feb 1999 12:47:25 -0500 + +pam (0.66-1) unstable; urgency=low + + * New maintainer + * New upstream release. closes: #16882, #30862, #7725 + * Created a better split of the main lib and the runtime to kill the + circular dependencies and make it possible to have two .so version of + the library installed for upgrades. closes: #10234, #10406, #12210, + bug #14291, #15528, #15529, #20660, #25330, #29868, #31088, #31128, + bug #9131, #9919. + * Harcoded modules directory prefixed with the .so version, and + used alternatives to create the symlink to the 'default' modules + directory. libpam will use the full path when specified, but use the + versioned modules directory for relative names. + * Put libpam0g-cracklib modules back in (own package). This means that + cracklib support is _not_ in the static libpam.a, also cracklib + support is _not_ in pam_unix_passwd.o, but only in pam_cracklib.so + by itself. + * Fixed a few typos in the source causing compile errors + * Fixed source #include's so that pam _didn't_ have to be installed + in order to compile the source ( changed from <> to "" ) + * Removed empty directories from built packages + * Opted not to build examples, only going to put *.c files in examples + directory for libpam0g-dev + * Moved *.sgml files for modules into their own directory (looks like + that is what the original maintainer wanted to do, but it didn't go) + * Moved doc build to arch-indep build in rules so that it doesn't get + built when specifying -B with debuild/dpkg-buildpackage. + * Moved `touch .quiet...' to build-stamp in order to have -B builds not + ask about pam.conf + * Split out non-standard modules to their own package, so as to make the + base install smaller (planning for base inclusion here) + * Created small manpage for pwdb_chkpwd. closes: #10941 + * The Copright file in /usr/doc/*/ was already named copright and not + compressed. closes: #14533 + * Package is now lintian clean. closes #19383, #5132 + * There is a maintainer now and the patch for #25915 is still included + so.... closes: #25915 + * Added check for editor backup files in /etc/pam.d (*~). closes: #28075 + * Applied patch for md5.h in pam_pwdb module. closes: #31548 + * Added support for dhelp in libpam-doc. closes: #31191 + + -- Ben Collins <bcollins@debian.org> Wed, 20 Jan 1999 07:09:15 -0500 + +pam (0.65-0.8) frozen unstable; urgency=high + + * Marked PAM as orphaned, given that there has been no maintainer upload + in almost two years. + * [defs/debian.defs] Removed superflous cracklib2 dependency. + (Urgent as cracklib still has release-critical bugs). + (Fixes #30862). + + -- J.H.M. Dassen (Ray) <jdassen@wi.LeidenUniv.nl> Wed, 20 Jan 1999 09:34:35 +0100 + +pam (0.65-0.7) frozen unstable; urgency=high + + * Fixed security vulnerability in the pam_unix and pam_tally modules + (reported by Michal Zalewski on bugtraq; patch + A000-SECURITY-PATCH-0.65-and-below.gz by Andrey V. Savochkin). + + -- J.H.M. Dassen (Ray) <jdassen@wi.LeidenUniv.nl> Tue, 29 Dec 1998 16:20:18 +0100 + +pam (0.65-0.6) unstable; urgency=high + + * Fixed distribution of files over the various packages, which was + severely messed up. + * Added appropriate Replaces: to ensure upgrading from both the hamm + version and previous slink versions. + * Fixed debug libraries, PAM module loading. + * Added examples. + * Added a "pam-undocumented" manpage pointing to libpam-doc, and + made links for functions without a manpage to that. + + -- J.H.M. Dassen (Ray) <jdassen@wi.LeidenUniv.nl> Sun, 11 Oct 1998 19:29:40 +0200 + +pam (0.65-0.5) unstable; urgency=low + + * Rewritten the preinst warning text (it still mentioned the search path). + + -- J.H.M. Dassen (Ray) <jdassen@wi.LeidenUniv.nl> Fri, 9 Oct 1998 14:23:18 +0200 + +pam (0.65-0.4) unstable; urgency=high + + * It looks like I misunderstood DEFAULT_MODULE_PATH: Linux-PAM does not + currently seem to be easily configured to look for modules in more than + one directory. With this version, it's configured to look only in + /lib/security . + + -- J.H.M. Dassen (Ray) <jdassen@wi.LeidenUniv.nl> Fri, 9 Oct 1998 11:43:34 +0200 + +pam (0.65-0.3) unstable; urgency=medium + + * Moving the PAM modules to /lib/security broke netatalk. + Added a preinst script to detect /etc/pam.d files with explicit paths to + PAM modules, give a warning about them, and offer to abort the install + (Fixes #27514). + + -- J.H.M. Dassen (Ray) <jdassen@wi.LeidenUniv.nl> Tue, 6 Oct 1998 20:10:43 +0200 + +pam (0.65-0.2) unstable; urgency=low + + * Argh. The tools didn't recognise -0.1 as a new upstream release, so + my previous upload was rejected due to a missing .orig.tar.gz . + + -- J.H.M. Dassen (Ray) <jdassen@wi.LeidenUniv.nl> Sun, 4 Oct 1998 17:15:09 +0200 + +pam (0.65-0.1) experimental; urgency=low + + * New upstream version. + * Non-maintainer upload. + * Major package overhaul; now uses debhelper. + * In experimental for now. *Please* provide feedback; if the feedback is + positive, we can put this in slink. + * Dropped libc5 support. + * [libpam/pam_static.c] Fixed compilation: "pamh" was undefined; use "NULL". + is this the correct fix? + * [defs/debian.defs] New. + * [Makefile] + * Exit when a make in a subdirectory fails. + * Compile statically too. + * New variables: LC, LP, LPLIBS, DEFAULT_MODULE_PATH . + * [libpam/Makefile] + * Use DEFAULT_MODULE_PATH if nonempty. + * Link libpam against LPLIBS. + * [modules/*/Makefile] + * Link the dynamic security objects against libpam and libc + (LP and LC). + * [modules/pam_pwdb/Makefile] + * Link dynamic security objects against libcrypt and libnsl. + * [conf/install_conf] Allow for non-interactive install (as the other + install_conf scripts already did). + * Automatically determine the list of /etc/security/* conffiles. + * Moved libpam to /lib, and PAM modules to /lib/security as they will + become part of the base system in the future. + * Built without cracklib support, to keep the base system smaller. + * /sbin/pwdb_chkpwd is undocumented, as is upperLOWER. + + -- J.H.M. Dassen (Ray) <jdassen@wi.LeidenUniv.nl> Fri, 2 Oct 1998 20:23:27 +0200 + +pam (0.57b-0.4) unstable; urgency=high + + * Non maintainer upload + My previous upload had removed the libc5 stuff from the controlfile + messing up things. Change 'Architecture: any' to 'i386 m68k' for those + .deb's instead. + + -- Turbo Fredriksson <turbo@debian.org> Thu, 20 Aug 1998 20:06:50 -0400 + +pam (0.57b-0.3) unstable; urgency=high + + * Non maintainer upload + On a glibc2.1 system, XCASE is only defined in the <bits/termios.h> + _IF_ '__USE_MISC' or '__USE_UNIX98' is defined. + + -- Turbo Fredriksson <turbo@debian.org> Sun, 16 Aug 1998 22:13:45 -0400 + +pam (0.57b-0.2) unstable; urgency=high + + * Yet another non-maintainer release. + * Zero changes; simply a re-upload due to a rm-trigger happy release + ``manager''. + + -- James Troup <jjtroup@comp.brad.ac.uk> Tue, 17 Mar 1998 19:55:16 +0100 + +pam (0.57b-0.1) unstable; urgency=medium + + * Non-maintainer release. + * debian/control (Standards-Version): Updated to 2.4.0.0. + * debian/control (libpam0g-dev): Also conflict with libpam-dbg. + * debian/postinst: use case statement instead of if. + * debian/rules (COMPAT_ARCHES): removed sparc. + * debian/rules (binary-libc6-dev, binary-libc5-altdev): strip static libraries with + --strip-debug, not --strip-unneeded. + * debian/rules: each package now has it's own doc directory under + /usr/doc/, containing at least the copyright file (Policy 5.6). + * debian/rules: install files with `install -m 644' not `cp -p' to avoid + read-only files. + * debian/rules (binary-libc6-util): strip /usr/lib/*/security/*.so with + --strip-unneeded. + * debian/rules (binary-libc5-util): ditto. + * debian/rules (binary-libc5): don't depend on binary-libc5. + + -- James Troup <jjtroup@comp.brad.ac.uk> Sat, 7 Mar 1998 18:04:19 +0100 + +pam (0.57b-0) unstable; urgency=medium + + * Non-maintainer release. + * New upstream version. + * Doesn't use pristine upstream source as the upstream tar ball is broken. + * Added libc6 libraries libpam0g, libpam0g-dev, libpam0g-dbg and + libpam0g-util. [#11697] + * libpam-dev becomes libpam0-altdev, libpam-util -> libpam0-altutil and + libpam-dbg is removed. + * libpam0 depends on libpam0g because libpam0g contains the pam conffile. + * libpam0-util depends on libpam0g-util because libpam0g contains the binary. + * Compiled with -D_REENTRANT and link with -lc. + * Fixed permissions on shared libraries. + * Corrected syntax of /etc/pam.d/other. [#10497, #10758, #12030] + * Fixed typos in postinst. [#10474, #11365] + * Made /etc/pam.conf a conffile. + * Updated URL in copyright file. + * Removed over-zelaously installed README* files from libpam-doc. + + -- James Troup <jjtroup@comp.brad.ac.uk> Sat, 22 Nov 1997 17:54:30 +0100 + +pam (0.56-2) unstable; urgency=low + + * Added /etc/pam.d/other with policy 'deny'. + * Add manual pages for PAM security modules. + + -- Klee Dienes <klee@debian.org> Sat, 15 Mar 1997 22:33:22 -0500 + +pam (0.56-1) unstable; urgency=low + + * New upstream release. + * Converted to new packaging format. + * Reorganization of package structure (-dev, -dbg, etc). + + -- Klee Dienes <klee@debian.org> Sat, 8 Mar 1997 01:21:17 -0500 diff --git a/debian/changelog.old b/debian/changelog.old new file mode 100644 index 00000000..98135ced --- /dev/null +++ b/debian/changelog.old @@ -0,0 +1,13 @@ +pam (0.50-1) unstable; urgency=low + + * added Debian GNU/Linux package maintenance system files. + * changes to the installation procedure to fit the Debian packaging + system ($PREFIX handling, unconditionally install configuration files, + don't run ldconfig after installing the shared libraries). + * added documentation in the extradoc directory + * commented out all unused entries in etc/pam.conf, etc/secure/group.conf + and etc/secure/time.conf + + -- Patrick Weemeeuw <patrick.weemeeuw@kulnet.kuleuven.ac.be> + + diff --git a/debian/compat b/debian/compat new file mode 100644 index 00000000..7ed6ff82 --- /dev/null +++ b/debian/compat @@ -0,0 +1 @@ +5 diff --git a/debian/control b/debian/control new file mode 100644 index 00000000..d8d59edf --- /dev/null +++ b/debian/control @@ -0,0 +1,87 @@ +Source: pam +Section: libs +Priority: optional +Uploaders: Karl Ramm <kcr@debian.org>, Sam Hartman <hartmans@debian.org>, Roger Leigh <rleigh@debian.org> +Maintainer: Steve Langasek <vorlon@debian.org> +Standards-Version: 3.7.2 +Build-Depends: libcrack2-dev (>= 2.8), bzip2, debhelper, quilt, flex, libdb-dev, libselinux1-dev [!hurd-i386 !kfreebsd-i386 !kfreebsd-amd64 !netbsd-i386], po-debconf +Build-Depends-Indep: xsltproc, libxml2-utils, docbook-xml, docbook-xsl, w3m +Build-Conflicts-Indep: fop +Vcs-Bzr: http://bzr.debian.org/bzr/pkg-pam/debian/sid/ +Homepage: http://pam.sourceforge.net/ + +Package: libpam0g +Priority: required +Architecture: any +Conflicts: libpam0 (<= 0.56-2), libpam +Replaces: libpam0g-util +Depends: ${shlibs:Depends}, ${misc:Depends}, libpam-runtime +Suggests: libpam-doc +Description: Pluggable Authentication Modules library + Contains the C shared library for Linux-PAM, a suite of shared + libraries that enable the local system administrator to choose how + applications authenticate users. In other words, without rewriting + or recompiling a PAM-aware application, it is possible to switch + between the authentication mechanism(s) it uses. One may entirely + upgrade the local authentication system without touching the + applications themselves. + +Package: libpam-modules +Priority: required +Architecture: any +Depends: ${shlibs:Depends} +Conflicts: libpam0g-modules (= 0.66-1), libpam-motd, libpam-mkhomedir, libpam-umask, suidmanager (<< 0.50) +Replaces: libpam0g-util, libpam-umask +Provides: libpam-motd, libpam-mkhomedir, libpam-umask +Description: Pluggable Authentication Modules for PAM + This package completes the set of modules for PAM. It includes the + pam_unix_*.so module as well as some specialty modules. + +Package: libpam-runtime +Section: admin +Priority: required +Architecture: all +Replaces: libpam0g-util, libpam0g-dev +Conflicts: libpam0g-util, libpam0g (<< 0.66-0) +Description: Runtime support for the PAM library + Contains configuration files and directories required for + authentication to work on Debian systems. This package is required + on almost all installations. + +Package: libpam0g-dev +Section: libdevel +Priority: optional +Architecture: any +Depends: libpam0g (= ${binary:Version}), libc6-dev|libc-dev +Conflicts: libpam-dev, libpam-dbg +Replaces: libpam0g (<= 0.65) +Provides: libpam-dev +Description: Development files for PAM + Contains C header files and development shared libraries for libpam, the + pluggable authentication modules, a suite of shared libraries that enable + the local system administrator to choose how applications authenticate + users. + . + PAM decouples applications from the authentication mechanism, making it + possible to upgrade the authentication system without recompiling or + rewriting the applications. + +Package: libpam-cracklib +Priority: optional +Architecture: any +Replaces: libpam0g-cracklib +Depends: ${shlibs:Depends}, cracklib-runtime, wamerican | wordlist +Description: PAM module to enable cracklib support + This package includes libpam_cracklib, a PAM module that tests + passwords to make sure they are not too weak during password change. + +Package: libpam-doc +Provides: pam-doc +Section: doc +Priority: optional +Architecture: all +Description: Documentation of PAM + Contains documentation (in HTML, ASCII, and PostScript format) for + libpam, the Pluggable Authentication Modules library, a suite of shared + libraries that enable the local system administrator to choose how + applications authenticate users. diff --git a/debian/copyright b/debian/copyright new file mode 100644 index 00000000..45201f1d --- /dev/null +++ b/debian/copyright @@ -0,0 +1,67 @@ +This package was debianized by J.H.M. Dassen (Ray) jdassen@debian.org on +Wed, 23 Sep 1998 20:29:32 +0200. + +It was downloaded from ftp://ftp.kernel.org/pub/linux/libs/pam/pre/ + +Copyright (C) 1994, 1995, 1996 Olaf Kirch, <okir@monad.swb.de> +Copyright (C) 1995 Wietse Venema +Copyright (C) 1995, 2001-2008 Red Hat, Inc. +Copyright (C) 1996-1999, 2000-2003, 2005 Andrew G. Morgan <morgan@kernel.org> +Copyright (C) 1996, 1997, 1999 Cristian Gafton <gafton@redhat.com> +Copyright (C) 1996, 1999 Theodore Ts'o +Copyright (C) 1996 Alexander O. Yuriev +Copyright (C) 1996 Elliot Lee +Copyright (C) 1997 Philip W. Dalrymple <pwd@mdtsoft.com> +Copyright (C) 1999 Jan Rękorajski +Copyright (C) 1999 Ben Collins <bcollins@debian.org> +Copyright (C) 2000-2001, 2003, 2005, 2007 Steve Langasek +Copyright (C) 2003, 2005 IBM Corporation +Copyright (C) 2003, 2006 SuSE Linux AG. +Copyright (C) 2003 Nalin Dahyabhai <nalin@redhat.com> +Copyright (C) 2005-2008 Thorsten Kukuk <kukuk@thkukuk.de> +Copyright (C) 2005 Darren Tucker + + +Unless otherwise *explicitly* stated the following text describes the +licensed conditions under which the contents of this Linux-PAM release +may be distributed: + +------------------------------------------------------------------------- +Redistribution and use in source and binary forms of Linux-PAM, with +or without modification, are permitted provided that the following +conditions are met: + +1. Redistributions of source code must retain any existing copyright + notice, and this entire permission notice in its entirety, + including the disclaimer of warranties. + +2. Redistributions in binary form must reproduce all prior and current + copyright notices, this list of conditions, and the following + disclaimer in the documentation and/or other materials provided + with the distribution. + +3. The name of any author may not be used to endorse or promote + products derived from this software without their specific prior + written permission. + +ALTERNATIVELY, this product may be distributed under the terms of the +GNU General Public License, in which case the provisions of the GNU +GPL are required INSTEAD OF the above restrictions. (This clause is +necessary due to a potential conflict between the GNU GPL and the +restrictions contained in a BSD-style copyright.) + +THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED +WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT, +INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS +OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND +ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR +TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE +USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH +DAMAGE. +------------------------------------------------------------------------- + +On Debian GNU/Linux systems, the complete text of the GNU General +Public License can be found in `/usr/share/common-licenses/GPL'. diff --git a/debian/libpam-cracklib.files b/debian/libpam-cracklib.files new file mode 100644 index 00000000..29ad0417 --- /dev/null +++ b/debian/libpam-cracklib.files @@ -0,0 +1 @@ +lib/security/pam_cracklib.so diff --git a/debian/libpam-doc.doc-base.admin-guide b/debian/libpam-doc.doc-base.admin-guide new file mode 100644 index 00000000..f06d1688 --- /dev/null +++ b/debian/libpam-doc.doc-base.admin-guide @@ -0,0 +1,14 @@ +Document: pam-admin-guide +Title: The Linux-PAM System Administrators' Guide +Author: Andrew G. Morgan <morgan@linux.kernel.org> +Abstract: This manual documents what a system administrator needs to know + about the Linux-PAM library. It covers the correct syntax of the PAM + configuration file and discusses strategies for maintaining a secure system. +Section: System/Administration + +Format: HTML +Index: /usr/share/doc/libpam-doc/html/Linux-PAM_SAG.html +Files: /usr/share/doc/libpam-doc/html/Linux-PAM_SAG.html /usr/share/doc/libpam-doc/html/sag-*.html + +Format: text +Files: /usr/share/doc/libpam-doc/txt/Linux-PAM_SAG.txt.gz diff --git a/debian/libpam-doc.doc-base.applications-guide b/debian/libpam-doc.doc-base.applications-guide new file mode 100644 index 00000000..f38ef1e5 --- /dev/null +++ b/debian/libpam-doc.doc-base.applications-guide @@ -0,0 +1,17 @@ +Document: pam-applications-guide +Title: The Linux-PAM Application Developers' Guide +Author: Andrew G. Morgan <morgan@linux.kernel.org> +Abstract: This manual documents what an application developer needs to know + about the Linux-PAM library. It describes how an application might use + the Linux-PAM library to authenticate users. In addition it contains a + description of the funtions to be found in libpam_misc library, that can + be used in general applications. Finally, it contains some comments on PAM + related security issues for the application developer. +Section: Programming + +Format: HTML +Index: /usr/share/doc/libpam-doc/html/Linux-PAM_ADG.html +Files: /usr/share/doc/libpam-doc/html/Linux-PAM_ADG.html /usr/share/doc/libpam-doc/html/adg*.html + +Format: text +Files: /usr/share/doc/libpam-doc/txt/Linux-PAM_ADG.txt.gz diff --git a/debian/libpam-doc.doc-base.modules-guide b/debian/libpam-doc.doc-base.modules-guide new file mode 100644 index 00000000..4708f381 --- /dev/null +++ b/debian/libpam-doc.doc-base.modules-guide @@ -0,0 +1,14 @@ +Document: pam-modules-guide +Title: The Linux-PAM Module Writers' Guide +Author: ndrew G. Morgan <morgan@linux.kernel.org> +Abstract: This manual documents what a programmer needs to know in order to + write a module that conforms to the Linux-PAM standard. It also discusses + some security issues from the point of view of the module programmer. +Section: Programming + +Format: HTML +Index: /usr/share/doc/libpam-doc/html/Linux-PAM_MWG.html +Files: /usr/share/doc/libpam-doc/html/Linux-PAM_MWG.html /usr/share/doc/libpam-doc/html/mwg*.html + +Format: text +Files: /usr/share/doc/libpam-doc/txt/Linux-PAM_MWG.txt.gz diff --git a/debian/libpam-doc.install b/debian/libpam-doc.install new file mode 100644 index 00000000..3129ebf1 --- /dev/null +++ b/debian/libpam-doc.install @@ -0,0 +1,3 @@ +debian/tmp/usr/share/doc/Linux-PAM/*.html usr/share/doc/libpam-doc/html +debian/tmp/usr/share/doc/Linux-PAM/*.txt usr/share/doc/libpam-doc/txt + diff --git a/debian/libpam-modules.conffiles.hurd-i386 b/debian/libpam-modules.conffiles.hurd-i386 new file mode 100644 index 00000000..cbcd432f --- /dev/null +++ b/debian/libpam-modules.conffiles.hurd-i386 @@ -0,0 +1,4 @@ +/etc/security/access.conf +/etc/security/group.conf +/etc/security/pam_env.conf +/etc/security/time.conf diff --git a/debian/libpam-modules.examples b/debian/libpam-modules.examples new file mode 100644 index 00000000..f9de4282 --- /dev/null +++ b/debian/libpam-modules.examples @@ -0,0 +1,2 @@ +modules/pam_filter/upperLOWER/*.c + diff --git a/debian/libpam-modules.files b/debian/libpam-modules.files new file mode 100644 index 00000000..57187b51 --- /dev/null +++ b/debian/libpam-modules.files @@ -0,0 +1,4 @@ +etc/security/ +sbin/unix_chkpwd +sbin/unix_update +sbin/pam_tally diff --git a/debian/libpam-modules.links b/debian/libpam-modules.links new file mode 100644 index 00000000..e87ff8f0 --- /dev/null +++ b/debian/libpam-modules.links @@ -0,0 +1,5 @@ +/lib/security/pam_unix.so /lib/security/pam_unix_acct.so +/lib/security/pam_unix.so /lib/security/pam_unix_auth.so +/lib/security/pam_unix.so /lib/security/pam_unix_passwd.so +/lib/security/pam_unix.so /lib/security/pam_unix_session.so +/lib/security/pam_rhosts.so /lib/security/pam_rhosts_auth.so diff --git a/debian/libpam-modules.lintian b/debian/libpam-modules.lintian new file mode 100644 index 00000000..e323f6f8 --- /dev/null +++ b/debian/libpam-modules.lintian @@ -0,0 +1,3 @@ +# yes, we know it's sgid, that's the whole point... +libpam-modules: setgid-binary sbin/unix_chkpwd 2755 root/shadow + diff --git a/debian/libpam-modules.manpages b/debian/libpam-modules.manpages new file mode 100644 index 00000000..d1a5495c --- /dev/null +++ b/debian/libpam-modules.manpages @@ -0,0 +1,2 @@ +debian/tmp/usr/share/man/man8/*.8 +debian/tmp/usr/share/man/man5/*.5 diff --git a/debian/libpam-modules.postinst b/debian/libpam-modules.postinst new file mode 100644 index 00000000..723877cf --- /dev/null +++ b/debian/libpam-modules.postinst @@ -0,0 +1,20 @@ +#!/bin/sh -e + +# If the user has removed the config file, respect this sign of dementia +# -- only create on package install. + +if [ -z "$2" ] || dpkg --compare-versions "$2" lt 0.99.7.1-3 +then + if ! [ -f /etc/security/opasswd ]; then + umask 066 + touch /etc/security/opasswd + umask 022 + fi +fi + +if dpkg --compare-versions "$2" lt 0.99.9.0-1 && ! [ -f /etc/environment ] +then + touch /etc/environment +fi + +#DEBHELPER# diff --git a/debian/libpam-runtime.install b/debian/libpam-runtime.install new file mode 100644 index 00000000..34ed6fe1 --- /dev/null +++ b/debian/libpam-runtime.install @@ -0,0 +1,5 @@ +debian/tmp/etc/pam.conf etc +debian/tmp/etc/pam.d/other etc/pam.d +debian/tmp/usr/share/pam usr/share +debian/tmp/usr/sbin/pam_getenv usr/sbin +debian/tmp/usr/share/locale usr/share diff --git a/debian/libpam-runtime.links b/debian/libpam-runtime.links new file mode 100644 index 00000000..9afa90fd --- /dev/null +++ b/debian/libpam-runtime.links @@ -0,0 +1 @@ +usr/share/man/man7/PAM.7.gz usr/share/man/man7/pam.7.gz diff --git a/debian/libpam-runtime.manpages b/debian/libpam-runtime.manpages new file mode 100644 index 00000000..fe4dc477 --- /dev/null +++ b/debian/libpam-runtime.manpages @@ -0,0 +1,4 @@ +debian/tmp/usr/share/man/man5/pam.conf.5 +debian/tmp/usr/share/man/man5/pam.d.5 +debian/tmp/usr/share/man/man8/PAM.8 +debian/local/pam_getenv.8 diff --git a/debian/libpam-runtime.postinst b/debian/libpam-runtime.postinst new file mode 100644 index 00000000..5a734671 --- /dev/null +++ b/debian/libpam-runtime.postinst @@ -0,0 +1,21 @@ +#!/bin/sh -e + +# If the user has removed the config file, respect this sign of dementia +# -- only create on package install. + +if [ -z "$2" ] || dpkg --compare-versions "$2" lt 0.76-17 +then + for configfile in common-auth common-account common-session \ + common-password + do + if [ ! -f /etc/pam.d/$configfile ] || \ + fgrep -q `md5sum /etc/pam.d/$configfile` \ + /usr/share/pam/$configfile.md5sums 2>/dev/null + then + cp /usr/share/pam/$configfile /etc/pam.d/ + fi + done + rm -f /etc/pam.d/other.pre-upgrade 2>/dev/null || true +fi + +#DEBHELPER# diff --git a/debian/libpam-runtime.postrm b/debian/libpam-runtime.postrm new file mode 100644 index 00000000..13dd64f7 --- /dev/null +++ b/debian/libpam-runtime.postrm @@ -0,0 +1,16 @@ +#!/bin/sh -e + +if [ "$1" = "purge" ]; then + rm -f /etc/pam.d/common-auth /etc/pam.d/common-account \ + /etc/pam.d/common-session /etc/pam.d/common-password +fi + +case $1 in + abort-upgrade|abort-install) + mv /etc/pam.d/other.pre-upgrade /etc/pam.d/other 2>/dev/null ||true + ;; + esac + + + +#DEBHELPER# diff --git a/debian/libpam-runtime.preinst b/debian/libpam-runtime.preinst new file mode 100644 index 00000000..7eef6c46 --- /dev/null +++ b/debian/libpam-runtime.preinst @@ -0,0 +1,50 @@ +#! /bin/sh +# see: dh_installdeb(1) + +set -e + +remove_md5() { + if md5sum $1 2>/dev/null |grep -q $2; then + cp $1 $1.pre-upgrade + sed -e '/password[ \t]*required[ \t]*pam_unix.so/ s/ md5$//' $1 >$1.post-upgrade \ + && mv $1.post-upgrade $1 + fi + } + + + +# summary of how this script can be called: +# * <new-preinst> `install' +# * <new-preinst> `install' <old-version> +# * <new-preinst> `upgrade' <old-version> +# * <old-preinst> `abort-upgrade' <new-version> +# +# for details, see http://www.debian.org/doc/debian-policy/ or +# the debian-policy package + + +case "$1" in + install|upgrade) + if [ "x$2" != "x" ] ; then + if dpkg --compare-versions $2 lt 0.76 ; then + remove_md5 /etc/pam.d/other a9a9d551b75001ccb5b553927e46e601 + fi + fi + + ;; + + abort-upgrade) + ;; + + *) + echo "preinst called with unknown argument \`$1'" >&2 + exit 1 + ;; +esac + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0 diff --git a/debian/libpam0g-dev.examples b/debian/libpam0g-dev.examples new file mode 100644 index 00000000..96a23a81 --- /dev/null +++ b/debian/libpam0g-dev.examples @@ -0,0 +1,6 @@ +examples/Makefile +examples/blank.c +examples/check_user.c +examples/vpass.c +examples/xsh.c +libpamc/test/* diff --git a/debian/libpam0g-dev.files b/debian/libpam0g-dev.files new file mode 100644 index 00000000..cc53b1eb --- /dev/null +++ b/debian/libpam0g-dev.files @@ -0,0 +1,4 @@ +usr/include/security/* +usr/lib/libpam.a +usr/lib/libpamc.a +usr/lib/libpam_misc.a diff --git a/debian/libpam0g-dev.links b/debian/libpam0g-dev.links new file mode 100644 index 00000000..f595eeb9 --- /dev/null +++ b/debian/libpam0g-dev.links @@ -0,0 +1,3 @@ +/lib/libpam.so.0 usr/lib/libpam.so +/lib/libpamc.so.0 usr/lib/libpamc.so +/lib/libpam_misc.so.0 usr/lib/libpam_misc.so diff --git a/debian/libpam0g-dev.manpages b/debian/libpam0g-dev.manpages new file mode 100644 index 00000000..7c726776 --- /dev/null +++ b/debian/libpam0g-dev.manpages @@ -0,0 +1 @@ +debian/tmp/usr/share/man/man3/* diff --git a/debian/libpam0g.docs b/debian/libpam0g.docs new file mode 100644 index 00000000..110bd880 --- /dev/null +++ b/debian/libpam0g.docs @@ -0,0 +1 @@ +debian/local/Debian-PAM-MiniPolicy diff --git a/debian/libpam0g.files b/debian/libpam0g.files new file mode 100644 index 00000000..d9178d41 --- /dev/null +++ b/debian/libpam0g.files @@ -0,0 +1 @@ +lib/lib*.so.* diff --git a/debian/libpam0g.lintian b/debian/libpam0g.lintian new file mode 100644 index 00000000..f66356af --- /dev/null +++ b/debian/libpam0g.lintian @@ -0,0 +1,8 @@ +# obvious multilib package false-positive; also the package name hasn't +# changed since the glibc transition, go us! +libpam0g: package-name-doesnt-match-sonames libpam0 libpam-misc0 libpamc0 +# yes, these are deliberately asked in the postinst because the checking +# for daemons to be restarted needs to be done in the postinst and not +# before +libpam0g: no-debconf-config +libpam0g: postinst-uses-db-input diff --git a/debian/libpam0g.postinst b/debian/libpam0g.postinst new file mode 100644 index 00000000..164e07af --- /dev/null +++ b/debian/libpam0g.postinst @@ -0,0 +1,211 @@ +#!/bin/bash + +# postinst based heavily on the postinst of libssl0.9.8, courtesy of +# Christoph Martin. + +. /usr/share/debconf/confmodule + +set -e + +# element() is a helper function for file-rc: +element() { + local element list IFS + + element="$1" + + [ "$2" = "in" ] && shift + list="$2" + [ "$list" = "-" ] && return 1 + [ "$list" = "*" ] && return 0 + + IFS="," + set -- $list + case $element in + "$1"|"$2"|"$3"|"$4"|"$5"|"$6"|"$7"|"$8"|"$9") + return 0 + esac + return 1 +} + +# filerc (runlevel, service) returns /etc/init.d/service, if service is +# running in $runlevel: +filerc() { + local runlevel basename + runlevel=$1 + basename=$2 + while read LINE + do + case $LINE in + \#*|"") continue + esac + + set -- $LINE + SORT_NO="$1"; STOP="$2"; START="$3"; CMD="$4" + [ "$CMD" = "/etc/init.d/$basename" ] || continue + + if element "$runlevel" in "$START" || element "S" in "$START" + then + echo "/etc/init.d/$basename" + return 0 + fi + done < /etc/runlevel.conf + echo "" +} + +installed_services() { + check="$@" + + # Only get the ones that are installed, and configured + check=$(dpkg -s $check 2> /dev/null | egrep '^Package:|^Status:' | awk '{if ($1 ~ /^Package:/) { package=$2 } else if ($0 ~ /^Status: .* installed$/) { print package }}') + + # some init scripts don't match the package names + check=$(echo $check | \ + sed -e's/\bapache2-common\b/apache2/g' \ + -e's/\bat\b/atd/g' \ + -e's/\bdovecot-common\b/dovecot/g' \ + -e's/\bdante-server\b/danted/g' \ + -e's/\bexim4-base\b/exim4/g' \ + -e's/\bheartbeat-2\b/heartbeat/g' \ + -e's/\bhylafax-server\b/hylafax/g' \ + -e's/\bpartimage-server\b/partimaged/g' \ + -e's/\bsasl2-bin\b/saslauthd/g' \ + ) + + for service in $check; do + if [ -x "`which invoke-rc.d 2>/dev/null`" ]; then + idl=$(ls /etc/init.d/${service} 2> /dev/null | head -n 1) + if [ -n "$idl" ] && [ -x $idl ]; then + services="$service $services" + else + echo "WARNING: init script for $service not found." >&2 + fi + else + if [ -f /usr/share/file-rc/rc ] || [ -f /usr/lib/file-rc/rc ] && [ -f /etc/runlevel.conf ]; then + idl=$(filerc $rl $service) + else + idl=$(ls /etc/rc${rl}.d/S??${service} 2> /dev/null | head -n 1) + fi + if [ -n "$idl" ] && [ -x $idl ]; then + services="$service $services" + fi + fi + done + echo "$services" +} + +if [ "$1" = "configure" ] +then + if [ ! -z "$2" ]; then + if dpkg --compare-versions "$2" lt 0.99.10.0; then + db_version 2.0 + + echo -n "Checking for services that may need to be restarted..." + + check="apache2-common at bayonne cherokee courier-authdaemon" + check="$check cron cupsys" + check="$check dante-server diald dovecot-common exim exim4-base" + check="$check fcron fireflier-server freeradius gdm heartbeat" + check="$check heartbeat-2 hylafax-server iiimf-server inn2" + check="$check kannel linesrv linesrv-mysql lsh-server" + check="$check muddleftpd netatalk nuauth partimage-server" + check="$check perdition pgpool popa3d postgresql-7.4" + check="$check postgresql-8.1 postgresql-8.2 proftpd pure-ftpd" + check="$check pure-ftpd-ldap pure-ftpd-mysql" + check="$check pure-ftpd-postgresql racoon samba sasl2-bin" + check="$check sfs-server solid-pop3d squid squid3 tac-plus" + check="$check vsftpd wu-ftpd wzdftpd xrdp yardradius yaws" + + if ! who | awk '{print $2}'|grep -q ':[0-9]'; then + check="$check kdm wdm xdm" + fi + + echo "Checking init scripts..." + services=$(installed_services "$check") + if [ -n "$services" ]; then + db_reset libpam0g/restart-services + db_set libpam0g/restart-services "$services" + db_input critical libpam0g/restart-services || true + db_go || true + db_get libpam0g/restart-services + + if [ "x$RET" != "x" ] + then + services=$RET + else + services="" + fi + echo + if [ "$services" != "" ]; then + echo "Restarting services possibly affected by the upgrade:" + failed="" + rl=$(runlevel | sed 's/.*\ //') + for service in $services; do + if [ -x "`which invoke-rc.d 2>/dev/null`" ]; then + idl="invoke-rc.d ${service}" + elif [ -f /usr/share/file-rc/rc ] || [ -f /usr/lib/file-rc/rc ] && [ -f /etc/runlevel.conf ]; then + idl=$(filerc $rl $service) + else + idl=$(ls /etc/rc${rl}.d/S??${service} 2> /dev/null | head -n 1) + fi + + case "$service" in + gdm) + echo -n " $service: reloading..." + if $idl reload > /dev/null 2>&1; then + echo "done." + else + echo "FAILED! ($?)" + failed="$service $failed" + fi + continue + ;; + esac + echo -n " $service: stopping..." + $idl stop > /dev/null 2>&1 || true + sleep 1 + echo -n "starting..." + if $idl start > /dev/null 2>&1; then + echo "done." + else + echo "FAILED! ($?)" + failed="$service $failed" + fi + done + echo + if [ -n "$failed" ]; then + db_subst libpam0g/restart-failed services "$failed" + db_input critical libpam0g/restart-failed || true + db_go || true + else + echo "Services restarted successfully." + fi + echo + fi + else + echo "Nothing to restart." + fi + + if who | awk '{print $2}' | grep -q ':[0-9]'; then + dms="" + for service in kdm wdm xdm; do + case "$services" in + *$service*) ;; + *) dms="$dms $service" + esac + done + services=$(installed_services "$dms") + if [ -n "$services" ]; then + db_input critical libpam0g/xdm-needs-restart || true + db_go || true + fi + fi + + # Shut down the frontend, to make sure none of the + # restarted services keep a connection open to it + db_stop + fi # end upgrading and $2 lt 0.99.10.0 + fi # Upgrading +fi + +#DEBHELPER# + diff --git a/debian/libpam0g.symbols b/debian/libpam0g.symbols new file mode 100644 index 00000000..1d2c9f91 --- /dev/null +++ b/debian/libpam0g.symbols @@ -0,0 +1,9 @@ +libpam.so.0 libpam0g #MINVER# + *@LIBPAM_1.0 0.99.7.1 + *@LIBPAM_EXTENSION_1.0 0.99.7.1 + *@LIBPAM_MODUTIL_1.0 0.99.7.1 + *@LIBPAM_MODUTIL_1.1 0.99.10.0 +libpam_misc.so.0 libpam0g #MINVER# + *@LIBPAM_MISC_1.0 0.99.7.1 +libpamc.so.0 libpam0g #MINVER# + *@LIBPAMC_1.0 0.99.7.1 diff --git a/debian/libpam0g.templates b/debian/libpam0g.templates new file mode 100644 index 00000000..7627c7e8 --- /dev/null +++ b/debian/libpam0g.templates @@ -0,0 +1,30 @@ +Template: libpam0g/restart-services +Type: string +_Description: Services to restart for PAM library upgrade: + Most services that use PAM need to be restarted to use modules built for + this new version of libpam. Please review the following space-separated + list of init.d scripts for services to be restarted now, and correct it + if needed. + . + Some other services such as xscreensaver, gnome-screensaver, and xlockmore + cannot be restarted for you. You will not be able to authenticate to these + services until you restart them manually. + +Template: libpam0g/xdm-needs-restart +Type: error +_Description: Display manager must be restarted manually + The kdm, wdm, and xdm display managers require a restart for the new + version of libpam, but there are X login sessions active on your system that + would be terminated by this restart. You will therefore need to restart + these services by hand before further X logins will be possible. + +Template: libpam0g/restart-failed +Type: error +#flag:translate!:3 +_Description: Failure restarting some services for PAM upgrade + The following services could not be restarted for the PAM library upgrade: + . + ${services} + . + You will need to start these manually by running + '/etc/init.d/<service> start'. diff --git a/debian/local/Debian-PAM-MiniPolicy b/debian/local/Debian-PAM-MiniPolicy new file mode 100644 index 00000000..cfbfd471 --- /dev/null +++ b/debian/local/Debian-PAM-MiniPolicy @@ -0,0 +1,161 @@ +Author: Ben Collins <bcollins@debian.org> +Modified by: Sam Hartman <hartmans@debian.org> + +Objective: To document a base set of policies regarding PAM (Pluggable +Authentication Modules) usage in Debian packages. + +=========================================================================== + +In order to have a consistent and stable implementation across packages +that use PAM, these guidelines will help to avoid some common mistakes and +be usable as a cross reference for FAQ's. + +This document will not go into the details of how to add PAM usage to +existing code, please read the documentation in the libpam-doc package for +info on this, however it does specify behavior needed to make sure PAM +modules in Debian will work with your application. + +================== + PAM Applications +================== + +Each application that uses PAM also must contain a file in +/etc/pam.d/. This file specifies which PAM modules will be used for +the common PAM functions in that application. There are several notes +concerning what modules to use in this file. Most commonly, this file +should use the @include directive to include common-auth, +common-session, common-account and common-password. Under some +circumstances (such as ftp auth, or auth based on tty) other modules +will be required. + +Here is an example of a PAM configuration file that just includes the common module fragments: + # + # /etc/pam.d/other - specify the PAM fallback behaviour + # + # Note that this file is used for any unspecified service; for example + #if /etc/pam.d/cron specifies no session modules but cron calls + #pam_open_session, the session module out of /etc/pam.d/other is + #used. If you really want nothing to happen then use pam_permit.so or + #pam_deny.so as appropriate. + + # We fall back to the system default in /etc/pam.d/common-* + # + + @include common-auth + @include common-account + @include common-password + @include common-session + + +The name of this file is determined by the call to pam_start() in the +application source code. The first parameter will be a string containing +the "service" name (eg. "login", "httpd", etc..). Please make sure that +the filename coincides with this parameter. + +The file should _not_ reference the full path of the modules. It only needs +to reference the basename (eg. "pam_unix.so"). This will ensure that the +program continues to work even if the module location changes, since +libpam itself will resolve the location. + +Under no circumstances should any program in Debian use the pam_pwdb.so +module by default. Instead the pam_unix.so module should be used. Most +programs with RedHat support/default files will reference pam_pwdb.so in +their example files. Do not use this. There are several problems with +regard to pam_pwdb.so: + + 1) It attempts to reimplement glibc's NSS code. For example, if your + program uses pam_pwdb.so, and the user changes /etc/nsswitch.conf to use + NIS, NIS+, or LDAP, then your program will fail to work unless the user + also knows to edit /etc/pwdb.conf (which is not necessary for + pam_unix.so). In the case of LDAP, the program would become absolutely + useless until the user modifies the pam.d file themselves to use + pam_unix.so. + + 2) It adds to the layer of glibc function calls making it harder to + debug problems. Because libpwdb masks glibc native calls, it requires + being able to debug libpwdb, libpam, libc and the offending program. + +Note that pam_unix.so takes the same module arguments as pam_pwdb.so, so +you can just replace the references. If you are not sure if the pam.d +files is correctly setup, please feel free to email it to me, and I will +glance it over. + +UPDATE: libpwdb and this libpam-pwdb have been removed from Debian as of +Woody. So even if you decided to use pam_pwdb, it will be broken, so HAHA +:) + +You should also not use the pam_stack module in the pam config file. +It's not currently in Debian so it won't work. While I cannot stop +someone from packaging pam_stack for Debian, I will try to convince +them that it is not the direction we want. Pam_stack (among other +faults) uses different pam handles for each step in the process--the +handle used for session management is not the same as the handle used +for authentication. This breaks several modules. We will have an +alternate solution for shared PAM configuration across modules. + + +Currently libpam-modules is in the base setup, so it's dependency is not +needed (since the library depends on the correct version). However, if any +modules other than the base set in libpam-modules are used, that package +must be depended on. + +Applications need to depend on libpam-runtime (>= 0.76-14) to +guarantee that /etc/pam.d/common-* exist. + + +The pam_unix.so module allows programs to verify the authentication of the +uid of the calling process without any set bits (uid or gid). NOTE: this +means the user executing the program, you cannot authenticate against other +users without suid root (root makes sure the NIS and NIS+ works too) or +at least sgid shadow (wont work in the above cases). Most notably this +affects programs like apache from being able to use PAM with much success +since it runs as www-data which has no priviledges and cannot use pam_unix.so +to auth against other users. On the other hand is does allow program like +vlock to auth (but not auth the root password). + +The application needs to follow the following rules to make sure PAM +modules work: + +1) Use the same PAM handle for all operations. This means it is not OK +to call pam_start once for authentication and then later for session +management. Modules need to be able to store pam_data between entry +points. + +2) The pam_open_session and pam_setcred calls must be made in a parent +process of the eventual session. They need to be able to enfluence +the environment of the session. + +3) If you are started as root or have root privs for some other +reason, pam_open_session and pam_setcred should be called while still +root. + +4) Implied by 1, make sure that pam_close_session and pam_end are +called in the same process or a process decended from the execution +context as pam_open_session and pam_setcred. The pam_close_session +call may need state stored in the handle by the open session entry +point to clean up properly. The pam_finish call may need to free data +(thus influencing system state in some cases) allocated in the earlier +calls. + + + +============= + PAM Modules +============= + +Separately packaged pam modules should adhere to a few basic setup rules: + + 1) Packages should use the naming scheme of `libpam-<name>' (eg. + libpam-ldap). + + 2) The modules should be located in the directory of the most recent + libpam-modules (currently /lib/security). + + 3) The module should be named as pam_<name>.so. The module should not + contain a version suffix. + + 4) The module should be linked to libpam (-lpam) when compiled so that + proper version dependencies will work. + + 5) Any config files should be located in /etc/security. The filename + will be in the form of <name>.conf. diff --git a/debian/local/common-account b/debian/local/common-account new file mode 100644 index 00000000..67983019 --- /dev/null +++ b/debian/local/common-account @@ -0,0 +1,9 @@ +# +# /etc/pam.d/common-account - authorization settings common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of the authorization modules that define +# the central access policy for use on the system. The default is to +# only deny service to users whose accounts are expired in /etc/shadow. +# +account required pam_unix.so diff --git a/debian/local/common-auth b/debian/local/common-auth new file mode 100644 index 00000000..63d129aa --- /dev/null +++ b/debian/local/common-auth @@ -0,0 +1,10 @@ +# +# /etc/pam.d/common-auth - authentication settings common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of the authentication modules that define +# the central authentication scheme for use on the system +# (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the +# traditional Unix authentication mechanisms. +# +auth required pam_unix.so nullok_secure diff --git a/debian/local/common-auth.md5sums b/debian/local/common-auth.md5sums new file mode 100644 index 00000000..31477ad0 --- /dev/null +++ b/debian/local/common-auth.md5sums @@ -0,0 +1 @@ +933d757dcd5974b00619f68955743be7 /etc/pam.d/common-auth diff --git a/debian/local/common-password b/debian/local/common-password new file mode 100644 index 00000000..45959eb5 --- /dev/null +++ b/debian/local/common-password @@ -0,0 +1,34 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "nullok" option allows users to change an empty password, else +# empty passwords are treated as locked accounts. +# +# The "md5" option enables MD5 passwords. Without this option, the +# default is Unix crypt. +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# You can also use the "min" option to enforce the length of the new +# password. +# +# See the pam_unix manpage for other options. + +password required pam_unix.so nullok obscure md5 + +# Alternate strength checking for password. Note that this +# requires the libpam-cracklib package to be installed. +# You will need to comment out the password line above and +# uncomment the next two in order to use this. +# (Replaces the `OBSCURE_CHECKS_ENAB', `CRACKLIB_DICTPATH') +# +# password required pam_cracklib.so retry=3 minlen=6 difok=3 +# password required pam_unix.so use_authtok nullok md5 + diff --git a/debian/local/common-password.md5sums b/debian/local/common-password.md5sums new file mode 100644 index 00000000..569ca682 --- /dev/null +++ b/debian/local/common-password.md5sums @@ -0,0 +1,2 @@ +601ecfbc99fd359877552cb5298087ad /etc/pam.d/common-password +e5ae8ba8d00083c922d9d82a0432ef78 /etc/pam.d/common-password diff --git a/debian/local/common-session b/debian/local/common-session new file mode 100644 index 00000000..dc11da6d --- /dev/null +++ b/debian/local/common-session @@ -0,0 +1,9 @@ +# +# /etc/pam.d/common-session - session-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define tasks to be performed +# at the start and end of sessions of *any* kind (both interactive and +# non-interactive). The default is pam_unix. +# +session required pam_unix.so diff --git a/debian/local/other b/debian/local/other new file mode 100644 index 00000000..59d776c9 --- /dev/null +++ b/debian/local/other @@ -0,0 +1,16 @@ +# +# /etc/pam.d/other - specify the PAM fallback behaviour +# +# Note that this file is used for any unspecified service; for example +#if /etc/pam.d/cron specifies no session modules but cron calls +#pam_open_session, the session module out of /etc/pam.d/other is +#used. If you really want nothing to happen then use pam_permit.so or +#pam_deny.so as appropriate. + +# We fall back to the system default in /etc/pam.d/common-* +# + +@include common-auth +@include common-account +@include common-password +@include common-session diff --git a/debian/local/pam.conf b/debian/local/pam.conf new file mode 100644 index 00000000..3eeb72d3 --- /dev/null +++ b/debian/local/pam.conf @@ -0,0 +1,15 @@ +# ---------------------------------------------------------------------------# +# /etc/pam.conf # +# ---------------------------------------------------------------------------# +# +# NOTE +# ---- +# +# NOTE: Most program use a file under the /etc/pam.d/ directory to setup their +# PAM service modules. This file is used only if that directory does not exist. +# ---------------------------------------------------------------------------# + +# Format: +# serv. module ctrl module [path] ...[args..] # +# name type flag # + diff --git a/debian/local/pam_getenv b/debian/local/pam_getenv new file mode 100644 index 00000000..2abddcad --- /dev/null +++ b/debian/local/pam_getenv @@ -0,0 +1,123 @@ +#!/usr/bin/perl -w + +=head1 NAME + +pam_getenv - get environment variables from /etc/environment + +=head1 SYNOPSIS + +pam_getenv B<[-l] [-s]> I<env_var> + +=head1 DESCRIPTION + +This tool will print out the value of I<env_var> from F</etc/environment>. It will attempt to expand environment variable references in the definition of I<env_var> but will fail if PAM items are expanded. + +The B<-l> option indicates the script should return an environment variable related to default locale information. + +The B<-s> option indicates that the script should return an +system default environment variable. + +Currently neither the B<-l> or B<-s> options do anything. They are +included because future versions of Debian may have a separate +repository for the initial environment used by init scripts and for +system locale information. These options will allow this script to be +a stable interface even in that environment. + +=cut + +# Copyright 2004 by Sam Hartman +# This script may be copied under the terms of the GNU GPL +# version 2, or at your option any later version. + +use strict; +use vars qw(*CONFIGFILE *ENVFILE); + +sub read_line($) { + my $fh = shift; + my $line; + local $_; + line: while (<$fh>) { + chomp; + s/^\s+//; +s/\#.*$//; + next if $_ eq ""; + if (s/\\\s*$//) { + $line .= $_; + next line; + } + + $line .= $_; + last; + } + $line; + +} + + +sub parse_line($) { + my $var; + my (%x, @x); + local $_ = shift; + return undef unless defined $_ and s/(\S+)\s//; + $var->{Name} = $1; + s/^\s*//; + @x = split(/=([^"\s]\S*|"[^"]*")\s*/, $_); + unless (scalar(@x)%2 == 0) { + push @x, undef; + } + %x = @x; + @{$var}{"Default", "Override"} = + @x{"DEFAULT", "OVERRIDE"}; + $var; +} + +sub expand_val($) { + my ($val) = @_; +return undef unless $val; + die "Cannot handle PAM items\n" if /(?<!\\)\@/; + $val =~ s/(?<!\\)\${([^}]+)}/$ENV{$1}||""/eg; + return $val; +} + +my $lookup; + +while ($_ = shift) { + next if $_ eq "-s"; + next if $_ eq "-l"; + $lookup = $_; + last; +} +unless (defined $lookup) { + die "Usage: pam_getenv [-l] [-s] env_var\n"; +} + +my %allvars; + +open (CONFIGFILE, "/etc/security/pam_env.conf") + or die "Cannot open environment file: $!\n"; + +while (my $var = parse_line(read_line(\*CONFIGFILE))) { + my $val; + unless ($val = expand_val($var->{Override})) { + $val = expand_val($var->{Default}); + } + $allvars{$var->{Name}} = $val; +} + +if (open (ENVFILE, "/etc/environment")) { + while (my $line = read_line(\*ENVFILE)) { + $line =~ s/^export //; + $line =~ /(.*?)=(.+)/ or next; + my ($var, $val) = ($1, $2); + # This is bizarre logic (" and ' match each other, quotes are only + # significant at the start and end of the string, and the trailing quote + # may be omitted), but it's what pam_env does. + $val =~ s/^["'](.*?)["']?$/$1/; + $allvars{$var} = $val; + } +} + +if (exists $allvars{$lookup}) { + print $allvars{$lookup}, "\n"; + exit(0); +} diff --git a/debian/patches-applied/007_modules_pam_unix b/debian/patches-applied/007_modules_pam_unix new file mode 100644 index 00000000..708db65b --- /dev/null +++ b/debian/patches-applied/007_modules_pam_unix @@ -0,0 +1,646 @@ +Index: pam.deb/modules/pam_unix/pam_unix_passwd.c +=================================================================== +--- pam.deb.orig/modules/pam_unix/pam_unix_passwd.c ++++ pam.deb/modules/pam_unix/pam_unix_passwd.c +@@ -92,6 +92,9 @@ + unsigned long versnum, unsigned int proto); + #endif /* GNU libc 2.1 */ + ++extern const char *obscure_msg(const char *, const char *, const struct passwd *, ++ unsigned int); ++ + /* + How it works: + Gets in username (has to be done) from the calling program +@@ -438,7 +441,8 @@ + static int _pam_unix_approve_pass(pam_handle_t * pamh + ,unsigned int ctrl + ,const char *pass_old +- ,const char *pass_new) ++ ,const char *pass_new, ++ int pass_min_len) + { + const void *user; + const char *remark = NULL; +@@ -472,11 +476,10 @@ + #ifdef USE_CRACKLIB + remark = FascistCheck (pass_new, CRACKLIB_DICTS); + D(("called cracklib [%s]", remark)); +-#else +- if (strlen(pass_new) < 6) ++#endif ++ if (strlen(pass_new) < pass_min_len) + remark = _("You must choose a longer password"); + D(("length check [%s]", remark)); +-#endif + if (on(UNIX_REMEMBER_PASSWD, ctrl)) { + if ((retval = check_old_password(user, pass_new)) == PAM_AUTHTOK_ERR) + remark = _("Password has been already used. Choose another."); +@@ -486,6 +489,11 @@ + return retval; + } + } ++ if (!remark && pass_old != NULL) { /* only check if we don't already have a failure */ ++ struct passwd *pwd; ++ pwd = pam_modutil_getpwnam(pamh, user); ++ remark = (char *)obscure_msg(pass_old,pass_new,pwd,ctrl); /* do obscure checks */ ++ } + } + if (remark) { + _make_remark(pamh, ctrl, PAM_ERROR_MSG, remark); +@@ -502,6 +510,7 @@ + int retval; + int remember = -1; + int rounds = -1; ++ int pass_min_len = 6; + + /* <DO NOT free() THESE> */ + const char *user; +@@ -510,7 +519,8 @@ + + D(("called.")); + +- ctrl = _set_ctrl(pamh, flags, &remember, &rounds, argc, argv); ++ ctrl = _set_ctrl(pamh, flags, &remember, &rounds, &pass_min_len, ++ argc, argv); + + /* + * First get the name of a user +@@ -710,7 +720,8 @@ + if (*(const char *)pass_new == '\0') { /* "\0" password = NULL */ + pass_new = NULL; + } +- retval = _pam_unix_approve_pass(pamh, ctrl, pass_old, pass_new); ++ retval = _pam_unix_approve_pass(pamh, ctrl, pass_old, ++ pass_new, pass_min_len); + } + + if (retval != PAM_SUCCESS) { +@@ -739,7 +750,8 @@ + return retval; + } + +- retval = _pam_unix_approve_pass(pamh, ctrl, pass_old, pass_new); ++ retval = _pam_unix_approve_pass(pamh, ctrl, pass_old, pass_new, ++ pass_min_len); + if (retval != PAM_SUCCESS) { + pam_syslog(pamh, LOG_NOTICE, + "new password not acceptable 2"); +Index: pam.deb/modules/pam_unix/pam_unix_acct.c +=================================================================== +--- pam.deb.orig/modules/pam_unix/pam_unix_acct.c ++++ pam.deb/modules/pam_unix/pam_unix_acct.c +@@ -184,7 +184,7 @@ + + D(("called.")); + +- ctrl = _set_ctrl(pamh, flags, NULL, NULL, argc, argv); ++ ctrl = _set_ctrl(pamh, flags, NULL, NULL, NULL, argc, argv); + + retval = pam_get_item(pamh, PAM_USER, &void_uname); + uname = void_uname; +Index: pam.deb/modules/pam_unix/support.c +=================================================================== +--- pam.deb.orig/modules/pam_unix/support.c ++++ pam.deb/modules/pam_unix/support.c +@@ -53,7 +53,7 @@ + */ + + int _set_ctrl(pam_handle_t *pamh, int flags, int *remember, int *rounds, +- int argc, const char **argv) ++ int *pass_min_len, int argc, const char **argv) + { + unsigned int ctrl; + +@@ -79,6 +79,7 @@ + D(("SILENT")); + set(UNIX__QUIET, ctrl); + } ++ + /* now parse the arguments to this module */ + + while (argc-- > 0) { +@@ -88,7 +89,8 @@ + + for (j = 0; j < UNIX_CTRLS_; ++j) { + if (unix_args[j].token +- && !strncmp(*argv, unix_args[j].token, strlen(unix_args[j].token))) { ++ && !strncmp(*argv, unix_args[j].token, strlen(unix_args[j].token))) ++ { + break; + } + } +@@ -100,15 +102,17 @@ + ctrl &= unix_args[j].mask; /* for turning things off */ + ctrl |= unix_args[j].flag; /* for turning things on */ + +- if (remember != NULL) { +- if (j == UNIX_REMEMBER_PASSWD) { +- *remember = strtol(*argv + 9, NULL, 10); +- if ((*remember == INT_MIN) || (*remember == INT_MAX)) +- *remember = -1; +- if (*remember > 400) +- *remember = 400; +- } ++ /* special cases */ ++ if (remember != NULL && j == UNIX_REMEMBER_PASSWD) { ++ *remember = strtol(*argv + 9, NULL, 10); ++ if ((*remember == INT_MIN) || (*remember == INT_MAX)) ++ *remember = -1; ++ if (*remember > 400) ++ *remember = 400; ++ } else if (pass_min_len && j == UNIX_MIN_PASS_LEN) { ++ *pass_min_len = atoi(*argv + 4); + } ++ + if (rounds != NULL) { + if (j == UNIX_ALGO_ROUNDS) { + *rounds = strtol(*argv + 7, NULL, 10); +@@ -124,6 +128,11 @@ + ++argv; /* step to next argument */ + } + ++ if (off(UNIX_BIGCRYPT|UNIX_MD5_PASS|UNIX_SHA256_PASS|UNIX_SHA512_PASS, ++ ctrl) ++ && pass_min_len && *pass_min_len > 8) ++ *pass_min_len = 8; ++ + if (flags & PAM_DISALLOW_NULL_AUTHTOK) { + D(("DISALLOW_NULL_AUTHTOK")); + set(UNIX__NONULL, ctrl); +Index: pam.deb/modules/pam_unix/support.h +=================================================================== +--- pam.deb.orig/modules/pam_unix/support.h ++++ pam.deb/modules/pam_unix/support.h +@@ -88,8 +88,11 @@ + #define UNIX_SHA512_PASS 24 /* new password hashes will use SHA512 */ + #define UNIX_ALGO_ROUNDS 25 /* optional number of rounds for new + password hash algorithms */ ++#define UNIX_MAX_PASS_LEN 26 /* internal, for compatibility only */ ++#define UNIX_MIN_PASS_LEN 27 /* Min length for password */ ++#define UNIX_OBSCURE_CHECKS 28 /* enable obscure checks on passwords */ + /* -------------- */ +-#define UNIX_CTRLS_ 26 /* number of ctrl arguments defined */ ++#define UNIX_CTRLS_ 29 /* number of ctrl arguments defined */ + + + static const UNIX_Ctrls unix_args[UNIX_CTRLS_] = +@@ -97,32 +100,35 @@ + /* symbol token name ctrl mask ctrl * + * ----------------------- ------------------- --------------------- -------- */ + +-/* UNIX__OLD_PASSWD */ {NULL, _ALL_ON_, 01}, +-/* UNIX__VERIFY_PASSWD */ {NULL, _ALL_ON_, 02}, +-/* UNIX__IAMROOT */ {NULL, _ALL_ON_, 04}, +-/* UNIX_AUDIT */ {"audit", _ALL_ON_, 010}, +-/* UNIX_USE_FIRST_PASS */ {"use_first_pass", _ALL_ON_^(060), 020}, +-/* UNIX_TRY_FIRST_PASS */ {"try_first_pass", _ALL_ON_^(060), 040}, +-/* UNIX_NOT_SET_PASS */ {"not_set_pass", _ALL_ON_, 0100}, +-/* UNIX__PRELIM */ {NULL, _ALL_ON_^(0600), 0200}, +-/* UNIX__UPDATE */ {NULL, _ALL_ON_^(0600), 0400}, +-/* UNIX__NONULL */ {NULL, _ALL_ON_, 01000}, +-/* UNIX__QUIET */ {NULL, _ALL_ON_, 02000}, +-/* UNIX_USE_AUTHTOK */ {"use_authtok", _ALL_ON_, 04000}, +-/* UNIX_SHADOW */ {"shadow", _ALL_ON_, 010000}, +-/* UNIX_MD5_PASS */ {"md5", _ALL_ON_^(0400000), 020000}, +-/* UNIX__NULLOK */ {"nullok", _ALL_ON_^(01000), 0}, +-/* UNIX_DEBUG */ {"debug", _ALL_ON_, 040000}, +-/* UNIX_NODELAY */ {"nodelay", _ALL_ON_, 0100000}, +-/* UNIX_NIS */ {"nis", _ALL_ON_, 0200000}, +-/* UNIX_BIGCRYPT */ {"bigcrypt", _ALL_ON_^(020000), 0400000}, +-/* UNIX_LIKE_AUTH */ {"likeauth", _ALL_ON_, 01000000}, +-/* UNIX_REMEMBER_PASSWD */ {"remember=", _ALL_ON_, 02000000}, +-/* UNIX_NOREAP */ {"noreap", _ALL_ON_, 04000000}, +-/* UNIX_BROKEN_SHADOW */ {"broken_shadow", _ALL_ON_, 010000000}, +-/* UNIX_SHA256_PASS */ {"sha256", _ALL_ON_^(040420000), 020000000}, +-/* UNIX_SHA512_PASS */ {"sha512", _ALL_ON_^(020420000), 040000000}, +-/* UNIX_ALGO_ROUNDS */ {"rounds=", _ALL_ON_, 0100000000}, ++/* UNIX__OLD_PASSWD */ {NULL, _ALL_ON_, 0x1}, ++/* UNIX__VERIFY_PASSWD */ {NULL, _ALL_ON_, 0x2}, ++/* UNIX__IAMROOT */ {NULL, _ALL_ON_, 0x4}, ++/* UNIX_AUDIT */ {"audit", _ALL_ON_, 0x8}, ++/* UNIX_USE_FIRST_PASS */ {"use_first_pass", _ALL_ON_^(0x30), 0x10}, ++/* UNIX_TRY_FIRST_PASS */ {"try_first_pass", _ALL_ON_^(0x30), 0x20}, ++/* UNIX_NOT_SET_PASS */ {"not_set_pass", _ALL_ON_, 0x40}, ++/* UNIX__PRELIM */ {NULL, _ALL_ON_^(0x180), 0x80}, ++/* UNIX__UPDATE */ {NULL, _ALL_ON_^(0x180), 0x100}, ++/* UNIX__NONULL */ {NULL, _ALL_ON_, 0x200}, ++/* UNIX__QUIET */ {NULL, _ALL_ON_, 0x400}, ++/* UNIX_USE_AUTHTOK */ {"use_authtok", _ALL_ON_, 0x800}, ++/* UNIX_SHADOW */ {"shadow", _ALL_ON_, 0x1000}, ++/* UNIX_MD5_PASS */ {"md5", _ALL_ON_^(0xC22000), 0x2000}, ++/* UNIX__NULLOK */ {"nullok", _ALL_ON_^(0x200), 0}, ++/* UNIX_DEBUG */ {"debug", _ALL_ON_, 0x4000}, ++/* UNIX_NODELAY */ {"nodelay", _ALL_ON_, 0x8000}, ++/* UNIX_NIS */ {"nis", _ALL_ON_, 0x10000}, ++/* UNIX_BIGCRYPT */ {"bigcrypt", _ALL_ON_^(0xC22000), 0x20000}, ++/* UNIX_LIKE_AUTH */ {"likeauth", _ALL_ON_, 0x40000}, ++/* UNIX_REMEMBER_PASSWD */ {"remember=", _ALL_ON_, 0x80000}, ++/* UNIX_NOREAP */ {"noreap", _ALL_ON_, 0x100000}, ++/* UNIX_BROKEN_SHADOW */ {"broken_shadow", _ALL_ON_, 0x200000}, ++/* UNIX_SHA256_PASS */ {"sha256", _ALL_ON_^(0xC22000), 0x400000}, ++/* UNIX_SHA512_PASS */ {"sha512", _ALL_ON_^(0xC22000), 0x800000}, ++/* UNIX_ALGO_ROUNDS */ {"rounds=", _ALL_ON_, 0x1000000}, ++/* UNIX_MAX_PASS_LEN */ {"max=", _ALL_ON_, 0}, ++/* UNIX_MIN_PASS_LEN */ {"min=", _ALL_ON_, 0x2000000}, ++/* UNIX_OBSCURE_CHECKS */ {"obscure", _ALL_ON_, 0x4000000}, + }; + + #define UNIX_DEFAULTS (unix_args[UNIX__NONULL].flag) +@@ -139,7 +145,7 @@ + extern int _make_remark(pam_handle_t * pamh, unsigned int ctrl + ,int type, const char *text); + extern int _set_ctrl(pam_handle_t * pamh, int flags, int *remember, int *rounds, +- int argc, const char **argv); ++ int *pass_min_len, int argc, const char **argv); + extern int _unix_getpwnam (pam_handle_t *pamh, + const char *name, int files, int nis, + struct passwd **ret); +Index: pam.deb/modules/pam_unix/pam_unix.8.xml +=================================================================== +--- pam.deb.orig/modules/pam_unix/pam_unix.8.xml ++++ pam.deb/modules/pam_unix/pam_unix.8.xml +@@ -306,6 +306,90 @@ + </para> + </listitem> + </varlistentry> ++ <varlistentry> ++ <term> ++ <option>min=<replaceable>n</replaceable></option> ++ </term> ++ <listitem> ++ <para> ++ Set a minimum password length of <replaceable>n</replaceable> ++ characters. The default value is 1. ++ </para> ++ </listitem> ++ </varlistentry> ++ <varlistentry> ++ <term> ++ <option>obscure</option> ++ </term> ++ <listitem> ++ <para> ++ Enable some extra checks on password strength. These checks ++ are based on the "obscure" checks in the original shadow ++ package. The behavior is similar to the pam_cracklib ++ module, but for non-dictionary-based checks. The following ++ checks are implemented: ++ <variablelist> ++ <varlistentry> ++ <term> ++ <option>Palindrome</option> ++ </term> ++ <listitem> ++ <para> ++ Verifies that the new password is not a palindrome ++ of (i.e., the reverse of) the previous one. ++ </para> ++ </listitem> ++ </varlistentry> ++ <varlistentry> ++ <term> ++ <option>Case Change Only</option> ++ </term> ++ <listitem> ++ <para> ++ Verifies that the new password isn't the same as the ++ old one with a change of case. ++ </para> ++ </listitem> ++ </varlistentry> ++ <varlistentry> ++ <term> ++ <option>Similar</option> ++ </term> ++ <listitem> ++ <para> ++ Verifies that the new password isn't too much like ++ the previous one. ++ </para> ++ </listitem> ++ </varlistentry> ++ <varlistentry> ++ <term> ++ <option>Simple</option> ++ </term> ++ <listitem> ++ <para> ++ Is the new password too simple? This is based on ++ the length of the password and the number of ++ different types of characters (alpha, numeric, etc.) ++ used. ++ </para> ++ </listitem> ++ </varlistentry> ++ <varlistentry> ++ <term> ++ <option>Rotated</option> ++ </term> ++ <listitem> ++ <para> ++ Is the new password a rotated version of the old ++ password? (E.g., "billy" and "illyb") ++ </para> ++ </listitem> ++ </varlistentry> ++ </variablelist> ++ </para> ++ </listitem> ++ </varlistentry> + </variablelist> + <para> + Invalid arguments are logged with <citerefentry> +Index: pam.deb/modules/pam_unix/obscure.c +=================================================================== +--- /dev/null ++++ pam.deb/modules/pam_unix/obscure.c +@@ -0,0 +1,198 @@ ++/* ++ * Copyright 1989 - 1994, Julianne Frances Haugh ++ * All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in the ++ * documentation and/or other materials provided with the distribution. ++ * 3. Neither the name of Julianne F. Haugh nor the names of its contributors ++ * may be used to endorse or promote products derived from this software ++ * without specific prior written permission. ++ * ++ * THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND ++ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ++ * ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE ++ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL ++ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS ++ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT ++ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY ++ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF ++ * SUCH DAMAGE. ++ */ ++ ++#include "config.h" ++ ++#include <ctype.h> ++#include <stdio.h> ++#include <unistd.h> ++#include <string.h> ++#include <stdlib.h> ++#include <pwd.h> ++#include <security/pam_modules.h> ++#include <security/_pam_macros.h> ++ ++ ++#include "support.h" ++ ++/* can't be a palindrome - like `R A D A R' or `M A D A M' */ ++static int palindrome(const char *old, const char *new) { ++ int i, j; ++ ++ i = strlen (new); ++ ++ for (j = 0;j < i;j++) ++ if (new[i - j - 1] != new[j]) ++ return 0; ++ ++ return 1; ++} ++ ++/* more than half of the characters are different ones. */ ++static int similar(const char *old, const char *new) { ++ int i, j; ++ ++ /* ++ * XXX - sometimes this fails when changing from a simple password ++ * to a really long one (MD5). For now, I just return success if ++ * the new password is long enough. Please feel free to suggest ++ * something better... --marekm ++ */ ++ if (strlen(new) >= 8) ++ return 0; ++ ++ for (i = j = 0; new[i] && old[i]; i++) ++ if (strchr(new, old[i])) ++ j++; ++ ++ if (i >= j * 2) ++ return 0; ++ ++ return 1; ++} ++ ++/* a nice mix of characters. */ ++static int simple(const char *old, const char *new) { ++ int digits = 0; ++ int uppers = 0; ++ int lowers = 0; ++ int others = 0; ++ int size; ++ int i; ++ ++ for (i = 0;new[i];i++) { ++ if (isdigit (new[i])) ++ digits++; ++ else if (isupper (new[i])) ++ uppers++; ++ else if (islower (new[i])) ++ lowers++; ++ else ++ others++; ++ } ++ ++ /* ++ * The scam is this - a password of only one character type ++ * must be 8 letters long. Two types, 7, and so on. ++ */ ++ ++ size = 9; ++ if (digits) size--; ++ if (uppers) size--; ++ if (lowers) size--; ++ if (others) size--; ++ ++ if (size <= i) ++ return 0; ++ ++ return 1; ++} ++ ++static char *str_lower(char *string) { ++ char *cp; ++ ++ for (cp = string; *cp; cp++) ++ *cp = tolower(*cp); ++ return string; ++} ++ ++static const char * password_check(const char *old, const char *new, ++ const struct passwd *pwdp) { ++ const char *msg = NULL; ++ char *oldmono, *newmono, *wrapped; ++ ++ if (strcmp(new, old) == 0) ++ return _("Bad: new password must be different than the old one"); ++ ++ newmono = str_lower(strdup(new)); ++ oldmono = str_lower(strdup(old)); ++ wrapped = (char *)malloc(strlen(oldmono) * 2 + 1); ++ strcpy (wrapped, oldmono); ++ strcat (wrapped, oldmono); ++ ++ if (palindrome(oldmono, newmono)) { ++ msg = _("Bad: new password cannot be a palindrome"); ++ } else if (strcmp(oldmono, newmono) == 0) { ++ msg = _("Bad: new and old password must differ by more than just case"); ++ } else if (similar(oldmono, newmono)) { ++ msg = _("Bad: new and old password are too similar"); ++ } else if (simple(old, new)) { ++ msg = _("Bad: new password is too simple"); ++ } else if (strstr(wrapped, newmono)) { ++ msg = _("Bad: new password is just a wrapped version of the old one"); ++ } ++ ++ _pam_delete(newmono); ++ _pam_delete(oldmono); ++ _pam_delete(wrapped); ++ ++ return msg; ++} ++ ++const char *obscure_msg(const char *old, const char *new, ++ const struct passwd *pwdp, unsigned int ctrl) { ++ int oldlen, newlen; ++ char *new1, *old1; ++ const char *msg; ++ ++ if (old == NULL) ++ return NULL; /* no check if old is NULL */ ++ ++ oldlen = strlen(old); ++ newlen = strlen(new); ++ ++ /* Remaining checks are optional. */ ++ if (off(UNIX_OBSCURE_CHECKS,ctrl)) ++ return NULL; ++ ++ if ((msg = password_check(old, new, pwdp)) != NULL) ++ return msg; ++ ++ /* The traditional crypt() truncates passwords to 8 chars. It is ++ possible to circumvent the above checks by choosing an easy ++ 8-char password and adding some random characters to it... ++ Example: "password$%^&*123". So check it again, this time ++ truncated to the maximum length. Idea from npasswd. --marekm */ ++ ++ if (on(UNIX_MD5_PASS,ctrl) || on(UNIX_BIGCRYPT,ctrl)) ++ return NULL; /* unlimited password length */ ++ ++ if (oldlen <= 8 && newlen <= 8) ++ return NULL; ++ ++ new1 = strndup(new,8); ++ old1 = strndup(old,8); ++ ++ msg = password_check(old1, new1, pwdp); ++ ++ _pam_delete(new1); ++ _pam_delete(old1); ++ ++ return msg; ++} +Index: pam.deb/modules/pam_unix/Makefile.am +=================================================================== +--- pam.deb.orig/modules/pam_unix/Makefile.am ++++ pam.deb/modules/pam_unix/Makefile.am +@@ -43,7 +43,7 @@ + + pam_unix_la_SOURCES = bigcrypt.c pam_unix_acct.c \ + pam_unix_auth.c pam_unix_passwd.c pam_unix_sess.c support.c \ +- passverify.c yppasswd_xdr.c md5_good.c md5_broken.c ++ passverify.c yppasswd_xdr.c md5_good.c md5_broken.c obscure.c + + bigcrypt_SOURCES = bigcrypt.c bigcrypt_main.c + bigcrypt_CFLAGS = $(AM_CFLAGS) +Index: pam.deb/modules/pam_unix/pam_unix_auth.c +=================================================================== +--- pam.deb.orig/modules/pam_unix/pam_unix_auth.c ++++ pam.deb/modules/pam_unix/pam_unix_auth.c +@@ -111,7 +111,7 @@ + + D(("called.")); + +- ctrl = _set_ctrl(pamh, flags, NULL, NULL, argc, argv); ++ ctrl = _set_ctrl(pamh, flags, NULL, NULL, NULL, argc, argv); + + /* Get a few bytes so we can pass our return value to + pam_sm_setcred(). */ +Index: pam.deb/modules/pam_unix/pam_unix_sess.c +=================================================================== +--- pam.deb.orig/modules/pam_unix/pam_unix_sess.c ++++ pam.deb/modules/pam_unix/pam_unix_sess.c +@@ -73,7 +73,7 @@ + + D(("called.")); + +- ctrl = _set_ctrl(pamh, flags, NULL, NULL, argc, argv); ++ ctrl = _set_ctrl(pamh, flags, NULL, NULL, NULL, argc, argv); + + retval = pam_get_item(pamh, PAM_USER, (void *) &user_name); + if (user_name == NULL || *user_name == '\0' || retval != PAM_SUCCESS) { +@@ -107,7 +107,7 @@ + + D(("called.")); + +- ctrl = _set_ctrl(pamh, flags, NULL, NULL, argc, argv); ++ ctrl = _set_ctrl(pamh, flags, NULL, NULL, NULL, argc, argv); + + retval = pam_get_item(pamh, PAM_USER, (void *) &user_name); + if (user_name == NULL || *user_name == '\0' || retval != PAM_SUCCESS) { +Index: pam.deb/modules/pam_unix/passverify.c +=================================================================== +--- pam.deb.orig/modules/pam_unix/passverify.c ++++ pam.deb/modules/pam_unix/passverify.c +@@ -261,7 +261,9 @@ + *daysleft = -1; + curdays = (long int)(time(NULL) / (60 * 60 * 24)); + D(("today is %d, last change %d", curdays, spent->sp_lstchg)); +- if ((curdays > spent->sp_expire) && (spent->sp_expire != -1)) { ++ if ((curdays > spent->sp_expire) && (spent->sp_expire != -1) ++ && (spent->sp_expire != 0)) ++ { + D(("account expired")); + return PAM_ACCT_EXPIRED; + } +@@ -279,17 +281,23 @@ + if ((curdays - spent->sp_lstchg > spent->sp_max) + && (curdays - spent->sp_lstchg > spent->sp_inact) + && (curdays - spent->sp_lstchg > spent->sp_max + spent->sp_inact) +- && (spent->sp_max != -1) && (spent->sp_inact != -1)) { ++ && (spent->sp_max != -1) && (spent->sp_max != 0) ++ && (spent->sp_inact != -1) && (spent->sp_inact != 0)) ++ { + *daysleft = (int)((spent->sp_lstchg + spent->sp_max) - curdays); + D(("authtok expired")); + return PAM_AUTHTOK_EXPIRED; + } +- if ((curdays - spent->sp_lstchg > spent->sp_max) && (spent->sp_max != -1)) { ++ if ((curdays - spent->sp_lstchg > spent->sp_max) ++ && (spent->sp_max != -1) && (spent->sp_max != 0)) ++ { + D(("need a new password 2")); + return PAM_NEW_AUTHTOK_REQD; + } + if ((curdays - spent->sp_lstchg > spent->sp_max - spent->sp_warn) +- && (spent->sp_max != -1) && (spent->sp_warn != -1)) { ++ && (spent->sp_max != -1) && (spent->sp_warn != -1) ++ && (spent->sp_max != 0) && (spent->sp_warn != 0)) ++ { + *daysleft = (int)((spent->sp_lstchg + spent->sp_max) - curdays); + D(("warn before expiry")); + } diff --git a/debian/patches-applied/008_modules_pam_limits_chroot b/debian/patches-applied/008_modules_pam_limits_chroot new file mode 100644 index 00000000..170ed73b --- /dev/null +++ b/debian/patches-applied/008_modules_pam_limits_chroot @@ -0,0 +1,265 @@ +Index: pam.deb/modules/pam_limits/pam_limits.c +=================================================================== +--- pam.deb.orig/modules/pam_limits/pam_limits.c ++++ pam.deb/modules/pam_limits/pam_limits.c +@@ -79,6 +79,7 @@ + int flag_numsyslogins; /* whether to limit logins only for a + specific user or to count all logins */ + int priority; /* the priority to run user process with */ ++ char chroot_dir[8092]; /* directory to chroot into */ + struct user_limits_struct limits[RLIM_NLIMITS]; + const char *conf_file; + int utmp_after_pam_call; +@@ -89,6 +90,7 @@ + #define LIMIT_NUMSYSLOGINS RLIM_NLIMITS+2 + + #define LIMIT_PRI RLIM_NLIMITS+3 ++#define LIMIT_CHROOT RLIM_NLIMITS+4 + + #define LIMIT_SOFT 1 + #define LIMIT_HARD 2 +@@ -250,6 +252,8 @@ + pl->login_limit = -2; + pl->login_limit_def = LIMITS_DEF_NONE; + ++ pl->chroot_dir[0] = '\0'; ++ + return retval; + } + +@@ -320,6 +324,8 @@ + pl->flag_numsyslogins = 1; + } else if (strcmp(lim_item, "priority") == 0) { + limit_item = LIMIT_PRI; ++ } else if (strcmp(lim_item, "chroot") == 0) { ++ limit_item = LIMIT_CHROOT; + } else { + pam_syslog(pamh, LOG_DEBUG, "unknown limit item '%s'", lim_item); + return; +@@ -357,9 +363,9 @@ + pam_syslog(pamh, LOG_DEBUG, + "wrong limit value '%s' for limit type '%s'", + lim_value, lim_type); +- return; ++ return; + } +- } else { ++ } else if (limit_item != LIMIT_CHROOT) { + #ifdef __USE_FILE_OFFSET64 + rlimit_value = strtoull (lim_value, &endptr, 10); + #else +@@ -420,7 +426,9 @@ + break; + } + +- if ( (limit_item != LIMIT_LOGIN) ++ if (limit_item == LIMIT_CHROOT) ++ strncpy(pl->chroot_dir, value_orig, sizeof(pl->chroot_dir)); ++ else if ( (limit_item != LIMIT_LOGIN) + && (limit_item != LIMIT_NUMSYSLOGINS) + && (limit_item != LIMIT_PRI) ) { + if (limit_type & LIMIT_SOFT) { +@@ -615,6 +623,13 @@ + retval |= LOGIN_ERR; + } + ++ if (!retval && pl->chroot_dir[0]) { ++ i = chdir(pl->chroot_dir); ++ if (i == 0) ++ i = chroot(pl->chroot_dir); ++ if (i != 0) ++ retval = LIMIT_ERR; ++ } + return retval; + } + +Index: pam.deb/modules/pam_limits/limits.conf.5.xml +=================================================================== +--- pam.deb.orig/modules/pam_limits/limits.conf.5.xml ++++ pam.deb/modules/pam_limits/limits.conf.5.xml +@@ -224,6 +224,12 @@ + (Linux 2.6.12 and higher)</para> + </listitem> + </varlistentry> ++ <varlistentry> ++ <term><option>chroot</option></term> ++ <listitem> ++ <para>the directory to chroot the user to</para> ++ </listitem> ++ </varlistentry> + </variablelist> + </listitem> + </varlistentry> +Index: pam.deb/modules/pam_limits/limits.conf.5 +=================================================================== +--- pam.deb.orig/modules/pam_limits/limits.conf.5 ++++ pam.deb/modules/pam_limits/limits.conf.5 +@@ -1,17 +1,17 @@ + .\" Title: limits.conf + .\" Author: +-.\" Generator: DocBook XSL Stylesheets v1.73.1 <http://docbook.sf.net/> +-.\" Date: 01/08/2008 ++.\" Generator: DocBook XSL Stylesheets v1.73.2 <http://docbook.sf.net/> ++.\" Date: 07/26/2008 + .\" Manual: Linux-PAM Manual + .\" Source: Linux-PAM Manual + .\" +-.TH "LIMITS\.CONF" "5" "01/08/2008" "Linux-PAM Manual" "Linux\-PAM Manual" ++.TH "LIMITS\&.CONF" "5" "07/26/2008" "Linux-PAM Manual" "Linux\-PAM Manual" + .\" disable hyphenation + .nh + .\" disable justification (adjust text to left margin only) + .ad l + .SH "NAME" +-limits.conf - configuration file for the pam_limits module ++limits.conf \- configuration file for the pam_limits module + .SH "DESCRIPTION" + .PP + The syntax of the lines is as follows: +@@ -34,19 +34,19 @@ + .RS 4 + \h'-04'\(bu\h'+03'a groupname, with + \fB@group\fR +-syntax\. This should not be confused with netgroups\. ++syntax\&. This should not be confused with netgroups\&. + .RE + .sp + .RS 4 + \h'-04'\(bu\h'+03'the wildcard +-\fB*\fR, for default entry\. ++\fB*\fR, for default entry\&. + .RE + .sp + .RS 4 + \h'-04'\(bu\h'+03'the wildcard + \fB%\fR, for maxlogins limit only, can also be used with + \fI%group\fR +-syntax\. ++syntax\&. + .RE + .RE + .PP +@@ -57,18 +57,18 @@ + .RS 4 + for enforcing + \fBhard\fR +-resource limits\. These limits are set by the superuser and enforced by the Kernel\. The user cannot raise his requirement of system resources above such values\. ++resource limits\&. These limits are set by the superuser and enforced by the Kernel\&. The user cannot raise his requirement of system resources above such values\&. + .RE + .PP + \fBsoft\fR + .RS 4 + for enforcing + \fBsoft\fR +-resource limits\. These limits are ones that the user can move up or down within the permitted range by any pre\-existing ++resource limits\&. These limits are ones that the user can move up or down within the permitted range by any pre\-existing + \fBhard\fR +-limits\. The values specified with this token can be thought of as ++limits\&. The values specified with this token can be thought of as + \fIdefault\fR +-values, for normal system usage\. ++values, for normal system usage\&. + .RE + .PP + \fB\-\fR +@@ -77,9 +77,9 @@ + \fBsoft\fR + and + \fBhard\fR +-resource limits together\. ++resource limits together\&. + .sp +-Note, if you specify a type of \'\-\' but neglect to supply the item and value fields then the module will never enforce any limits on the specified user/group etc\. \. ++Note, if you specify a type of \'\-\' but neglect to supply the item and value fields then the module will never enforce any limits on the specified user/group etc\&. \&. + .RE + .RE + .PP +@@ -154,47 +154,52 @@ + .PP + \fBlocks\fR + .RS 4 +-maximum locked files (Linux 2\.4 and higher) ++maximum locked files (Linux 2\&.4 and higher) + .RE + .PP + \fBsigpending\fR + .RS 4 +-maximum number of pending signals (Linux 2\.6 and higher) ++maximum number of pending signals (Linux 2\&.6 and higher) + .RE + .PP + \fBmsqqueue\fR + .RS 4 +-maximum memory used by POSIX message queues (bytes) (Linux 2\.6 and higher) ++maximum memory used by POSIX message queues (bytes) (Linux 2\&.6 and higher) + .RE + .PP + \fBnice\fR + .RS 4 +-maximum nice priority allowed to raise to (Linux 2\.6\.12 and higher) values: [\-20,19] ++maximum nice priority allowed to raise to (Linux 2\&.6\&.12 and higher) values: [\-20,19] + .RE + .PP + \fBrtprio\fR + .RS 4 +-maximum realtime priority allowed for non\-privileged processes (Linux 2\.6\.12 and higher) ++maximum realtime priority allowed for non\-privileged processes (Linux 2\&.6\&.12 and higher) ++.RE ++.PP ++\fBchroot\fR ++.RS 4 ++the directory to chroot the user to + .RE + .RE + .PP + In general, individual limits have priority over group limits, so if you impose no limits for + \fIadmin\fR +-group, but one of the members in this group have a limits line, the user will have its limits set according to this line\. ++group, but one of the members in this group have a limits line, the user will have its limits set according to this line\&. + .PP + Also, please note that all limit settings are set +-\fIper login\fR\. They are not global, nor are they permanent; existing only for the duration of the session\. ++\fIper login\fR\&. They are not global, nor are they permanent; existing only for the duration of the session\&. + .PP + In the + \fIlimits\fR +-configuration file, the \'\fB#\fR\' character introduces a comment \- after which the rest of the line is ignored\. ++configuration file, the \'\fB#\fR\' character introduces a comment \- after which the rest of the line is ignored\&. + .PP + The pam_limits module does its best to report configuration problems found in its configuration file via +-\fBsyslog\fR(3)\. ++\fBsyslog\fR(3)\&. + .SH "EXAMPLES" + .PP + These are some example lines which might be specified in +-\fI/etc/security/limits\.conf\fR\. ++\fI/etc/security/limits\&.conf\fR\&. + .sp + .RS 4 + .nf +@@ -216,4 +221,4 @@ + \fBpam\fR(8) + .SH "AUTHOR" + .PP +-pam_limits was initially written by Cristian Gafton <gafton@redhat\.com> ++pam_limits was initially written by Cristian Gafton <gafton@redhat\&.com> +Index: pam.deb/modules/pam_limits/limits.conf +=================================================================== +--- pam.deb.orig/modules/pam_limits/limits.conf ++++ pam.deb/modules/pam_limits/limits.conf +@@ -35,6 +35,7 @@ + # - msgqueue - max memory used by POSIX message queues (bytes) + # - nice - max nice priority allowed to raise to values: [-20, 19] + # - rtprio - max realtime priority ++# - chroot - change root to directory (Debian-specific) + # + #<domain> <type> <item> <value> + # +@@ -45,6 +46,7 @@ + #@faculty soft nproc 20 + #@faculty hard nproc 50 + #ftp hard nproc 0 ++#ftp - chroot /ftp + #@student - maxlogins 4 + + # End of file diff --git a/debian/patches-applied/021_nis_cleanup b/debian/patches-applied/021_nis_cleanup new file mode 100644 index 00000000..86e80927 --- /dev/null +++ b/debian/patches-applied/021_nis_cleanup @@ -0,0 +1,44 @@ +Patch from Philippe Troin <phil@fifi.org> + +Originally this included a bunch of changes to locking, but the more +recent code pulled from Linux_pam CVS seems to fix that issue. + +Index: pam.deb/modules/pam_unix/pam_unix_passwd.c +=================================================================== +--- pam.deb.orig/modules/pam_unix/pam_unix_passwd.c ++++ pam.deb/modules/pam_unix/pam_unix_passwd.c +@@ -588,7 +588,7 @@ + + if (_unix_blankpasswd(pamh, ctrl, user)) { + return PAM_SUCCESS; +- } else if (off(UNIX__IAMROOT, ctrl)) { ++ } else if (off(UNIX__IAMROOT, ctrl) || on(UNIX_NIS, ctrl)) { + /* instruct user what is happening */ + if (asprintf(&Announce, _("Changing password for %s."), + user) < 0) { +@@ -601,7 +601,9 @@ + set(UNIX__OLD_PASSWD, lctrl); + retval = _unix_read_password(pamh, lctrl + ,Announce +- ,_("(current) UNIX password: ") ++ ,(on(UNIX__IAMROOT, ctrl) ++ ? _("NIS server root password: ") ++ : _("(current) UNIX password: ")) + ,NULL + ,_UNIX_OLD_AUTHTOK + ,&pass_old); +@@ -612,9 +614,12 @@ + "password - (old) token not obtained"); + return retval; + } +- /* verify that this is the password for this user */ ++ /* verify that this is the password for this user ++ * if we're not using NIS */ + +- retval = _unix_verify_password(pamh, user, pass_old, ctrl); ++ if (off(UNIX_NIS, ctrl)) { ++ retval = _unix_verify_password(pamh, user, pass_old, ctrl); ++ } + } else { + D(("process run by root so do nothing this time around")); + pass_old = NULL; diff --git a/debian/patches-applied/022_pam_unix_group_time_miscfixes b/debian/patches-applied/022_pam_unix_group_time_miscfixes new file mode 100644 index 00000000..44ee8783 --- /dev/null +++ b/debian/patches-applied/022_pam_unix_group_time_miscfixes @@ -0,0 +1,20 @@ + * Add support for credential reinitialization in pam_group, closes: #108697 + +Index: Linux-PAM/modules/pam_group/pam_group.c +=================================================================== +--- Linux-PAM/modules/pam_group/pam_group.c.orig ++++ Linux-PAM/modules/pam_group/pam_group.c +@@ -758,9 +758,12 @@ + unsigned setting; + + /* only interested in establishing credentials */ ++ /* PAM docs say that an empty flag is to be treated as PAM_ESTABLISH_CRED. ++ Some people just pass PAM_SILENT, so cope with it, too. */ + + setting = flags; +- if (!(setting & (PAM_ESTABLISH_CRED | PAM_REINITIALIZE_CRED))) { ++ if (!(setting & (PAM_ESTABLISH_CRED | PAM_REINITIALIZE_CRED)) ++ && (setting != 0) && (setting != PAM_SILENT)) { + D(("ignoring call - not for establishing credentials")); + return PAM_SUCCESS; /* don't fail because of this */ + } diff --git a/debian/patches-applied/026_pam_unix_passwd_unknown_user b/debian/patches-applied/026_pam_unix_passwd_unknown_user new file mode 100644 index 00000000..e943999a --- /dev/null +++ b/debian/patches-applied/026_pam_unix_passwd_unknown_user @@ -0,0 +1,58 @@ +Patch from Martin Schwenke <martin@meltin.net> + +Index: pam.deb/modules/pam_unix/passverify.c +=================================================================== +--- pam.deb.orig/modules/pam_unix/passverify.c ++++ pam.deb/modules/pam_unix/passverify.c +@@ -714,7 +714,7 @@ + struct passwd *tmpent = NULL; + struct stat st; + FILE *pwfile, *opwfile; +- int err = 1; ++ int err = 1, found = 0; + int oldmask; + #ifdef WITH_SELINUX + security_context_t prev_context=NULL; +@@ -785,6 +785,7 @@ + + tmpent->pw_passwd = assigned_passwd.charp; + err = 0; ++ found = 1; + } + if (putpwent(tmpent, pwfile)) { + D(("error writing entry to password file: %m")); +@@ -826,7 +827,7 @@ + return PAM_SUCCESS; + } else { + unlink(PW_TMPFILE); +- return PAM_AUTHTOK_ERR; ++ return found ? PAM_AUTHTOK_ERR : PAM_USER_UNKNOWN; + } + } + +@@ -841,7 +842,7 @@ + struct spwd *spwdent = NULL, *stmpent = NULL; + struct stat st; + FILE *pwfile, *opwfile; +- int err = 1; ++ int err = 1, found = 0; + int oldmask; + #ifdef WITH_SELINUX + security_context_t prev_context=NULL; +@@ -912,6 +913,7 @@ + stmpent->sp_pwdp = towhat; + stmpent->sp_lstchg = time(NULL) / (60 * 60 * 24); + err = 0; ++ found = 1; + D(("Set password %s for %s", stmpent->sp_pwdp, forwho)); + } + +@@ -958,7 +960,7 @@ + return PAM_SUCCESS; + } else { + unlink(SH_TMPFILE); +- return PAM_AUTHTOK_ERR; ++ return found ? PAM_AUTHTOK_ERR : PAM_USER_UNKNOWN; + } + } + diff --git a/debian/patches-applied/027_pam_limits_better_init_allow_explicit_root b/debian/patches-applied/027_pam_limits_better_init_allow_explicit_root new file mode 100644 index 00000000..eae70ef1 --- /dev/null +++ b/debian/patches-applied/027_pam_limits_better_init_allow_explicit_root @@ -0,0 +1,113 @@ +Allow explicit limits for root. +Also, remove limits on su. +Index: pam.deb/modules/pam_limits/pam_limits.c +=================================================================== +--- pam.deb.orig/modules/pam_limits/pam_limits.c ++++ pam.deb/modules/pam_limits/pam_limits.c +@@ -70,6 +70,7 @@ + + /* internal data */ + struct pam_limit_s { ++ int root; /* running as root? */ + int login_limit; /* the max logins limit */ + int login_limit_def; /* which entry set the login limit */ + int flag_numsyslogins; /* whether to limit logins only for a +@@ -224,6 +225,7 @@ + + D(("called.")); + ++ pl->root = 0; + for(i = 0; i < RLIM_NLIMITS; i++) { + int r = getrlimit(i, &pl->limits[i].limit); + if (r == -1) { +@@ -235,6 +237,41 @@ + pl->limits[i].supported = 1; + pl->limits[i].src_soft = LIMITS_DEF_NONE; + pl->limits[i].src_hard = LIMITS_DEF_NONE; ++ switch(i) { ++ case RLIMIT_CPU: ++ case RLIMIT_FSIZE: ++ case RLIMIT_DATA: ++ case RLIMIT_RSS: ++ case RLIMIT_NPROC: ++ case RLIMIT_MEMLOCK: ++#ifdef RLIMIT_AS ++ case RLIMIT_AS: ++#endif ++#ifdef RLIMIT_LOCKS ++ case RLIMIT_LOCKS: ++#endif ++#ifdef RLIMIT_SIGPENDING ++ case RLIMIT_SIGPENDING: ++#endif ++#ifdef RLIMIT_MSGQUEUE ++ case RLIMIT_MSGQUEUE: ++#endif ++ pl->limits[i].limit.rlim_cur = RLIM_INFINITY; ++ pl->limits[i].limit.rlim_max = RLIM_INFINITY; ++ break; ++ case RLIMIT_CORE: ++ pl->limits[i].limit.rlim_cur = 0; ++ pl->limits[i].limit.rlim_max = RLIM_INFINITY; ++ break; ++ case RLIMIT_STACK: ++ pl->limits[i].limit.rlim_cur = 8192*1024; ++ pl->limits[i].limit.rlim_max = RLIM_INFINITY; ++ break; ++ case RLIMIT_NOFILE: ++ pl->limits[i].limit.rlim_cur = 1024; ++ pl->limits[i].limit.rlim_max = 1024; ++ break; ++ } + } + } + +@@ -517,7 +554,7 @@ + + if (strcmp(uname, domain) == 0) /* this user have a limit */ + process_limit(pamh, LIMITS_DEF_USER, ltype, item, value, ctrl, pl); +- else if (domain[0]=='@') { ++ else if (domain[0]=='@' && !pl->root) { + if (ctrl & PAM_DEBUG_ARG) { + pam_syslog(pamh, LOG_DEBUG, + "checking if %s is in group %s", +@@ -526,7 +563,7 @@ + if (pam_modutil_user_in_group_nam_nam(pamh, uname, domain+1)) + process_limit(pamh, LIMITS_DEF_GROUP, ltype, item, value, ctrl, + pl); +- } else if (domain[0]=='%') { ++ } else if (domain[0]=='%' && !pl->root) { + if (ctrl & PAM_DEBUG_ARG) { + pam_syslog(pamh, LOG_DEBUG, + "checking if %s is in group %s", +@@ -540,7 +577,7 @@ + process_limit(pamh, LIMITS_DEF_ALLGROUP, ltype, item, value, ctrl, + pl); + } +- } else if (strcmp(domain, "*") == 0) ++ } else if (strcmp(domain, "*") == 0 && !pl->root) + process_limit(pamh, LIMITS_DEF_DEFAULT, ltype, item, value, ctrl, + pl); + } else if (i == 2 && ltype[0] == '-') { /* Probably a no-limit line */ +@@ -575,6 +612,12 @@ + int status; + int retval = LIMITED_OK; + ++ if (uid == 0) { ++ /* do not impose +ve priority limits on the superuser */ ++ if (pl->priority > 0) ++ pl->priority = 0; ++ } ++ + for (i=0, status=LIMITED_OK; i<RLIM_NLIMITS; i++) { + if (!pl->limits[i].supported) { + /* skip it if its not known to the system */ +@@ -661,6 +704,8 @@ + return PAM_ABORT; + } + ++ if (pwd->pw_uid == 0) ++ pl->root = 1; + retval = parse_config_file(pamh, pwd->pw_name, ctrl, pl); + if (retval == PAM_IGNORE) { + D(("the configuration file ('%s') has an applicable '<domain> -' entry", CONF_FILE)); diff --git a/debian/patches-applied/031_pam_include b/debian/patches-applied/031_pam_include new file mode 100644 index 00000000..32cb0168 --- /dev/null +++ b/debian/patches-applied/031_pam_include @@ -0,0 +1,72 @@ +Patch to implement an @include directive for use in pam.d config files. + +Authors: Jan Christoph Nordholz <hesso@pool.math.tu-berlin.de> + +Upstream status: not yet submitted + +Index: pam.deb/libpam/pam_handlers.c +=================================================================== +--- pam.deb.orig/libpam/pam_handlers.c ++++ pam.deb/libpam/pam_handlers.c +@@ -117,6 +117,10 @@ + module_type = PAM_T_ACCT; + } else if (!strcasecmp("password", tok)) { + module_type = PAM_T_PASS; ++ } else if (!strcasecmp("@include", tok)) { ++ pam_include = 1; ++ module_type = requested_module_type; ++ goto parsing_done; + } else { + /* Illegal module type */ + D(("_pam_init_handlers: bad module type: %s", tok)); +@@ -186,8 +190,10 @@ + _pam_set_default_control(actions, _PAM_ACTION_BAD); + } + ++parsing_done: + tok = _pam_StrTok(NULL, " \n\t", &nexttok); + if (pam_include) { ++ struct stat include_dir; + if (substack) { + res = _pam_add_handler(pamh, PAM_HT_SUBSTACK, other, + stack_level, module_type, actions, tok, +@@ -198,13 +204,35 @@ + return PAM_ABORT; + } + } +- if (_pam_load_conf_file(pamh, tok, this_service, module_type, +- stack_level + substack ++ if (tok[0] == '/') { ++ if (_pam_load_conf_file(pamh, tok, this_service, ++ module_type, stack_level + substack ++#ifdef PAM_READ_BOTH_CONFS ++ , !other ++#endif /* PAM_READ_BOTH_CONFS */ ++ ) == PAM_SUCCESS) ++ continue; ++ } ++ else if (!stat(PAM_CONFIG_D, &include_dir) ++ && S_ISDIR(include_dir.st_mode)) ++ { ++ char *include_file; ++ if (asprintf (&include_file, PAM_CONFIG_DF, tok) < 0) { ++ pam_syslog(pamh, LOG_CRIT, "asprintf failed"); ++ return PAM_ABORT; ++ } ++ if (_pam_load_conf_file(pamh, include_file, this_service, ++ module_type, stack_level + substack + #ifdef PAM_READ_BOTH_CONFS + , !other + #endif /* PAM_READ_BOTH_CONFS */ +- ) == PAM_SUCCESS) +- continue; ++ ) == PAM_SUCCESS) ++ { ++ free(include_file); ++ continue; ++ } ++ free(include_file); ++ } + _pam_set_default_control(actions, _PAM_ACTION_BAD); + mod_path = NULL; + handler_type = PAM_HT_MUST_FAIL; diff --git a/debian/patches-applied/032_pam_limits_EPERM_NOT_FATAL b/debian/patches-applied/032_pam_limits_EPERM_NOT_FATAL new file mode 100644 index 00000000..9baac8cf --- /dev/null +++ b/debian/patches-applied/032_pam_limits_EPERM_NOT_FATAL @@ -0,0 +1,33 @@ +setrlimit will sometimes return EPERM for example if youp try to +increase the number of open files too much. This is not something we +want to consider fatal. This also happens if you use non-root and +try to decrease a limit. Running PAM as non-root is not so great. + +Authors: ? + +Upstream status: submitted in <20070830171918.GB30563@dario.dodds.net> + +Index: Linux-PAM/modules/pam_limits/pam_limits.c +=================================================================== +--- Linux-PAM/modules/pam_limits/pam_limits.c.orig ++++ Linux-PAM/modules/pam_limits/pam_limits.c +@@ -609,6 +609,7 @@ + } + + for (i=0, status=LIMITED_OK; i<RLIM_NLIMITS; i++) { ++ int retval; + if (!pl->limits[i].supported) { + /* skip it if its not known to the system */ + continue; +@@ -620,7 +621,10 @@ + } + if (pl->limits[i].limit.rlim_cur > pl->limits[i].limit.rlim_max) + pl->limits[i].limit.rlim_cur = pl->limits[i].limit.rlim_max; +- status |= setrlimit(i, &pl->limits[i].limit); ++ retval = setrlimit(i, &pl->limits[i].limit); ++ if (retval == -1 && errno==EPERM) ++ continue; ++ status |= retval; + } + + if (status) { diff --git a/debian/patches-applied/036_pam_wheel_getlogin_considered_harmful b/debian/patches-applied/036_pam_wheel_getlogin_considered_harmful new file mode 100644 index 00000000..ec26a87c --- /dev/null +++ b/debian/patches-applied/036_pam_wheel_getlogin_considered_harmful @@ -0,0 +1,274 @@ +Patch for Debian bug #163787 et al + +Always use the process uid, not getlogin(), to identify an applicant in +pam_wheel; utmp may be wrong or may have no entry at all in the case of +an xterm + +Authors: Ben Collins <bcollins@debian.org> + +Upstream status: submitted in <20070901175405.GA26092@dario.dodds.net> + +Index: pam.deb/modules/pam_wheel/pam_wheel.c +=================================================================== +--- pam.deb.orig/modules/pam_wheel/pam_wheel.c ++++ pam.deb/modules/pam_wheel/pam_wheel.c +@@ -60,9 +60,8 @@ + /* argument parsing */ + + #define PAM_DEBUG_ARG 0x0001 +-#define PAM_USE_UID_ARG 0x0002 +-#define PAM_TRUST_ARG 0x0004 +-#define PAM_DENY_ARG 0x0010 ++#define PAM_TRUST_ARG 0x0002 ++#define PAM_DENY_ARG 0x0004 + #define PAM_ROOT_ONLY_ARG 0x0020 + + static int +@@ -80,8 +79,7 @@ + + if (!strcmp(*argv,"debug")) + ctrl |= PAM_DEBUG_ARG; +- else if (!strcmp(*argv,"use_uid")) +- ctrl |= PAM_USE_UID_ARG; ++ else if (!strcmp(*argv,"use_uid")); /* ignored for compat. */ + else if (!strcmp(*argv,"trust")) + ctrl |= PAM_TRUST_ARG; + else if (!strcmp(*argv,"deny")) +@@ -129,27 +127,14 @@ + } + } + +- if (ctrl & PAM_USE_UID_ARG) { +- tpwd = pam_modutil_getpwuid (pamh, getuid()); +- if (!tpwd) { +- if (ctrl & PAM_DEBUG_ARG) { +- pam_syslog(pamh, LOG_NOTICE, "who is running me ?!"); +- } +- return PAM_SERVICE_ERR; +- } +- fromsu = tpwd->pw_name; +- } else { +- fromsu = pam_modutil_getlogin(pamh); +- if (fromsu) { +- tpwd = pam_modutil_getpwnam (pamh, fromsu); +- } +- if (!fromsu || !tpwd) { +- if (ctrl & PAM_DEBUG_ARG) { +- pam_syslog(pamh, LOG_NOTICE, "who is running me ?!"); +- } +- return PAM_SERVICE_ERR; ++ tpwd = pam_modutil_getpwuid (pamh, getuid()); ++ if (!tpwd) { ++ if (ctrl & PAM_DEBUG_ARG) { ++ pam_syslog(pamh, LOG_NOTICE, "who is running me ?!"); + } ++ return PAM_SERVICE_ERR; + } ++ fromsu = tpwd->pw_name; + + /* + * At this point fromsu = username-of-invoker; tpwd = pwd ptr for fromsu +Index: pam.deb/modules/pam_wheel/pam_wheel.8.xml +=================================================================== +--- pam.deb.orig/modules/pam_wheel/pam_wheel.8.xml ++++ pam.deb/modules/pam_wheel/pam_wheel.8.xml +@@ -33,9 +33,6 @@ + <arg choice="opt"> + trust + </arg> +- <arg choice="opt"> +- use_uid +- </arg> + </cmdsynopsis> + </refsynopsisdiv> + +@@ -115,18 +112,6 @@ + </para> + </listitem> + </varlistentry> +- <varlistentry> +- <term> +- <option>use_uid</option> +- </term> +- <listitem> +- <para> +- The check for wheel membership will be done against +- the current uid instead of the original one (useful when +- jumping with su from one account to another for example). +- </para> +- </listitem> +- </varlistentry> + </variablelist> + </refsect1> + +Index: pam.deb/modules/pam_wheel/pam_wheel.8 +=================================================================== +--- pam.deb.orig/modules/pam_wheel/pam_wheel.8 ++++ pam.deb/modules/pam_wheel/pam_wheel.8 +@@ -1,64 +1,59 @@ + .\" Title: pam_wheel + .\" Author: +-.\" Generator: DocBook XSL Stylesheets v1.73.1 <http://docbook.sf.net/> +-.\" Date: 01/08/2008 ++.\" Generator: DocBook XSL Stylesheets v1.73.2 <http://docbook.sf.net/> ++.\" Date: 07/26/2008 + .\" Manual: Linux-PAM Manual + .\" Source: Linux-PAM Manual + .\" +-.TH "PAM_WHEEL" "8" "01/08/2008" "Linux-PAM Manual" "Linux\-PAM Manual" ++.TH "PAM_WHEEL" "8" "07/26/2008" "Linux-PAM Manual" "Linux\-PAM Manual" + .\" disable hyphenation + .nh + .\" disable justification (adjust text to left margin only) + .ad l + .SH "NAME" +-pam_wheel - Only permit root access to members of group wheel ++pam_wheel \- Only permit root access to members of group wheel + .SH "SYNOPSIS" + .HP 13 +-\fBpam_wheel\.so\fR [debug] [deny] [group=\fIname\fR] [root_only] [trust] [use_uid] ++\fBpam_wheel\&.so\fR [debug] [deny] [group=\fIname\fR] [root_only] [trust] + .SH "DESCRIPTION" + .PP + The pam_wheel PAM module is used to enforce the so\-called + \fIwheel\fR +-group\. By default it permits root access to the system if the applicant user is a member of the ++group\&. By default it permits root access to the system if the applicant user is a member of the + \fIwheel\fR +-group\. If no group with this name exist, the module is using the group with the group\-ID +-\fB0\fR\. ++group\&. If no group with this name exist, the module is using the group with the group\-ID ++\fB0\fR\&. + .SH "OPTIONS" + .PP + \fBdebug\fR + .RS 4 +-Print debug information\. ++Print debug information\&. + .RE + .PP + \fBdeny\fR + .RS 4 + Reverse the sense of the auth operation: if the user is trying to get UID 0 access and is a member of the wheel group (or the group of the + \fBgroup\fR +-option), deny access\. Conversely, if the user is not in the group, return PAM_IGNORE (unless ++option), deny access\&. Conversely, if the user is not in the group, return PAM_IGNORE (unless + \fBtrust\fR +-was also specified, in which case we return PAM_SUCCESS)\. ++was also specified, in which case we return PAM_SUCCESS)\&. + .RE + .PP + \fBgroup=\fR\fB\fIname\fR\fR + .RS 4 + Instead of checking the wheel or GID 0 groups, use the + \fB\fIname\fR\fR +-group to perform the authentication\. ++group to perform the authentication\&. + .RE + .PP + \fBroot_only\fR + .RS 4 +-The check for wheel membership is done only\. ++The check for wheel membership is done only\&. + .RE + .PP + \fBtrust\fR + .RS 4 +-The pam_wheel module will return PAM_SUCCESS instead of PAM_IGNORE if the user is a member of the wheel group (thus with a little play stacking the modules the wheel members may be able to su to root without being prompted for a passwd)\. +-.RE +-.PP +-\fBuse_uid\fR +-.RS 4 +-The check for wheel membership will be done against the current uid instead of the original one (useful when jumping with su from one account to another for example)\. ++The pam_wheel module will return PAM_SUCCESS instead of PAM_IGNORE if the user is a member of the wheel group (thus with a little play stacking the modules the wheel members may be able to su to root without being prompted for a passwd)\&. + .RE + .SH "MODULE SERVICES PROVIDED" + .PP +@@ -66,52 +61,52 @@ + \fBauth\fR + and + \fBaccount\fR +-services are supported\. ++services are supported\&. + .SH "RETURN VALUES" + .PP + PAM_AUTH_ERR + .RS 4 +-Authentication failure\. ++Authentication failure\&. + .RE + .PP + PAM_BUF_ERR + .RS 4 +-Memory buffer error\. ++Memory buffer error\&. + .RE + .PP + PAM_IGNORE + .RS 4 +-The return value should be ignored by PAM dispatch\. ++The return value should be ignored by PAM dispatch\&. + .RE + .PP + PAM_PERM_DENY + .RS 4 +-Permission denied\. ++Permission denied\&. + .RE + .PP + PAM_SERVICE_ERR + .RS 4 +-Cannot determine the user name\. ++Cannot determine the user name\&. + .RE + .PP + PAM_SUCCESS + .RS 4 +-Success\. ++Success\&. + .RE + .PP + PAM_USER_UNKNOWN + .RS 4 +-User not known\. ++User not known\&. + .RE + .SH "EXAMPLES" + .PP +-The root account gains access by default (rootok), only wheel members can become root (wheel) but Unix authenticate non\-root applicants\. ++The root account gains access by default (rootok), only wheel members can become root (wheel) but Unix authenticate non\-root applicants\&. + .sp + .RS 4 + .nf +-su auth sufficient pam_rootok\.so +-su auth required pam_wheel\.so +-su auth required pam_unix\.so ++su auth sufficient pam_rootok\&.so ++su auth required pam_wheel\&.so ++su auth required pam_unix\&.so + + .fi + .RE +@@ -124,4 +119,4 @@ + \fBpam\fR(8) + .SH "AUTHOR" + .PP +-pam_wheel was written by Cristian Gafton <gafton@redhat\.com>\. ++pam_wheel was written by Cristian Gafton <gafton@redhat\&.com>\&. +Index: pam.deb/modules/pam_wheel/README +=================================================================== +--- pam.deb.orig/modules/pam_wheel/README ++++ pam.deb/modules/pam_wheel/README +@@ -39,12 +39,6 @@ + modules the wheel members may be able to su to root without being prompted + for a passwd). + +-use_uid +- +- The check for wheel membership will be done against the current uid instead +- of the original one (useful when jumping with su from one account to +- another for example). +- + EXAMPLES + + The root account gains access by default (rootok), only wheel members can diff --git a/debian/patches-applied/040_pam_limits_log_failure b/debian/patches-applied/040_pam_limits_log_failure new file mode 100644 index 00000000..0826104d --- /dev/null +++ b/debian/patches-applied/040_pam_limits_log_failure @@ -0,0 +1,33 @@ +Patch for Debian bug #180310 + +Generate some (low-severity) log information whenever setrlimit() fails, +for debugging purposes. + +Authors: Sam Hartman <hartmans@debian.org> + +Upstream status: submitted in <20070830171918.GB30563@dario.dodds.net> + +Index: Linux-PAM/modules/pam_limits/pam_limits.c +=================================================================== +--- Linux-PAM/modules/pam_limits/pam_limits.c.orig ++++ Linux-PAM/modules/pam_limits/pam_limits.c +@@ -622,6 +622,19 @@ + if (pl->limits[i].limit.rlim_cur > pl->limits[i].limit.rlim_max) + pl->limits[i].limit.rlim_cur = pl->limits[i].limit.rlim_max; + retval = setrlimit(i, &pl->limits[i].limit); ++ if (retval != 0 && (i != RLIMIT_NOFILE ++ || pl->limits[i].limit.rlim_cur != RLIM_INFINITY)) ++ { ++ int save_errno = errno; ++ pam_syslog(pamh, LOG_DEBUG, ++ "setrlimit limit #%d to soft=%d, hard=%d failed:" ++ " %m; uid=%lu,euid=%lu", i, ++ pl->limits[i].limit.rlim_cur, ++ pl->limits[i].limit.rlim_max, ++ (unsigned long) getuid(), ++ (unsigned long) geteuid()); ++ errno = save_errno; ++ } + if (retval == -1 && errno==EPERM) + continue; + status |= retval; diff --git a/debian/patches-applied/045_pam_dispatch_jump_is_ignore b/debian/patches-applied/045_pam_dispatch_jump_is_ignore new file mode 100644 index 00000000..01d67d41 --- /dev/null +++ b/debian/patches-applied/045_pam_dispatch_jump_is_ignore @@ -0,0 +1,31 @@ + +Previously jumps were treated as PAM_IGNORE in the freezing part of +the chain and PAM_OK (aka required) in the frozen part of the chain. +No one on pam-list was able to explain this behavior, so I changed it +to be consistent. + +Index: Linux-PAM/libpam/pam_dispatch.c +=================================================================== +--- Linux-PAM/libpam/pam_dispatch.c.orig ++++ Linux-PAM/libpam/pam_dispatch.c +@@ -229,19 +229,7 @@ + if ( _PAM_ACTION_IS_JUMP(action) ) { + + /* If we are evaluating a cached chain, we treat this +- module as required (aka _PAM_ACTION_OK) as well as +- executing the jump. */ +- +- if (use_cached_chain) { +- if (impression == _PAM_UNDEF +- || (impression == _PAM_POSITIVE +- && status == PAM_SUCCESS) ) { +- if ( retval != PAM_IGNORE || cached_retval == retval ) { +- impression = _PAM_POSITIVE; +- status = retval; +- } +- } +- } ++ module as ignored as well as executing the jump. */ + + /* this means that we need to skip #action stacked modules */ + do { diff --git a/debian/patches-applied/054_pam_security_abstract_securetty_handling b/debian/patches-applied/054_pam_security_abstract_securetty_handling new file mode 100644 index 00000000..ba09cb9f --- /dev/null +++ b/debian/patches-applied/054_pam_security_abstract_securetty_handling @@ -0,0 +1,215 @@ +Index: Linux-PAM/modules/pam_securetty/pam_securetty.c +=================================================================== +--- Linux-PAM/modules/pam_securetty/pam_securetty.c.orig ++++ Linux-PAM/modules/pam_securetty/pam_securetty.c +@@ -1,8 +1,5 @@ + /* pam_securetty module */ + +-#define SECURETTY_FILE "/etc/securetty" +-#define TTY_PREFIX "/dev/" +- + /* + * by Elliot Lee <sopwith@redhat.com>, Red Hat Software. + * July 25, 1996. +@@ -37,6 +34,9 @@ + #include <security/pam_modutil.h> + #include <security/pam_ext.h> + ++extern int _pammodutil_tty_secure(const pam_handle_t *pamh, ++ const char *uttyname); ++ + #define PAM_DEBUG_ARG 0x0001 + + static int +@@ -67,11 +67,7 @@ + const char *username; + const char *uttyname; + const void *void_uttyname; +- char ttyfileline[256]; +- char ptname[256]; +- struct stat ttyfileinfo; + struct passwd *user_pwd; +- FILE *ttyfile; + + /* log a trail for debugging */ + if (ctrl & PAM_DEBUG_ARG) { +@@ -101,63 +97,10 @@ + return PAM_SERVICE_ERR; + } + +- /* The PAM_TTY item may be prefixed with "/dev/" - skip that */ +- if (strncmp(TTY_PREFIX, uttyname, sizeof(TTY_PREFIX)-1) == 0) { +- uttyname += sizeof(TTY_PREFIX)-1; +- } +- +- if (stat(SECURETTY_FILE, &ttyfileinfo)) { +- pam_syslog(pamh, LOG_NOTICE, "Couldn't open %s: %m", SECURETTY_FILE); +- return PAM_SUCCESS; /* for compatibility with old securetty handling, +- this needs to succeed. But we still log the +- error. */ +- } +- +- if ((ttyfileinfo.st_mode & S_IWOTH) || !S_ISREG(ttyfileinfo.st_mode)) { +- /* If the file is world writable or is not a +- normal file, return error */ +- pam_syslog(pamh, LOG_ERR, +- "%s is either world writable or not a normal file", +- SECURETTY_FILE); +- return PAM_AUTH_ERR; +- } +- +- ttyfile = fopen(SECURETTY_FILE,"r"); +- if (ttyfile == NULL) { /* Check that we opened it successfully */ +- pam_syslog(pamh, LOG_ERR, "Error opening %s: %m", SECURETTY_FILE); +- return PAM_SERVICE_ERR; +- } +- +- if (isdigit(uttyname[0])) { +- snprintf(ptname, sizeof(ptname), "pts/%s", uttyname); +- } else { +- ptname[0] = '\0'; +- } +- +- retval = 1; +- +- while ((fgets(ttyfileline, sizeof(ttyfileline)-1, ttyfile) != NULL) +- && retval) { +- if (ttyfileline[strlen(ttyfileline) - 1] == '\n') +- ttyfileline[strlen(ttyfileline) - 1] = '\0'; +- +- retval = ( strcmp(ttyfileline, uttyname) +- && (!ptname[0] || strcmp(ptname, uttyname)) ); +- } +- fclose(ttyfile); +- +- if (retval) { +- pam_syslog(pamh, LOG_WARNING, "access denied: tty '%s' is not secure !", +- uttyname); +- +- retval = PAM_AUTH_ERR; +- } else { +- if ((retval == PAM_SUCCESS) && (ctrl & PAM_DEBUG_ARG)) { +- pam_syslog(pamh, LOG_DEBUG, "access allowed for '%s' on '%s'", +- username, uttyname); +- } +- retval = PAM_SUCCESS; +- ++ retval = _pammodutil_tty_secure(pamh, uttyname); ++ if ((retval == PAM_SUCCESS) && (ctrl & PAM_DEBUG_ARG)) { ++ pam_syslog(pamh, LOG_DEBUG, "access allowed for '%s' on '%s'", ++ username, uttyname); + } + + return retval; +Index: Linux-PAM/modules/pam_securetty/tty_secure.c +=================================================================== +--- /dev/null ++++ Linux-PAM/modules/pam_securetty/tty_secure.c +@@ -0,0 +1,92 @@ ++/* ++ * A function to determine if a particular line is in /etc/securetty ++ */ ++ ++ ++#define SECURETTY_FILE "/etc/securetty" ++#define TTY_PREFIX "/dev/" ++ ++/* This function taken out of pam_securetty by Sam Hartman ++ * <hartmans@debian.org>*/ ++/* ++ * by Elliot Lee <sopwith@redhat.com>, Red Hat Software. ++ * July 25, 1996. ++ * Slight modifications AGM. 1996/12/3 ++ */ ++ ++#include <unistd.h> ++#include <sys/types.h> ++#include <sys/stat.h> ++#include <security/pam_modules.h> ++#include <stdarg.h> ++#include <syslog.h> ++#include <sys/syslog.h> ++#include <stdio.h> ++#include <string.h> ++#include <stdlib.h> ++#include <ctype.h> ++#include <security/pam_modutil.h> ++#include <security/pam_ext.h> ++ ++extern int _pammodutil_tty_secure(const pam_handle_t *pamh, ++ const char *uttyname); ++ ++int _pammodutil_tty_secure(const pam_handle_t *pamh, const char *uttyname) ++{ ++ int retval = PAM_AUTH_ERR; ++ char ttyfileline[256]; ++ char ptname[256]; ++ struct stat ttyfileinfo; ++ FILE *ttyfile; ++ /* The PAM_TTY item may be prefixed with "/dev/" - skip that */ ++ if (strncmp(TTY_PREFIX, uttyname, sizeof(TTY_PREFIX)-1) == 0) ++ uttyname += sizeof(TTY_PREFIX)-1; ++ ++ if (stat(SECURETTY_FILE, &ttyfileinfo)) { ++ pam_syslog(pamh, LOG_NOTICE, "Couldn't open %s: %m", ++ SECURETTY_FILE); ++ return PAM_SUCCESS; /* for compatibility with old securetty handling, ++ this needs to succeed. But we still log the ++ error. */ ++ } ++ ++ if ((ttyfileinfo.st_mode & S_IWOTH) || !S_ISREG(ttyfileinfo.st_mode)) { ++ /* If the file is world writable or is not a ++ normal file, return error */ ++ pam_syslog(pamh, LOG_ERR, ++ "%s is either world writable or not a normal file", ++ SECURETTY_FILE); ++ return PAM_AUTH_ERR; ++ } ++ ++ ttyfile = fopen(SECURETTY_FILE,"r"); ++ if(ttyfile == NULL) { /* Check that we opened it successfully */ ++ pam_syslog(pamh, LOG_ERR, "Error opening %s: %m", SECURETTY_FILE); ++ return PAM_SERVICE_ERR; ++ } ++ ++ if (isdigit(uttyname[0])) { ++ snprintf(ptname, sizeof(ptname), "pts/%s", uttyname); ++ } else { ++ ptname[0] = '\0'; ++ } ++ ++ retval = 1; ++ ++ while ((fgets(ttyfileline,sizeof(ttyfileline)-1, ttyfile) != NULL) ++ && retval) { ++ if(ttyfileline[strlen(ttyfileline) - 1] == '\n') ++ ttyfileline[strlen(ttyfileline) - 1] = '\0'; ++ retval = ( strcmp(ttyfileline,uttyname) ++ && (!ptname[0] || strcmp(ptname, uttyname)) ); ++ } ++ fclose(ttyfile); ++ ++ if(retval) { ++ pam_syslog(pamh, LOG_WARNING, "access denied: tty '%s' is not secure !", ++ uttyname); ++ retval = PAM_AUTH_ERR; ++ } ++ ++ return retval; ++} +Index: Linux-PAM/modules/pam_securetty/Makefile.am +=================================================================== +--- Linux-PAM/modules/pam_securetty/Makefile.am.orig ++++ Linux-PAM/modules/pam_securetty/Makefile.am +@@ -23,6 +23,10 @@ + + securelib_LTLIBRARIES = pam_securetty.la + ++pam_securetty_la_SOURCES = \ ++ pam_securetty.c \ ++ tty_secure.c ++ + if ENABLE_REGENERATE_MAN + noinst_DATA = README + README: pam_securetty.8.xml diff --git a/debian/patches-applied/055_pam_unix_nullok_secure b/debian/patches-applied/055_pam_unix_nullok_secure new file mode 100644 index 00000000..b5f795de --- /dev/null +++ b/debian/patches-applied/055_pam_unix_nullok_secure @@ -0,0 +1,225 @@ +Debian patch to add a new 'nullok_secure' option to pam_unix, which +accepts users with null passwords only when the applicant is connected +from a tty listed in /etc/securetty. + +Authors: Sam Hartman <hartmans@debian.org>, + Steve Langasek <vorlon@debian.org> + +Upstream status: not yet submitted + +Index: pam.deb/modules/pam_unix/support.c +=================================================================== +--- pam.deb.orig/modules/pam_unix/support.c ++++ pam.deb/modules/pam_unix/support.c +@@ -83,15 +83,22 @@ + /* now parse the arguments to this module */ + + while (argc-- > 0) { +- int j; ++ int j, sl; + + D(("pam_unix arg: %s", *argv)); + + for (j = 0; j < UNIX_CTRLS_; ++j) { +- if (unix_args[j].token +- && !strncmp(*argv, unix_args[j].token, strlen(unix_args[j].token))) +- { +- break; ++ if (unix_args[j].token) { ++ sl = strlen(unix_args[j].token); ++ if (unix_args[j].token[sl-1] == '=') { ++ /* exclude argument from comparison */ ++ if (!strncmp(*argv, unix_args[j].token, sl)) ++ break; ++ } else { ++ /* compare full strings */ ++ if (!strcmp(*argv, unix_args[j].token)) ++ break; ++ } + } + } + +@@ -430,6 +437,7 @@ + child = fork(); + if (child == 0) { + int i=0; ++ int nullok = off(UNIX__NONULL, ctrl); + struct rlimit rlim; + static char *envp[] = { NULL }; + char *args[] = { NULL, NULL, NULL, NULL }; +@@ -457,7 +465,18 @@ + /* exec binary helper */ + args[0] = strdup(CHKPWD_HELPER); + args[1] = x_strdup(user); +- if (off(UNIX__NONULL, ctrl)) { /* this means we've succeeded */ ++ ++ if (on(UNIX_NULLOK_SECURE, ctrl)) { ++ const void *uttyname; ++ retval = pam_get_item(pamh, PAM_TTY, &uttyname); ++ if (retval != PAM_SUCCESS || uttyname == NULL) ++ nullok = 0; ++ ++ if (_pammodutil_tty_secure(pamh, (const char *)uttyname) != PAM_SUCCESS) ++ nullok = 0; ++ } ++ ++ if (nullok) { + args[2]=strdup("nullok"); + } else { + args[2]=strdup("nonull"); +@@ -554,6 +573,17 @@ + if (salt) + _pam_delete(salt); + ++ if ((retval == 1) && on(UNIX_NULLOK_SECURE, ctrl)) { ++ int retval2; ++ const void *uttyname; ++ retval2 = pam_get_item(pamh, PAM_TTY, &uttyname); ++ if (retval2 != PAM_SUCCESS || uttyname == NULL) ++ return 0; ++ ++ if (_pammodutil_tty_secure(pamh, (const char *)uttyname) != PAM_SUCCESS) ++ return 0; ++ } ++ + return retval; + } + +@@ -613,7 +643,8 @@ + } + } + } else { +- retval = verify_pwd_hash(p, salt, off(UNIX__NONULL, ctrl)); ++ retval = verify_pwd_hash(p, salt, ++ _unix_blankpasswd(pamh, ctrl, name)); + } + + if (retval == PAM_SUCCESS) { +Index: pam.deb/modules/pam_unix/support.h +=================================================================== +--- pam.deb.orig/modules/pam_unix/support.h ++++ pam.deb/modules/pam_unix/support.h +@@ -91,8 +91,9 @@ + #define UNIX_MAX_PASS_LEN 26 /* internal, for compatibility only */ + #define UNIX_MIN_PASS_LEN 27 /* Min length for password */ + #define UNIX_OBSCURE_CHECKS 28 /* enable obscure checks on passwords */ ++#define UNIX_NULLOK_SECURE 29 /* NULL passwords allowed only on secure ttys */ + /* -------------- */ +-#define UNIX_CTRLS_ 29 /* number of ctrl arguments defined */ ++#define UNIX_CTRLS_ 30 /* number of ctrl arguments defined */ + + + static const UNIX_Ctrls unix_args[UNIX_CTRLS_] = +@@ -109,7 +110,7 @@ + /* UNIX_NOT_SET_PASS */ {"not_set_pass", _ALL_ON_, 0x40}, + /* UNIX__PRELIM */ {NULL, _ALL_ON_^(0x180), 0x80}, + /* UNIX__UPDATE */ {NULL, _ALL_ON_^(0x180), 0x100}, +-/* UNIX__NONULL */ {NULL, _ALL_ON_, 0x200}, ++/* UNIX__NONULL */ {NULL, _ALL_ON_^(0x8000000), 0x200}, + /* UNIX__QUIET */ {NULL, _ALL_ON_, 0x400}, + /* UNIX_USE_AUTHTOK */ {"use_authtok", _ALL_ON_, 0x800}, + /* UNIX_SHADOW */ {"shadow", _ALL_ON_, 0x1000}, +@@ -129,6 +130,7 @@ + /* UNIX_MAX_PASS_LEN */ {"max=", _ALL_ON_, 0}, + /* UNIX_MIN_PASS_LEN */ {"min=", _ALL_ON_, 0x2000000}, + /* UNIX_OBSCURE_CHECKS */ {"obscure", _ALL_ON_, 0x4000000}, ++/* UNIX__NULLOK */ {"nullok_secure", _ALL_ON_^(0x200), 0x8000000}, + }; + + #define UNIX_DEFAULTS (unix_args[UNIX__NONULL].flag) +@@ -163,6 +165,9 @@ + ,const char *data_name + ,const void **pass); + ++extern int _pammodutil_tty_secure(const pam_handle_t *pamh, ++ const char *uttyname); ++ + extern int _unix_run_verify_binary(pam_handle_t *pamh, + unsigned int ctrl, const char *user, int *daysleft); + #endif /* _PAM_UNIX_SUPPORT_H */ +Index: pam.deb/modules/pam_unix/Makefile.am +=================================================================== +--- pam.deb.orig/modules/pam_unix/Makefile.am ++++ pam.deb/modules/pam_unix/Makefile.am +@@ -31,7 +31,8 @@ + pam_unix_la_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map + endif + pam_unix_la_LIBADD = @LIBCRACK@ @LIBNSL@ -L$(top_builddir)/libpam -lpam \ +- @LIBCRYPT@ @LIBSELINUX@ ++ @LIBCRYPT@ @LIBSELINUX@ \ ++ ../pam_securetty/tty_secure.lo + + securelib_LTLIBRARIES = pam_unix.la + +Index: pam.deb/modules/pam_unix/README +=================================================================== +--- pam.deb.orig/modules/pam_unix/README ++++ pam.deb/modules/pam_unix/README +@@ -57,7 +57,16 @@ + + The default action of this module is to not permit the user access to a + service if their official password is blank. The nullok argument overrides +- this default. ++ this default and allows any user with a blank password to access the ++ service. ++ ++nullok_secure ++ ++ The default action of this module is to not permit the user access to a ++ service if their official password is blank. The nullok_secure argument ++ overrides this default and allows any user with a blank password to access ++ the service as long as the value of PAM_TTY is set to one of the values ++ found in /etc/securetty. + + try_first_pass + +Index: pam.deb/modules/pam_unix/pam_unix.8 +=================================================================== +--- pam.deb.orig/modules/pam_unix/pam_unix.8 ++++ pam.deb/modules/pam_unix/pam_unix.8 +@@ -62,7 +62,14 @@ + .RS 4 + The default action of this module is to not permit the user access to a service if their official password is blank\. The + \fBnullok\fR +-argument overrides this default\. ++argument overrides this default and allows any user with a blank password to access the service\. ++.RE ++.PP ++\fBnullok_secure\fR ++.RS 4 ++The default action of this module is to not permit the user access to a service if their official password is blank\. The ++\fBnullok_secure\fR ++argument overrides this default and allows any user with a blank password to access the service as long as the value of PAM_TTY is set to one of the values found in /etc/securetty\. + .RE + .PP + \fBtry_first_pass\fR +Index: pam.deb/modules/pam_unix/pam_unix.8.xml +=================================================================== +--- pam.deb.orig/modules/pam_unix/pam_unix.8.xml ++++ pam.deb/modules/pam_unix/pam_unix.8.xml +@@ -135,7 +135,24 @@ + <para> + The default action of this module is to not permit the + user access to a service if their official password is blank. +- The <option>nullok</option> argument overrides this default. ++ The <option>nullok</option> argument overrides this default ++ and allows any user with a blank password to access the ++ service. ++ </para> ++ </listitem> ++ </varlistentry> ++ <varlistentry> ++ <term> ++ <option>nullok_secure</option> ++ </term> ++ <listitem> ++ <para> ++ The default action of this module is to not permit the ++ user access to a service if their official password is blank. ++ The <option>nullok_secure</option> argument overrides this ++ default and allows any user with a blank password to access ++ the service as long as the value of PAM_TTY is set to one of ++ the values found in /etc/securetty. + </para> + </listitem> + </varlistentry> diff --git a/debian/patches-applied/057_pam_unix_passwd_OOM_check b/debian/patches-applied/057_pam_unix_passwd_OOM_check new file mode 100644 index 00000000..afae12e1 --- /dev/null +++ b/debian/patches-applied/057_pam_unix_passwd_OOM_check @@ -0,0 +1,21 @@ +Index: Linux-PAM/modules/pam_unix/pam_unix_passwd.c +=================================================================== +--- Linux-PAM/modules/pam_unix/pam_unix_passwd.c.orig ++++ Linux-PAM/modules/pam_unix/pam_unix_passwd.c +@@ -1323,6 +1323,16 @@ + } + } + ++ /* A null pointer here indicates a memory failure ++ somewhere along the way; don't set the password to ++ NULL! */ ++ if (tpass == NULL) { ++ pam_syslog(pamh, LOG_CRIT, ++ "out of memory for password"); ++ pass_new = pass_old = NULL; /* tidy up */ ++ return PAM_BUF_ERR; ++ } ++ + D(("password processed")); + + /* update the password database(s) -- race conditions..? */ diff --git a/debian/patches-applied/065_pam_unix_cracklib_disable b/debian/patches-applied/065_pam_unix_cracklib_disable new file mode 100644 index 00000000..7e90796a --- /dev/null +++ b/debian/patches-applied/065_pam_unix_cracklib_disable @@ -0,0 +1,21 @@ +Index: pam.debian/modules/pam_unix/Makefile.am +=================================================================== +--- pam.debian.orig/modules/pam_unix/Makefile.am ++++ pam.debian/modules/pam_unix/Makefile.am +@@ -21,15 +21,12 @@ + if HAVE_LIBSELINUX + AM_CFLAGS += -D"WITH_SELINUX" + endif +-if HAVE_LIBCRACK +- AM_CFLAGS += -D"USE_CRACKLIB" +-endif + + pam_unix_la_LDFLAGS = -no-undefined -avoid-version -module + if HAVE_VERSIONING + pam_unix_la_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map + endif +-pam_unix_la_LIBADD = @LIBCRACK@ @LIBNSL@ -L$(top_builddir)/libpam -lpam \ ++pam_unix_la_LIBADD = @LIBNSL@ -L$(top_builddir)/libpam -lpam \ + @LIBCRYPT@ @LIBSELINUX@ \ + ../pam_securetty/tty_secure.lo + diff --git a/debian/patches-applied/PAM-manpage-section b/debian/patches-applied/PAM-manpage-section new file mode 100644 index 00000000..6aecae1b --- /dev/null +++ b/debian/patches-applied/PAM-manpage-section @@ -0,0 +1,48 @@ +Index: pam.deb/doc/man/PAM.8 +=================================================================== +--- pam.deb.orig/doc/man/PAM.8 ++++ pam.deb/doc/man/PAM.8 +@@ -5,7 +5,7 @@ + .\" Manual: Linux-PAM Manual + .\" Source: Linux-PAM Manual + .\" +-.TH "PAM" "8" "02/04/2008" "Linux-PAM Manual" "Linux-PAM Manual" ++.TH "PAM" "7" "02/04/2008" "Linux-PAM Manual" "Linux-PAM Manual" + .\" disable hyphenation + .nh + .\" disable justification (adjust text to left margin only) +@@ -104,4 +104,4 @@ + \fBpam_authenticate\fR(3), + \fBpam_sm_setcred\fR(3), + \fBpam_strerror\fR(3), +-\fBPAM\fR(8) ++\fBPAM\fR(7) +Index: pam.deb/doc/man/pam.8 +=================================================================== +--- pam.deb.orig/doc/man/pam.8 ++++ pam.deb/doc/man/pam.8 +@@ -1 +1 @@ +-.so man8/PAM.8 ++.so man7/PAM.7 +Index: pam.deb/doc/man/pam.8.xml +=================================================================== +--- pam.deb.orig/doc/man/pam.8.xml ++++ pam.deb/doc/man/pam.8.xml +@@ -6,7 +6,7 @@ + + <refmeta> + <refentrytitle>pam</refentrytitle> +- <manvolnum>8</manvolnum> ++ <manvolnum>7</manvolnum> + <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo> + </refmeta> + +@@ -179,7 +179,7 @@ + <refentrytitle>pam_strerror</refentrytitle><manvolnum>3</manvolnum> + </citerefentry>, + <citerefentry> +- <refentrytitle>PAM</refentrytitle><manvolnum>8</manvolnum> ++ <refentrytitle>PAM</refentrytitle><manvolnum>7</manvolnum> + </citerefentry> + </para> + </refsect1> diff --git a/debian/patches-applied/autoconf.patch b/debian/patches-applied/autoconf.patch new file mode 100644 index 00000000..9d91ab33 --- /dev/null +++ b/debian/patches-applied/autoconf.patch @@ -0,0 +1,7893 @@ +The process for refreshing this patch is: + + export QUILT_PATCHES=debian/patches-applied + quilt push autoconf.patch # to get everything applied up to this point + quilt push -f autoconf.patch # to override the errors when applying + autoheader && aclocal -I m4 && automake && autoconf + quilt refresh + find . -name '*.rej' | xargs rm + +Index: pam.deb/Makefile.in +=================================================================== +--- pam.deb.orig/Makefile.in ++++ pam.deb/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -39,7 +39,7 @@ + DIST_COMMON = README $(am__configure_deps) $(srcdir)/Makefile.am \ + $(srcdir)/Makefile.in $(srcdir)/config.h.in \ + $(top_srcdir)/configure ABOUT-NLS AUTHORS COPYING ChangeLog \ +- INSTALL NEWS compile config.guess config.rpath config.sub \ ++ INSTALL NEWS TODO compile config.guess config.rpath config.sub \ + depcomp install-sh ltmain.sh missing mkinstalldirs ylwrap + ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 + am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \ +@@ -104,6 +104,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -156,6 +157,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -399,8 +401,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -425,8 +427,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -436,13 +438,12 @@ + CTAGS: ctags-recursive $(HEADERS) $(SOURCES) config.h.in $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) config.h.in $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +@@ -518,6 +519,10 @@ + tardir=$(distdir) && $(am__tar) | bzip2 -9 -c >$(distdir).tar.bz2 + $(am__remove_distdir) + ++dist-lzma: distdir ++ tardir=$(distdir) && $(am__tar) | lzma -9 -c >$(distdir).tar.lzma ++ $(am__remove_distdir) ++ + dist-tarZ: distdir + tardir=$(distdir) && $(am__tar) | compress -c >$(distdir).tar.Z + $(am__remove_distdir) +@@ -545,6 +550,8 @@ + GZIP=$(GZIP_ENV) gunzip -c $(distdir).tar.gz | $(am__untar) ;;\ + *.tar.bz2*) \ + bunzip2 -c $(distdir).tar.bz2 | $(am__untar) ;;\ ++ *.tar.lzma*) \ ++ unlzma -c $(distdir).tar.lzma | $(am__untar) ;;\ + *.tar.Z*) \ + uncompress -c $(distdir).tar.Z | $(am__untar) ;;\ + *.shar.gz*) \ +@@ -697,8 +704,8 @@ + .PHONY: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) CTAGS GTAGS \ + all all-am am--refresh check check-am clean clean-generic \ + clean-libtool ctags ctags-recursive dist dist-all dist-bzip2 \ +- dist-gzip dist-shar dist-tarZ dist-zip distcheck distclean \ +- distclean-generic distclean-hdr distclean-libtool \ ++ dist-gzip dist-lzma dist-shar dist-tarZ dist-zip distcheck \ ++ distclean distclean-generic distclean-hdr distclean-libtool \ + distclean-tags distcleancheck distdir distuninstallcheck dvi \ + dvi-am html html-am info info-am install install-am \ + install-data install-data-am install-dvi install-dvi-am \ +Index: pam.deb/aclocal.m4 +=================================================================== +--- pam.deb.orig/aclocal.m4 ++++ pam.deb/aclocal.m4 +@@ -1,7 +1,7 @@ +-# generated automatically by aclocal 1.10 -*- Autoconf -*- ++# generated automatically by aclocal 1.10.1 -*- Autoconf -*- + + # Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, +-# 2005, 2006 Free Software Foundation, Inc. ++# 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This file is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -11,14 +11,17 @@ + # even the implied warranty of MERCHANTABILITY or FITNESS FOR A + # PARTICULAR PURPOSE. + +-m4_if(m4_PACKAGE_VERSION, [2.61],, +-[m4_fatal([this file was generated for autoconf 2.61. +-You have another version of autoconf. If you want to use that, +-you should regenerate the build system entirely.], [63])]) ++m4_ifndef([AC_AUTOCONF_VERSION], ++ [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl ++m4_if(AC_AUTOCONF_VERSION, [2.61],, ++[m4_warning([this file was generated for autoconf 2.61. ++You have another version of autoconf. It may work, but is not guaranteed to. ++If you have problems, you may need to regenerate the build system entirely. ++To do so, use the procedure documented by the package, typically `autoreconf'.])]) + + # libtool.m4 - Configure libtool for the host system. -*-Autoconf-*- + +-# serial 51 AC_PROG_LIBTOOL ++# serial 52 Debian 1.5.26-4 AC_PROG_LIBTOOL + + + # AC_PROVIDE_IFELSE(MACRO-NAME, IF-PROVIDED, IF-NOT-PROVIDED) +@@ -106,7 +109,6 @@ + AC_REQUIRE([AC_OBJEXT])dnl + AC_REQUIRE([AC_EXEEXT])dnl + dnl +- + AC_LIBTOOL_SYS_MAX_CMD_LEN + AC_LIBTOOL_SYS_GLOBAL_SYMBOL_PIPE + AC_LIBTOOL_OBJDIR +@@ -208,6 +210,8 @@ + ;; + esac + ++_LT_REQUIRED_DARWIN_CHECKS ++ + AC_PROVIDE_IFELSE([AC_LIBTOOL_DLOPEN], enable_dlopen=yes, enable_dlopen=no) + AC_PROVIDE_IFELSE([AC_LIBTOOL_WIN32_DLL], + enable_win32_dll=yes, enable_win32_dll=no) +@@ -287,9 +291,80 @@ + echo "$lt_simple_link_test_code" >conftest.$ac_ext + eval "$ac_link" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err + _lt_linker_boilerplate=`cat conftest.err` +-$rm conftest* ++$rm -r conftest* + ])# _LT_LINKER_BOILERPLATE + ++# _LT_REQUIRED_DARWIN_CHECKS ++# -------------------------- ++# Check for some things on darwin ++AC_DEFUN([_LT_REQUIRED_DARWIN_CHECKS],[ ++ case $host_os in ++ rhapsody* | darwin*) ++ AC_CHECK_TOOL([DSYMUTIL], [dsymutil], [:]) ++ AC_CHECK_TOOL([NMEDIT], [nmedit], [:]) ++ ++ AC_CACHE_CHECK([for -single_module linker flag],[lt_cv_apple_cc_single_mod], ++ [lt_cv_apple_cc_single_mod=no ++ if test -z "${LT_MULTI_MODULE}"; then ++ # By default we will add the -single_module flag. You can override ++ # by either setting the environment variable LT_MULTI_MODULE ++ # non-empty at configure time, or by adding -multi_module to the ++ # link flags. ++ echo "int foo(void){return 1;}" > conftest.c ++ $LTCC $LTCFLAGS $LDFLAGS -o libconftest.dylib \ ++ -dynamiclib ${wl}-single_module conftest.c ++ if test -f libconftest.dylib; then ++ lt_cv_apple_cc_single_mod=yes ++ rm -rf libconftest.dylib* ++ fi ++ rm conftest.c ++ fi]) ++ AC_CACHE_CHECK([for -exported_symbols_list linker flag], ++ [lt_cv_ld_exported_symbols_list], ++ [lt_cv_ld_exported_symbols_list=no ++ save_LDFLAGS=$LDFLAGS ++ echo "_main" > conftest.sym ++ LDFLAGS="$LDFLAGS -Wl,-exported_symbols_list,conftest.sym" ++ AC_LINK_IFELSE([AC_LANG_PROGRAM([],[])], ++ [lt_cv_ld_exported_symbols_list=yes], ++ [lt_cv_ld_exported_symbols_list=no]) ++ LDFLAGS="$save_LDFLAGS" ++ ]) ++ case $host_os in ++ rhapsody* | darwin1.[[0123]]) ++ _lt_dar_allow_undefined='${wl}-undefined ${wl}suppress' ;; ++ darwin1.*) ++ _lt_dar_allow_undefined='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' ;; ++ darwin*) ++ # if running on 10.5 or later, the deployment target defaults ++ # to the OS version, if on x86, and 10.4, the deployment ++ # target defaults to 10.4. Don't you love it? ++ case ${MACOSX_DEPLOYMENT_TARGET-10.0},$host in ++ 10.0,*86*-darwin8*|10.0,*-darwin[[91]]*) ++ _lt_dar_allow_undefined='${wl}-undefined ${wl}dynamic_lookup' ;; ++ 10.[[012]]*) ++ _lt_dar_allow_undefined='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' ;; ++ 10.*) ++ _lt_dar_allow_undefined='${wl}-undefined ${wl}dynamic_lookup' ;; ++ esac ++ ;; ++ esac ++ if test "$lt_cv_apple_cc_single_mod" = "yes"; then ++ _lt_dar_single_mod='$single_module' ++ fi ++ if test "$lt_cv_ld_exported_symbols_list" = "yes"; then ++ _lt_dar_export_syms=' ${wl}-exported_symbols_list,$output_objdir/${libname}-symbols.expsym' ++ else ++ _lt_dar_export_syms="~$NMEDIT -s \$output_objdir/\${libname}-symbols.expsym \${lib}" ++ fi ++ if test "$DSYMUTIL" != ":"; then ++ _lt_dsymutil="~$DSYMUTIL \$lib || :" ++ else ++ _lt_dsymutil= ++ fi ++ ;; ++ esac ++]) + + # _LT_AC_SYS_LIBPATH_AIX + # ---------------------- +@@ -614,7 +689,11 @@ + *64-bit*) + case $lt_cv_prog_gnu_ld in + yes*) LD="${LD-ld} -m elf64_sparc" ;; +- *) LD="${LD-ld} -64" ;; ++ *) ++ if ${LD-ld} -64 -r -o conftest2.o conftest.o >/dev/null 2>&1; then ++ LD="${LD-ld} -64" ++ fi ++ ;; + esac + ;; + esac +@@ -707,7 +786,7 @@ + $2=yes + fi + fi +- $rm conftest* ++ $rm -r conftest* + LDFLAGS="$save_LDFLAGS" + ]) + +@@ -978,7 +1057,7 @@ + AC_CHECK_FUNC([shl_load], + [lt_cv_dlopen="shl_load"], + [AC_CHECK_LIB([dld], [shl_load], +- [lt_cv_dlopen="shl_load" lt_cv_dlopen_libs="-dld"], ++ [lt_cv_dlopen="shl_load" lt_cv_dlopen_libs="-ldld"], + [AC_CHECK_FUNC([dlopen], + [lt_cv_dlopen="dlopen"], + [AC_CHECK_LIB([dl], [dlopen], +@@ -986,7 +1065,7 @@ + [AC_CHECK_LIB([svld], [dlopen], + [lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-lsvld"], + [AC_CHECK_LIB([dld], [dld_link], +- [lt_cv_dlopen="dld_link" lt_cv_dlopen_libs="-dld"]) ++ [lt_cv_dlopen="dld_link" lt_cv_dlopen_libs="-ldld"]) + ]) + ]) + ]) +@@ -1303,7 +1382,7 @@ + soname_spec='${libname}${release}${shared_ext}$major' + ;; + +-aix4* | aix5*) ++aix[[4-9]]*) + version_type=linux + need_lib_prefix=no + need_version=no +@@ -1644,6 +1723,18 @@ + dynamic_linker='GNU/Linux ld.so' + ;; + ++netbsdelf*-gnu) ++ version_type=linux ++ need_lib_prefix=no ++ need_version=no ++ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' ++ soname_spec='${libname}${release}${shared_ext}$major' ++ shlibpath_var=LD_LIBRARY_PATH ++ shlibpath_overrides_runpath=no ++ hardcode_into_libs=yes ++ dynamic_linker='NetBSD ld.elf_so' ++ ;; ++ + netbsd*) + version_type=sunos + need_lib_prefix=no +@@ -1824,6 +1915,13 @@ + AC_MSG_RESULT([$dynamic_linker]) + test "$dynamic_linker" = no && can_build_shared=no + ++AC_CACHE_VAL([lt_cv_sys_lib_search_path_spec], ++[lt_cv_sys_lib_search_path_spec="$sys_lib_search_path_spec"]) ++sys_lib_search_path_spec="$lt_cv_sys_lib_search_path_spec" ++AC_CACHE_VAL([lt_cv_sys_lib_dlsearch_path_spec], ++[lt_cv_sys_lib_dlsearch_path_spec="$sys_lib_dlsearch_path_spec"]) ++sys_lib_dlsearch_path_spec="$lt_cv_sys_lib_dlsearch_path_spec" ++ + variables_saved_for_relink="PATH $shlibpath_var $runpath_var" + if test "$GCC" = yes; then + variables_saved_for_relink="$variables_saved_for_relink GCC_EXEC_PREFIX COMPILER_PATH LIBRARY_PATH" +@@ -2323,7 +2421,7 @@ + # whether `pass_all' will *always* work, you probably want this one. + + case $host_os in +-aix4* | aix5*) ++aix[[4-9]]*) + lt_cv_deplibs_check_method=pass_all + ;; + +@@ -2418,7 +2516,7 @@ + lt_cv_deplibs_check_method=pass_all + ;; + +-netbsd*) ++netbsd* | netbsdelf*-gnu) + if echo __ELF__ | $CC -E - | grep __ELF__ > /dev/null; then + lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so\.[[0-9]]+\.[[0-9]]+|_pic\.a)$' + else +@@ -2759,7 +2857,7 @@ + fi + ;; + +-aix4* | aix5*) ++aix[[4-9]]*) + if test "$host_cpu" != ia64 && test "$aix_use_runtimelinking" = no ; then + test "$enable_shared" = yes && enable_static=no + fi +@@ -2816,6 +2914,7 @@ + _LT_AC_TAGVAR(predeps, $1)= + _LT_AC_TAGVAR(postdeps, $1)= + _LT_AC_TAGVAR(compiler_lib_search_path, $1)= ++_LT_AC_TAGVAR(compiler_lib_search_dirs, $1)= + + # Source file extension for C++ test sources. + ac_ext=cpp +@@ -2925,7 +3024,7 @@ + # FIXME: insert proper C++ library support + _LT_AC_TAGVAR(ld_shlibs, $1)=no + ;; +- aix4* | aix5*) ++ aix[[4-9]]*) + if test "$host_cpu" = ia64; then + # On IA64, the linker does run time linking by default, so we don't + # have to do anything special. +@@ -2938,7 +3037,7 @@ + # Test if we are trying to use run time linking or normal + # AIX style linking. If -brtl is somewhere in LDFLAGS, we + # need to do runtime linking. +- case $host_os in aix4.[[23]]|aix4.[[23]].*|aix5*) ++ case $host_os in aix4.[[23]]|aix4.[[23]].*|aix[[5-9]]*) + for ld_flag in $LDFLAGS; do + case $ld_flag in + *-brtl*) +@@ -3084,51 +3183,23 @@ + fi + ;; + darwin* | rhapsody*) +- case $host_os in +- rhapsody* | darwin1.[[012]]) +- _LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-undefined ${wl}suppress' +- ;; +- *) # Darwin 1.3 on +- if test -z ${MACOSX_DEPLOYMENT_TARGET} ; then +- _LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' +- else +- case ${MACOSX_DEPLOYMENT_TARGET} in +- 10.[[012]]) +- _LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' +- ;; +- 10.*) +- _LT_AC_TAGVAR(allow_undefined_flag, $1)='${wl}-undefined ${wl}dynamic_lookup' +- ;; +- esac +- fi +- ;; +- esac + _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no + _LT_AC_TAGVAR(hardcode_direct, $1)=no + _LT_AC_TAGVAR(hardcode_automatic, $1)=yes + _LT_AC_TAGVAR(hardcode_shlibpath_var, $1)=unsupported + _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='' + _LT_AC_TAGVAR(link_all_deplibs, $1)=yes +- +- if test "$GXX" = yes ; then +- lt_int_apple_cc_single_mod=no ++ _LT_AC_TAGVAR(allow_undefined_flag, $1)="$_lt_dar_allow_undefined" ++ if test "$GXX" = yes ; then + output_verbose_link_cmd='echo' +- if $CC -dumpspecs 2>&1 | $EGREP 'single_module' >/dev/null ; then +- lt_int_apple_cc_single_mod=yes ++ _LT_AC_TAGVAR(archive_cmds, $1)="\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring $_lt_dar_single_mod${_lt_dsymutil}" ++ _LT_AC_TAGVAR(module_cmds, $1)="\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags${_lt_dsymutil}" ++ _LT_AC_TAGVAR(archive_expsym_cmds, $1)="sed 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring ${_lt_dar_single_mod}${_lt_dar_export_syms}${_lt_dsymutil}" ++ _LT_AC_TAGVAR(module_expsym_cmds, $1)="sed -e 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags${_lt_dar_export_syms}${_lt_dsymutil}" ++ if test "$lt_cv_apple_cc_single_mod" != "yes"; then ++ _LT_AC_TAGVAR(archive_cmds, $1)="\$CC -r -keep_private_externs -nostdlib -o \${lib}-master.o \$libobjs~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \${lib}-master.o \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring${_lt_dsymutil}" ++ _LT_AC_TAGVAR(archive_expsym_cmds, $1)="sed 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC -r -keep_private_externs -nostdlib -o \${lib}-master.o \$libobjs~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \${lib}-master.o \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring${_lt_dar_export_syms}${_lt_dsymutil}" + fi +- if test "X$lt_int_apple_cc_single_mod" = Xyes ; then +- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -dynamiclib -single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring' +- else +- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -r -keep_private_externs -nostdlib -o ${lib}-master.o $libobjs~$CC -dynamiclib $allow_undefined_flag -o $lib ${lib}-master.o $deplibs $compiler_flags -install_name $rpath/$soname $verstring' +- fi +- _LT_AC_TAGVAR(module_cmds, $1)='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' +- # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin lds +- if test "X$lt_int_apple_cc_single_mod" = Xyes ; then +- _LT_AC_TAGVAR(archive_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -dynamiclib -single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' +- else +- _LT_AC_TAGVAR(archive_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -r -keep_private_externs -nostdlib -o ${lib}-master.o $libobjs~$CC -dynamiclib $allow_undefined_flag -o $lib ${lib}-master.o $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' +- fi +- _LT_AC_TAGVAR(module_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' + else + case $cc_basename in + xlc*) +@@ -3379,7 +3450,7 @@ + _LT_AC_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic' + _LT_AC_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive$convenience ${wl}--no-whole-archive' + ;; +- pgCC*) ++ pgCC* | pgcpp*) + # Portland Group C++ compiler + _LT_AC_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname -o $lib' + _LT_AC_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname ${wl}-retain-symbols-file ${wl}$export_symbols -o $lib' +@@ -3452,7 +3523,7 @@ + ;; + esac + ;; +- netbsd*) ++ netbsd* | netbsdelf*-gnu) + if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then + _LT_AC_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $predep_objects $libobjs $deplibs $postdep_objects $linker_flags' + wlarc= +@@ -3814,7 +3885,8 @@ + # compiler output when linking a shared library. + # Parse the compiler output and extract the necessary + # objects, libraries and library flags. +-AC_DEFUN([AC_LIBTOOL_POSTDEP_PREDEP],[ ++AC_DEFUN([AC_LIBTOOL_POSTDEP_PREDEP], ++[AC_REQUIRE([LT_AC_PROG_SED])dnl + dnl we can't use the lt_simple_compile_test_code here, + dnl because it contains code intended for an executable, + dnl not a library. It's possible we should let each +@@ -3939,6 +4011,11 @@ + + $rm -f confest.$objext + ++_LT_AC_TAGVAR(compiler_lib_search_dirs, $1)= ++if test -n "$_LT_AC_TAGVAR(compiler_lib_search_path, $1)"; then ++ _LT_AC_TAGVAR(compiler_lib_search_dirs, $1)=`echo " ${_LT_AC_TAGVAR(compiler_lib_search_path, $1)}" | ${SED} -e 's! -L! !g' -e 's!^ !!'` ++fi ++ + # PORTME: override above test on systems where it is broken + ifelse([$1],[CXX], + [case $host_os in +@@ -3995,7 +4072,6 @@ + ;; + esac + ]) +- + case " $_LT_AC_TAGVAR(postdeps, $1) " in + *" -lc "*) _LT_AC_TAGVAR(archive_cmds_need_lc, $1)=no ;; + esac +@@ -4080,7 +4156,7 @@ + postinstall_cmds='$RANLIB $lib' + fi + ;; +-aix4* | aix5*) ++aix[[4-9]]*) + if test "$host_cpu" != ia64 && test "$aix_use_runtimelinking" = no ; then + test "$enable_shared" = yes && enable_static=no + fi +@@ -4257,6 +4333,7 @@ + _LT_AC_TAGVAR(predeps, $1) \ + _LT_AC_TAGVAR(postdeps, $1) \ + _LT_AC_TAGVAR(compiler_lib_search_path, $1) \ ++ _LT_AC_TAGVAR(compiler_lib_search_dirs, $1) \ + _LT_AC_TAGVAR(archive_cmds, $1) \ + _LT_AC_TAGVAR(archive_expsym_cmds, $1) \ + _LT_AC_TAGVAR(postinstall_cmds, $1) \ +@@ -4319,7 +4396,7 @@ + # Generated automatically by $PROGRAM (GNU $PACKAGE $VERSION$TIMESTAMP) + # NOTE: Changes made to this file will be lost: look at ltmain.sh. + # +-# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007 ++# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008 + # Free Software Foundation, Inc. + # + # This file is part of GNU Libtool: +@@ -4556,6 +4633,10 @@ + # shared library. + postdeps=$lt_[]_LT_AC_TAGVAR(postdeps, $1) + ++# The directories searched by this compiler when creating a shared ++# library ++compiler_lib_search_dirs=$lt_[]_LT_AC_TAGVAR(compiler_lib_search_dirs, $1) ++ + # The library search path used internally by the compiler when linking + # a shared library. + compiler_lib_search_path=$lt_[]_LT_AC_TAGVAR(compiler_lib_search_path, $1) +@@ -4905,7 +4986,7 @@ + echo "$progname: failed program was:" >&AS_MESSAGE_LOG_FD + cat conftest.$ac_ext >&5 + fi +- rm -f conftest* conftst* ++ rm -rf conftest* conftst* + + # Do not use the global_symbol_pipe unless it works. + if test "$pipe_works" = yes; then +@@ -4962,7 +5043,8 @@ + # built for inclusion in a dll (and should export symbols for example). + # Although the cygwin gcc ignores -fPIC, still need this for old-style + # (--disable-auto-import) libraries +- _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT' ++ m4_if([$1], [GCJ], [], ++ [_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT']) + ;; + darwin* | rhapsody*) + # PIC is the default on this platform +@@ -4999,7 +5081,7 @@ + esac + else + case $host_os in +- aix4* | aix5*) ++ aix[[4-9]]*) + # All AIX code is PIC. + if test "$host_cpu" = ia64; then + # AIX 5 now supports IA64 processor +@@ -5095,7 +5177,7 @@ + _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' + _LT_AC_TAGVAR(lt_prog_compiler_static, $1)='-static' + ;; +- pgCC*) ++ pgCC* | pgcpp*) + # Portland Group C++ compiler. + _LT_AC_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-fpic' +@@ -5133,7 +5215,7 @@ + ;; + esac + ;; +- netbsd*) ++ netbsd* | netbsdelf*-gnu) + ;; + osf3* | osf4* | osf5*) + case $cc_basename in +@@ -5246,7 +5328,8 @@ + # built for inclusion in a dll (and should export symbols for example). + # Although the cygwin gcc ignores -fPIC, still need this for old-style + # (--disable-auto-import) libraries +- _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT' ++ m4_if([$1], [GCJ], [], ++ [_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT']) + ;; + + darwin* | rhapsody*) +@@ -5316,7 +5399,8 @@ + mingw* | cygwin* | pw32* | os2*) + # This hack is so that the source file can tell whether it is being + # built for inclusion in a dll (and should export symbols for example). +- _LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT' ++ m4_if([$1], [GCJ], [], ++ [_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT']) + ;; + + hpux9* | hpux10* | hpux11*) +@@ -5453,7 +5537,7 @@ + # + if test -n "$_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)"; then + AC_LIBTOOL_COMPILER_OPTION([if $compiler PIC flag $_LT_AC_TAGVAR(lt_prog_compiler_pic, $1) works], +- _LT_AC_TAGVAR(lt_prog_compiler_pic_works, $1), ++ _LT_AC_TAGVAR(lt_cv_prog_compiler_pic_works, $1), + [$_LT_AC_TAGVAR(lt_prog_compiler_pic, $1)ifelse([$1],[],[ -DPIC],[ifelse([$1],[CXX],[ -DPIC],[])])], [], + [case $_LT_AC_TAGVAR(lt_prog_compiler_pic, $1) in + "" | " "*) ;; +@@ -5477,7 +5561,7 @@ + # + wl=$_LT_AC_TAGVAR(lt_prog_compiler_wl, $1) eval lt_tmp_static_flag=\"$_LT_AC_TAGVAR(lt_prog_compiler_static, $1)\" + AC_LIBTOOL_LINKER_OPTION([if $compiler static flag $lt_tmp_static_flag works], +- _LT_AC_TAGVAR(lt_prog_compiler_static_works, $1), ++ _LT_AC_TAGVAR(lt_cv_prog_compiler_static_works, $1), + $lt_tmp_static_flag, + [], + [_LT_AC_TAGVAR(lt_prog_compiler_static, $1)=]) +@@ -5493,7 +5577,7 @@ + ifelse([$1],[CXX],[ + _LT_AC_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols' + case $host_os in +- aix4* | aix5*) ++ aix[[4-9]]*) + # If we're using GNU nm, then we don't want the "-C" option. + # -C means demangle to AIX nm, but means don't demangle with GNU nm + if $NM -V 2>&1 | grep 'GNU' > /dev/null; then +@@ -5508,10 +5592,14 @@ + cygwin* | mingw*) + _LT_AC_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[[BCDGRS]][[ ]]/s/.*[[ ]]\([[^ ]]*\)/\1 DATA/;/^.*[[ ]]__nm__/s/^.*[[ ]]__nm__\([[^ ]]*\)[[ ]][[^ ]]*/\1 DATA/;/^I[[ ]]/d;/^[[AITW]][[ ]]/s/.*[[ ]]//'\'' | sort | uniq > $export_symbols' + ;; ++ linux* | k*bsd*-gnu) ++ _LT_AC_TAGVAR(link_all_deplibs, $1)=no ++ ;; + *) + _LT_AC_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols' + ;; + esac ++ _LT_AC_TAGVAR(exclude_expsyms, $1)=['_GLOBAL_OFFSET_TABLE_|_GLOBAL__F[ID]_.*'] + ],[ + runpath_var= + _LT_AC_TAGVAR(allow_undefined_flag, $1)= +@@ -5542,12 +5630,14 @@ + # it will be wrapped by ` (' and `)$', so one must not match beginning or + # end of line. Example: `a|bc|.*d.*' will exclude the symbols `a' and `bc', + # as well as any symbol that contains `d'. +- _LT_AC_TAGVAR(exclude_expsyms, $1)="_GLOBAL_OFFSET_TABLE_" ++ _LT_AC_TAGVAR(exclude_expsyms, $1)=['_GLOBAL_OFFSET_TABLE_|_GLOBAL__F[ID]_.*'] + # Although _GLOBAL_OFFSET_TABLE_ is a valid symbol C name, most a.out + # platforms (ab)use it in PIC code, but their linkers get confused if + # the symbol is explicitly referenced. Since portable code cannot + # rely on this symbol name, it's probably fine to never include it in + # preloaded symbol tables. ++ # Exclude shared library initialization/finalization symbols. ++dnl Note also adjust exclude_expsyms for C++ above. + extract_expsyms_cmds= + # Just being paranoid about ensuring that cc_basename is set. + _LT_CC_BASENAME([$compiler]) +@@ -5597,7 +5687,7 @@ + + # See if GNU ld supports shared libraries. + case $host_os in +- aix3* | aix4* | aix5*) ++ aix[[3-9]]*) + # On AIX/PPC, the GNU linker is very broken + if test "$host_cpu" != ia64; then + _LT_AC_TAGVAR(ld_shlibs, $1)=no +@@ -5713,12 +5803,13 @@ + $echo "local: *; };" >> $output_objdir/$libname.ver~ + $CC '"$tmp_sharedflag""$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-version-script ${wl}$output_objdir/$libname.ver -o $lib' + fi ++ _LT_AC_TAGVAR(link_all_deplibs, $1)=no + else + _LT_AC_TAGVAR(ld_shlibs, $1)=no + fi + ;; + +- netbsd*) ++ netbsd* | netbsdelf*-gnu) + if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then + _LT_AC_TAGVAR(archive_cmds, $1)='$LD -Bshareable $libobjs $deplibs $linker_flags -o $lib' + wlarc= +@@ -5816,7 +5907,7 @@ + fi + ;; + +- aix4* | aix5*) ++ aix[[4-9]]*) + if test "$host_cpu" = ia64; then + # On IA64, the linker does run time linking by default, so we don't + # have to do anything special. +@@ -5836,7 +5927,7 @@ + # Test if we are trying to use run time linking or normal + # AIX style linking. If -brtl is somewhere in LDFLAGS, we + # need to do runtime linking. +- case $host_os in aix4.[[23]]|aix4.[[23]].*|aix5*) ++ case $host_os in aix4.[[23]]|aix4.[[23]].*|aix[[5-9]]*) + for ld_flag in $LDFLAGS; do + if (test $ld_flag = "-brtl" || test $ld_flag = "-Wl,-brtl"); then + aix_use_runtimelinking=yes +@@ -5996,11 +6087,10 @@ + _LT_AC_TAGVAR(link_all_deplibs, $1)=yes + if test "$GCC" = yes ; then + output_verbose_link_cmd='echo' +- _LT_AC_TAGVAR(archive_cmds, $1)='$CC -dynamiclib $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring' +- _LT_AC_TAGVAR(module_cmds, $1)='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' +- # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin lds +- _LT_AC_TAGVAR(archive_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -dynamiclib $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' +- _LT_AC_TAGVAR(module_expsym_cmds, $1)='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' ++ _LT_AC_TAGVAR(archive_cmds, $1)="\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring $_lt_dar_single_mod${_lt_dsymutil}" ++ _LT_AC_TAGVAR(module_cmds, $1)="\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags${_lt_dsymutil}" ++ _LT_AC_TAGVAR(archive_expsym_cmds, $1)="sed 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring ${_lt_dar_single_mod}${_lt_dar_export_syms}${_lt_dsymutil}" ++ _LT_AC_TAGVAR(module_expsym_cmds, $1)="sed -e 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags${_lt_dar_export_syms}${_lt_dsymutil}" + else + case $cc_basename in + xlc*) +@@ -6150,7 +6240,7 @@ + _LT_AC_TAGVAR(link_all_deplibs, $1)=yes + ;; + +- netbsd*) ++ netbsd* | netbsdelf*-gnu) + if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then + _LT_AC_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' # a.out + else +@@ -6581,7 +6671,7 @@ + AC_MSG_RESULT([$SED]) + ]) + +-# Copyright (C) 2002, 2003, 2005, 2006 Free Software Foundation, Inc. ++# Copyright (C) 2002, 2003, 2005, 2006, 2007 Free Software Foundation, Inc. + # + # This file is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, +@@ -6596,7 +6686,7 @@ + [am__api_version='1.10' + dnl Some users find AM_AUTOMAKE_VERSION and mistake it for a way to + dnl require some minimum version. Point them to the right macro. +-m4_if([$1], [1.10], [], ++m4_if([$1], [1.10.1], [], + [AC_FATAL([Do not call $0, use AM_INIT_AUTOMAKE([$1]).])])dnl + ]) + +@@ -6612,8 +6702,10 @@ + # Call AM_AUTOMAKE_VERSION and AM_AUTOMAKE_VERSION so they can be traced. + # This function is AC_REQUIREd by AC_INIT_AUTOMAKE. + AC_DEFUN([AM_SET_CURRENT_AUTOMAKE_VERSION], +-[AM_AUTOMAKE_VERSION([1.10])dnl +-_AM_AUTOCONF_VERSION(m4_PACKAGE_VERSION)]) ++[AM_AUTOMAKE_VERSION([1.10.1])dnl ++m4_ifndef([AC_AUTOCONF_VERSION], ++ [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl ++_AM_AUTOCONF_VERSION(AC_AUTOCONF_VERSION)]) + + # AM_AUX_DIR_EXPAND -*- Autoconf -*- + +@@ -6885,7 +6977,7 @@ + # each Makefile.in and add a new line on top of each file to say so. + # Grep'ing the whole file is not good either: AIX grep has a line + # limit of 2048, but all sed's we know have understand at least 4000. +- if sed 10q "$mf" | grep '^#.*generated by automake' > /dev/null 2>&1; then ++ if sed -n 's,^#.*generated by automake.*,X,p' "$mf" | grep X >/dev/null 2>&1; then + dirpart=`AS_DIRNAME("$mf")` + else + continue +@@ -6945,13 +7037,13 @@ + # Do all the work for Automake. -*- Autoconf -*- + + # Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, +-# 2005, 2006 Free Software Foundation, Inc. ++# 2005, 2006, 2008 Free Software Foundation, Inc. + # + # This file is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. + +-# serial 12 ++# serial 13 + + # This macro actually does too much. Some checks are only needed if + # your package does certain things. But this isn't really a big deal. +@@ -7056,16 +7148,17 @@ + # our stamp files there. + AC_DEFUN([_AC_AM_CONFIG_HEADER_HOOK], + [# Compute $1's index in $config_headers. ++_am_arg=$1 + _am_stamp_count=1 + for _am_header in $config_headers :; do + case $_am_header in +- $1 | $1:* ) ++ $_am_arg | $_am_arg:* ) + break ;; + * ) + _am_stamp_count=`expr $_am_stamp_count + 1` ;; + esac + done +-echo "timestamp for $1" >`AS_DIRNAME([$1])`/stamp-h[]$_am_stamp_count]) ++echo "timestamp for $_am_arg" >`AS_DIRNAME(["$_am_arg"])`/stamp-h[]$_am_stamp_count]) + + # Copyright (C) 2001, 2003, 2005 Free Software Foundation, Inc. + # +@@ -7392,7 +7485,7 @@ + + # _AM_SUBST_NOTMAKE(VARIABLE) + # --------------------------- +-# Prevent Automake from outputing VARIABLE = @VARIABLE@ in Makefile.in. ++# Prevent Automake from outputting VARIABLE = @VARIABLE@ in Makefile.in. + # This macro is traced by Automake. + AC_DEFUN([_AM_SUBST_NOTMAKE]) + +Index: pam.deb/conf/Makefile.in +=================================================================== +--- pam.deb.orig/conf/Makefile.in ++++ pam.deb/conf/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -83,6 +83,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -135,6 +136,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -337,8 +339,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -363,8 +365,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -374,13 +376,12 @@ + CTAGS: ctags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/conf/pam_conv1/Makefile.in +=================================================================== +--- pam.deb.orig/conf/pam_conv1/Makefile.in ++++ pam.deb/conf/pam_conv1/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -59,7 +59,7 @@ + am_pam_conv1_OBJECTS = pam_conv_l.$(OBJEXT) pam_conv_y.$(OBJEXT) + pam_conv1_OBJECTS = $(am_pam_conv1_OBJECTS) + pam_conv1_DEPENDENCIES = +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -103,6 +103,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -155,6 +156,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -343,8 +345,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -356,8 +358,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -367,13 +369,12 @@ + CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/configure +=================================================================== +--- pam.deb.orig/configure ++++ pam.deb/configure +@@ -865,6 +865,8 @@ + ECHO + AR + RANLIB ++DSYMUTIL ++NMEDIT + CPP + CXX + CXXFLAGS +@@ -4683,7 +4685,7 @@ + # whether `pass_all' will *always* work, you probably want this one. + + case $host_os in +-aix4* | aix5*) ++aix[4-9]*) + lt_cv_deplibs_check_method=pass_all + ;; + +@@ -4778,7 +4780,7 @@ + lt_cv_deplibs_check_method=pass_all + ;; + +-netbsd*) ++netbsd* | netbsdelf*-gnu) + if echo __ELF__ | $CC -E - | grep __ELF__ > /dev/null; then + lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so\.[0-9]+\.[0-9]+|_pic\.a)$' + else +@@ -4898,7 +4900,7 @@ + ;; + *-*-irix6*) + # Find out which ABI we are using. +- echo '#line 4901 "configure"' > conftest.$ac_ext ++ echo '#line 4903 "configure"' > conftest.$ac_ext + if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>&5 + ac_status=$? +@@ -5070,7 +5072,11 @@ + *64-bit*) + case $lt_cv_prog_gnu_ld in + yes*) LD="${LD-ld} -m elf64_sparc" ;; +- *) LD="${LD-ld} -64" ;; ++ *) ++ if ${LD-ld} -64 -r -o conftest2.o conftest.o >/dev/null 2>&1; then ++ LD="${LD-ld} -64" ++ fi ++ ;; + esac + ;; + esac +@@ -6667,7 +6673,6 @@ + + + # Autoconf 2.13's AC_OBJEXT and AC_EXEEXT macros only works for C compilers! +- + # find the maximum length of command line arguments + { echo "$as_me:$LINENO: checking the maximum length of command line arguments" >&5 + echo $ECHO_N "checking the maximum length of command line arguments... $ECHO_C" >&6; } +@@ -6982,7 +6987,7 @@ + echo "$progname: failed program was:" >&5 + cat conftest.$ac_ext >&5 + fi +- rm -f conftest* conftst* ++ rm -rf conftest* conftst* + + # Do not use the global_symbol_pipe unless it works. + if test "$pipe_works" = yes; then +@@ -7542,6 +7547,318 @@ + ;; + esac + ++ ++ case $host_os in ++ rhapsody* | darwin*) ++ if test -n "$ac_tool_prefix"; then ++ # Extract the first word of "${ac_tool_prefix}dsymutil", so it can be a program name with args. ++set dummy ${ac_tool_prefix}dsymutil; ac_word=$2 ++{ echo "$as_me:$LINENO: checking for $ac_word" >&5 ++echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } ++if test "${ac_cv_prog_DSYMUTIL+set}" = set; then ++ echo $ECHO_N "(cached) $ECHO_C" >&6 ++else ++ if test -n "$DSYMUTIL"; then ++ ac_cv_prog_DSYMUTIL="$DSYMUTIL" # Let the user override the test. ++else ++as_save_IFS=$IFS; IFS=$PATH_SEPARATOR ++for as_dir in $PATH ++do ++ IFS=$as_save_IFS ++ test -z "$as_dir" && as_dir=. ++ for ac_exec_ext in '' $ac_executable_extensions; do ++ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ++ ac_cv_prog_DSYMUTIL="${ac_tool_prefix}dsymutil" ++ echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 ++ break 2 ++ fi ++done ++done ++IFS=$as_save_IFS ++ ++fi ++fi ++DSYMUTIL=$ac_cv_prog_DSYMUTIL ++if test -n "$DSYMUTIL"; then ++ { echo "$as_me:$LINENO: result: $DSYMUTIL" >&5 ++echo "${ECHO_T}$DSYMUTIL" >&6; } ++else ++ { echo "$as_me:$LINENO: result: no" >&5 ++echo "${ECHO_T}no" >&6; } ++fi ++ ++ ++fi ++if test -z "$ac_cv_prog_DSYMUTIL"; then ++ ac_ct_DSYMUTIL=$DSYMUTIL ++ # Extract the first word of "dsymutil", so it can be a program name with args. ++set dummy dsymutil; ac_word=$2 ++{ echo "$as_me:$LINENO: checking for $ac_word" >&5 ++echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } ++if test "${ac_cv_prog_ac_ct_DSYMUTIL+set}" = set; then ++ echo $ECHO_N "(cached) $ECHO_C" >&6 ++else ++ if test -n "$ac_ct_DSYMUTIL"; then ++ ac_cv_prog_ac_ct_DSYMUTIL="$ac_ct_DSYMUTIL" # Let the user override the test. ++else ++as_save_IFS=$IFS; IFS=$PATH_SEPARATOR ++for as_dir in $PATH ++do ++ IFS=$as_save_IFS ++ test -z "$as_dir" && as_dir=. ++ for ac_exec_ext in '' $ac_executable_extensions; do ++ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ++ ac_cv_prog_ac_ct_DSYMUTIL="dsymutil" ++ echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 ++ break 2 ++ fi ++done ++done ++IFS=$as_save_IFS ++ ++fi ++fi ++ac_ct_DSYMUTIL=$ac_cv_prog_ac_ct_DSYMUTIL ++if test -n "$ac_ct_DSYMUTIL"; then ++ { echo "$as_me:$LINENO: result: $ac_ct_DSYMUTIL" >&5 ++echo "${ECHO_T}$ac_ct_DSYMUTIL" >&6; } ++else ++ { echo "$as_me:$LINENO: result: no" >&5 ++echo "${ECHO_T}no" >&6; } ++fi ++ ++ if test "x$ac_ct_DSYMUTIL" = x; then ++ DSYMUTIL=":" ++ else ++ case $cross_compiling:$ac_tool_warned in ++yes:) ++{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools ++whose name does not start with the host triplet. If you think this ++configuration is useful to you, please write to autoconf@gnu.org." >&5 ++echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools ++whose name does not start with the host triplet. If you think this ++configuration is useful to you, please write to autoconf@gnu.org." >&2;} ++ac_tool_warned=yes ;; ++esac ++ DSYMUTIL=$ac_ct_DSYMUTIL ++ fi ++else ++ DSYMUTIL="$ac_cv_prog_DSYMUTIL" ++fi ++ ++ if test -n "$ac_tool_prefix"; then ++ # Extract the first word of "${ac_tool_prefix}nmedit", so it can be a program name with args. ++set dummy ${ac_tool_prefix}nmedit; ac_word=$2 ++{ echo "$as_me:$LINENO: checking for $ac_word" >&5 ++echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } ++if test "${ac_cv_prog_NMEDIT+set}" = set; then ++ echo $ECHO_N "(cached) $ECHO_C" >&6 ++else ++ if test -n "$NMEDIT"; then ++ ac_cv_prog_NMEDIT="$NMEDIT" # Let the user override the test. ++else ++as_save_IFS=$IFS; IFS=$PATH_SEPARATOR ++for as_dir in $PATH ++do ++ IFS=$as_save_IFS ++ test -z "$as_dir" && as_dir=. ++ for ac_exec_ext in '' $ac_executable_extensions; do ++ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ++ ac_cv_prog_NMEDIT="${ac_tool_prefix}nmedit" ++ echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 ++ break 2 ++ fi ++done ++done ++IFS=$as_save_IFS ++ ++fi ++fi ++NMEDIT=$ac_cv_prog_NMEDIT ++if test -n "$NMEDIT"; then ++ { echo "$as_me:$LINENO: result: $NMEDIT" >&5 ++echo "${ECHO_T}$NMEDIT" >&6; } ++else ++ { echo "$as_me:$LINENO: result: no" >&5 ++echo "${ECHO_T}no" >&6; } ++fi ++ ++ ++fi ++if test -z "$ac_cv_prog_NMEDIT"; then ++ ac_ct_NMEDIT=$NMEDIT ++ # Extract the first word of "nmedit", so it can be a program name with args. ++set dummy nmedit; ac_word=$2 ++{ echo "$as_me:$LINENO: checking for $ac_word" >&5 ++echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } ++if test "${ac_cv_prog_ac_ct_NMEDIT+set}" = set; then ++ echo $ECHO_N "(cached) $ECHO_C" >&6 ++else ++ if test -n "$ac_ct_NMEDIT"; then ++ ac_cv_prog_ac_ct_NMEDIT="$ac_ct_NMEDIT" # Let the user override the test. ++else ++as_save_IFS=$IFS; IFS=$PATH_SEPARATOR ++for as_dir in $PATH ++do ++ IFS=$as_save_IFS ++ test -z "$as_dir" && as_dir=. ++ for ac_exec_ext in '' $ac_executable_extensions; do ++ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ++ ac_cv_prog_ac_ct_NMEDIT="nmedit" ++ echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 ++ break 2 ++ fi ++done ++done ++IFS=$as_save_IFS ++ ++fi ++fi ++ac_ct_NMEDIT=$ac_cv_prog_ac_ct_NMEDIT ++if test -n "$ac_ct_NMEDIT"; then ++ { echo "$as_me:$LINENO: result: $ac_ct_NMEDIT" >&5 ++echo "${ECHO_T}$ac_ct_NMEDIT" >&6; } ++else ++ { echo "$as_me:$LINENO: result: no" >&5 ++echo "${ECHO_T}no" >&6; } ++fi ++ ++ if test "x$ac_ct_NMEDIT" = x; then ++ NMEDIT=":" ++ else ++ case $cross_compiling:$ac_tool_warned in ++yes:) ++{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools ++whose name does not start with the host triplet. If you think this ++configuration is useful to you, please write to autoconf@gnu.org." >&5 ++echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools ++whose name does not start with the host triplet. If you think this ++configuration is useful to you, please write to autoconf@gnu.org." >&2;} ++ac_tool_warned=yes ;; ++esac ++ NMEDIT=$ac_ct_NMEDIT ++ fi ++else ++ NMEDIT="$ac_cv_prog_NMEDIT" ++fi ++ ++ ++ { echo "$as_me:$LINENO: checking for -single_module linker flag" >&5 ++echo $ECHO_N "checking for -single_module linker flag... $ECHO_C" >&6; } ++if test "${lt_cv_apple_cc_single_mod+set}" = set; then ++ echo $ECHO_N "(cached) $ECHO_C" >&6 ++else ++ lt_cv_apple_cc_single_mod=no ++ if test -z "${LT_MULTI_MODULE}"; then ++ # By default we will add the -single_module flag. You can override ++ # by either setting the environment variable LT_MULTI_MODULE ++ # non-empty at configure time, or by adding -multi_module to the ++ # link flags. ++ echo "int foo(void){return 1;}" > conftest.c ++ $LTCC $LTCFLAGS $LDFLAGS -o libconftest.dylib \ ++ -dynamiclib ${wl}-single_module conftest.c ++ if test -f libconftest.dylib; then ++ lt_cv_apple_cc_single_mod=yes ++ rm -rf libconftest.dylib* ++ fi ++ rm conftest.c ++ fi ++fi ++{ echo "$as_me:$LINENO: result: $lt_cv_apple_cc_single_mod" >&5 ++echo "${ECHO_T}$lt_cv_apple_cc_single_mod" >&6; } ++ { echo "$as_me:$LINENO: checking for -exported_symbols_list linker flag" >&5 ++echo $ECHO_N "checking for -exported_symbols_list linker flag... $ECHO_C" >&6; } ++if test "${lt_cv_ld_exported_symbols_list+set}" = set; then ++ echo $ECHO_N "(cached) $ECHO_C" >&6 ++else ++ lt_cv_ld_exported_symbols_list=no ++ save_LDFLAGS=$LDFLAGS ++ echo "_main" > conftest.sym ++ LDFLAGS="$LDFLAGS -Wl,-exported_symbols_list,conftest.sym" ++ cat >conftest.$ac_ext <<_ACEOF ++/* confdefs.h. */ ++_ACEOF ++cat confdefs.h >>conftest.$ac_ext ++cat >>conftest.$ac_ext <<_ACEOF ++/* end confdefs.h. */ ++ ++int ++main () ++{ ++ ++ ; ++ return 0; ++} ++_ACEOF ++rm -f conftest.$ac_objext conftest$ac_exeext ++if { (ac_try="$ac_link" ++case "(($ac_try" in ++ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; ++ *) ac_try_echo=$ac_try;; ++esac ++eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 ++ (eval "$ac_link") 2>conftest.er1 ++ ac_status=$? ++ grep -v '^ *+' conftest.er1 >conftest.err ++ rm -f conftest.er1 ++ cat conftest.err >&5 ++ echo "$as_me:$LINENO: \$? = $ac_status" >&5 ++ (exit $ac_status); } && { ++ test -z "$ac_c_werror_flag" || ++ test ! -s conftest.err ++ } && test -s conftest$ac_exeext && ++ $as_test_x conftest$ac_exeext; then ++ lt_cv_ld_exported_symbols_list=yes ++else ++ echo "$as_me: failed program was:" >&5 ++sed 's/^/| /' conftest.$ac_ext >&5 ++ ++ lt_cv_ld_exported_symbols_list=no ++fi ++ ++rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ ++ conftest$ac_exeext conftest.$ac_ext ++ LDFLAGS="$save_LDFLAGS" ++ ++fi ++{ echo "$as_me:$LINENO: result: $lt_cv_ld_exported_symbols_list" >&5 ++echo "${ECHO_T}$lt_cv_ld_exported_symbols_list" >&6; } ++ case $host_os in ++ rhapsody* | darwin1.[0123]) ++ _lt_dar_allow_undefined='${wl}-undefined ${wl}suppress' ;; ++ darwin1.*) ++ _lt_dar_allow_undefined='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' ;; ++ darwin*) ++ # if running on 10.5 or later, the deployment target defaults ++ # to the OS version, if on x86, and 10.4, the deployment ++ # target defaults to 10.4. Don't you love it? ++ case ${MACOSX_DEPLOYMENT_TARGET-10.0},$host in ++ 10.0,*86*-darwin8*|10.0,*-darwin[91]*) ++ _lt_dar_allow_undefined='${wl}-undefined ${wl}dynamic_lookup' ;; ++ 10.[012]*) ++ _lt_dar_allow_undefined='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' ;; ++ 10.*) ++ _lt_dar_allow_undefined='${wl}-undefined ${wl}dynamic_lookup' ;; ++ esac ++ ;; ++ esac ++ if test "$lt_cv_apple_cc_single_mod" = "yes"; then ++ _lt_dar_single_mod='$single_module' ++ fi ++ if test "$lt_cv_ld_exported_symbols_list" = "yes"; then ++ _lt_dar_export_syms=' ${wl}-exported_symbols_list,$output_objdir/${libname}-symbols.expsym' ++ else ++ _lt_dar_export_syms="~$NMEDIT -s \$output_objdir/\${libname}-symbols.expsym \${lib}" ++ fi ++ if test "$DSYMUTIL" != ":"; then ++ _lt_dsymutil="~$DSYMUTIL \$lib || :" ++ else ++ _lt_dsymutil= ++ fi ++ ;; ++ esac ++ ++ + enable_dlopen=no + enable_win32_dll=no + +@@ -7607,7 +7924,7 @@ + echo "$lt_simple_link_test_code" >conftest.$ac_ext + eval "$ac_link" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err + _lt_linker_boilerplate=`cat conftest.err` +-$rm conftest* ++$rm -r conftest* + + + +@@ -7635,11 +7952,11 @@ + -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ + -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ + -e 's:$: $lt_compiler_flag:'` +- (eval echo "\"\$as_me:7638: $lt_compile\"" >&5) ++ (eval echo "\"\$as_me:7955: $lt_compile\"" >&5) + (eval "$lt_compile" 2>conftest.err) + ac_status=$? + cat conftest.err >&5 +- echo "$as_me:7642: \$? = $ac_status" >&5 ++ echo "$as_me:7959: \$? = $ac_status" >&5 + if (exit $ac_status) && test -s "$ac_outfile"; then + # The compiler can only warn and ignore the option if not recognized + # So say no if there are warnings other than the usual output. +@@ -7909,10 +8226,10 @@ + + { echo "$as_me:$LINENO: checking if $compiler PIC flag $lt_prog_compiler_pic works" >&5 + echo $ECHO_N "checking if $compiler PIC flag $lt_prog_compiler_pic works... $ECHO_C" >&6; } +-if test "${lt_prog_compiler_pic_works+set}" = set; then ++if test "${lt_cv_prog_compiler_pic_works+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 + else +- lt_prog_compiler_pic_works=no ++ lt_cv_prog_compiler_pic_works=no + ac_outfile=conftest.$ac_objext + echo "$lt_simple_compile_test_code" > conftest.$ac_ext + lt_compiler_flag="$lt_prog_compiler_pic -DPIC" +@@ -7925,27 +8242,27 @@ + -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ + -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ + -e 's:$: $lt_compiler_flag:'` +- (eval echo "\"\$as_me:7928: $lt_compile\"" >&5) ++ (eval echo "\"\$as_me:8245: $lt_compile\"" >&5) + (eval "$lt_compile" 2>conftest.err) + ac_status=$? + cat conftest.err >&5 +- echo "$as_me:7932: \$? = $ac_status" >&5 ++ echo "$as_me:8249: \$? = $ac_status" >&5 + if (exit $ac_status) && test -s "$ac_outfile"; then + # The compiler can only warn and ignore the option if not recognized + # So say no if there are warnings other than the usual output. + $echo "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' >conftest.exp + $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 + if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then +- lt_prog_compiler_pic_works=yes ++ lt_cv_prog_compiler_pic_works=yes + fi + fi + $rm conftest* + + fi +-{ echo "$as_me:$LINENO: result: $lt_prog_compiler_pic_works" >&5 +-echo "${ECHO_T}$lt_prog_compiler_pic_works" >&6; } ++{ echo "$as_me:$LINENO: result: $lt_cv_prog_compiler_pic_works" >&5 ++echo "${ECHO_T}$lt_cv_prog_compiler_pic_works" >&6; } + +-if test x"$lt_prog_compiler_pic_works" = xyes; then ++if test x"$lt_cv_prog_compiler_pic_works" = xyes; then + case $lt_prog_compiler_pic in + "" | " "*) ;; + *) lt_prog_compiler_pic=" $lt_prog_compiler_pic" ;; +@@ -7972,10 +8289,10 @@ + wl=$lt_prog_compiler_wl eval lt_tmp_static_flag=\"$lt_prog_compiler_static\" + { echo "$as_me:$LINENO: checking if $compiler static flag $lt_tmp_static_flag works" >&5 + echo $ECHO_N "checking if $compiler static flag $lt_tmp_static_flag works... $ECHO_C" >&6; } +-if test "${lt_prog_compiler_static_works+set}" = set; then ++if test "${lt_cv_prog_compiler_static_works+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 + else +- lt_prog_compiler_static_works=no ++ lt_cv_prog_compiler_static_works=no + save_LDFLAGS="$LDFLAGS" + LDFLAGS="$LDFLAGS $lt_tmp_static_flag" + echo "$lt_simple_link_test_code" > conftest.$ac_ext +@@ -7988,20 +8305,20 @@ + $echo "X$_lt_linker_boilerplate" | $Xsed -e '/^$/d' > conftest.exp + $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 + if diff conftest.exp conftest.er2 >/dev/null; then +- lt_prog_compiler_static_works=yes ++ lt_cv_prog_compiler_static_works=yes + fi + else +- lt_prog_compiler_static_works=yes ++ lt_cv_prog_compiler_static_works=yes + fi + fi +- $rm conftest* ++ $rm -r conftest* + LDFLAGS="$save_LDFLAGS" + + fi +-{ echo "$as_me:$LINENO: result: $lt_prog_compiler_static_works" >&5 +-echo "${ECHO_T}$lt_prog_compiler_static_works" >&6; } ++{ echo "$as_me:$LINENO: result: $lt_cv_prog_compiler_static_works" >&5 ++echo "${ECHO_T}$lt_cv_prog_compiler_static_works" >&6; } + +-if test x"$lt_prog_compiler_static_works" = xyes; then ++if test x"$lt_cv_prog_compiler_static_works" = xyes; then + : + else + lt_prog_compiler_static= +@@ -8029,11 +8346,11 @@ + -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ + -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ + -e 's:$: $lt_compiler_flag:'` +- (eval echo "\"\$as_me:8032: $lt_compile\"" >&5) ++ (eval echo "\"\$as_me:8349: $lt_compile\"" >&5) + (eval "$lt_compile" 2>out/conftest.err) + ac_status=$? + cat out/conftest.err >&5 +- echo "$as_me:8036: \$? = $ac_status" >&5 ++ echo "$as_me:8353: \$? = $ac_status" >&5 + if (exit $ac_status) && test -s out/conftest2.$ac_objext + then + # The compiler can only warn and ignore the option if not recognized +@@ -8113,12 +8430,13 @@ + # it will be wrapped by ` (' and `)$', so one must not match beginning or + # end of line. Example: `a|bc|.*d.*' will exclude the symbols `a' and `bc', + # as well as any symbol that contains `d'. +- exclude_expsyms="_GLOBAL_OFFSET_TABLE_" ++ exclude_expsyms='_GLOBAL_OFFSET_TABLE_|_GLOBAL__F[ID]_.*' + # Although _GLOBAL_OFFSET_TABLE_ is a valid symbol C name, most a.out + # platforms (ab)use it in PIC code, but their linkers get confused if + # the symbol is explicitly referenced. Since portable code cannot + # rely on this symbol name, it's probably fine to never include it in + # preloaded symbol tables. ++ # Exclude shared library initialization/finalization symbols. + extract_expsyms_cmds= + # Just being paranoid about ensuring that cc_basename is set. + for cc_temp in $compiler""; do +@@ -8177,7 +8495,7 @@ + + # See if GNU ld supports shared libraries. + case $host_os in +- aix3* | aix4* | aix5*) ++ aix[3-9]*) + # On AIX/PPC, the GNU linker is very broken + if test "$host_cpu" != ia64; then + ld_shlibs=no +@@ -8293,12 +8611,13 @@ + $echo "local: *; };" >> $output_objdir/$libname.ver~ + $CC '"$tmp_sharedflag""$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-version-script ${wl}$output_objdir/$libname.ver -o $lib' + fi ++ link_all_deplibs=no + else + ld_shlibs=no + fi + ;; + +- netbsd*) ++ netbsd* | netbsdelf*-gnu) + if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then + archive_cmds='$LD -Bshareable $libobjs $deplibs $linker_flags -o $lib' + wlarc= +@@ -8396,7 +8715,7 @@ + fi + ;; + +- aix4* | aix5*) ++ aix[4-9]*) + if test "$host_cpu" = ia64; then + # On IA64, the linker does run time linking by default, so we don't + # have to do anything special. +@@ -8416,7 +8735,7 @@ + # Test if we are trying to use run time linking or normal + # AIX style linking. If -brtl is somewhere in LDFLAGS, we + # need to do runtime linking. +- case $host_os in aix4.[23]|aix4.[23].*|aix5*) ++ case $host_os in aix4.[23]|aix4.[23].*|aix[5-9]*) + for ld_flag in $LDFLAGS; do + if (test $ld_flag = "-brtl" || test $ld_flag = "-Wl,-brtl"); then + aix_use_runtimelinking=yes +@@ -8688,11 +9007,10 @@ + link_all_deplibs=yes + if test "$GCC" = yes ; then + output_verbose_link_cmd='echo' +- archive_cmds='$CC -dynamiclib $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring' +- module_cmds='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' +- # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin lds +- archive_expsym_cmds='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -dynamiclib $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' +- module_expsym_cmds='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' ++ archive_cmds="\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring $_lt_dar_single_mod${_lt_dsymutil}" ++ module_cmds="\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags${_lt_dsymutil}" ++ archive_expsym_cmds="sed 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring ${_lt_dar_single_mod}${_lt_dar_export_syms}${_lt_dsymutil}" ++ module_expsym_cmds="sed -e 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags${_lt_dar_export_syms}${_lt_dsymutil}" + else + case $cc_basename in + xlc*) +@@ -8842,7 +9160,7 @@ + link_all_deplibs=yes + ;; + +- netbsd*) ++ netbsd* | netbsdelf*-gnu) + if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then + archive_cmds='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' # a.out + else +@@ -9212,7 +9530,7 @@ + soname_spec='${libname}${release}${shared_ext}$major' + ;; + +-aix4* | aix5*) ++aix[4-9]*) + version_type=linux + need_lib_prefix=no + need_version=no +@@ -9553,6 +9871,18 @@ + dynamic_linker='GNU/Linux ld.so' + ;; + ++netbsdelf*-gnu) ++ version_type=linux ++ need_lib_prefix=no ++ need_version=no ++ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' ++ soname_spec='${libname}${release}${shared_ext}$major' ++ shlibpath_var=LD_LIBRARY_PATH ++ shlibpath_overrides_runpath=no ++ hardcode_into_libs=yes ++ dynamic_linker='NetBSD ld.elf_so' ++ ;; ++ + netbsd*) + version_type=sunos + need_lib_prefix=no +@@ -9734,6 +10064,21 @@ + echo "${ECHO_T}$dynamic_linker" >&6; } + test "$dynamic_linker" = no && can_build_shared=no + ++if test "${lt_cv_sys_lib_search_path_spec+set}" = set; then ++ echo $ECHO_N "(cached) $ECHO_C" >&6 ++else ++ lt_cv_sys_lib_search_path_spec="$sys_lib_search_path_spec" ++fi ++ ++sys_lib_search_path_spec="$lt_cv_sys_lib_search_path_spec" ++if test "${lt_cv_sys_lib_dlsearch_path_spec+set}" = set; then ++ echo $ECHO_N "(cached) $ECHO_C" >&6 ++else ++ lt_cv_sys_lib_dlsearch_path_spec="$sys_lib_dlsearch_path_spec" ++fi ++ ++sys_lib_dlsearch_path_spec="$lt_cv_sys_lib_dlsearch_path_spec" ++ + variables_saved_for_relink="PATH $shlibpath_var $runpath_var" + if test "$GCC" = yes; then + variables_saved_for_relink="$variables_saved_for_relink GCC_EXEC_PREFIX COMPILER_PATH LIBRARY_PATH" +@@ -10053,7 +10398,7 @@ + { echo "$as_me:$LINENO: result: $ac_cv_lib_dld_shl_load" >&5 + echo "${ECHO_T}$ac_cv_lib_dld_shl_load" >&6; } + if test $ac_cv_lib_dld_shl_load = yes; then +- lt_cv_dlopen="shl_load" lt_cv_dlopen_libs="-dld" ++ lt_cv_dlopen="shl_load" lt_cv_dlopen_libs="-ldld" + else + { echo "$as_me:$LINENO: checking for dlopen" >&5 + echo $ECHO_N "checking for dlopen... $ECHO_C" >&6; } +@@ -10329,7 +10674,7 @@ + { echo "$as_me:$LINENO: result: $ac_cv_lib_dld_dld_link" >&5 + echo "${ECHO_T}$ac_cv_lib_dld_dld_link" >&6; } + if test $ac_cv_lib_dld_dld_link = yes; then +- lt_cv_dlopen="dld_link" lt_cv_dlopen_libs="-dld" ++ lt_cv_dlopen="dld_link" lt_cv_dlopen_libs="-ldld" + fi + + +@@ -10378,7 +10723,7 @@ + lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2 + lt_status=$lt_dlunknown + cat > conftest.$ac_ext <<EOF +-#line 10381 "configure" ++#line 10726 "configure" + #include "confdefs.h" + + #if HAVE_DLFCN_H +@@ -10478,7 +10823,7 @@ + lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2 + lt_status=$lt_dlunknown + cat > conftest.$ac_ext <<EOF +-#line 10481 "configure" ++#line 10826 "configure" + #include "confdefs.h" + + #if HAVE_DLFCN_H +@@ -10605,7 +10950,7 @@ + fi + ;; + +-aix4* | aix5*) ++aix[4-9]*) + if test "$host_cpu" != ia64 && test "$aix_use_runtimelinking" = no ; then + test "$enable_shared" = yes && enable_static=no + fi +@@ -10661,6 +11006,7 @@ + predeps \ + postdeps \ + compiler_lib_search_path \ ++ compiler_lib_search_dirs \ + archive_cmds \ + archive_expsym_cmds \ + postinstall_cmds \ +@@ -10721,7 +11067,7 @@ + # Generated automatically by $PROGRAM (GNU $PACKAGE $VERSION$TIMESTAMP) + # NOTE: Changes made to this file will be lost: look at ltmain.sh. + # +-# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007 ++# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008 + # Free Software Foundation, Inc. + # + # This file is part of GNU Libtool: +@@ -10957,6 +11303,10 @@ + # shared library. + postdeps=$lt_postdeps + ++# The directories searched by this compiler when creating a shared ++# library ++compiler_lib_search_dirs=$lt_compiler_lib_search_dirs ++ + # The library search path used internally by the compiler when linking + # a shared library. + compiler_lib_search_path=$lt_compiler_lib_search_path +@@ -11205,6 +11555,7 @@ + predeps_CXX= + postdeps_CXX= + compiler_lib_search_path_CXX= ++compiler_lib_search_dirs_CXX= + + # Source file extension for C++ test sources. + ac_ext=cpp +@@ -11242,7 +11593,7 @@ + echo "$lt_simple_link_test_code" >conftest.$ac_ext + eval "$ac_link" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err + _lt_linker_boilerplate=`cat conftest.err` +-$rm conftest* ++$rm -r conftest* + + + # Allow CC to be a program name with arguments. +@@ -11449,7 +11800,7 @@ + # FIXME: insert proper C++ library support + ld_shlibs_CXX=no + ;; +- aix4* | aix5*) ++ aix[4-9]*) + if test "$host_cpu" = ia64; then + # On IA64, the linker does run time linking by default, so we don't + # have to do anything special. +@@ -11462,7 +11813,7 @@ + # Test if we are trying to use run time linking or normal + # AIX style linking. If -brtl is somewhere in LDFLAGS, we + # need to do runtime linking. +- case $host_os in aix4.[23]|aix4.[23].*|aix5*) ++ case $host_os in aix4.[23]|aix4.[23].*|aix[5-9]*) + for ld_flag in $LDFLAGS; do + case $ld_flag in + *-brtl*) +@@ -11720,51 +12071,23 @@ + fi + ;; + darwin* | rhapsody*) +- case $host_os in +- rhapsody* | darwin1.[012]) +- allow_undefined_flag_CXX='${wl}-undefined ${wl}suppress' +- ;; +- *) # Darwin 1.3 on +- if test -z ${MACOSX_DEPLOYMENT_TARGET} ; then +- allow_undefined_flag_CXX='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' +- else +- case ${MACOSX_DEPLOYMENT_TARGET} in +- 10.[012]) +- allow_undefined_flag_CXX='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' +- ;; +- 10.*) +- allow_undefined_flag_CXX='${wl}-undefined ${wl}dynamic_lookup' +- ;; +- esac +- fi +- ;; +- esac + archive_cmds_need_lc_CXX=no + hardcode_direct_CXX=no + hardcode_automatic_CXX=yes + hardcode_shlibpath_var_CXX=unsupported + whole_archive_flag_spec_CXX='' + link_all_deplibs_CXX=yes +- +- if test "$GXX" = yes ; then +- lt_int_apple_cc_single_mod=no ++ allow_undefined_flag_CXX="$_lt_dar_allow_undefined" ++ if test "$GXX" = yes ; then + output_verbose_link_cmd='echo' +- if $CC -dumpspecs 2>&1 | $EGREP 'single_module' >/dev/null ; then +- lt_int_apple_cc_single_mod=yes ++ archive_cmds_CXX="\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring $_lt_dar_single_mod${_lt_dsymutil}" ++ module_cmds_CXX="\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags${_lt_dsymutil}" ++ archive_expsym_cmds_CXX="sed 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring ${_lt_dar_single_mod}${_lt_dar_export_syms}${_lt_dsymutil}" ++ module_expsym_cmds_CXX="sed -e 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags${_lt_dar_export_syms}${_lt_dsymutil}" ++ if test "$lt_cv_apple_cc_single_mod" != "yes"; then ++ archive_cmds_CXX="\$CC -r -keep_private_externs -nostdlib -o \${lib}-master.o \$libobjs~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \${lib}-master.o \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring${_lt_dsymutil}" ++ archive_expsym_cmds_CXX="sed 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC -r -keep_private_externs -nostdlib -o \${lib}-master.o \$libobjs~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \${lib}-master.o \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring${_lt_dar_export_syms}${_lt_dsymutil}" + fi +- if test "X$lt_int_apple_cc_single_mod" = Xyes ; then +- archive_cmds_CXX='$CC -dynamiclib -single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring' +- else +- archive_cmds_CXX='$CC -r -keep_private_externs -nostdlib -o ${lib}-master.o $libobjs~$CC -dynamiclib $allow_undefined_flag -o $lib ${lib}-master.o $deplibs $compiler_flags -install_name $rpath/$soname $verstring' +- fi +- module_cmds_CXX='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' +- # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin lds +- if test "X$lt_int_apple_cc_single_mod" = Xyes ; then +- archive_expsym_cmds_CXX='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -dynamiclib -single_module $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' +- else +- archive_expsym_cmds_CXX='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -r -keep_private_externs -nostdlib -o ${lib}-master.o $libobjs~$CC -dynamiclib $allow_undefined_flag -o $lib ${lib}-master.o $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' +- fi +- module_expsym_cmds_CXX='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' + else + case $cc_basename in + xlc*) +@@ -12015,7 +12338,7 @@ + export_dynamic_flag_spec_CXX='${wl}--export-dynamic' + whole_archive_flag_spec_CXX='${wl}--whole-archive$convenience ${wl}--no-whole-archive' + ;; +- pgCC*) ++ pgCC* | pgcpp*) + # Portland Group C++ compiler + archive_cmds_CXX='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname -o $lib' + archive_expsym_cmds_CXX='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname ${wl}-retain-symbols-file ${wl}$export_symbols -o $lib' +@@ -12088,7 +12411,7 @@ + ;; + esac + ;; +- netbsd*) ++ netbsd* | netbsdelf*-gnu) + if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then + archive_cmds_CXX='$LD -Bshareable -o $lib $predep_objects $libobjs $deplibs $postdep_objects $linker_flags' + wlarc= +@@ -12422,7 +12745,6 @@ + GCC_CXX="$GXX" + LD_CXX="$LD" + +- + cat > conftest.$ac_ext <<EOF + class Foo + { +@@ -12524,6 +12846,11 @@ + + $rm -f confest.$objext + ++compiler_lib_search_dirs_CXX= ++if test -n "$compiler_lib_search_path_CXX"; then ++ compiler_lib_search_dirs_CXX=`echo " ${compiler_lib_search_path_CXX}" | ${SED} -e 's! -L! !g' -e 's!^ !!'` ++fi ++ + # PORTME: override above test on systems where it is broken + case $host_os in + interix[3-9]*) +@@ -12579,7 +12906,6 @@ + ;; + esac + +- + case " $postdeps_CXX " in + *" -lc "*) archive_cmds_need_lc_CXX=no ;; + esac +@@ -12655,7 +12981,7 @@ + esac + else + case $host_os in +- aix4* | aix5*) ++ aix[4-9]*) + # All AIX code is PIC. + if test "$host_cpu" = ia64; then + # AIX 5 now supports IA64 processor +@@ -12751,7 +13077,7 @@ + lt_prog_compiler_pic_CXX='-KPIC' + lt_prog_compiler_static_CXX='-static' + ;; +- pgCC*) ++ pgCC* | pgcpp*) + # Portland Group C++ compiler. + lt_prog_compiler_wl_CXX='-Wl,' + lt_prog_compiler_pic_CXX='-fpic' +@@ -12789,7 +13115,7 @@ + ;; + esac + ;; +- netbsd*) ++ netbsd* | netbsdelf*-gnu) + ;; + osf3* | osf4* | osf5*) + case $cc_basename in +@@ -12882,10 +13208,10 @@ + + { echo "$as_me:$LINENO: checking if $compiler PIC flag $lt_prog_compiler_pic_CXX works" >&5 + echo $ECHO_N "checking if $compiler PIC flag $lt_prog_compiler_pic_CXX works... $ECHO_C" >&6; } +-if test "${lt_prog_compiler_pic_works_CXX+set}" = set; then ++if test "${lt_cv_prog_compiler_pic_works_CXX+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 + else +- lt_prog_compiler_pic_works_CXX=no ++ lt_cv_prog_compiler_pic_works_CXX=no + ac_outfile=conftest.$ac_objext + echo "$lt_simple_compile_test_code" > conftest.$ac_ext + lt_compiler_flag="$lt_prog_compiler_pic_CXX -DPIC" +@@ -12898,27 +13224,27 @@ + -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ + -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ + -e 's:$: $lt_compiler_flag:'` +- (eval echo "\"\$as_me:12901: $lt_compile\"" >&5) ++ (eval echo "\"\$as_me:13227: $lt_compile\"" >&5) + (eval "$lt_compile" 2>conftest.err) + ac_status=$? + cat conftest.err >&5 +- echo "$as_me:12905: \$? = $ac_status" >&5 ++ echo "$as_me:13231: \$? = $ac_status" >&5 + if (exit $ac_status) && test -s "$ac_outfile"; then + # The compiler can only warn and ignore the option if not recognized + # So say no if there are warnings other than the usual output. + $echo "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' >conftest.exp + $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 + if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then +- lt_prog_compiler_pic_works_CXX=yes ++ lt_cv_prog_compiler_pic_works_CXX=yes + fi + fi + $rm conftest* + + fi +-{ echo "$as_me:$LINENO: result: $lt_prog_compiler_pic_works_CXX" >&5 +-echo "${ECHO_T}$lt_prog_compiler_pic_works_CXX" >&6; } ++{ echo "$as_me:$LINENO: result: $lt_cv_prog_compiler_pic_works_CXX" >&5 ++echo "${ECHO_T}$lt_cv_prog_compiler_pic_works_CXX" >&6; } + +-if test x"$lt_prog_compiler_pic_works_CXX" = xyes; then ++if test x"$lt_cv_prog_compiler_pic_works_CXX" = xyes; then + case $lt_prog_compiler_pic_CXX in + "" | " "*) ;; + *) lt_prog_compiler_pic_CXX=" $lt_prog_compiler_pic_CXX" ;; +@@ -12945,10 +13271,10 @@ + wl=$lt_prog_compiler_wl_CXX eval lt_tmp_static_flag=\"$lt_prog_compiler_static_CXX\" + { echo "$as_me:$LINENO: checking if $compiler static flag $lt_tmp_static_flag works" >&5 + echo $ECHO_N "checking if $compiler static flag $lt_tmp_static_flag works... $ECHO_C" >&6; } +-if test "${lt_prog_compiler_static_works_CXX+set}" = set; then ++if test "${lt_cv_prog_compiler_static_works_CXX+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 + else +- lt_prog_compiler_static_works_CXX=no ++ lt_cv_prog_compiler_static_works_CXX=no + save_LDFLAGS="$LDFLAGS" + LDFLAGS="$LDFLAGS $lt_tmp_static_flag" + echo "$lt_simple_link_test_code" > conftest.$ac_ext +@@ -12961,20 +13287,20 @@ + $echo "X$_lt_linker_boilerplate" | $Xsed -e '/^$/d' > conftest.exp + $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 + if diff conftest.exp conftest.er2 >/dev/null; then +- lt_prog_compiler_static_works_CXX=yes ++ lt_cv_prog_compiler_static_works_CXX=yes + fi + else +- lt_prog_compiler_static_works_CXX=yes ++ lt_cv_prog_compiler_static_works_CXX=yes + fi + fi +- $rm conftest* ++ $rm -r conftest* + LDFLAGS="$save_LDFLAGS" + + fi +-{ echo "$as_me:$LINENO: result: $lt_prog_compiler_static_works_CXX" >&5 +-echo "${ECHO_T}$lt_prog_compiler_static_works_CXX" >&6; } ++{ echo "$as_me:$LINENO: result: $lt_cv_prog_compiler_static_works_CXX" >&5 ++echo "${ECHO_T}$lt_cv_prog_compiler_static_works_CXX" >&6; } + +-if test x"$lt_prog_compiler_static_works_CXX" = xyes; then ++if test x"$lt_cv_prog_compiler_static_works_CXX" = xyes; then + : + else + lt_prog_compiler_static_CXX= +@@ -13002,11 +13328,11 @@ + -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ + -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ + -e 's:$: $lt_compiler_flag:'` +- (eval echo "\"\$as_me:13005: $lt_compile\"" >&5) ++ (eval echo "\"\$as_me:13331: $lt_compile\"" >&5) + (eval "$lt_compile" 2>out/conftest.err) + ac_status=$? + cat out/conftest.err >&5 +- echo "$as_me:13009: \$? = $ac_status" >&5 ++ echo "$as_me:13335: \$? = $ac_status" >&5 + if (exit $ac_status) && test -s out/conftest2.$ac_objext + then + # The compiler can only warn and ignore the option if not recognized +@@ -13059,7 +13385,7 @@ + + export_symbols_cmds_CXX='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols' + case $host_os in +- aix4* | aix5*) ++ aix[4-9]*) + # If we're using GNU nm, then we don't want the "-C" option. + # -C means demangle to AIX nm, but means don't demangle with GNU nm + if $NM -V 2>&1 | grep 'GNU' > /dev/null; then +@@ -13074,10 +13400,14 @@ + cygwin* | mingw*) + export_symbols_cmds_CXX='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[BCDGRS][ ]/s/.*[ ]\([^ ]*\)/\1 DATA/;/^.*[ ]__nm__/s/^.*[ ]__nm__\([^ ]*\)[ ][^ ]*/\1 DATA/;/^I[ ]/d;/^[AITW][ ]/s/.*[ ]//'\'' | sort | uniq > $export_symbols' + ;; ++ linux* | k*bsd*-gnu) ++ link_all_deplibs_CXX=no ++ ;; + *) + export_symbols_cmds_CXX='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols' + ;; + esac ++ exclude_expsyms_CXX='_GLOBAL_OFFSET_TABLE_|_GLOBAL__F[ID]_.*' + + { echo "$as_me:$LINENO: result: $ld_shlibs_CXX" >&5 + echo "${ECHO_T}$ld_shlibs_CXX" >&6; } +@@ -13179,7 +13509,7 @@ + soname_spec='${libname}${release}${shared_ext}$major' + ;; + +-aix4* | aix5*) ++aix[4-9]*) + version_type=linux + need_lib_prefix=no + need_version=no +@@ -13519,6 +13849,18 @@ + dynamic_linker='GNU/Linux ld.so' + ;; + ++netbsdelf*-gnu) ++ version_type=linux ++ need_lib_prefix=no ++ need_version=no ++ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' ++ soname_spec='${libname}${release}${shared_ext}$major' ++ shlibpath_var=LD_LIBRARY_PATH ++ shlibpath_overrides_runpath=no ++ hardcode_into_libs=yes ++ dynamic_linker='NetBSD ld.elf_so' ++ ;; ++ + netbsd*) + version_type=sunos + need_lib_prefix=no +@@ -13700,6 +14042,21 @@ + echo "${ECHO_T}$dynamic_linker" >&6; } + test "$dynamic_linker" = no && can_build_shared=no + ++if test "${lt_cv_sys_lib_search_path_spec+set}" = set; then ++ echo $ECHO_N "(cached) $ECHO_C" >&6 ++else ++ lt_cv_sys_lib_search_path_spec="$sys_lib_search_path_spec" ++fi ++ ++sys_lib_search_path_spec="$lt_cv_sys_lib_search_path_spec" ++if test "${lt_cv_sys_lib_dlsearch_path_spec+set}" = set; then ++ echo $ECHO_N "(cached) $ECHO_C" >&6 ++else ++ lt_cv_sys_lib_dlsearch_path_spec="$sys_lib_dlsearch_path_spec" ++fi ++ ++sys_lib_dlsearch_path_spec="$lt_cv_sys_lib_dlsearch_path_spec" ++ + variables_saved_for_relink="PATH $shlibpath_var $runpath_var" + if test "$GCC" = yes; then + variables_saved_for_relink="$variables_saved_for_relink GCC_EXEC_PREFIX COMPILER_PATH LIBRARY_PATH" +@@ -13783,6 +14140,7 @@ + predeps_CXX \ + postdeps_CXX \ + compiler_lib_search_path_CXX \ ++ compiler_lib_search_dirs_CXX \ + archive_cmds_CXX \ + archive_expsym_cmds_CXX \ + postinstall_cmds_CXX \ +@@ -14031,6 +14389,10 @@ + # shared library. + postdeps=$lt_postdeps_CXX + ++# The directories searched by this compiler when creating a shared ++# library ++compiler_lib_search_dirs=$lt_compiler_lib_search_dirs_CXX ++ + # The library search path used internally by the compiler when linking + # a shared library. + compiler_lib_search_path=$lt_compiler_lib_search_path_CXX +@@ -14245,7 +14607,7 @@ + echo "$lt_simple_link_test_code" >conftest.$ac_ext + eval "$ac_link" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err + _lt_linker_boilerplate=`cat conftest.err` +-$rm conftest* ++$rm -r conftest* + + + # Allow CC to be a program name with arguments. +@@ -14283,7 +14645,7 @@ + postinstall_cmds='$RANLIB $lib' + fi + ;; +-aix4* | aix5*) ++aix[4-9]*) + if test "$host_cpu" != ia64 && test "$aix_use_runtimelinking" = no ; then + test "$enable_shared" = yes && enable_static=no + fi +@@ -14548,10 +14910,10 @@ + + { echo "$as_me:$LINENO: checking if $compiler PIC flag $lt_prog_compiler_pic_F77 works" >&5 + echo $ECHO_N "checking if $compiler PIC flag $lt_prog_compiler_pic_F77 works... $ECHO_C" >&6; } +-if test "${lt_prog_compiler_pic_works_F77+set}" = set; then ++if test "${lt_cv_prog_compiler_pic_works_F77+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 + else +- lt_prog_compiler_pic_works_F77=no ++ lt_cv_prog_compiler_pic_works_F77=no + ac_outfile=conftest.$ac_objext + echo "$lt_simple_compile_test_code" > conftest.$ac_ext + lt_compiler_flag="$lt_prog_compiler_pic_F77" +@@ -14564,27 +14926,27 @@ + -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ + -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ + -e 's:$: $lt_compiler_flag:'` +- (eval echo "\"\$as_me:14567: $lt_compile\"" >&5) ++ (eval echo "\"\$as_me:14929: $lt_compile\"" >&5) + (eval "$lt_compile" 2>conftest.err) + ac_status=$? + cat conftest.err >&5 +- echo "$as_me:14571: \$? = $ac_status" >&5 ++ echo "$as_me:14933: \$? = $ac_status" >&5 + if (exit $ac_status) && test -s "$ac_outfile"; then + # The compiler can only warn and ignore the option if not recognized + # So say no if there are warnings other than the usual output. + $echo "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' >conftest.exp + $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 + if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then +- lt_prog_compiler_pic_works_F77=yes ++ lt_cv_prog_compiler_pic_works_F77=yes + fi + fi + $rm conftest* + + fi +-{ echo "$as_me:$LINENO: result: $lt_prog_compiler_pic_works_F77" >&5 +-echo "${ECHO_T}$lt_prog_compiler_pic_works_F77" >&6; } ++{ echo "$as_me:$LINENO: result: $lt_cv_prog_compiler_pic_works_F77" >&5 ++echo "${ECHO_T}$lt_cv_prog_compiler_pic_works_F77" >&6; } + +-if test x"$lt_prog_compiler_pic_works_F77" = xyes; then ++if test x"$lt_cv_prog_compiler_pic_works_F77" = xyes; then + case $lt_prog_compiler_pic_F77 in + "" | " "*) ;; + *) lt_prog_compiler_pic_F77=" $lt_prog_compiler_pic_F77" ;; +@@ -14611,10 +14973,10 @@ + wl=$lt_prog_compiler_wl_F77 eval lt_tmp_static_flag=\"$lt_prog_compiler_static_F77\" + { echo "$as_me:$LINENO: checking if $compiler static flag $lt_tmp_static_flag works" >&5 + echo $ECHO_N "checking if $compiler static flag $lt_tmp_static_flag works... $ECHO_C" >&6; } +-if test "${lt_prog_compiler_static_works_F77+set}" = set; then ++if test "${lt_cv_prog_compiler_static_works_F77+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 + else +- lt_prog_compiler_static_works_F77=no ++ lt_cv_prog_compiler_static_works_F77=no + save_LDFLAGS="$LDFLAGS" + LDFLAGS="$LDFLAGS $lt_tmp_static_flag" + echo "$lt_simple_link_test_code" > conftest.$ac_ext +@@ -14627,20 +14989,20 @@ + $echo "X$_lt_linker_boilerplate" | $Xsed -e '/^$/d' > conftest.exp + $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 + if diff conftest.exp conftest.er2 >/dev/null; then +- lt_prog_compiler_static_works_F77=yes ++ lt_cv_prog_compiler_static_works_F77=yes + fi + else +- lt_prog_compiler_static_works_F77=yes ++ lt_cv_prog_compiler_static_works_F77=yes + fi + fi +- $rm conftest* ++ $rm -r conftest* + LDFLAGS="$save_LDFLAGS" + + fi +-{ echo "$as_me:$LINENO: result: $lt_prog_compiler_static_works_F77" >&5 +-echo "${ECHO_T}$lt_prog_compiler_static_works_F77" >&6; } ++{ echo "$as_me:$LINENO: result: $lt_cv_prog_compiler_static_works_F77" >&5 ++echo "${ECHO_T}$lt_cv_prog_compiler_static_works_F77" >&6; } + +-if test x"$lt_prog_compiler_static_works_F77" = xyes; then ++if test x"$lt_cv_prog_compiler_static_works_F77" = xyes; then + : + else + lt_prog_compiler_static_F77= +@@ -14668,11 +15030,11 @@ + -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ + -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ + -e 's:$: $lt_compiler_flag:'` +- (eval echo "\"\$as_me:14671: $lt_compile\"" >&5) ++ (eval echo "\"\$as_me:15033: $lt_compile\"" >&5) + (eval "$lt_compile" 2>out/conftest.err) + ac_status=$? + cat out/conftest.err >&5 +- echo "$as_me:14675: \$? = $ac_status" >&5 ++ echo "$as_me:15037: \$? = $ac_status" >&5 + if (exit $ac_status) && test -s out/conftest2.$ac_objext + then + # The compiler can only warn and ignore the option if not recognized +@@ -14752,12 +15114,13 @@ + # it will be wrapped by ` (' and `)$', so one must not match beginning or + # end of line. Example: `a|bc|.*d.*' will exclude the symbols `a' and `bc', + # as well as any symbol that contains `d'. +- exclude_expsyms_F77="_GLOBAL_OFFSET_TABLE_" ++ exclude_expsyms_F77='_GLOBAL_OFFSET_TABLE_|_GLOBAL__F[ID]_.*' + # Although _GLOBAL_OFFSET_TABLE_ is a valid symbol C name, most a.out + # platforms (ab)use it in PIC code, but their linkers get confused if + # the symbol is explicitly referenced. Since portable code cannot + # rely on this symbol name, it's probably fine to never include it in + # preloaded symbol tables. ++ # Exclude shared library initialization/finalization symbols. + extract_expsyms_cmds= + # Just being paranoid about ensuring that cc_basename is set. + for cc_temp in $compiler""; do +@@ -14816,7 +15179,7 @@ + + # See if GNU ld supports shared libraries. + case $host_os in +- aix3* | aix4* | aix5*) ++ aix[3-9]*) + # On AIX/PPC, the GNU linker is very broken + if test "$host_cpu" != ia64; then + ld_shlibs_F77=no +@@ -14932,12 +15295,13 @@ + $echo "local: *; };" >> $output_objdir/$libname.ver~ + $CC '"$tmp_sharedflag""$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-version-script ${wl}$output_objdir/$libname.ver -o $lib' + fi ++ link_all_deplibs_F77=no + else + ld_shlibs_F77=no + fi + ;; + +- netbsd*) ++ netbsd* | netbsdelf*-gnu) + if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then + archive_cmds_F77='$LD -Bshareable $libobjs $deplibs $linker_flags -o $lib' + wlarc= +@@ -15035,7 +15399,7 @@ + fi + ;; + +- aix4* | aix5*) ++ aix[4-9]*) + if test "$host_cpu" = ia64; then + # On IA64, the linker does run time linking by default, so we don't + # have to do anything special. +@@ -15055,7 +15419,7 @@ + # Test if we are trying to use run time linking or normal + # AIX style linking. If -brtl is somewhere in LDFLAGS, we + # need to do runtime linking. +- case $host_os in aix4.[23]|aix4.[23].*|aix5*) ++ case $host_os in aix4.[23]|aix4.[23].*|aix[5-9]*) + for ld_flag in $LDFLAGS; do + if (test $ld_flag = "-brtl" || test $ld_flag = "-Wl,-brtl"); then + aix_use_runtimelinking=yes +@@ -15307,11 +15671,10 @@ + link_all_deplibs_F77=yes + if test "$GCC" = yes ; then + output_verbose_link_cmd='echo' +- archive_cmds_F77='$CC -dynamiclib $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring' +- module_cmds_F77='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' +- # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin lds +- archive_expsym_cmds_F77='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -dynamiclib $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' +- module_expsym_cmds_F77='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' ++ archive_cmds_F77="\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring $_lt_dar_single_mod${_lt_dsymutil}" ++ module_cmds_F77="\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags${_lt_dsymutil}" ++ archive_expsym_cmds_F77="sed 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring ${_lt_dar_single_mod}${_lt_dar_export_syms}${_lt_dsymutil}" ++ module_expsym_cmds_F77="sed -e 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags${_lt_dar_export_syms}${_lt_dsymutil}" + else + case $cc_basename in + xlc*) +@@ -15461,7 +15824,7 @@ + link_all_deplibs_F77=yes + ;; + +- netbsd*) ++ netbsd* | netbsdelf*-gnu) + if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then + archive_cmds_F77='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' # a.out + else +@@ -15780,7 +16143,7 @@ + soname_spec='${libname}${release}${shared_ext}$major' + ;; + +-aix4* | aix5*) ++aix[4-9]*) + version_type=linux + need_lib_prefix=no + need_version=no +@@ -16120,6 +16483,18 @@ + dynamic_linker='GNU/Linux ld.so' + ;; + ++netbsdelf*-gnu) ++ version_type=linux ++ need_lib_prefix=no ++ need_version=no ++ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' ++ soname_spec='${libname}${release}${shared_ext}$major' ++ shlibpath_var=LD_LIBRARY_PATH ++ shlibpath_overrides_runpath=no ++ hardcode_into_libs=yes ++ dynamic_linker='NetBSD ld.elf_so' ++ ;; ++ + netbsd*) + version_type=sunos + need_lib_prefix=no +@@ -16301,6 +16676,21 @@ + echo "${ECHO_T}$dynamic_linker" >&6; } + test "$dynamic_linker" = no && can_build_shared=no + ++if test "${lt_cv_sys_lib_search_path_spec+set}" = set; then ++ echo $ECHO_N "(cached) $ECHO_C" >&6 ++else ++ lt_cv_sys_lib_search_path_spec="$sys_lib_search_path_spec" ++fi ++ ++sys_lib_search_path_spec="$lt_cv_sys_lib_search_path_spec" ++if test "${lt_cv_sys_lib_dlsearch_path_spec+set}" = set; then ++ echo $ECHO_N "(cached) $ECHO_C" >&6 ++else ++ lt_cv_sys_lib_dlsearch_path_spec="$sys_lib_dlsearch_path_spec" ++fi ++ ++sys_lib_dlsearch_path_spec="$lt_cv_sys_lib_dlsearch_path_spec" ++ + variables_saved_for_relink="PATH $shlibpath_var $runpath_var" + if test "$GCC" = yes; then + variables_saved_for_relink="$variables_saved_for_relink GCC_EXEC_PREFIX COMPILER_PATH LIBRARY_PATH" +@@ -16384,6 +16774,7 @@ + predeps_F77 \ + postdeps_F77 \ + compiler_lib_search_path_F77 \ ++ compiler_lib_search_dirs_F77 \ + archive_cmds_F77 \ + archive_expsym_cmds_F77 \ + postinstall_cmds_F77 \ +@@ -16632,6 +17023,10 @@ + # shared library. + postdeps=$lt_postdeps_F77 + ++# The directories searched by this compiler when creating a shared ++# library ++compiler_lib_search_dirs=$lt_compiler_lib_search_dirs_F77 ++ + # The library search path used internally by the compiler when linking + # a shared library. + compiler_lib_search_path=$lt_compiler_lib_search_path_F77 +@@ -16806,7 +17201,7 @@ + echo "$lt_simple_link_test_code" >conftest.$ac_ext + eval "$ac_link" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err + _lt_linker_boilerplate=`cat conftest.err` +-$rm conftest* ++$rm -r conftest* + + + # Allow CC to be a program name with arguments. +@@ -16855,11 +17250,11 @@ + -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ + -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ + -e 's:$: $lt_compiler_flag:'` +- (eval echo "\"\$as_me:16858: $lt_compile\"" >&5) ++ (eval echo "\"\$as_me:17253: $lt_compile\"" >&5) + (eval "$lt_compile" 2>conftest.err) + ac_status=$? + cat conftest.err >&5 +- echo "$as_me:16862: \$? = $ac_status" >&5 ++ echo "$as_me:17257: \$? = $ac_status" >&5 + if (exit $ac_status) && test -s "$ac_outfile"; then + # The compiler can only warn and ignore the option if not recognized + # So say no if there are warnings other than the usual output. +@@ -16919,7 +17314,7 @@ + # built for inclusion in a dll (and should export symbols for example). + # Although the cygwin gcc ignores -fPIC, still need this for old-style + # (--disable-auto-import) libraries +- lt_prog_compiler_pic_GCJ='-DDLL_EXPORT' ++ + ;; + + darwin* | rhapsody*) +@@ -16989,7 +17384,7 @@ + mingw* | cygwin* | pw32* | os2*) + # This hack is so that the source file can tell whether it is being + # built for inclusion in a dll (and should export symbols for example). +- lt_prog_compiler_pic_GCJ='-DDLL_EXPORT' ++ + ;; + + hpux9* | hpux10* | hpux11*) +@@ -17129,10 +17524,10 @@ + + { echo "$as_me:$LINENO: checking if $compiler PIC flag $lt_prog_compiler_pic_GCJ works" >&5 + echo $ECHO_N "checking if $compiler PIC flag $lt_prog_compiler_pic_GCJ works... $ECHO_C" >&6; } +-if test "${lt_prog_compiler_pic_works_GCJ+set}" = set; then ++if test "${lt_cv_prog_compiler_pic_works_GCJ+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 + else +- lt_prog_compiler_pic_works_GCJ=no ++ lt_cv_prog_compiler_pic_works_GCJ=no + ac_outfile=conftest.$ac_objext + echo "$lt_simple_compile_test_code" > conftest.$ac_ext + lt_compiler_flag="$lt_prog_compiler_pic_GCJ" +@@ -17145,27 +17540,27 @@ + -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ + -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ + -e 's:$: $lt_compiler_flag:'` +- (eval echo "\"\$as_me:17148: $lt_compile\"" >&5) ++ (eval echo "\"\$as_me:17543: $lt_compile\"" >&5) + (eval "$lt_compile" 2>conftest.err) + ac_status=$? + cat conftest.err >&5 +- echo "$as_me:17152: \$? = $ac_status" >&5 ++ echo "$as_me:17547: \$? = $ac_status" >&5 + if (exit $ac_status) && test -s "$ac_outfile"; then + # The compiler can only warn and ignore the option if not recognized + # So say no if there are warnings other than the usual output. + $echo "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' >conftest.exp + $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 + if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then +- lt_prog_compiler_pic_works_GCJ=yes ++ lt_cv_prog_compiler_pic_works_GCJ=yes + fi + fi + $rm conftest* + + fi +-{ echo "$as_me:$LINENO: result: $lt_prog_compiler_pic_works_GCJ" >&5 +-echo "${ECHO_T}$lt_prog_compiler_pic_works_GCJ" >&6; } ++{ echo "$as_me:$LINENO: result: $lt_cv_prog_compiler_pic_works_GCJ" >&5 ++echo "${ECHO_T}$lt_cv_prog_compiler_pic_works_GCJ" >&6; } + +-if test x"$lt_prog_compiler_pic_works_GCJ" = xyes; then ++if test x"$lt_cv_prog_compiler_pic_works_GCJ" = xyes; then + case $lt_prog_compiler_pic_GCJ in + "" | " "*) ;; + *) lt_prog_compiler_pic_GCJ=" $lt_prog_compiler_pic_GCJ" ;; +@@ -17192,10 +17587,10 @@ + wl=$lt_prog_compiler_wl_GCJ eval lt_tmp_static_flag=\"$lt_prog_compiler_static_GCJ\" + { echo "$as_me:$LINENO: checking if $compiler static flag $lt_tmp_static_flag works" >&5 + echo $ECHO_N "checking if $compiler static flag $lt_tmp_static_flag works... $ECHO_C" >&6; } +-if test "${lt_prog_compiler_static_works_GCJ+set}" = set; then ++if test "${lt_cv_prog_compiler_static_works_GCJ+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 + else +- lt_prog_compiler_static_works_GCJ=no ++ lt_cv_prog_compiler_static_works_GCJ=no + save_LDFLAGS="$LDFLAGS" + LDFLAGS="$LDFLAGS $lt_tmp_static_flag" + echo "$lt_simple_link_test_code" > conftest.$ac_ext +@@ -17208,20 +17603,20 @@ + $echo "X$_lt_linker_boilerplate" | $Xsed -e '/^$/d' > conftest.exp + $SED '/^$/d; /^ *+/d' conftest.err >conftest.er2 + if diff conftest.exp conftest.er2 >/dev/null; then +- lt_prog_compiler_static_works_GCJ=yes ++ lt_cv_prog_compiler_static_works_GCJ=yes + fi + else +- lt_prog_compiler_static_works_GCJ=yes ++ lt_cv_prog_compiler_static_works_GCJ=yes + fi + fi +- $rm conftest* ++ $rm -r conftest* + LDFLAGS="$save_LDFLAGS" + + fi +-{ echo "$as_me:$LINENO: result: $lt_prog_compiler_static_works_GCJ" >&5 +-echo "${ECHO_T}$lt_prog_compiler_static_works_GCJ" >&6; } ++{ echo "$as_me:$LINENO: result: $lt_cv_prog_compiler_static_works_GCJ" >&5 ++echo "${ECHO_T}$lt_cv_prog_compiler_static_works_GCJ" >&6; } + +-if test x"$lt_prog_compiler_static_works_GCJ" = xyes; then ++if test x"$lt_cv_prog_compiler_static_works_GCJ" = xyes; then + : + else + lt_prog_compiler_static_GCJ= +@@ -17249,11 +17644,11 @@ + -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ + -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ + -e 's:$: $lt_compiler_flag:'` +- (eval echo "\"\$as_me:17252: $lt_compile\"" >&5) ++ (eval echo "\"\$as_me:17647: $lt_compile\"" >&5) + (eval "$lt_compile" 2>out/conftest.err) + ac_status=$? + cat out/conftest.err >&5 +- echo "$as_me:17256: \$? = $ac_status" >&5 ++ echo "$as_me:17651: \$? = $ac_status" >&5 + if (exit $ac_status) && test -s out/conftest2.$ac_objext + then + # The compiler can only warn and ignore the option if not recognized +@@ -17333,12 +17728,13 @@ + # it will be wrapped by ` (' and `)$', so one must not match beginning or + # end of line. Example: `a|bc|.*d.*' will exclude the symbols `a' and `bc', + # as well as any symbol that contains `d'. +- exclude_expsyms_GCJ="_GLOBAL_OFFSET_TABLE_" ++ exclude_expsyms_GCJ='_GLOBAL_OFFSET_TABLE_|_GLOBAL__F[ID]_.*' + # Although _GLOBAL_OFFSET_TABLE_ is a valid symbol C name, most a.out + # platforms (ab)use it in PIC code, but their linkers get confused if + # the symbol is explicitly referenced. Since portable code cannot + # rely on this symbol name, it's probably fine to never include it in + # preloaded symbol tables. ++ # Exclude shared library initialization/finalization symbols. + extract_expsyms_cmds= + # Just being paranoid about ensuring that cc_basename is set. + for cc_temp in $compiler""; do +@@ -17397,7 +17793,7 @@ + + # See if GNU ld supports shared libraries. + case $host_os in +- aix3* | aix4* | aix5*) ++ aix[3-9]*) + # On AIX/PPC, the GNU linker is very broken + if test "$host_cpu" != ia64; then + ld_shlibs_GCJ=no +@@ -17513,12 +17909,13 @@ + $echo "local: *; };" >> $output_objdir/$libname.ver~ + $CC '"$tmp_sharedflag""$tmp_addflag"' $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-version-script ${wl}$output_objdir/$libname.ver -o $lib' + fi ++ link_all_deplibs_GCJ=no + else + ld_shlibs_GCJ=no + fi + ;; + +- netbsd*) ++ netbsd* | netbsdelf*-gnu) + if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then + archive_cmds_GCJ='$LD -Bshareable $libobjs $deplibs $linker_flags -o $lib' + wlarc= +@@ -17616,7 +18013,7 @@ + fi + ;; + +- aix4* | aix5*) ++ aix[4-9]*) + if test "$host_cpu" = ia64; then + # On IA64, the linker does run time linking by default, so we don't + # have to do anything special. +@@ -17636,7 +18033,7 @@ + # Test if we are trying to use run time linking or normal + # AIX style linking. If -brtl is somewhere in LDFLAGS, we + # need to do runtime linking. +- case $host_os in aix4.[23]|aix4.[23].*|aix5*) ++ case $host_os in aix4.[23]|aix4.[23].*|aix[5-9]*) + for ld_flag in $LDFLAGS; do + if (test $ld_flag = "-brtl" || test $ld_flag = "-Wl,-brtl"); then + aix_use_runtimelinking=yes +@@ -17908,11 +18305,10 @@ + link_all_deplibs_GCJ=yes + if test "$GCC" = yes ; then + output_verbose_link_cmd='echo' +- archive_cmds_GCJ='$CC -dynamiclib $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring' +- module_cmds_GCJ='$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags' +- # Don't fix this by using the ld -exported_symbols_list flag, it doesn't exist in older darwin lds +- archive_expsym_cmds_GCJ='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC -dynamiclib $allow_undefined_flag -o $lib $libobjs $deplibs $compiler_flags -install_name $rpath/$soname $verstring~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' +- module_expsym_cmds_GCJ='sed -e "s,#.*,," -e "s,^[ ]*,," -e "s,^\(..*\),_&," < $export_symbols > $output_objdir/${libname}-symbols.expsym~$CC $allow_undefined_flag -o $lib -bundle $libobjs $deplibs$compiler_flags~nmedit -s $output_objdir/${libname}-symbols.expsym ${lib}' ++ archive_cmds_GCJ="\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring $_lt_dar_single_mod${_lt_dsymutil}" ++ module_cmds_GCJ="\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags${_lt_dsymutil}" ++ archive_expsym_cmds_GCJ="sed 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring ${_lt_dar_single_mod}${_lt_dar_export_syms}${_lt_dsymutil}" ++ module_expsym_cmds_GCJ="sed -e 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags${_lt_dar_export_syms}${_lt_dsymutil}" + else + case $cc_basename in + xlc*) +@@ -18062,7 +18458,7 @@ + link_all_deplibs_GCJ=yes + ;; + +- netbsd*) ++ netbsd* | netbsdelf*-gnu) + if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then + archive_cmds_GCJ='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' # a.out + else +@@ -18381,7 +18777,7 @@ + soname_spec='${libname}${release}${shared_ext}$major' + ;; + +-aix4* | aix5*) ++aix[4-9]*) + version_type=linux + need_lib_prefix=no + need_version=no +@@ -18721,6 +19117,18 @@ + dynamic_linker='GNU/Linux ld.so' + ;; + ++netbsdelf*-gnu) ++ version_type=linux ++ need_lib_prefix=no ++ need_version=no ++ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' ++ soname_spec='${libname}${release}${shared_ext}$major' ++ shlibpath_var=LD_LIBRARY_PATH ++ shlibpath_overrides_runpath=no ++ hardcode_into_libs=yes ++ dynamic_linker='NetBSD ld.elf_so' ++ ;; ++ + netbsd*) + version_type=sunos + need_lib_prefix=no +@@ -18902,6 +19310,21 @@ + echo "${ECHO_T}$dynamic_linker" >&6; } + test "$dynamic_linker" = no && can_build_shared=no + ++if test "${lt_cv_sys_lib_search_path_spec+set}" = set; then ++ echo $ECHO_N "(cached) $ECHO_C" >&6 ++else ++ lt_cv_sys_lib_search_path_spec="$sys_lib_search_path_spec" ++fi ++ ++sys_lib_search_path_spec="$lt_cv_sys_lib_search_path_spec" ++if test "${lt_cv_sys_lib_dlsearch_path_spec+set}" = set; then ++ echo $ECHO_N "(cached) $ECHO_C" >&6 ++else ++ lt_cv_sys_lib_dlsearch_path_spec="$sys_lib_dlsearch_path_spec" ++fi ++ ++sys_lib_dlsearch_path_spec="$lt_cv_sys_lib_dlsearch_path_spec" ++ + variables_saved_for_relink="PATH $shlibpath_var $runpath_var" + if test "$GCC" = yes; then + variables_saved_for_relink="$variables_saved_for_relink GCC_EXEC_PREFIX COMPILER_PATH LIBRARY_PATH" +@@ -18985,6 +19408,7 @@ + predeps_GCJ \ + postdeps_GCJ \ + compiler_lib_search_path_GCJ \ ++ compiler_lib_search_dirs_GCJ \ + archive_cmds_GCJ \ + archive_expsym_cmds_GCJ \ + postinstall_cmds_GCJ \ +@@ -19233,6 +19657,10 @@ + # shared library. + postdeps=$lt_postdeps_GCJ + ++# The directories searched by this compiler when creating a shared ++# library ++compiler_lib_search_dirs=$lt_compiler_lib_search_dirs_GCJ ++ + # The library search path used internally by the compiler when linking + # a shared library. + compiler_lib_search_path=$lt_compiler_lib_search_path_GCJ +@@ -19406,7 +19834,7 @@ + echo "$lt_simple_link_test_code" >conftest.$ac_ext + eval "$ac_link" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err + _lt_linker_boilerplate=`cat conftest.err` +-$rm conftest* ++$rm -r conftest* + + + # Allow CC to be a program name with arguments. +@@ -19466,6 +19894,7 @@ + predeps_RC \ + postdeps_RC \ + compiler_lib_search_path_RC \ ++ compiler_lib_search_dirs_RC \ + archive_cmds_RC \ + archive_expsym_cmds_RC \ + postinstall_cmds_RC \ +@@ -19714,6 +20143,10 @@ + # shared library. + postdeps=$lt_postdeps_RC + ++# The directories searched by this compiler when creating a shared ++# library ++compiler_lib_search_dirs=$lt_compiler_lib_search_dirs_RC ++ + # The library search path used internally by the compiler when linking + # a shared library. + compiler_lib_search_path=$lt_compiler_lib_search_path_RC +@@ -28952,6 +29385,8 @@ + ac_delim='%!_!# ' + for ac_last_try in false false false false false :; do + cat >conf$$subs.sed <<_ACEOF ++DSYMUTIL!$DSYMUTIL$ac_delim ++NMEDIT!$NMEDIT$ac_delim + CPP!$CPP$ac_delim + CXX!$CXX$ac_delim + CXXFLAGS!$CXXFLAGS$ac_delim +@@ -29032,7 +29467,7 @@ + LTLIBOBJS!$LTLIBOBJS$ac_delim + _ACEOF + +- if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 78; then ++ if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 80; then + break + elif $ac_last_try; then + { { echo "$as_me:$LINENO: error: could not make $CONFIG_STATUS" >&5 +@@ -29433,21 +29868,22 @@ + fi + rm -f "$tmp/out12" + # Compute $ac_file's index in $config_headers. ++_am_arg=$ac_file + _am_stamp_count=1 + for _am_header in $config_headers :; do + case $_am_header in +- $ac_file | $ac_file:* ) ++ $_am_arg | $_am_arg:* ) + break ;; + * ) + _am_stamp_count=`expr $_am_stamp_count + 1` ;; + esac + done +-echo "timestamp for $ac_file" >`$as_dirname -- $ac_file || +-$as_expr X$ac_file : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ +- X$ac_file : 'X\(//\)[^/]' \| \ +- X$ac_file : 'X\(//\)$' \| \ +- X$ac_file : 'X\(/\)' \| . 2>/dev/null || +-echo X$ac_file | ++echo "timestamp for $_am_arg" >`$as_dirname -- "$_am_arg" || ++$as_expr X"$_am_arg" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ ++ X"$_am_arg" : 'X\(//\)[^/]' \| \ ++ X"$_am_arg" : 'X\(//\)$' \| \ ++ X"$_am_arg" : 'X\(/\)' \| . 2>/dev/null || ++echo X"$_am_arg" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ + s//\1/ + q +@@ -29484,7 +29920,7 @@ + # each Makefile.in and add a new line on top of each file to say so. + # Grep'ing the whole file is not good either: AIX grep has a line + # limit of 2048, but all sed's we know have understand at least 4000. +- if sed 10q "$mf" | grep '^#.*generated by automake' > /dev/null 2>&1; then ++ if sed -n 's,^#.*generated by automake.*,X,p' "$mf" | grep X >/dev/null 2>&1; then + dirpart=`$as_dirname -- "$mf" || + $as_expr X"$mf" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$mf" : 'X\(//\)[^/]' \| \ +Index: pam.deb/doc/Makefile.in +=================================================================== +--- pam.deb.orig/doc/Makefile.in ++++ pam.deb/doc/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -98,6 +98,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -150,6 +151,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -369,8 +371,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -395,8 +397,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -406,13 +408,12 @@ + CTAGS: ctags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/doc/adg/Makefile.in +=================================================================== +--- pam.deb.orig/doc/adg/Makefile.in ++++ pam.deb/doc/adg/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -75,6 +75,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -127,6 +128,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +Index: pam.deb/doc/man/Makefile.in +=================================================================== +--- pam.deb.orig/doc/man/Makefile.in ++++ pam.deb/doc/man/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -82,6 +82,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -134,6 +135,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +Index: pam.deb/doc/mwg/Makefile.in +=================================================================== +--- pam.deb.orig/doc/mwg/Makefile.in ++++ pam.deb/doc/mwg/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -75,6 +75,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -127,6 +128,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +Index: pam.deb/doc/sag/Makefile.in +=================================================================== +--- pam.deb.orig/doc/sag/Makefile.in ++++ pam.deb/doc/sag/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -75,6 +75,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -127,6 +128,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +Index: pam.deb/doc/specs/Makefile.in +=================================================================== +--- pam.deb.orig/doc/specs/Makefile.in ++++ pam.deb/doc/specs/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -60,7 +60,7 @@ + am_padout_OBJECTS = parse_l.$(OBJEXT) parse_y.$(OBJEXT) + padout_OBJECTS = $(am_padout_OBJECTS) + padout_DEPENDENCIES = +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -113,6 +113,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -165,6 +166,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -371,8 +373,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -384,8 +386,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -395,13 +397,12 @@ + CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/examples/Makefile.in +=================================================================== +--- pam.deb.orig/examples/Makefile.in ++++ pam.deb/examples/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -72,7 +72,7 @@ + xsh_OBJECTS = xsh.$(OBJEXT) + xsh_LDADD = $(LDADD) + xsh_DEPENDENCIES = +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -109,6 +109,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -161,6 +162,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -350,8 +352,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -363,8 +365,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -374,13 +376,12 @@ + CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/libpam/Makefile.in +=================================================================== +--- pam.deb.orig/libpam/Makefile.in ++++ pam.deb/libpam/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -87,7 +87,7 @@ + libpam_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ + $(libpam_la_LDFLAGS) $(LDFLAGS) -o $@ +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -126,6 +126,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -178,6 +179,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -329,8 +331,8 @@ + @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \ +- $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(libdir)/$$f"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(libdir)/$$f"; \ + else :; fi; \ + done + +@@ -338,8 +340,8 @@ + @$(NORMAL_UNINSTALL) + @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$p'"; \ +- $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$p"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$p'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$p"; \ + done + + clean-libLTLIBRARIES: +@@ -438,8 +440,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -451,8 +453,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -462,13 +464,12 @@ + CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/libpam_misc/Makefile.in +=================================================================== +--- pam.deb.orig/libpam_misc/Makefile.in ++++ pam.deb/libpam_misc/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -71,7 +71,7 @@ + libpam_misc_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ + $(libpam_misc_la_LDFLAGS) $(LDFLAGS) -o $@ +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -110,6 +110,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -162,6 +163,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -297,8 +299,8 @@ + @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \ +- $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(libdir)/$$f"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(libdir)/$$f"; \ + else :; fi; \ + done + +@@ -306,8 +308,8 @@ + @$(NORMAL_UNINSTALL) + @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$p'"; \ +- $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$p"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$p'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$p"; \ + done + + clean-libLTLIBRARIES: +@@ -379,8 +381,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -392,8 +394,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -403,13 +405,12 @@ + CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/libpamc/Makefile.in +=================================================================== +--- pam.deb.orig/libpamc/Makefile.in ++++ pam.deb/libpamc/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -71,7 +71,7 @@ + libpamc_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ + $(libpamc_la_LDFLAGS) $(LDFLAGS) -o $@ +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -120,6 +120,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -172,6 +173,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -306,8 +308,8 @@ + @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \ +- $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(libdir)/$$f"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(libdir)/$$f"; \ + else :; fi; \ + done + +@@ -315,8 +317,8 @@ + @$(NORMAL_UNINSTALL) + @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$p'"; \ +- $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$p"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$p'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$p"; \ + done + + clean-libLTLIBRARIES: +@@ -459,8 +461,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -485,8 +487,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -496,13 +498,12 @@ + CTAGS: ctags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/libpamc/test/Makefile.in +=================================================================== +--- pam.deb.orig/libpamc/test/Makefile.in ++++ pam.deb/libpamc/test/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -75,6 +75,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -127,6 +128,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +Index: pam.deb/modules/Makefile.in +=================================================================== +--- pam.deb.orig/modules/Makefile.in ++++ pam.deb/modules/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -87,6 +87,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -139,6 +140,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -349,8 +351,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -375,8 +377,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -386,13 +388,12 @@ + CTAGS: ctags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/modules/pam_access/Makefile.in +=================================================================== +--- pam.deb.orig/modules/pam_access/Makefile.in ++++ pam.deb/modules/pam_access/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -68,7 +68,7 @@ + pam_access_la_DEPENDENCIES = + pam_access_la_SOURCES = pam_access.c + pam_access_la_OBJECTS = pam_access.lo +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -111,6 +111,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -163,6 +164,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -302,8 +304,8 @@ + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ +- $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ + else :; fi; \ + done + +@@ -311,8 +313,8 @@ + @$(NORMAL_UNINSTALL) + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ +- $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ + done + + clean-securelibLTLIBRARIES: +@@ -473,8 +475,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -486,8 +488,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -497,13 +499,12 @@ + CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/modules/pam_cracklib/Makefile.in +=================================================================== +--- pam.deb.orig/modules/pam_cracklib/Makefile.in ++++ pam.deb/modules/pam_cracklib/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -68,7 +68,7 @@ + pam_cracklib_la_SOURCES = pam_cracklib.c + pam_cracklib_la_OBJECTS = pam_cracklib.lo + @HAVE_LIBCRACK_TRUE@am_pam_cracklib_la_rpath = -rpath $(securelibdir) +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -109,6 +109,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -161,6 +162,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -299,8 +301,8 @@ + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ +- $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ + else :; fi; \ + done + +@@ -308,8 +310,8 @@ + @$(NORMAL_UNINSTALL) + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ +- $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ + done + + clean-securelibLTLIBRARIES: +@@ -408,8 +410,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -421,8 +423,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -432,13 +434,12 @@ + CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/modules/pam_debug/Makefile.in +=================================================================== +--- pam.deb.orig/modules/pam_debug/Makefile.in ++++ pam.deb/modules/pam_debug/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -67,7 +67,7 @@ + pam_debug_la_DEPENDENCIES = + pam_debug_la_SOURCES = pam_debug.c + pam_debug_la_OBJECTS = pam_debug.lo +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -108,6 +108,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -160,6 +161,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -296,8 +298,8 @@ + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ +- $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ + else :; fi; \ + done + +@@ -305,8 +307,8 @@ + @$(NORMAL_UNINSTALL) + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ +- $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ + done + + clean-securelibLTLIBRARIES: +@@ -405,8 +407,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -418,8 +420,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -429,13 +431,12 @@ + CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/modules/pam_deny/Makefile.in +=================================================================== +--- pam.deb.orig/modules/pam_deny/Makefile.in ++++ pam.deb/modules/pam_deny/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -67,7 +67,7 @@ + pam_deny_la_DEPENDENCIES = + pam_deny_la_SOURCES = pam_deny.c + pam_deny_la_OBJECTS = pam_deny.lo +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -108,6 +108,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -160,6 +161,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -296,8 +298,8 @@ + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ +- $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ + else :; fi; \ + done + +@@ -305,8 +307,8 @@ + @$(NORMAL_UNINSTALL) + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ +- $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ + done + + clean-securelibLTLIBRARIES: +@@ -405,8 +407,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -418,8 +420,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -429,13 +431,12 @@ + CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/modules/pam_echo/Makefile.in +=================================================================== +--- pam.deb.orig/modules/pam_echo/Makefile.in ++++ pam.deb/modules/pam_echo/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -67,7 +67,7 @@ + pam_echo_la_DEPENDENCIES = + pam_echo_la_SOURCES = pam_echo.c + pam_echo_la_OBJECTS = pam_echo.lo +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -108,6 +108,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -160,6 +161,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -296,8 +298,8 @@ + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ +- $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ + else :; fi; \ + done + +@@ -305,8 +307,8 @@ + @$(NORMAL_UNINSTALL) + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ +- $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ + done + + clean-securelibLTLIBRARIES: +@@ -405,8 +407,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -418,8 +420,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -429,13 +431,12 @@ + CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/modules/pam_env/Makefile.in +=================================================================== +--- pam.deb.orig/modules/pam_env/Makefile.in ++++ pam.deb/modules/pam_env/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -69,7 +69,7 @@ + pam_env_la_DEPENDENCIES = + pam_env_la_SOURCES = pam_env.c + pam_env_la_OBJECTS = pam_env.lo +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -113,6 +113,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -165,6 +166,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -305,8 +307,8 @@ + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ +- $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ + else :; fi; \ + done + +@@ -314,8 +316,8 @@ + @$(NORMAL_UNINSTALL) + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ +- $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ + done + + clean-securelibLTLIBRARIES: +@@ -493,8 +495,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -506,8 +508,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -517,13 +519,12 @@ + CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/modules/pam_exec/Makefile.in +=================================================================== +--- pam.deb.orig/modules/pam_exec/Makefile.in ++++ pam.deb/modules/pam_exec/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -67,7 +67,7 @@ + pam_exec_la_DEPENDENCIES = + pam_exec_la_SOURCES = pam_exec.c + pam_exec_la_OBJECTS = pam_exec.lo +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -108,6 +108,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -160,6 +161,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -296,8 +298,8 @@ + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ +- $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ + else :; fi; \ + done + +@@ -305,8 +307,8 @@ + @$(NORMAL_UNINSTALL) + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ +- $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ + done + + clean-securelibLTLIBRARIES: +@@ -405,8 +407,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -418,8 +420,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -429,13 +431,12 @@ + CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/modules/pam_faildelay/Makefile.in +=================================================================== +--- pam.deb.orig/modules/pam_faildelay/Makefile.in ++++ pam.deb/modules/pam_faildelay/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -67,7 +67,7 @@ + pam_faildelay_la_DEPENDENCIES = + pam_faildelay_la_SOURCES = pam_faildelay.c + pam_faildelay_la_OBJECTS = pam_faildelay.lo +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -108,6 +108,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -160,6 +161,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -296,8 +298,8 @@ + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ +- $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ + else :; fi; \ + done + +@@ -305,8 +307,8 @@ + @$(NORMAL_UNINSTALL) + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ +- $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ + done + + clean-securelibLTLIBRARIES: +@@ -405,8 +407,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -418,8 +420,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -429,13 +431,12 @@ + CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/modules/pam_filter/Makefile.in +=================================================================== +--- pam.deb.orig/modules/pam_filter/Makefile.in ++++ pam.deb/modules/pam_filter/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -70,7 +70,7 @@ + pam_filter_la_DEPENDENCIES = + pam_filter_la_SOURCES = pam_filter.c + pam_filter_la_OBJECTS = pam_filter.lo +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -123,6 +123,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -175,6 +176,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -313,8 +315,8 @@ + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ +- $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ + else :; fi; \ + done + +@@ -322,8 +324,8 @@ + @$(NORMAL_UNINSTALL) + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ +- $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ + done + + clean-securelibLTLIBRARIES: +@@ -509,8 +511,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -535,8 +537,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -546,13 +548,12 @@ + CTAGS: ctags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/modules/pam_filter/upperLOWER/Makefile.in +=================================================================== +--- pam.deb.orig/modules/pam_filter/upperLOWER/Makefile.in ++++ pam.deb/modules/pam_filter/upperLOWER/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -61,7 +61,7 @@ + upperLOWER_OBJECTS = upperLOWER.$(OBJEXT) + upperLOWER_LDADD = $(LDADD) + upperLOWER_DEPENDENCIES = +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -98,6 +98,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -150,6 +151,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -284,8 +286,8 @@ + || test -f $$p1 \ + ; then \ + f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ +- echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(securelibfilterPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(securelibfilterdir)/$$f'"; \ +- $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(securelibfilterPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(securelibfilterdir)/$$f" || exit 1; \ ++ echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibfilterPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(securelibfilterdir)/$$f'"; \ ++ $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibfilterPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(securelibfilterdir)/$$f" || exit 1; \ + else :; fi; \ + done + +@@ -347,8 +349,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -360,8 +362,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -371,13 +373,12 @@ + CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/modules/pam_ftp/Makefile.in +=================================================================== +--- pam.deb.orig/modules/pam_ftp/Makefile.in ++++ pam.deb/modules/pam_ftp/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -67,7 +67,7 @@ + pam_ftp_la_DEPENDENCIES = + pam_ftp_la_SOURCES = pam_ftp.c + pam_ftp_la_OBJECTS = pam_ftp.lo +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -108,6 +108,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -160,6 +161,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -296,8 +298,8 @@ + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ +- $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ + else :; fi; \ + done + +@@ -305,8 +307,8 @@ + @$(NORMAL_UNINSTALL) + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ +- $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ + done + + clean-securelibLTLIBRARIES: +@@ -405,8 +407,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -418,8 +420,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -429,13 +431,12 @@ + CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/modules/pam_group/Makefile.in +=================================================================== +--- pam.deb.orig/modules/pam_group/Makefile.in ++++ pam.deb/modules/pam_group/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -68,7 +68,7 @@ + pam_group_la_DEPENDENCIES = + pam_group_la_SOURCES = pam_group.c + pam_group_la_OBJECTS = pam_group.lo +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -111,6 +111,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -163,6 +164,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -302,8 +304,8 @@ + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ +- $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ + else :; fi; \ + done + +@@ -311,8 +313,8 @@ + @$(NORMAL_UNINSTALL) + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ +- $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ + done + + clean-securelibLTLIBRARIES: +@@ -473,8 +475,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -486,8 +488,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -497,13 +499,12 @@ + CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/modules/pam_issue/Makefile.in +=================================================================== +--- pam.deb.orig/modules/pam_issue/Makefile.in ++++ pam.deb/modules/pam_issue/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -67,7 +67,7 @@ + pam_issue_la_DEPENDENCIES = + pam_issue_la_SOURCES = pam_issue.c + pam_issue_la_OBJECTS = pam_issue.lo +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -108,6 +108,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -160,6 +161,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -296,8 +298,8 @@ + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ +- $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ + else :; fi; \ + done + +@@ -305,8 +307,8 @@ + @$(NORMAL_UNINSTALL) + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ +- $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ + done + + clean-securelibLTLIBRARIES: +@@ -405,8 +407,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -418,8 +420,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -429,13 +431,12 @@ + CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/modules/pam_keyinit/Makefile.in +=================================================================== +--- pam.deb.orig/modules/pam_keyinit/Makefile.in ++++ pam.deb/modules/pam_keyinit/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -69,7 +69,7 @@ + pam_keyinit_la_OBJECTS = pam_keyinit.lo + @HAVE_KEY_MANAGEMENT_TRUE@am_pam_keyinit_la_rpath = -rpath \ + @HAVE_KEY_MANAGEMENT_TRUE@ $(securelibdir) +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -110,6 +110,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -162,6 +163,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -298,8 +300,8 @@ + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ +- $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ + else :; fi; \ + done + +@@ -307,8 +309,8 @@ + @$(NORMAL_UNINSTALL) + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ +- $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ + done + + clean-securelibLTLIBRARIES: +@@ -407,8 +409,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -420,8 +422,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -431,13 +433,12 @@ + CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/modules/pam_lastlog/Makefile.in +=================================================================== +--- pam.deb.orig/modules/pam_lastlog/Makefile.in ++++ pam.deb/modules/pam_lastlog/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -67,7 +67,7 @@ + pam_lastlog_la_DEPENDENCIES = + pam_lastlog_la_SOURCES = pam_lastlog.c + pam_lastlog_la_OBJECTS = pam_lastlog.lo +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -108,6 +108,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -160,6 +161,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -296,8 +298,8 @@ + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ +- $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ + else :; fi; \ + done + +@@ -305,8 +307,8 @@ + @$(NORMAL_UNINSTALL) + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ +- $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ + done + + clean-securelibLTLIBRARIES: +@@ -405,8 +407,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -418,8 +420,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -429,13 +431,12 @@ + CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/modules/pam_limits/Makefile.in +=================================================================== +--- pam.deb.orig/modules/pam_limits/Makefile.in ++++ pam.deb/modules/pam_limits/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -68,7 +68,7 @@ + pam_limits_la_DEPENDENCIES = + pam_limits_la_SOURCES = pam_limits.c + pam_limits_la_OBJECTS = pam_limits.lo +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -111,6 +111,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -163,6 +164,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -304,8 +306,8 @@ + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ +- $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ + else :; fi; \ + done + +@@ -313,8 +315,8 @@ + @$(NORMAL_UNINSTALL) + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ +- $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ + done + + clean-securelibLTLIBRARIES: +@@ -475,8 +477,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -488,8 +490,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -499,13 +501,12 @@ + CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/modules/pam_listfile/Makefile.in +=================================================================== +--- pam.deb.orig/modules/pam_listfile/Makefile.in ++++ pam.deb/modules/pam_listfile/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -67,7 +67,7 @@ + pam_listfile_la_DEPENDENCIES = + pam_listfile_la_SOURCES = pam_listfile.c + pam_listfile_la_OBJECTS = pam_listfile.lo +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -108,6 +108,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -160,6 +161,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -296,8 +298,8 @@ + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ +- $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ + else :; fi; \ + done + +@@ -305,8 +307,8 @@ + @$(NORMAL_UNINSTALL) + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ +- $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ + done + + clean-securelibLTLIBRARIES: +@@ -405,8 +407,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -418,8 +420,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -429,13 +431,12 @@ + CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/modules/pam_localuser/Makefile.in +=================================================================== +--- pam.deb.orig/modules/pam_localuser/Makefile.in ++++ pam.deb/modules/pam_localuser/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -67,7 +67,7 @@ + pam_localuser_la_DEPENDENCIES = + pam_localuser_la_SOURCES = pam_localuser.c + pam_localuser_la_OBJECTS = pam_localuser.lo +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -108,6 +108,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -160,6 +161,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -296,8 +298,8 @@ + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ +- $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ + else :; fi; \ + done + +@@ -305,8 +307,8 @@ + @$(NORMAL_UNINSTALL) + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ +- $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ + done + + clean-securelibLTLIBRARIES: +@@ -405,8 +407,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -418,8 +420,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -429,13 +431,12 @@ + CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/modules/pam_loginuid/Makefile.in +=================================================================== +--- pam.deb.orig/modules/pam_loginuid/Makefile.in ++++ pam.deb/modules/pam_loginuid/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -67,7 +67,7 @@ + pam_loginuid_la_DEPENDENCIES = + pam_loginuid_la_SOURCES = pam_loginuid.c + pam_loginuid_la_OBJECTS = pam_loginuid.lo +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -108,6 +108,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -160,6 +161,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -296,8 +298,8 @@ + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ +- $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ + else :; fi; \ + done + +@@ -305,8 +307,8 @@ + @$(NORMAL_UNINSTALL) + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ +- $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ + done + + clean-securelibLTLIBRARIES: +@@ -405,8 +407,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -418,8 +420,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -429,13 +431,12 @@ + CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/modules/pam_mail/Makefile.in +=================================================================== +--- pam.deb.orig/modules/pam_mail/Makefile.in ++++ pam.deb/modules/pam_mail/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -67,7 +67,7 @@ + pam_mail_la_DEPENDENCIES = + pam_mail_la_SOURCES = pam_mail.c + pam_mail_la_OBJECTS = pam_mail.lo +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -108,6 +108,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -160,6 +161,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -296,8 +298,8 @@ + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ +- $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ + else :; fi; \ + done + +@@ -305,8 +307,8 @@ + @$(NORMAL_UNINSTALL) + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ +- $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ + done + + clean-securelibLTLIBRARIES: +@@ -405,8 +407,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -418,8 +420,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -429,13 +431,12 @@ + CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/modules/pam_mkhomedir/Makefile.in +=================================================================== +--- pam.deb.orig/modules/pam_mkhomedir/Makefile.in ++++ pam.deb/modules/pam_mkhomedir/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -67,7 +67,7 @@ + pam_mkhomedir_la_DEPENDENCIES = + am_pam_mkhomedir_la_OBJECTS = pam_mkhomedir.lo + pam_mkhomedir_la_OBJECTS = $(am_pam_mkhomedir_la_OBJECTS) +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -108,6 +108,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -160,6 +161,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -297,8 +299,8 @@ + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ +- $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ + else :; fi; \ + done + +@@ -306,8 +308,8 @@ + @$(NORMAL_UNINSTALL) + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ +- $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ + done + + clean-securelibLTLIBRARIES: +@@ -406,8 +408,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -419,8 +421,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -430,13 +432,12 @@ + CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/modules/pam_motd/Makefile.in +=================================================================== +--- pam.deb.orig/modules/pam_motd/Makefile.in ++++ pam.deb/modules/pam_motd/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -67,7 +67,7 @@ + pam_motd_la_DEPENDENCIES = + pam_motd_la_SOURCES = pam_motd.c + pam_motd_la_OBJECTS = pam_motd.lo +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -108,6 +108,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -160,6 +161,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -296,8 +298,8 @@ + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ +- $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ + else :; fi; \ + done + +@@ -305,8 +307,8 @@ + @$(NORMAL_UNINSTALL) + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ +- $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ + done + + clean-securelibLTLIBRARIES: +@@ -405,8 +407,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -418,8 +420,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -429,13 +431,12 @@ + CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/modules/pam_namespace/Makefile.in +=================================================================== +--- pam.deb.orig/modules/pam_namespace/Makefile.in ++++ pam.deb/modules/pam_namespace/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -78,7 +78,7 @@ + @HAVE_UNSHARE_TRUE@am_pam_namespace_la_rpath = -rpath $(securelibdir) + secureconfSCRIPT_INSTALL = $(INSTALL_SCRIPT) + SCRIPTS = $(secureconf_SCRIPTS) +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -123,6 +123,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -175,6 +176,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -321,8 +323,8 @@ + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ +- $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ + else :; fi; \ + done + +@@ -330,8 +332,8 @@ + @$(NORMAL_UNINSTALL) + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ +- $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ + done + + clean-securelibLTLIBRARIES: +@@ -530,8 +532,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -543,8 +545,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -554,13 +556,12 @@ + CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/modules/pam_nologin/Makefile.in +=================================================================== +--- pam.deb.orig/modules/pam_nologin/Makefile.in ++++ pam.deb/modules/pam_nologin/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -67,7 +67,7 @@ + pam_nologin_la_DEPENDENCIES = + pam_nologin_la_SOURCES = pam_nologin.c + pam_nologin_la_OBJECTS = pam_nologin.lo +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -108,6 +108,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -160,6 +161,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -296,8 +298,8 @@ + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ +- $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ + else :; fi; \ + done + +@@ -305,8 +307,8 @@ + @$(NORMAL_UNINSTALL) + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ +- $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ + done + + clean-securelibLTLIBRARIES: +@@ -405,8 +407,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -418,8 +420,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -429,13 +431,12 @@ + CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/modules/pam_permit/Makefile.in +=================================================================== +--- pam.deb.orig/modules/pam_permit/Makefile.in ++++ pam.deb/modules/pam_permit/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -67,7 +67,7 @@ + pam_permit_la_DEPENDENCIES = + pam_permit_la_SOURCES = pam_permit.c + pam_permit_la_OBJECTS = pam_permit.lo +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -108,6 +108,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -160,6 +161,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -296,8 +298,8 @@ + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ +- $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ + else :; fi; \ + done + +@@ -305,8 +307,8 @@ + @$(NORMAL_UNINSTALL) + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ +- $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ + done + + clean-securelibLTLIBRARIES: +@@ -405,8 +407,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -418,8 +420,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -429,13 +431,12 @@ + CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/modules/pam_rhosts/Makefile.in +=================================================================== +--- pam.deb.orig/modules/pam_rhosts/Makefile.in ++++ pam.deb/modules/pam_rhosts/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -67,7 +67,7 @@ + pam_rhosts_la_DEPENDENCIES = + pam_rhosts_la_SOURCES = pam_rhosts.c + pam_rhosts_la_OBJECTS = pam_rhosts.lo +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -108,6 +108,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -160,6 +161,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -296,8 +298,8 @@ + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ +- $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ + else :; fi; \ + done + +@@ -305,8 +307,8 @@ + @$(NORMAL_UNINSTALL) + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ +- $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ + done + + clean-securelibLTLIBRARIES: +@@ -405,8 +407,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -418,8 +420,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -429,13 +431,12 @@ + CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/modules/pam_rootok/Makefile.in +=================================================================== +--- pam.deb.orig/modules/pam_rootok/Makefile.in ++++ pam.deb/modules/pam_rootok/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -68,7 +68,7 @@ + pam_rootok_la_DEPENDENCIES = + pam_rootok_la_SOURCES = pam_rootok.c + pam_rootok_la_OBJECTS = pam_rootok.lo +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -109,6 +109,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -161,6 +162,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -298,8 +300,8 @@ + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ +- $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ + else :; fi; \ + done + +@@ -307,8 +309,8 @@ + @$(NORMAL_UNINSTALL) + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ +- $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ + done + + clean-securelibLTLIBRARIES: +@@ -407,8 +409,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -420,8 +422,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -431,13 +433,12 @@ + CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/modules/pam_securetty/Makefile.in +=================================================================== +--- pam.deb.orig/modules/pam_securetty/Makefile.in ++++ pam.deb/modules/pam_securetty/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -65,9 +65,9 @@ + securelibLTLIBRARIES_INSTALL = $(INSTALL) + LTLIBRARIES = $(securelib_LTLIBRARIES) + pam_securetty_la_DEPENDENCIES = +-pam_securetty_la_SOURCES = pam_securetty.c +-pam_securetty_la_OBJECTS = pam_securetty.lo +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++am_pam_securetty_la_OBJECTS = pam_securetty.lo tty_secure.lo ++pam_securetty_la_OBJECTS = $(am_pam_securetty_la_OBJECTS) ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -79,8 +79,8 @@ + LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ + $(LDFLAGS) -o $@ +-SOURCES = pam_securetty.c +-DIST_SOURCES = pam_securetty.c ++SOURCES = $(pam_securetty_la_SOURCES) ++DIST_SOURCES = $(pam_securetty_la_SOURCES) + man8dir = $(mandir)/man8 + NROFF = nroff + MANS = $(man_MANS) +@@ -108,6 +108,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -160,6 +161,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -256,6 +258,10 @@ + AM_LDFLAGS = -no-undefined -avoid-version -module $(am__append_1) + securelib_LTLIBRARIES = pam_securetty.la + pam_securetty_la_LIBADD = -L$(top_builddir)/libpam -lpam ++pam_securetty_la_SOURCES = \ ++ pam_securetty.c \ ++ tty_secure.c ++ + @ENABLE_REGENERATE_MAN_TRUE@noinst_DATA = README + all: all-am + +@@ -296,8 +302,8 @@ + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ +- $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ + else :; fi; \ + done + +@@ -305,8 +311,8 @@ + @$(NORMAL_UNINSTALL) + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ +- $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ + done + + clean-securelibLTLIBRARIES: +@@ -327,6 +333,7 @@ + -rm -f *.tab.c + + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_securetty.Plo@am__quote@ ++@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tty_secure.Plo@am__quote@ + + .c.o: + @am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@@ -405,8 +412,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -418,8 +425,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -429,13 +436,12 @@ + CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/modules/pam_selinux/Makefile.in +=================================================================== +--- pam.deb.orig/modules/pam_selinux/Makefile.in ++++ pam.deb/modules/pam_selinux/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -80,7 +80,7 @@ + pam_selinux_check_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ + $(pam_selinux_check_LDFLAGS) $(LDFLAGS) -o $@ +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -121,6 +121,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -173,6 +174,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -319,8 +321,8 @@ + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ +- $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ + else :; fi; \ + done + +@@ -328,8 +330,8 @@ + @$(NORMAL_UNINSTALL) + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ +- $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ + done + + clean-securelibLTLIBRARIES: +@@ -439,8 +441,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -452,8 +454,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -463,13 +465,12 @@ + CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/modules/pam_shells/Makefile.in +=================================================================== +--- pam.deb.orig/modules/pam_shells/Makefile.in ++++ pam.deb/modules/pam_shells/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -67,7 +67,7 @@ + pam_shells_la_DEPENDENCIES = + pam_shells_la_SOURCES = pam_shells.c + pam_shells_la_OBJECTS = pam_shells.lo +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -108,6 +108,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -160,6 +161,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -296,8 +298,8 @@ + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ +- $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ + else :; fi; \ + done + +@@ -305,8 +307,8 @@ + @$(NORMAL_UNINSTALL) + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ +- $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ + done + + clean-securelibLTLIBRARIES: +@@ -405,8 +407,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -418,8 +420,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -429,13 +431,12 @@ + CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/modules/pam_stress/Makefile.in +=================================================================== +--- pam.deb.orig/modules/pam_stress/Makefile.in ++++ pam.deb/modules/pam_stress/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -66,7 +66,7 @@ + pam_stress_la_DEPENDENCIES = + pam_stress_la_SOURCES = pam_stress.c + pam_stress_la_OBJECTS = pam_stress.lo +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -103,6 +103,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -155,6 +156,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -288,8 +290,8 @@ + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ +- $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ + else :; fi; \ + done + +@@ -297,8 +299,8 @@ + @$(NORMAL_UNINSTALL) + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ +- $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ + done + + clean-securelibLTLIBRARIES: +@@ -352,8 +354,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -365,8 +367,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -376,13 +378,12 @@ + CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/modules/pam_succeed_if/Makefile.in +=================================================================== +--- pam.deb.orig/modules/pam_succeed_if/Makefile.in ++++ pam.deb/modules/pam_succeed_if/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -67,7 +67,7 @@ + pam_succeed_if_la_DEPENDENCIES = + pam_succeed_if_la_SOURCES = pam_succeed_if.c + pam_succeed_if_la_OBJECTS = pam_succeed_if.lo +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -108,6 +108,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -160,6 +161,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -296,8 +298,8 @@ + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ +- $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ + else :; fi; \ + done + +@@ -305,8 +307,8 @@ + @$(NORMAL_UNINSTALL) + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ +- $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ + done + + clean-securelibLTLIBRARIES: +@@ -405,8 +407,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -418,8 +420,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -429,13 +431,12 @@ + CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/modules/pam_tally/Makefile.in +=================================================================== +--- pam.deb.orig/modules/pam_tally/Makefile.in ++++ pam.deb/modules/pam_tally/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -80,7 +80,7 @@ + am_pam_tally_OBJECTS = pam_tally_app.$(OBJEXT) + pam_tally_OBJECTS = $(am_pam_tally_OBJECTS) + pam_tally_LDADD = $(LDADD) +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -122,6 +122,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -174,6 +175,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -313,8 +315,8 @@ + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ +- $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ + else :; fi; \ + done + +@@ -322,8 +324,8 @@ + @$(NORMAL_UNINSTALL) + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ +- $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ + done + + clean-securelibLTLIBRARIES: +@@ -345,8 +347,8 @@ + || test -f $$p1 \ + ; then \ + f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ +- echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(sbindir)/$$f'"; \ +- $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(sbindir)/$$f" || exit 1; \ ++ echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(sbinPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(sbindir)/$$f'"; \ ++ $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(sbinPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(sbindir)/$$f" || exit 1; \ + else :; fi; \ + done + +@@ -454,8 +456,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -467,8 +469,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -478,13 +480,12 @@ + CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/modules/pam_time/Makefile.in +=================================================================== +--- pam.deb.orig/modules/pam_time/Makefile.in ++++ pam.deb/modules/pam_time/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -68,7 +68,7 @@ + pam_time_la_DEPENDENCIES = + pam_time_la_SOURCES = pam_time.c + pam_time_la_OBJECTS = pam_time.lo +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -111,6 +111,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -163,6 +164,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -302,8 +304,8 @@ + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ +- $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ + else :; fi; \ + done + +@@ -311,8 +313,8 @@ + @$(NORMAL_UNINSTALL) + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ +- $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ + done + + clean-securelibLTLIBRARIES: +@@ -473,8 +475,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -486,8 +488,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -497,13 +499,12 @@ + CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/modules/pam_umask/Makefile.in +=================================================================== +--- pam.deb.orig/modules/pam_umask/Makefile.in ++++ pam.deb/modules/pam_umask/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -67,7 +67,7 @@ + pam_umask_la_DEPENDENCIES = + pam_umask_la_SOURCES = pam_umask.c + pam_umask_la_OBJECTS = pam_umask.lo +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -108,6 +108,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -160,6 +161,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -296,8 +298,8 @@ + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ +- $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ + else :; fi; \ + done + +@@ -305,8 +307,8 @@ + @$(NORMAL_UNINSTALL) + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ +- $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ + done + + clean-securelibLTLIBRARIES: +@@ -405,8 +407,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -418,8 +420,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -429,13 +431,12 @@ + CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/modules/pam_unix/Makefile.in +=================================================================== +--- pam.deb.orig/modules/pam_unix/Makefile.in ++++ pam.deb/modules/pam_unix/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -40,8 +40,7 @@ + build_triplet = @build@ + host_triplet = @host@ + @HAVE_LIBSELINUX_TRUE@am__append_1 = -D"WITH_SELINUX" +-@HAVE_LIBCRACK_TRUE@am__append_2 = -D"USE_CRACKLIB" +-@HAVE_VERSIONING_TRUE@am__append_3 = -Wl,--version-script=$(srcdir)/../modules.map ++@HAVE_VERSIONING_TRUE@am__append_2 = -Wl,--version-script=$(srcdir)/../modules.map + sbin_PROGRAMS = unix_chkpwd$(EXEEXT) unix_update$(EXEEXT) + noinst_PROGRAMS = bigcrypt$(EXEEXT) + subdir = modules/pam_unix +@@ -72,10 +71,10 @@ + "$(DESTDIR)$(man8dir)" + securelibLTLIBRARIES_INSTALL = $(INSTALL) + LTLIBRARIES = $(securelib_LTLIBRARIES) +-pam_unix_la_DEPENDENCIES = ++pam_unix_la_DEPENDENCIES = ../pam_securetty/tty_secure.lo + am_pam_unix_la_OBJECTS = bigcrypt.lo pam_unix_acct.lo pam_unix_auth.lo \ + pam_unix_passwd.lo pam_unix_sess.lo support.lo passverify.lo \ +- yppasswd_xdr.lo md5_good.lo md5_broken.lo ++ yppasswd_xdr.lo md5_good.lo md5_broken.lo obscure.lo + pam_unix_la_OBJECTS = $(am_pam_unix_la_OBJECTS) + pam_unix_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ +@@ -109,7 +108,7 @@ + unix_update_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=link $(CCLD) $(unix_update_CFLAGS) \ + $(CFLAGS) $(unix_update_LDFLAGS) $(LDFLAGS) -o $@ +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -153,6 +152,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -205,6 +205,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -302,18 +303,18 @@ + AM_CFLAGS = -I$(top_srcdir)/libpam/include \ + -I$(top_srcdir)/libpamc/include \ + -DCHKPWD_HELPER=\"$(sbindir)/unix_chkpwd\" \ +- -DUPDATE_HELPER=\"$(sbindir)/unix_update\" $(am__append_1) \ +- $(am__append_2) ++ -DUPDATE_HELPER=\"$(sbindir)/unix_update\" $(am__append_1) + pam_unix_la_LDFLAGS = -no-undefined -avoid-version -module \ +- $(am__append_3) +-pam_unix_la_LIBADD = @LIBCRACK@ @LIBNSL@ -L$(top_builddir)/libpam -lpam \ +- @LIBCRYPT@ @LIBSELINUX@ ++ $(am__append_2) ++pam_unix_la_LIBADD = @LIBNSL@ -L$(top_builddir)/libpam -lpam \ ++ @LIBCRYPT@ @LIBSELINUX@ \ ++ ../pam_securetty/tty_secure.lo + + securelib_LTLIBRARIES = pam_unix.la + noinst_HEADERS = md5.h support.h yppasswd.h bigcrypt.h passverify.h + pam_unix_la_SOURCES = bigcrypt.c pam_unix_acct.c \ + pam_unix_auth.c pam_unix_passwd.c pam_unix_sess.c support.c \ +- passverify.c yppasswd_xdr.c md5_good.c md5_broken.c ++ passverify.c yppasswd_xdr.c md5_good.c md5_broken.c obscure.c + + bigcrypt_SOURCES = bigcrypt.c bigcrypt_main.c + bigcrypt_CFLAGS = $(AM_CFLAGS) +@@ -370,8 +371,8 @@ + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ +- $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ + else :; fi; \ + done + +@@ -379,8 +380,8 @@ + @$(NORMAL_UNINSTALL) + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ +- $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ + done + + clean-securelibLTLIBRARIES: +@@ -409,8 +410,8 @@ + || test -f $$p1 \ + ; then \ + f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ +- echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(sbindir)/$$f'"; \ +- $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(sbindir)/$$f" || exit 1; \ ++ echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(sbinPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(sbindir)/$$f'"; \ ++ $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(sbinPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(sbindir)/$$f" || exit 1; \ + else :; fi; \ + done + +@@ -449,6 +450,7 @@ + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bigcrypt.Plo@am__quote@ + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/md5_broken.Plo@am__quote@ + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/md5_good.Plo@am__quote@ ++@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/obscure.Plo@am__quote@ + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_unix_acct.Plo@am__quote@ + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_unix_auth.Plo@am__quote@ + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_unix_passwd.Plo@am__quote@ +@@ -712,8 +714,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -725,8 +727,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -736,13 +738,12 @@ + CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/modules/pam_userdb/Makefile.in +=================================================================== +--- pam.deb.orig/modules/pam_userdb/Makefile.in ++++ pam.deb/modules/pam_userdb/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -70,7 +70,7 @@ + pam_userdb_la_SOURCES = pam_userdb.c + pam_userdb_la_OBJECTS = pam_userdb.lo + @HAVE_LIBDB_TRUE@am_pam_userdb_la_rpath = -rpath $(securelibdir) +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -112,6 +112,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -164,6 +165,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -302,8 +304,8 @@ + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ +- $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ + else :; fi; \ + done + +@@ -311,8 +313,8 @@ + @$(NORMAL_UNINSTALL) + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ +- $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ + done + + clean-securelibLTLIBRARIES: +@@ -411,8 +413,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -424,8 +426,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -435,13 +437,12 @@ + CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/modules/pam_warn/Makefile.in +=================================================================== +--- pam.deb.orig/modules/pam_warn/Makefile.in ++++ pam.deb/modules/pam_warn/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -67,7 +67,7 @@ + pam_warn_la_LIBADD = + pam_warn_la_SOURCES = pam_warn.c + pam_warn_la_OBJECTS = pam_warn.lo +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -108,6 +108,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -160,6 +161,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -296,8 +298,8 @@ + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ +- $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ + else :; fi; \ + done + +@@ -305,8 +307,8 @@ + @$(NORMAL_UNINSTALL) + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ +- $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ + done + + clean-securelibLTLIBRARIES: +@@ -405,8 +407,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -418,8 +420,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -429,13 +431,12 @@ + CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/modules/pam_wheel/Makefile.in +=================================================================== +--- pam.deb.orig/modules/pam_wheel/Makefile.in ++++ pam.deb/modules/pam_wheel/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -67,7 +67,7 @@ + pam_wheel_la_LIBADD = + pam_wheel_la_SOURCES = pam_wheel.c + pam_wheel_la_OBJECTS = pam_wheel.lo +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -108,6 +108,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -160,6 +161,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -296,8 +298,8 @@ + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ +- $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ + else :; fi; \ + done + +@@ -305,8 +307,8 @@ + @$(NORMAL_UNINSTALL) + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ +- $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ + done + + clean-securelibLTLIBRARIES: +@@ -405,8 +407,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -418,8 +420,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -429,13 +431,12 @@ + CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/modules/pam_xauth/Makefile.in +=================================================================== +--- pam.deb.orig/modules/pam_xauth/Makefile.in ++++ pam.deb/modules/pam_xauth/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -67,7 +67,7 @@ + pam_xauth_la_LIBADD = + pam_xauth_la_SOURCES = pam_xauth.c + pam_xauth_la_OBJECTS = pam_xauth.lo +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -108,6 +108,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -160,6 +161,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -296,8 +298,8 @@ + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ +- $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ + else :; fi; \ + done + +@@ -305,8 +307,8 @@ + @$(NORMAL_UNINSTALL) + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ +- $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ + done + + clean-securelibLTLIBRARIES: +@@ -405,8 +407,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -418,8 +420,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -429,13 +431,12 @@ + CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/tests/Makefile.in +=================================================================== +--- pam.deb.orig/tests/Makefile.in ++++ pam.deb/tests/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -126,7 +126,7 @@ + tst_pam_start_OBJECTS = tst-pam_start.$(OBJEXT) + tst_pam_start_LDADD = $(LDADD) + tst_pam_start_DEPENDENCIES = +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -171,6 +171,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -223,6 +224,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -454,8 +456,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -467,8 +469,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -478,13 +480,12 @@ + CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/xtests/Makefile.in +=================================================================== +--- pam.deb.orig/xtests/Makefile.in ++++ pam.deb/xtests/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -122,7 +122,7 @@ + tst_pam_unix3_SOURCES = tst-pam_unix3.c + tst_pam_unix3_OBJECTS = tst-pam_unix3.$(OBJEXT) + tst_pam_unix3_LDADD = $(LDADD) +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -171,6 +171,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -223,6 +224,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -502,8 +504,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -515,8 +517,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -526,13 +528,12 @@ + CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/modules/pam_sepermit/Makefile.in +=================================================================== +--- pam.deb.orig/modules/pam_sepermit/Makefile.in ++++ pam.deb/modules/pam_sepermit/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -74,7 +74,7 @@ + $(pam_sepermit_la_LDFLAGS) $(LDFLAGS) -o $@ + @HAVE_LIBSELINUX_TRUE@am_pam_sepermit_la_rpath = -rpath \ + @HAVE_LIBSELINUX_TRUE@ $(securelibdir) +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -117,6 +117,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -169,6 +170,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -314,8 +316,8 @@ + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ +- $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ + else :; fi; \ + done + +@@ -323,8 +325,8 @@ + @$(NORMAL_UNINSTALL) + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ +- $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ + done + + clean-securelibLTLIBRARIES: +@@ -457,8 +459,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -470,8 +472,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -481,13 +483,12 @@ + CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique +Index: pam.deb/modules/pam_tty_audit/Makefile.in +=================================================================== +--- pam.deb.orig/modules/pam_tty_audit/Makefile.in ++++ pam.deb/modules/pam_tty_audit/Makefile.in +@@ -1,8 +1,8 @@ +-# Makefile.in generated by automake 1.10 from Makefile.am. ++# Makefile.in generated by automake 1.10.1 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +-# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. ++# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation + # gives unlimited permission to copy and/or distribute it, + # with or without modifications, as long as this notice is preserved. +@@ -69,7 +69,7 @@ + pam_tty_audit_la_OBJECTS = pam_tty_audit.lo + @HAVE_AUDIT_TTY_STATUS_TRUE@am_pam_tty_audit_la_rpath = -rpath \ + @HAVE_AUDIT_TTY_STATUS_TRUE@ $(securelibdir) +-DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp + am__depfiles_maybe = depfiles + COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ +@@ -110,6 +110,7 @@ + CYGPATH_W = @CYGPATH_W@ + DEFS = @DEFS@ + DEPDIR = @DEPDIR@ ++DSYMUTIL = @DSYMUTIL@ + ECHO = @ECHO@ + ECHO_C = @ECHO_C@ + ECHO_N = @ECHO_N@ +@@ -162,6 +163,7 @@ + MSGFMT = @MSGFMT@ + MSGFMT_015 = @MSGFMT_015@ + MSGMERGE = @MSGMERGE@ ++NMEDIT = @NMEDIT@ + OBJEXT = @OBJEXT@ + PACKAGE = @PACKAGE@ + PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +@@ -296,8 +298,8 @@ + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ +- $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ + else :; fi; \ + done + +@@ -305,8 +307,8 @@ + @$(NORMAL_UNINSTALL) + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ +- echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ +- $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ ++ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ ++ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ + done + + clean-securelibLTLIBRARIES: +@@ -405,8 +407,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique + tags: TAGS + +@@ -418,8 +420,8 @@ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ +@@ -429,13 +431,12 @@ + CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ +- here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ +- $(AWK) ' { files[$$0] = 1; } \ +- END { for (i in files) print i; }'`; \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique diff --git a/debian/patches-applied/do_not_check_nis_accidentally b/debian/patches-applied/do_not_check_nis_accidentally new file mode 100644 index 00000000..70e3df2d --- /dev/null +++ b/debian/patches-applied/do_not_check_nis_accidentally @@ -0,0 +1,22 @@ +Patch for Debian bug #469635 + +Always call _unix_getpwnam() consistent with the value of the 'nis' +option, so that we only grab from the backends we're expecting. + +Authors: Quentin Godfroy <godfroy@clipper.ens.fr> + +Upstream status: should be submitted + +Index: pam.deb/modules/pam_unix/pam_unix_passwd.c +=================================================================== +--- pam.deb.orig/modules/pam_unix/pam_unix_passwd.c ++++ pam.deb/modules/pam_unix/pam_unix_passwd.c +@@ -562,7 +562,7 @@ + return PAM_USER_UNKNOWN; + } else { + struct passwd *pwd; +- _unix_getpwnam(pamh, user, 1, 1, &pwd); ++ _unix_getpwnam(pamh, user, 1, on(UNIX_NIS, ctrl), &pwd); + if (pwd == NULL) { + pam_syslog(pamh, LOG_DEBUG, + "user \"%s\" has corrupted passwd entry", diff --git a/debian/patches-applied/hurd_no_setfsuid b/debian/patches-applied/hurd_no_setfsuid new file mode 100644 index 00000000..71ae5d77 --- /dev/null +++ b/debian/patches-applied/hurd_no_setfsuid @@ -0,0 +1,110 @@ +On systems without setfsuid(), use setreuid() instead. + +Authors: Steve Langasek <vorlon@debian.org> + +Upstream status: superseded by pam_modutil_set_euid proposal + +Index: Linux-PAM/modules/pam_xauth/pam_xauth.c +=================================================================== +--- Linux-PAM/modules/pam_xauth/pam_xauth.c.orig ++++ Linux-PAM/modules/pam_xauth/pam_xauth.c +@@ -35,7 +35,9 @@ + + #include "config.h" + #include <sys/types.h> ++#ifdef HAVE_SYS_FSUID_H + #include <sys/fsuid.h> ++#endif /* HAVE_SYS_FSUID_H */ + #include <sys/wait.h> + #include <errno.h> + #include <fnmatch.h> +@@ -210,6 +212,9 @@ + FILE *fp; + int i; + uid_t euid; ++#ifndef HAVE_SYS_FSUID_H ++ uid_t uid; ++#endif + /* Check this user's <sense> file. */ + pwd = pam_modutil_getpwnam(pamh, this_user); + if (pwd == NULL) { +@@ -226,9 +231,34 @@ + return PAM_SESSION_ERR; + } + euid = geteuid(); ++#ifdef HAVE_SYS_FSUID_H + setfsuid(pwd->pw_uid); ++#else ++ uid = getuid(); ++ if (uid == pwd->pw_uid) ++ setreuid(euid, uid); ++ else { ++ setreuid(0, -1); ++ if (setreuid(-1, uid) == -1) { ++ setreuid(-1, 0); ++ setreuid(0, -1); ++ if (setreuid(-1, pwd->pw_uid)) ++ return PAM_CRED_INSUFFICIENT; ++ } ++ } ++#endif + fp = fopen(path, "r"); ++#ifdef HAVE_SYS_FSUID_H + setfsuid(euid); ++#else ++ if (uid == pwd->pw_uid) ++ setreuid(uid, euid); ++ else { ++ if (setreuid(-1, 0) == -1) ++ setreuid(uid, -1); ++ setreuid(-1, euid); ++ } ++#endif + if (fp != NULL) { + char buf[LINE_MAX], *tmp; + /* Scan the file for a list of specs of users to "trust". */ +@@ -297,6 +327,9 @@ + int fd, i, debug = 0; + int retval = PAM_SUCCESS; + uid_t systemuser = 499, targetuser = 0, euid; ++#ifndef HAVE_SYS_FSUID_H ++ uid_t uid; ++#endif + + /* Parse arguments. We don't understand many, so no sense in breaking + * this into a separate function. */ +@@ -541,9 +574,34 @@ + + /* Generate a new file to hold the data. */ + euid = geteuid(); ++#ifdef HAVE_SYS_FSUID_H + setfsuid(tpwd->pw_uid); ++#else ++ uid = getuid(); ++ if (uid == tpwd->pw_uid) ++ setreuid(euid, uid); ++ else { ++ setreuid(0, -1); ++ if (setreuid(-1, uid) == -1) { ++ setreuid(-1, 0); ++ setreuid(0, -1); ++ if (setreuid(-1, tpwd->pw_uid)) ++ return PAM_CRED_INSUFFICIENT; ++ } ++ } ++#endif + fd = mkstemp(xauthority + strlen(XAUTHENV) + 1); ++#ifdef HAVE_SYS_FSUID_H + setfsuid(euid); ++#else ++ if (uid == tpwd->pw_uid) ++ setreuid(uid, euid); ++ else { ++ if (setreuid(-1, 0) == -1) ++ setreuid(uid, -1); ++ setreuid(-1, euid); ++ } ++#endif + if (fd == -1) { + pam_syslog(pamh, LOG_ERR, + "error creating temporary file `%s': %m", diff --git a/debian/patches-applied/pam_env_ignore_garbage.patch b/debian/patches-applied/pam_env_ignore_garbage.patch new file mode 100644 index 00000000..3df76a07 --- /dev/null +++ b/debian/patches-applied/pam_env_ignore_garbage.patch @@ -0,0 +1,46 @@ +Patch for Debian bug #439984 + +pam_env was not correctly skipping over non-alphanumeric variable names, +and was not handling the PAM_BAD_ITEM error return from pam_putenv() +when clearing an unset variable. + +Authors: Steve Langasek <vorlon@debian.org> + +Upstream status: committed to CVS + +Index: pam/Linux-PAM/modules/pam_env/pam_env.c +=================================================================== +--- pam.orig/Linux-PAM/modules/pam_env/pam_env.c ++++ pam/Linux-PAM/modules/pam_env/pam_env.c +@@ -232,9 +232,14 @@ + + for ( i = 0 ; key[i] != '=' && key[i] != '\0' ; i++ ) + if (!isalnum(key[i]) && key[i] != '_') { +- D(("key is not alpha numeric - '%s', ignoring", key)); +- continue; ++ pam_syslog(pamh, LOG_ERR, ++ "non-alphanumeric key '%s' in %s', ignoring", ++ key, file); ++ break; + } ++ /* non-alphanumeric key, ignore this line */ ++ if (key[i] != '=' && key[i] != '\0') ++ continue; + + /* now we try to be smart about quotes around the value, + but not too smart, we can't get all fancy with escaped +@@ -248,6 +253,14 @@ + key[i] = '\0'; + } + ++ /* if this is a request to delete a variable, check that it's ++ actually set first, so we don't get a vague error back from ++ pam_putenv() */ ++ for (i = 0; key[i] != '=' && key[i] != '\0'; i++); ++ ++ if (key[i] == '\0' && !pam_getenv(pamh,key)) ++ continue; ++ + /* set the env var, if it fails, we break out of the loop */ + retval = pam_putenv(pamh, key); + if (retval != PAM_SUCCESS) { diff --git a/debian/patches-applied/pam_unix_fix_sgid_shadow_auth.patch b/debian/patches-applied/pam_unix_fix_sgid_shadow_auth.patch new file mode 100644 index 00000000..df5ffcf7 --- /dev/null +++ b/debian/patches-applied/pam_unix_fix_sgid_shadow_auth.patch @@ -0,0 +1,25 @@ +Revert upstream change that prevents pam_unix from working with sgid +shadow applications. + +Authors: Steve Langasek <vorlon@debian.org> + +Upstream status: to be submitted (and debated...) + +Index: pam.deb/modules/pam_unix/passverify.c +=================================================================== +--- pam.deb.orig/modules/pam_unix/passverify.c ++++ pam.deb/modules/pam_unix/passverify.c +@@ -198,11 +198,11 @@ + * ...and shadow password file entry for this user, + * if shadowing is enabled + */ ++ *spwdent = pam_modutil_getspnam(pamh, name); + #ifndef HELPER_COMPILE +- if (geteuid() || SELINUX_ENABLED) ++ if (*spwdent == NULL && (geteuid() || SELINUX_ENABLED)) + return PAM_UNIX_RUN_HELPER; + #endif +- *spwdent = pam_modutil_getspnam(pamh, name); + if (*spwdent == NULL || (*spwdent)->sp_pwdp == NULL) + return PAM_AUTHINFO_UNAVAIL; + } diff --git a/debian/patches-applied/pam_unix_no_helper_for_nis+.patch b/debian/patches-applied/pam_unix_no_helper_for_nis+.patch new file mode 100644 index 00000000..1742034c --- /dev/null +++ b/debian/patches-applied/pam_unix_no_helper_for_nis+.patch @@ -0,0 +1,31 @@ +Don't force use of the helper for account verification with NIS+; the +previous code already works robustly for any non-threaded caller, and +will fall back to use of the helper anyway. + +Authors: Steve Langasek <vorlon@debian.org> + +Upstream status: to be discussed + +Index: pam.deb/modules/pam_unix/passverify.c +=================================================================== +--- pam.deb.orig/modules/pam_unix/passverify.c ++++ pam.deb/modules/pam_unix/passverify.c +@@ -166,7 +166,6 @@ + if (*pwd != NULL) { + if (strcmp((*pwd)->pw_passwd, "*NP*") == 0) + { /* NIS+ */ +-#ifdef HELPER_COMPILE + uid_t save_euid, save_uid; + + save_euid = geteuid(); +@@ -194,10 +193,6 @@ + + if (*spwdent == NULL || (*spwdent)->sp_pwdp == NULL) + return PAM_AUTHINFO_UNAVAIL; +-#else +- /* we must run helper for NIS+ passwords */ +- return PAM_UNIX_RUN_HELPER; +-#endif + } else if (is_pwd_shadowed(*pwd)) { + /* + * ...and shadow password file entry for this user, diff --git a/debian/patches-applied/pam_unix_setreuid_juggling.patch b/debian/patches-applied/pam_unix_setreuid_juggling.patch new file mode 100644 index 00000000..0605e108 --- /dev/null +++ b/debian/patches-applied/pam_unix_setreuid_juggling.patch @@ -0,0 +1,22 @@ +This particular setreuid() is only needed if we don't have any root +privs at all, so make it conditional like it was pre-1.0. + +Authors: Steve Langasek <vorlon@debian.org> + +Upstream status: to be submitted + +Index: pam.deb/modules/pam_unix/passverify.c +=================================================================== +--- pam.deb.orig/modules/pam_unix/passverify.c ++++ pam.deb/modules/pam_unix/passverify.c +@@ -187,8 +187,8 @@ + if (save_uid == (*pwd)->pw_uid) + setreuid(save_uid, save_euid); + else { +- setreuid(-1, 0); +- setreuid(save_uid, -1); ++ if (setreuid(-1, 0) == -1) ++ setreuid(save_uid, -1); + setreuid(-1, save_euid); + } + diff --git a/debian/patches-applied/pam_unix_thread-safe_save_old_password.patch b/debian/patches-applied/pam_unix_thread-safe_save_old_password.patch new file mode 100644 index 00000000..094c63d2 --- /dev/null +++ b/debian/patches-applied/pam_unix_thread-safe_save_old_password.patch @@ -0,0 +1,70 @@ +Patch to keep save_old_password() thread-safe when called by the PAM +module, since nothing blocks other threads from calling getpwnam in +parallel + +Authors: Steve Langasek <vorlon@debian.org> + +Upstream status: to be submitted + +Index: pam.deb/modules/pam_unix/passverify.c +=================================================================== +--- pam.deb.orig/modules/pam_unix/passverify.c ++++ pam.deb/modules/pam_unix/passverify.c +@@ -535,9 +535,15 @@ + } + #endif + ++#ifdef HELPER_COMPILE + int + save_old_password(const char *forwho, const char *oldpass, + int howmany) ++#else ++int ++save_old_password(pam_handle_t *pamh, const char *forwho, const char *oldpass, ++ int howmany) ++#endif + { + static char buf[16384]; + static char nbuf[16384]; +@@ -653,7 +659,7 @@ + fclose(opwfile); + + if (!found) { +- pwd = getpwnam(forwho); ++ pwd = pam_modutil_getpwnam(pamh, forwho); + if (pwd == NULL) { + err = 1; + } else { +Index: pam.deb/modules/pam_unix/passverify.h +=================================================================== +--- pam.deb.orig/modules/pam_unix/passverify.h ++++ pam.deb/modules/pam_unix/passverify.h +@@ -33,9 +33,15 @@ + void + unlock_pwdf(void); + ++#ifdef HELPER_COMPILE + int + save_old_password(const char *forwho, const char *oldpass, + int howmany); ++#else ++int ++save_old_password(pam_handle_t *pamh, const char *forwho, const char *oldpass, ++ int howmany); ++#endif + + #ifdef HELPER_COMPILE + void +Index: pam.deb/modules/pam_unix/pam_unix_passwd.c +=================================================================== +--- pam.deb.orig/modules/pam_unix/pam_unix_passwd.c ++++ pam.deb/modules/pam_unix/pam_unix_passwd.c +@@ -385,7 +385,7 @@ + return _unix_run_update_binary(pamh, ctrl, forwho, fromwhat, towhat, remember); + #endif + /* first, save old password */ +- if (save_old_password(forwho, fromwhat, remember)) { ++ if (save_old_password(pamh, forwho, fromwhat, remember)) { + retval = PAM_AUTHTOK_ERR; + goto done; + } diff --git a/debian/patches-applied/series b/debian/patches-applied/series new file mode 100644 index 00000000..24a0f6df --- /dev/null +++ b/debian/patches-applied/series @@ -0,0 +1,24 @@ +pam_unix_thread-safe_save_old_password.patch +pam_unix_setreuid_juggling.patch +pam_unix_no_helper_for_nis+.patch +pam_unix_fix_sgid_shadow_auth.patch +007_modules_pam_unix +008_modules_pam_limits_chroot +021_nis_cleanup +022_pam_unix_group_time_miscfixes +026_pam_unix_passwd_unknown_user +do_not_check_nis_accidentally +027_pam_limits_better_init_allow_explicit_root +031_pam_include +032_pam_limits_EPERM_NOT_FATAL +036_pam_wheel_getlogin_considered_harmful +hurd_no_setfsuid +040_pam_limits_log_failure +045_pam_dispatch_jump_is_ignore +054_pam_security_abstract_securetty_handling +055_pam_unix_nullok_secure +057_pam_unix_passwd_OOM_check +065_pam_unix_cracklib_disable +PAM-manpage-section +pam_env_ignore_garbage.patch -p2 +autoconf.patch diff --git a/debian/po/POTFILES.in b/debian/po/POTFILES.in new file mode 100644 index 00000000..8c641cfc --- /dev/null +++ b/debian/po/POTFILES.in @@ -0,0 +1 @@ +[type: gettext/rfc822deb] libpam0g.templates diff --git a/debian/po/bg.po b/debian/po/bg.po new file mode 100644 index 00000000..9b0b2bab --- /dev/null +++ b/debian/po/bg.po @@ -0,0 +1,89 @@ +# translation of bg.po to Bulgarian +# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER +# This file is distributed under the same license as the PACKAGE package. +# +# Damyan Ivanov <dam@modsoftsys.com>, 2007. +msgid "" +msgstr "" +"Project-Id-Version: PACKAGE VERSION\n" +"Report-Msgid-Bugs-To: vorlon@debian.org\n" +"POT-Creation-Date: 2007-09-24 17:06-0700\n" +"PO-Revision-Date: 2007-09-25 14:24+0300\n" +"Last-Translator: Damyan Ivanov <dam@modsoftsys.com>\n" +"Language-Team: Bulgarian <dict@fsa-bg.org>\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: KBabel 1.11.4\n" + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "Services to restart for PAM library upgrade:" +msgstr "Рестартиране на услуги при обновяване на PAM:" + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "" +"Most services that use PAM need to be restarted to use modules built for " +"this new version of libpam. Please review the following space-separated " +"list of init.d scripts for services to be restarted now, and correct it if " +"needed." +msgstr "" +"Повечето услуги, които използват PAM трябва да бъдат рестартирани за да " +"могат да използват модулите за новата версия на libpam. Прегледайте списъка " +"от init.d скриптове по-долу и го коригирайте ако е необходимо. Имената на " +"отделните скриптове трябва да са отделени с интервал." + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "" +"Some other services such as xscreensaver, gnome-screensaver, and xlockmore " +"cannot be restarted for you. You will not be able to authenticate to these " +"services until you restart them manually." +msgstr "" +"Някои друго услуги като xscreensaver, gnome-screensaver и xlockmore не могат " +"да бъдат рестартирани автоматично. Няма да можете да се идентифицирате пред " +"тези услуги докато не ги рестартирате." + +#. Type: error +#. Description +#: ../libpam0g.templates:2001 +msgid "Display manager must be restarted manually" +msgstr "Мениджъра на дисплеи трябва да бъде рестартиран ръчно" + +#. Type: error +#. Description +#: ../libpam0g.templates:2001 +msgid "" +"The kdm, wdm, and xdm display managers require a restart for the new version " +"of libpam, but there are X login sessions active on your system that would " +"be terminated by this restart. You will therefore need to restart these " +"services by hand before further X logins will be possible." +msgstr "" +"Мениджърите на дисплеи kdm, wdm и xdm трябва да бъдат рестартирани, но това би прекъснало активните влизания и затова тази операция няма да бъде извършена автоматично. Преди " +"да може отново да се влезе в системата " +"чрез тези услуги, те трябва да бъдат рестартирани ръчно." + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "Failure restarting some services for PAM upgrade" +msgstr "Грешка при рестартиране на някои услуги за обновяване на PAM" + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "" +"The following services could not be restarted for the PAM library upgrade:" +msgstr "Следните услуги не бяха рестартирани за обновяването на PAM:" + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "" +"You will need to start these manually by running '/etc/init.d/<service> " +"start'." +msgstr "Ще трябва сами да ги стартирате чрез „/etc/init.d/<услуга> start“." diff --git a/debian/po/cs.po b/debian/po/cs.po new file mode 100644 index 00000000..0bfadf14 --- /dev/null +++ b/debian/po/cs.po @@ -0,0 +1,105 @@ +# Czech translation of pam debconf mesages. +# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER +# This file is distributed under the same license as the pam package. +# Miroslav Kure <kurem@debian.cz>, 2007. +# +msgid "" +msgstr "" +"Project-Id-Version: pam\n" +"Report-Msgid-Bugs-To: vorlon@debian.org\n" +"POT-Creation-Date: 2007-09-24 17:06-0700\n" +"PO-Revision-Date: 2007-09-29 15:30+0200\n" +"Last-Translator: Miroslav Kure <kurem@debian.cz>\n" +"Language-Team: Czech <debian-l10n-czech@lists.debian.org>\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "Services to restart for PAM library upgrade:" +msgstr "Služby, které se mají restartovat po aktualizaci knihovny PAM:" + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "" +"Most services that use PAM need to be restarted to use modules built for " +"this new version of libpam. Please review the following space-separated " +"list of init.d scripts for services to be restarted now, and correct it if " +"needed." +msgstr "" +"Aby se začaly používat moduly z nové verze knihovny libpam, musí se většina " +"služeb používajících PAM restartovat. Zkontrolujte prosím následující seznam " +"služeb (init.d skriptů), které se mají nyní restartovat a v případě potřeby " +"seznam opravte." + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "" +"Some other services such as xscreensaver, gnome-screensaver, and xlockmore " +"cannot be restarted for you. You will not be able to authenticate to these " +"services until you restart them manually." +msgstr "" +"Některé služby (např. xscreensaver, gnome-screensaver a xlockmore) nemohou " +"být restartovány automaticky. Dokud je nerestartujete ručně, nebudete se " +"moci vůči nim autentizovat." + +#. Type: error +#. Description +#: ../libpam0g.templates:2001 +msgid "Display manager must be restarted manually" +msgstr "Správce displeje se musí restartovat ručně" + +#. Type: error +#. Description +#: ../libpam0g.templates:2001 +msgid "" +"The kdm, wdm, and xdm display managers require a restart for the new version " +"of libpam, but there are X login sessions active on your system that would " +"be terminated by this restart. You will therefore need to restart these " +"services by hand before further X logins will be possible." +msgstr "" +"Správcové displejů kdm, wdm a xdm musí být s novou verzí knihovny libpam " +"restartováni. Restart těchto služeb by však ukončil probíhající X sezení a " +"proto je ponechán restart zmíněných správců displejů na vás, až určíte, že " +"nastal vhodný okamžik. S restartem byste neměli otálet, protože do té doby " +"se pomocí nich nebudou moci uživatelé přihlásit." + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "Failure restarting some services for PAM upgrade" +msgstr "Restartování některých služeb při aktualizaci PAMu selhalo" + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "" +"The following services could not be restarted for the PAM library upgrade:" +msgstr "" +"Následující služby nemohly být při aktualizaci knihovny PAM restartovány:" + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "" +"You will need to start these manually by running '/etc/init.d/<service> " +"start'." +msgstr "" +"Tyto služby budete muset spustit ručně příkazem '/etc/init.d/<služba> start'." + +#~ msgid "" +#~ "Among the services that require restarting are the display managers kdm, " +#~ "wdm, and xdm. If you are upgrading from within an X session started with " +#~ "one of these display managers, restarting that service will terminate " +#~ "your X session. It is recommended that you remove that service from the " +#~ "list here and restart it later at your convenience." +#~ msgstr "" +#~ "Mezi službami vyžadujícími restart jsou i správci displejů kdm, wdm a " +#~ "xdm. Aktualizujete-li z X sezení spuštěného některým ze zmíněných " +#~ "programů, znamená to, že restart příslušné služby ukončí stávající X " +#~ "sezení. V takovém případě doporučujeme službu ze seznamu odstranit a " +#~ "restartovat později, až pro to nastane vhodnější příležitost." diff --git a/debian/po/de.po b/debian/po/de.po new file mode 100644 index 00000000..4fa78a91 --- /dev/null +++ b/debian/po/de.po @@ -0,0 +1,95 @@ +# German translation of pam debconf templates +# Copyright (C) 2007 Steve Langasek <vorlon@debian.org> +# This file is distributed under the same license as the pam package. +# Sven Joachim <svenjoac@gmx.de>, 2007. +# +msgid "" +msgstr "" +"Project-Id-Version: pam 0.99.7.1-5\n" +"Report-Msgid-Bugs-To: vorlon@debian.org\n" +"POT-Creation-Date: 2007-09-24 17:06-0700\n" +"PO-Revision-Date: 2007-09-29 14:18+0200\n" +"Last-Translator: Sven Joachim <svenjoac@gmx.de>\n" +"Language-Team: German <debian-l10n-german@lists.debian.org>\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "Services to restart for PAM library upgrade:" +msgstr "Neu zu startende Dienste für das Upgrade der PAM-Bibliothek:" + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "" +"Most services that use PAM need to be restarted to use modules built for " +"this new version of libpam. Please review the following space-separated " +"list of init.d scripts for services to be restarted now, and correct it if " +"needed." +msgstr "" +"Die meisten Dienste, die PAM verwenden, müssen neu gestartet werden, um " +"Module dieser neuen Version von libpam verwenden zu können. Bitte überprüfen " +"Sie die folgende, Leerzeichen-getrennte Liste von init.d-Skripten für " +"Dienste, die jetzt neu zu starten sind, und korrigieren Sie diese Liste " +"nötigenfalls." + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "" +"Some other services such as xscreensaver, gnome-screensaver, and xlockmore " +"cannot be restarted for you. You will not be able to authenticate to these " +"services until you restart them manually." +msgstr "" +"Einige andere Dienste wie xscreensaver, gnome-screensaver und xlockmore " +"können nicht automatisch neu gestartet werden. Sie werden sich gegenüber " +"diesen Diensten nicht authentifizieren können, bis Sie sie manuell neu " +"gestartet haben." + +#. Type: error +#. Description +#: ../libpam0g.templates:2001 +msgid "Display manager must be restarted manually" +msgstr "Display-Manager müssen manuell neu gestartet werden" + +#. Type: error +#. Description +#: ../libpam0g.templates:2001 +msgid "" +"The kdm, wdm, and xdm display managers require a restart for the new version " +"of libpam, but there are X login sessions active on your system that would " +"be terminated by this restart. You will therefore need to restart these " +"services by hand before further X logins will be possible." +msgstr "" +"Die Display-Manager kdm, wdm und xdm erfordern einen Neustart für die neue " +"Version von libpam, aber auf ihrem System sind X-Loginsitzungen aktiv, die " +"von diesem Neustart beendet werden würden. Sie müssen diese Dienste daher " +"von Hand neu starten, bevor Logins unter X wieder möglich sind." + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "Failure restarting some services for PAM upgrade" +msgstr "Fehler beim Neustart einiger Dienste für das PAM-Upgrade" + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "" +"The following services could not be restarted for the PAM library upgrade:" +msgstr "" +"Die folgenden Dienste konnten für das Upgrade der PAM-Bibliothek nicht neu " +"gestartet werden:" + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "" +"You will need to start these manually by running '/etc/init.d/<service> " +"start'." +msgstr "" +"Sie müssen diese manuell neu starten, indem Sie »/etc/init.d/<Dienst> start« " +"ausführen." diff --git a/debian/po/es.po b/debian/po/es.po new file mode 100644 index 00000000..63dbccf8 --- /dev/null +++ b/debian/po/es.po @@ -0,0 +1,135 @@ +# pam po-debconf translation to Spanish +# Copyright (C) 2007 Software in the Public Interest, SPI Inc. +# This file is distributed under the same license as the pam package. +# +# Changes: +# - Initial translation +# Javier Fernández-Sanguino , 2007 +# +# +# Traductores, si no conoce el formato PO, merece la pena leer la +# documentación de gettext, especialmente las secciones dedicadas a este +# formato, por ejemplo ejecutando: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Equipo de traducción al español, por favor lean antes de traducir +# los siguientes documentos: +# +# - El proyecto de traducción de Debian al español +# http://www.debian.org/intl/spanish/ +# especialmente las notas y normas de traducción en +# http://www.debian.org/intl/spanish/notas +# +# - La guía de traducción de po's de debconf: +# /usr/share/doc/po-debconf/README-trans +# o http://www.debian.org/intl/l10n/po-debconf/README-trans +# +# Si tiene dudas o consultas sobre esta traducción consulte con el último +# traductor (campo Last-Translator) y ponga en copia a la lista de +# traducción de Debian al español (<debian-l10n-spanish@lists.debian.org>) +# +msgid "" +msgstr "" +"Project-Id-Version: pam 0.79-4\n" +"Report-Msgid-Bugs-To: vorlon@debian.org\n" +"POT-Creation-Date: 2007-09-24 17:06-0700\n" +"PO-Revision-Date: 2007-09-29 02:28+0200\n" +"Last-Translator: Javier Fernández-Sanguino <jfs@debian.org>\n" +"Language-Team: Debian Spanish <debian-l10n-spanish@lists.debian.org>\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-POFile-SpellExtra: kdm gnome xscreensaver xdm xlockmore wdm start init\n" +"X-POFile-SpellExtra: screensaver PAM libpam\n" + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "Services to restart for PAM library upgrade:" +msgstr "Servicios a reiniciar para la actualización de la biblioteca de PAM:" + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "" +"Most services that use PAM need to be restarted to use modules built for " +"this new version of libpam. Please review the following space-separated " +"list of init.d scripts for services to be restarted now, and correct it if " +"needed." +msgstr "" +"Es necesario reiniciar la mayoría de los servicios que utilizan PAM para que " +"usen los módulos de esta versión de libpam. Por favor, revise la lista " +"separada por espacios mostrada a continuación que indica los servicios a " +"reiniciar ahora y corríjala si es necesario." + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "" +"Some other services such as xscreensaver, gnome-screensaver, and xlockmore " +"cannot be restarted for you. You will not be able to authenticate to these " +"services until you restart them manually." +msgstr "" +"Algunos servicios, como «xscreensaver», «gnome-screensaver» y «xlockmore», " +"no podrán reiniciarse. La autenticación no funcionará en estos servicios " +"hasta que los reinicie manualmente." + +#. Type: error +#. Description +#: ../libpam0g.templates:2001 +msgid "Display manager must be restarted manually" +msgstr "Debe reiniciar manualmente los gestores de pantalla" + +#. Type: error +#. Description +#: ../libpam0g.templates:2001 +msgid "" +"The kdm, wdm, and xdm display managers require a restart for the new version " +"of libpam, but there are X login sessions active on your system that would " +"be terminated by this restart. You will therefore need to restart these " +"services by hand before further X logins will be possible." +msgstr "" +"Entre los servicios que deben reiniciarse debido a la nueva versión de " +"libpam están los gestores de pantalla kdm, wdm y xdm. Sin embargo, hay " +"sesiones de X ejecutándose en el sistema que se terminarían si se " +"reiniciaran estos servicios. Debe reiniciarlos manualmente si desea que " +"funcionen los accesos a través de una sesión X más adelante." + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "Failure restarting some services for PAM upgrade" +msgstr "Fallo al reiniciar alguno de los servicios en la actualización de PAM" + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "" +"The following services could not be restarted for the PAM library upgrade:" +msgstr "" +"No fue posible reiniciar los servicios indicados a continuación dentro la " +"actualización de la biblioteca de PAM:" + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "" +"You will need to start these manually by running '/etc/init.d/<service> " +"start'." +msgstr "" +"Deberá arrancar manualmente estos servicios ejecutando «/etc/init.d/" +"<servicio> start»." + +#~ msgid "" +#~ "Among the services that require restarting are the display managers kdm, " +#~ "wdm, and xdm. If you are upgrading from within an X session started with " +#~ "one of these display managers, restarting that service will terminate " +#~ "your X session. It is recommended that you remove that service from the " +#~ "list here and restart it later at your convenience." +#~ msgstr "" +#~ "Entre los servicios que deben reiniciarse están los gestores de pantalla " +#~ "kdm, wdm y xdm. El reinicio del servicio terminará su sesión de X si está " +#~ "actualizando desde una sesión de X arrancada desde alguno de estos " +#~ "gestores. Se le recomienda eliminar el servicio de la lista y reiniciarlo " +#~ "más adelante cuando lo considere oportuno." diff --git a/debian/po/eu.po b/debian/po/eu.po new file mode 100644 index 00000000..79e1ad5b --- /dev/null +++ b/debian/po/eu.po @@ -0,0 +1,96 @@ +# translation of eu.po to Euskara +# Debconf questions for the Linux-PAM package. +# Copyright (C) 2007 Steve Langasek <vorlon@debian.org> +# This file is distributed under the same license as the pam package. +# +# Piarres Beobide <pi@beobide.net>, 2007, 2008. +msgid "" +msgstr "" +"Project-Id-Version: eu\n" +"Report-Msgid-Bugs-To: vorlon@debian.org\n" +"POT-Creation-Date: 2007-09-24 17:06-0700\n" +"PO-Revision-Date: 2008-04-02 14:26+0200\n" +"Last-Translator: Piarres Beobide <pi@beobide.net>\n" +"Language-Team: Euskara <debian-l10n-basque@lists.debian.org>\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: KBabel 1.11.4\n" + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "Services to restart for PAM library upgrade:" +msgstr "" +"PAM liburutegia bertsio-berritzean berrabiarazi behar diren zerbitzuak:" + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "" +"Most services that use PAM need to be restarted to use modules built for " +"this new version of libpam. Please review the following space-separated " +"list of init.d scripts for services to be restarted now, and correct it if " +"needed." +msgstr "" +"PAM erabiltzen duten zerbitzu gehieneak berrabiarazi egin behar dira libpam " +"bertsio honetako moduluak erabiltzeko. Mesedez gainbegiratu berrabiaraziko " +"diren hurrengo zuriunez bereiziriko init.d script zerrenda hau eta zuzendu " +"behar izanez gero." + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "" +"Some other services such as xscreensaver, gnome-screensaver, and xlockmore " +"cannot be restarted for you. You will not be able to authenticate to these " +"services until you restart them manually." +msgstr "" +"Xscreensaver, gnome-screensaver edo xlockmore bezalako beste zenbait " +"zerbitzu ezin dira zure odez berrabiarazi. Ezingo duzu zerbitzu horietan " +"autentifikaziorik egin berrabiarazi arte." + +#. Type: error +#. Description +#: ../libpam0g.templates:2001 +msgid "Display manager must be restarted manually" +msgstr "Pantaila kudeatzailea eskuz berrabiarazi behar da" + +#. Type: error +#. Description +#: ../libpam0g.templates:2001 +msgid "" +"The kdm, wdm, and xdm display managers require a restart for the new version " +"of libpam, but there are X login sessions active on your system that would " +"be terminated by this restart. You will therefore need to restart these " +"services by hand before further X logins will be possible." +msgstr "" +"Kdm, wdm, eta xdm pantaila kudeatzaileek berrabiaraztea behar dute libpam " +"bertsio berria erabiltzeko. Baina berrabiarazteak eragin izan dezaken " +"abiarazitako X saioak daude sistema honetan. Zerbitzu hori beranduago eskuz " +"berrabiarazi beharko duzu X saioak hastea posible izateko." + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "Failure restarting some services for PAM upgrade" +msgstr "Huts PAM bertsio-berritzerako zenbait zerbitzu berrabiaraztean." + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "" +"The following services could not be restarted for the PAM library upgrade:" +msgstr "" +"Hurrengo zerbitzuak ezin izan dira berrabiarazi PAM liburutegi bertsio-" +"berritzean:" + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "" +"You will need to start these manually by running '/etc/init.d/<service> " +"start'." +msgstr "" +"Hauek zure kabuz berrabiarazi beharko dituzu '/etc/init.d/<zerbitzua> start' " +"eginaz." diff --git a/debian/po/fi.po b/debian/po/fi.po new file mode 100644 index 00000000..e753209d --- /dev/null +++ b/debian/po/fi.po @@ -0,0 +1,93 @@ +msgid "" +msgstr "" +"Project-Id-Version: pam 0.99.7.1-4\n" +"Report-Msgid-Bugs-To: vorlon@debian.org\n" +"POT-Creation-Date: 2007-09-24 17:06-0700\n" +"PO-Revision-Date: 2007-12-30 00:14+0200\n" +"Last-Translator: Esko Arajärvi <edu@iki.fi>\n" +"Language-Team: Finnish <debian-l10n-finnish@lists.debian.org>\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=utf-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Poedit-Language: Finnish\n" +"X-Poedit-Country: FINLAND\n" + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "Services to restart for PAM library upgrade:" +msgstr "Palvelut, jotka käynnistetään uudelleen PAM-kirjastoa päivitettäessä:" + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "" +"Most services that use PAM need to be restarted to use modules built for " +"this new version of libpam. Please review the following space-separated " +"list of init.d scripts for services to be restarted now, and correct it if " +"needed." +msgstr "" +"Useimmat PAMia käyttävät palvelut pitää käynnistää uudelleen libpamin uuden " +"version käyttöönottamiseksi. Tarkista seuraava välilyönnein eroteltu lista " +"niiden palveluiden init.d-komentotiedostoista, jotka käynnistetään " +"uudelleen, ja muokkaa listaa tarvittaessa." + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "" +"Some other services such as xscreensaver, gnome-screensaver, and xlockmore " +"cannot be restarted for you. You will not be able to authenticate to these " +"services until you restart them manually." +msgstr "" +"Joitain muita palveluita, kuten xscreensaver, gnome-screensaver ja xlockmore " +"ei voida käynnistää automaattisesti. Et voi kirjautua näihin palveluihin " +"ennen kuin olet manuaalisesti käynnistänyt ne uudelleen." + +#. Type: error +#. Description +#: ../libpam0g.templates:2001 +msgid "Display manager must be restarted manually" +msgstr "Näytönhallintaohjelma tulee käynnistää uudelleen käsin" + +#. Type: error +#. Description +#: ../libpam0g.templates:2001 +msgid "" +"The kdm, wdm, and xdm display managers require a restart for the new version " +"of libpam, but there are X login sessions active on your system that would " +"be terminated by this restart. You will therefore need to restart these " +"services by hand before further X logins will be possible." +msgstr "" +"Näytönhallintaohjelmat kdm, wdm ja zdm tulee käynnistää uudelleen, jotta " +"libpamin uusi versio tulee käyttöön. Järjestelmässä on kuitenkin aktiivisia " +"X-istuntoja, jotka lopetettaisiin tämän uudelleenkäynnistyksen yhteydessä. " +"Niinpä nämä palvelut tulee käynnistää uudelleen käsin ennen kuin uusia X-" +"istuntoja voidaan avata." + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "Failure restarting some services for PAM upgrade" +msgstr "" +"Virhe PAM:in päivityksen yhteydessä käynnistettäessä uudelleen joitain " +"palveluita" + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "" +"The following services could not be restarted for the PAM library upgrade:" +msgstr "" +"Seuraavia palveluita ei voitu käynnistää uudelleen PAM-kirjastoa " +"päivitettäessä:" + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "" +"You will need to start these manually by running '/etc/init.d/<service> " +"start'." +msgstr "" +"Nämä palvelut tulee käynnistää uudelleen ajamalla '/etc/init.d/<palvelu> " +"start'." diff --git a/debian/po/fr.po b/debian/po/fr.po new file mode 100644 index 00000000..e14fd177 --- /dev/null +++ b/debian/po/fr.po @@ -0,0 +1,108 @@ +# Copyright (C) 2007 Cyril Brulebois <cyril.brulebois@enst-bretagne.fr> +# This file is distributed under the same license as the pam package. +# Cyril Brulebois <cyril.brulebois@enst-bretagne.fr>, 2007 +# +msgid "" +msgstr "" +"Project-Id-Version: pam\n" +"Report-Msgid-Bugs-To: vorlon@debian.org\n" +"POT-Creation-Date: 2007-09-24 17:06-0700\n" +"PO-Revision-Date: 2007-10-03 12:07+0200\n" +"Last-Translator: Cyril Brulebois <cyril.brulebois@enst-bretagne.fr>\n" +"Language-Team: French <debian-l10n-french@lists.debian.org>\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "Services to restart for PAM library upgrade:" +msgstr "" +"Services à redémarrer lors de la mise à niveau de la bibliothèque PAM :" + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "" +"Most services that use PAM need to be restarted to use modules built for " +"this new version of libpam. Please review the following space-separated " +"list of init.d scripts for services to be restarted now, and correct it if " +"needed." +msgstr "" +"La plupart des services utilisant PAM doivent être redémarrés pour utiliser " +"les modules compilés pour cette nouvelle version de libpam. Veuillez " +"vérifier la liste suivante de scripts de démarrage à relancer maintenant, et " +"la corriger si nécessaire." + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "" +"Some other services such as xscreensaver, gnome-screensaver, and xlockmore " +"cannot be restarted for you. You will not be able to authenticate to these " +"services until you restart them manually." +msgstr "" +"D'autres services tels que xscreensaver, gnome-screensaver et xlockmore ne " +"peuvent pas être redémarrés automatiquement. Vous ne pourrez vous identifier " +"auprès de ces services qu'après les avoir redémarrés vous-même." + +#. Type: error +#. Description +#: ../libpam0g.templates:2001 +msgid "Display manager must be restarted manually" +msgstr "Pas de redémarrage automatique du gestionnaire graphique de sessions" + +#. Type: error +#. Description +#: ../libpam0g.templates:2001 +msgid "" +"The kdm, wdm, and xdm display managers require a restart for the new version " +"of libpam, but there are X login sessions active on your system that would " +"be terminated by this restart. You will therefore need to restart these " +"services by hand before further X logins will be possible." +msgstr "" +"Les gestionnaires graphiques de session kdm, wdm et xdm nécessitent un " +"redémarrage lors de la mise à niveau de libpam, mais il existe des sessions " +"X actives sur ce système, qui seraient fermées par ce redémarrage. Vous " +"devez donc redémarrer ces services vous-même avant de pouvoir effectuer à " +"nouveau une connexion au serveur graphique." + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "Failure restarting some services for PAM upgrade" +msgstr "" +"Erreur du redémarrage de certains services pour la mise à niveau de PAM" + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "" +"The following services could not be restarted for the PAM library upgrade:" +msgstr "" +"Les services suivants n'ont pas pu être redémarrés lors de la mise à niveau " +"de la bibliothèque PAM :" + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "" +"You will need to start these manually by running '/etc/init.d/<service> " +"start'." +msgstr "" +"Vous devez les démarrer vous-même avec la commande « /etc/init.d/<service> " +"start »." + +#~ msgid "" +#~ "Among the services that require restarting are the display managers kdm, " +#~ "wdm, and xdm. If you are upgrading from within an X session started with " +#~ "one of these display managers, restarting that service will terminate " +#~ "your X session. It is recommended that you remove that service from the " +#~ "list here and restart it later at your convenience." +#~ msgstr "" +#~ "Parmi la liste de services nécessitant un redémarrage, on trouve les " +#~ "gestionnaires graphiques de session comme kdm, wdm et xdm. Si la mise à " +#~ "niveau a lieu depuis une session X démarrée par l'un de ceux-ci, le " +#~ "redémarrer terminera cette session. Il est recommandé d'enlever ce " +#~ "service de la liste et de le redémarrer plus tard." diff --git a/debian/po/gl.po b/debian/po/gl.po new file mode 100644 index 00000000..378d225c --- /dev/null +++ b/debian/po/gl.po @@ -0,0 +1,91 @@ +# Galician translation of pam's debconf templates +# This file is distributed under the same license as the pam package. +# Jacobo Tarrio <jtarrio@debian.org>, 2007. +# +msgid "" +msgstr "" +"Project-Id-Version: pam\n" +"Report-Msgid-Bugs-To: vorlon@debian.org\n" +"POT-Creation-Date: 2007-09-24 17:06-0700\n" +"PO-Revision-Date: 2007-10-01 20:04+0100\n" +"Last-Translator: Jacobo Tarrio <jtarrio@debian.org>\n" +"Language-Team: Galician <proxecto@trasno.net>\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "Services to restart for PAM library upgrade:" +msgstr "Servizos a reiniciar para a actualización da biblioteca PAM:" + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "" +"Most services that use PAM need to be restarted to use modules built for " +"this new version of libpam. Please review the following space-separated " +"list of init.d scripts for services to be restarted now, and correct it if " +"needed." +msgstr "" +"É necesario reiniciar a maioría dos servizos que empregan PAM para empregar " +"os módulos compilados para esta versión de libpam. Revise a seguinte lista " +"de scripts de init.d que se han reiniciar agora, e corríxaa se é preciso." + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "" +"Some other services such as xscreensaver, gnome-screensaver, and xlockmore " +"cannot be restarted for you. You will not be able to authenticate to these " +"services until you restart them manually." +msgstr "" +"Hai outros servizos, como xscreensaver, gnome-screensaver e xlockmore, que " +"non se poden reiniciar por vostede. Non ha poderse autenticar con estes " +"servizos a menos que os reinicie manualmente." + +#. Type: error +#. Description +#: ../libpam0g.templates:2001 +msgid "Display manager must be restarted manually" +msgstr "Débese reiniciar manualmente o xestor de pantallas" + +#. Type: error +#. Description +#: ../libpam0g.templates:2001 +msgid "" +"The kdm, wdm, and xdm display managers require a restart for the new version " +"of libpam, but there are X login sessions active on your system that would " +"be terminated by this restart. You will therefore need to restart these " +"services by hand before further X logins will be possible." +msgstr "" +"É necesario reiniciar os xestores de pantallas kdm, wdm e xdm para a nova " +"versión de libpam, pero hai sesións de X activas no sistema que se pecharían " +"co reinicio. Polo tanto, ha ter que reiniciar eses servizos manualmente para " +"poder iniciar novas sesións mediante X." + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "Failure restarting some services for PAM upgrade" +msgstr "Problemas ao reiniciar algúns servizos para a actualización de PAM" + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "" +"The following services could not be restarted for the PAM library upgrade:" +msgstr "" +"Non se puido reiniciar os seguintes servizos para a actualización da " +"biblioteca PAM:" + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "" +"You will need to start these manually by running '/etc/init.d/<service> " +"start'." +msgstr "" +"Ha ter que reinicialos manualmente executando \"/etc/init.d/<servizo> start" +"\"." diff --git a/debian/po/it.po b/debian/po/it.po new file mode 100644 index 00000000..d4b214bf --- /dev/null +++ b/debian/po/it.po @@ -0,0 +1,92 @@ +# Debconf questions for the Linux-PAM package. +# Copyright (C) 2007 Steve Langasek <vorlon@debian.org> +# This file is distributed under the same license as the pam package. +# David Paleino <d.paleino@gmail.com>, 2008. +# +msgid "" +msgstr "" +"Project-Id-Version: pam 0.99.7.1-5\n" +"Report-Msgid-Bugs-To: vorlon@debian.org\n" +"POT-Creation-Date: 2007-09-24 17:06-0700\n" +"PO-Revision-Date: 2008-06-01 08:38+0100\n" +"Last-Translator: David Paleino <d.paleino@gmail.com>\n" +"Language-Team: LANGUAGE <LL@li.org>\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=utf-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "Services to restart for PAM library upgrade:" +msgstr "Servizi da riavviare per l'aggiornamento della libreria PAM:" + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "" +"Most services that use PAM need to be restarted to use modules built for " +"this new version of libpam. Please review the following space-separated " +"list of init.d scripts for services to be restarted now, and correct it if " +"needed." +msgstr "" +"Molti servizi che usano PAM hanno bisogno di essere riavviati per utilizzare " +"i moduli compilati per questa nuova versione di libpam. Per favore, " +"controllare la seguente lista, separata da spazi, di script di init.d per i " +"servizi da riavviare, e correggere se necessario." + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "" +"Some other services such as xscreensaver, gnome-screensaver, and xlockmore " +"cannot be restarted for you. You will not be able to authenticate to these " +"services until you restart them manually." +msgstr "" +"Alcuni altri servizi come xscreensaver, gnome-screensaver e xlockmore non " +"possono essere riavviati automaticamente. Non sarai in grado di " +"autenticarti a questi servizi finché non saranno riavviati manualmente." + +#. Type: error +#. Description +#: ../libpam0g.templates:2001 +msgid "Display manager must be restarted manually" +msgstr "Il Display Manager deve essere riavviato manualmente" + +#. Type: error +#. Description +#: ../libpam0g.templates:2001 +msgid "" +"The kdm, wdm, and xdm display managers require a restart for the new version " +"of libpam, but there are X login sessions active on your system that would " +"be terminated by this restart. You will therefore need to restart these " +"services by hand before further X logins will be possible." +msgstr "" +"I display manager kdm, wdm e xdm richiedono un riavvia per la nuova versione " +"di libpam, ma ci sono sessioni di login X attive sul sistema che verrebbero " +"terminate da questo riavvio. Bisognerà riavviare questi servizi manualmente " +"prima che qualunque altro login X sia possibile." + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "Failure restarting some services for PAM upgrade" +msgstr "Fallito riavvio di alcuni servizi per l'aggiornamento di PAM" + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "" +"The following services could not be restarted for the PAM library upgrade:" +msgstr "" +"I seguenti servizi non sono stati riavviati per l'aggiornamento della " +"libreria PAM:" + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "" +"You will need to start these manually by running '/etc/init.d/<service> " +"start'." +msgstr "" +"Bisognerà avviarli manualmente eseguendo '/etc/init.d/<servizio> start'." diff --git a/debian/po/ja.po b/debian/po/ja.po new file mode 100644 index 00000000..1772b2cd --- /dev/null +++ b/debian/po/ja.po @@ -0,0 +1,91 @@ +# Debconf questions for the Linux-PAM package. +# Copyright (C) 2007 Steve Langasek <vorlon@debian.org> +# This file is distributed under the same license as the pam package. +# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR. +# +msgid "" +msgstr "" +"Project-Id-Version: pam 0.99.7.1-5\n" +"Report-Msgid-Bugs-To: vorlon@debian.org\n" +"POT-Creation-Date: 2007-09-24 17:06-0700\n" +"PO-Revision-Date: 2007-10-14 16:48+0900\n" +"Last-Translator: Kenshi Muto <kmuto@debian.org>\n" +"Language-Team: Japanese <debian-japanese@lists.debian.org>\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "Services to restart for PAM library upgrade:" +msgstr "PAM ライブラリの更新のために再起動するサービス:" + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "" +"Most services that use PAM need to be restarted to use modules built for " +"this new version of libpam. Please review the following space-separated " +"list of init.d scripts for services to be restarted now, and correct it if " +"needed." +msgstr "" +"PAM を利用するほとんどのサービスは、この libpam の新しいバージョンでビルドさ" +"れたモジュールを使うために再起動を必要とします。以下の、スペースで区切られた" +"今再起動するサービスの init.d スクリプトのリストを見て、必要なら修正してくだ" +"さい。" + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "" +"Some other services such as xscreensaver, gnome-screensaver, and xlockmore " +"cannot be restarted for you. You will not be able to authenticate to these " +"services until you restart them manually." +msgstr "" +"xscreensaver、gnome-screensaver、xlockmore のようなその他いくつかのサービスは" +"再起動できません。あなたがこれらを手動で再起動するまで、これらのサービスでは" +"認証ができないことになります。" + +#. Type: error +#. Description +#: ../libpam0g.templates:2001 +msgid "Display manager must be restarted manually" +msgstr "ディスプレイマネージャは手動で再起動されなければなりません" + +#. Type: error +#. Description +#: ../libpam0g.templates:2001 +msgid "" +"The kdm, wdm, and xdm display managers require a restart for the new version " +"of libpam, but there are X login sessions active on your system that would " +"be terminated by this restart. You will therefore need to restart these " +"services by hand before further X logins will be possible." +msgstr "" +"kdm、wdm、xdm といったディスプレイマネージャは libpam の新しいバージョンのた" +"めに再起動が必要ですが、あなたのシステムには、再起動をすると強制終了してしま" +"う実行中の X ログインセッションが存在します。そのため、さらなる X のログイン" +"が可能になる前に、これらのサービスを手動で再起動する必要があります。" + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "Failure restarting some services for PAM upgrade" +msgstr "PAM 更新のためのいくつかのサービスの再起動で失敗" + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "" +"The following services could not be restarted for the PAM library upgrade:" +msgstr "PAM ライブラリ更新のための、以下のサービスの再起動ができませんでした:" + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "" +"You will need to start these manually by running '/etc/init.d/<service> " +"start'." +msgstr "" +"/etc/init.d/<サービス> start' を実行することで、これらを手動で起動する必要が" +"あります。" diff --git a/debian/po/nl.po b/debian/po/nl.po new file mode 100644 index 00000000..b3db3f53 --- /dev/null +++ b/debian/po/nl.po @@ -0,0 +1,94 @@ +# Debconf questions for the Linux-PAM package. +# Copyright (C) 2007 Steve Langasek <vorlon@debian.org> +# This file is distributed under the same license as the pam package. +# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR. +# +msgid "" +msgstr "" +"Project-Id-Version: pam\n" +"Report-Msgid-Bugs-To: vorlon@debian.org\n" +"POT-Creation-Date: 2007-09-24 17:06-0700\n" +"PO-Revision-Date: 2007-10-26 19:55+0100\n" +"Last-Translator: Bart Cornelis <cobaco@skolelinux.no>\n" +"Language-Team: debian-l10n-dutch <debian-l10n-dutch@lists.debian.org>\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=utf-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Poedit-Language: Dutch\n" + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "Services to restart for PAM library upgrade:" +msgstr "Bij de opwaardering van de PAM-bibliotheek te herstarten diensten:" + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "" +"Most services that use PAM need to be restarted to use modules built for " +"this new version of libpam. Please review the following space-separated " +"list of init.d scripts for services to be restarted now, and correct it if " +"needed." +msgstr "" +"De meeste PAM-gebruikende diensten moeten herstart worden voor ze gebruik " +"kunnen maken van modules die gebouwd zijn voor de nieuwe libpam-versie. De " +"volgende, met spaties gescheiden, lijst van init.d scripts wordt herstart. " +"Gelieve deze lijst te controleren en indien nodig aan te passen." + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "" +"Some other services such as xscreensaver, gnome-screensaver, and xlockmore " +"cannot be restarted for you. You will not be able to authenticate to these " +"services until you restart them manually." +msgstr "" +"Sommige andere diensten zoals xscreensaver, gnome-screensaver, en xlockmore " +"kunnen niet automatisch herstart worden. U kunt u bij deze diensten pas " +"terug authentificeren eens u ze handmatig herstart heeft." + +#. Type: error +#. Description +#: ../libpam0g.templates:2001 +msgid "Display manager must be restarted manually" +msgstr "De beeldschermbeheerder dient handmatig herstart te worden" + +#. Type: error +#. Description +#: ../libpam0g.templates:2001 +msgid "" +"The kdm, wdm, and xdm display managers require a restart for the new version " +"of libpam, but there are X login sessions active on your system that would " +"be terminated by this restart. You will therefore need to restart these " +"services by hand before further X logins will be possible." +msgstr "" +"De beelschermbeheerders kdm, wdm en xdm vereisen een herstart vanwege de " +"nieuwe libpam-versie. Er zijn echter X-login-sessies actief op uw systeem " +"die hierdoor afgesloten zouden worden. Nieuwe X-sessies starten via deze " +"diensten is pas mogelijk eens u ze handmatig herstart heeft." + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "Failure restarting some services for PAM upgrade" +msgstr "Herstarten van sommige diensten bij de PAM-opwaardering is mislukt" + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "" +"The following services could not be restarted for the PAM library upgrade:" +msgstr "" +"De volgende diensten konden niet herstart worden bij de opwaardering van de " +"PAM-bibliotheek:." + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "" +"You will need to start these manually by running '/etc/init.d/<service> " +"start'." +msgstr "" +"U dient deze diensten handmatig op te starten via het commando '/etc/init.d/" +"<dienst> start'." diff --git a/debian/po/pt.po b/debian/po/pt.po new file mode 100644 index 00000000..39089ea2 --- /dev/null +++ b/debian/po/pt.po @@ -0,0 +1,94 @@ +# translation of pam debconf to Portuguese +# Copyright (C) 2007 Américo Monteiro +# This file is distributed under the same license as the pam package. +# +# Américo Monteiro <a_monteiro@netcabo.pt>, 2007. +msgid "" +msgstr "" +"Project-Id-Version: pam 0.99.7.1-5\n" +"Report-Msgid-Bugs-To: vorlon@debian.org\n" +"POT-Creation-Date: 2007-09-24 17:06-0700\n" +"PO-Revision-Date: 2007-09-25 19:04+0100\n" +"Last-Translator: Américo Monteiro <a_monteiro@netcabo.pt>\n" +"Language-Team: Portuguese <traduz@debianpt.org>\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: KBabel 1.11.4\n" + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "Services to restart for PAM library upgrade:" +msgstr "Serviços a reiniciar para a actualização da biblioteca PAM:" + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "" +"Most services that use PAM need to be restarted to use modules built for " +"this new version of libpam. Please review the following space-separated " +"list of init.d scripts for services to be restarted now, and correct it if " +"needed." +msgstr "" +"A maioria dos serviços que usam PAM precisam ser reiniciados para usarem os " +"módulos construidos para esta nova versão do libpam. Por favor, reveja a " +"seguinte lista de scripts init.d de serviços para serem reiniciados agora " +"(separados por espaços), e corrija-a se for necessário." + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "" +"Some other services such as xscreensaver, gnome-screensaver, and xlockmore " +"cannot be restarted for you. You will not be able to authenticate to these " +"services until you restart them manually." +msgstr "" +"Outros serviços como o xscreensaver, gnome-screensaver, e xlockmore não " +"podem ser reiniciados para si. Você não vai poder autenticar-se nestes " +"serviços até que você os reinicie manualmente." + +#. Type: error +#. Description +#: ../libpam0g.templates:2001 +msgid "Display manager must be restarted manually" +msgstr "O gestor de display tem que ser reiniciado manualmente" + +#. Type: error +#. Description +#: ../libpam0g.templates:2001 +msgid "" +"The kdm, wdm, and xdm display managers require a restart for the new version " +"of libpam, but there are X login sessions active on your system that would " +"be terminated by this restart. You will therefore need to restart these " +"services by hand before further X logins will be possible." +msgstr "" +"Os gestores de display kdm, wdm, e xdm necessitam de reiniciar para a nova " +"versão de libpam, mas existem sessões de login X activas no seu sistema que " +"seriam terminadas por esta reiniciação. Então, você irá necessitar de " +"reiniciar estes serviços manualmente antes que sejam possíveis mais logins X." + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "Failure restarting some services for PAM upgrade" +msgstr "Falha ao reiniciar alguns serviços para a actualização PAM" + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "" +"The following services could not be restarted for the PAM library upgrade:" +msgstr "" +"Os seguintes serviços não puderam ser reiniciados para a actualização da " +"biblioteca PAM:" + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "" +"You will need to start these manually by running '/etc/init.d/<service> " +"start'." +msgstr "" +"Você precisa de iniciar manualmente estes serviços fazendo '/etc/init.d/" +"<service> start'." diff --git a/debian/po/pt_BR.po b/debian/po/pt_BR.po new file mode 100644 index 00000000..8200e558 --- /dev/null +++ b/debian/po/pt_BR.po @@ -0,0 +1,95 @@ +# pam Brazilian Portuguese translation +# Copyright (c) 2007 Steve Langasek <vorlon@debian.org> +# This file is distributed under the same license as the pam package. +# Eder L. Marques <frolic@debian-ce.org>, 2007. +# +msgid "" +msgstr "" +"Project-Id-Version: pam_0.99.7.1-5\n" +"Report-Msgid-Bugs-To: vorlon@debian.org\n" +"POT-Creation-Date: 2007-09-24 17:06-0700\n" +"PO-Revision-Date: 2007-09-26 15:53-0300\n" +"Last-Translator: Eder L. Marques <frolic@debian-ce.org>\n" +"Language-Team: l10n Portuguese <debian-l10n-portuguese@lists.debian.org>\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"pt_BR utf-8\n" +"X-Generator: KBabel 1.11.4\n" + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "Services to restart for PAM library upgrade:" +msgstr "Serviços a serem reiniciados para a atualização de bibliotecas PAM:" + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "" +"Most services that use PAM need to be restarted to use modules built for " +"this new version of libpam. Please review the following space-separated " +"list of init.d scripts for services to be restarted now, and correct it if " +"needed." +msgstr "" +"A maioria dos serviços que utilizam PAM precisam ser reiniciados para usar " +"os módulos construídos para esta nova versão da libpam. Por favor, revise a " +"seguinte lista separada por espaços de seus scripts init.d para os serviços " +"a serem reiniciados agora, e a corrija se necessário." + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "" +"Some other services such as xscreensaver, gnome-screensaver, and xlockmore " +"cannot be restarted for you. You will not be able to authenticate to these " +"services until you restart them manually." +msgstr "" +"Alguns dos outros serviços como xscreensaver, gnome-screensaver e xlockmore " +"não podem ser reiniciados para você. Você não será capaz de autenticar " +"nestes serviços até que os tenha reiniciado manualmente." + +#. Type: error +#. Description +#: ../libpam0g.templates:2001 +msgid "Display manager must be restarted manually" +msgstr "Gerenciadores de display devem ser reiniciados manualmente" + +#. Type: error +#. Description +#: ../libpam0g.templates:2001 +msgid "" +"The kdm, wdm, and xdm display managers require a restart for the new version " +"of libpam, but there are X login sessions active on your system that would " +"be terminated by this restart. You will therefore need to restart these " +"services by hand before further X logins will be possible." +msgstr "" +"Os gerenciadores de display kdm, wdm e xdm precisam ser reiniciados para a " +"nova versão da libpam, mas existem sessões de login X ativas em seu sistema " +"que podem ser terminadas por este reinicio. Você consequentemente " +"necessitará reiniciar estes serviços manualmente antes que logins X " +"adicionais sejam possíveis." + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "Failure restarting some services for PAM upgrade" +msgstr "Falha ao reiniciar alguns serviços para a atualização da PAM" + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "" +"The following services could not be restarted for the PAM library upgrade:" +msgstr "" +"Os seguintes serviços não puderam ser reiniciados para a atualização da " +"biblioteca PAM:" + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "" +"You will need to start these manually by running '/etc/init.d/<service> " +"start'." +msgstr "" +"Você deverá iniciá-los manualmente executando '/etc/init.d/<serviço> start'." diff --git a/debian/po/ro.po b/debian/po/ro.po new file mode 100644 index 00000000..ad224aee --- /dev/null +++ b/debian/po/ro.po @@ -0,0 +1,97 @@ +# translation of templates.po to Romanian +# Debconf questions for the Linux-PAM package. +# Copyright (C) 2007 Steve Langasek <vorlon@debian.org> +# This file is distributed under the same license as the pam package. +# +# Igor Stirbu <igor.stirbu@gmail.com>, 2008. +msgid "" +msgstr "" +"Project-Id-Version: templates\n" +"Report-Msgid-Bugs-To: vorlon@debian.org\n" +"POT-Creation-Date: 2007-09-24 17:06-0700\n" +"PO-Revision-Date: 2008-07-21 10:28+0300\n" +"Last-Translator: Igor Stirbu <igor.stirbu@gmail.com>\n" +"Language-Team: Romanian <debian-l10n-romanian@lists.debian.org>\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: KBabel 1.11.4\n" +"Plural-Forms: nplurals=3; plural=n==1 ? 0 : (n==0 || (n%100 > 0 && n%100 < " +"20)) ? 1 : 2;\n" + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "Services to restart for PAM library upgrade:" +msgstr "Serviciile repornite la actualizarea bibliotecii PAM:" + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "" +"Most services that use PAM need to be restarted to use modules built for " +"this new version of libpam. Please review the following space-separated " +"list of init.d scripts for services to be restarted now, and correct it if " +"needed." +msgstr "" +"Majoritatea serviciilor ce folosesc PAM trebuie repornite pentru a folosi " +"modulele pentru noua versiune de libpam. Următoarea listă folosește ca " +"separator spațiul și conține script-uri init.d care urmează să fie repornite " +"acum; verificați-o și corectați-o, dacă este necesar." + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "" +"Some other services such as xscreensaver, gnome-screensaver, and xlockmore " +"cannot be restarted for you. You will not be able to authenticate to these " +"services until you restart them manually." +msgstr "" +"Alte servicii, de exemplu, xscreensaver, gnome-screensaver și xlockmore nu " +"pot fi repornite automat. Autentificarea prin aceste servicii nu va mai fi " +"posibilă, dacă nu le reporniți manual." + +#. Type: error +#. Description +#: ../libpam0g.templates:2001 +msgid "Display manager must be restarted manually" +msgstr "Administratorul de ecran trebuie repornit manual" + +#. Type: error +#. Description +#: ../libpam0g.templates:2001 +msgid "" +"The kdm, wdm, and xdm display managers require a restart for the new version " +"of libpam, but there are X login sessions active on your system that would " +"be terminated by this restart. You will therefore need to restart these " +"services by hand before further X logins will be possible." +msgstr "" +"Administratorii de ecran kdm, wdm și xmd trebuie reporniți pentru ca să " +"folosească noua versiune de libpam, dar sunt sesiuni active de X pe sistemul " +"dumneavoastră care ar fi oprite odată cu această repornire. Drept urmare, " +"trebuie să reporniți manual aceste servicii înainte ca autentificările X " +"ulterioare să fie posibile." + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "Failure restarting some services for PAM upgrade" +msgstr "Eșec la repornirea unor servicii la actualizarea PAM" + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "" +"The following services could not be restarted for the PAM library upgrade:" +msgstr "" +"Umătoarele servicii nu au putut fi repornite la actualizarea bibliotecii PAM:" + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "" +"You will need to start these manually by running '/etc/init.d/<service> " +"start'." +msgstr "" +"Trebuie să reporniți manual aceste servicii rulând „/etc/init.d/<serviciu> " +"start”" diff --git a/debian/po/ru.po b/debian/po/ru.po new file mode 100644 index 00000000..e684545c --- /dev/null +++ b/debian/po/ru.po @@ -0,0 +1,94 @@ +# translation of ru.po to Russian +# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER +# This file is distributed under the same license as the PACKAGE package. +# +# Yuri Kozlov <kozlov.y@gmail.com>, 2007. +msgid "" +msgstr "" +"Project-Id-Version: 0.99.7.1-4\n" +"Report-Msgid-Bugs-To: vorlon@debian.org\n" +"POT-Creation-Date: 2007-09-24 17:06-0700\n" +"PO-Revision-Date: 2007-09-25 20:51+0400\n" +"Last-Translator: Yuri Kozlov <kozlov.y@gmail.com>\n" +"Language-Team: Russian <debian-l10n-russian@lists.debian.org>\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: KBabel 1.11.4\n" +"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%" +"10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n" + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "Services to restart for PAM library upgrade:" +msgstr "Сервисы, которые будут перезапущены после обновления библиотеки PAM:" + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "" +"Most services that use PAM need to be restarted to use modules built for " +"this new version of libpam. Please review the following space-separated " +"list of init.d scripts for services to be restarted now, and correct it if " +"needed." +msgstr "" +"Чтобы задействовать новые версии модулей из libpam нужно перезапустить " +"большинство сервисов, использующих PAM. Внимательно просмотрите и " +"отредактируйте (если необходимо) список (элементы разделяются пробелом) " +"сценариев сервисов из init.d, которые будут перезапущены." + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "" +"Some other services such as xscreensaver, gnome-screensaver, and xlockmore " +"cannot be restarted for you. You will not be able to authenticate to these " +"services until you restart them manually." +msgstr "" +"Есть несколько сервисов, которые нельзя перезапустить автоматически: " +"xscreensaver, gnome-screensaver и xlockmore. Вы не сможете ввести правильный " +"пароль в этих сервисах, пока не перезапустите их вручную." + +#. Type: error +#. Description +#: ../libpam0g.templates:2001 +msgid "Display manager must be restarted manually" +msgstr "Программу входа в систему нужно перезапустить вручную" + +#. Type: error +#. Description +#: ../libpam0g.templates:2001 +msgid "" +"The kdm, wdm, and xdm display managers require a restart for the new version " +"of libpam, but there are X login sessions active on your system that would " +"be terminated by this restart. You will therefore need to restart these " +"services by hand before further X logins will be possible." +msgstr "" +"Для работы с новой версией libpam программам для входа в систему kdm, wdm и " +"xdm требуется перезапуск, но это прервёт все запущенные X-сессии. Поэтому " +"вам нужно перезапустить эти сервисы вручную для того, чтобы можно было снова " +"входить в систему через X." + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "Failure restarting some services for PAM upgrade" +msgstr "При обновлении PAM перезапуск некоторых сервисов завершился неудачно" + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "" +"The following services could not be restarted for the PAM library upgrade:" +msgstr "" +"При обновлении библиотеки PAM не удалось перезапустить следующие сервисы:" + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "" +"You will need to start these manually by running '/etc/init.d/<service> " +"start'." +msgstr "" +"Вам нужно перезапустить их вручную, выполнив '/etc/init.d/<сервис> start'." diff --git a/debian/po/sk.po b/debian/po/sk.po new file mode 100644 index 00000000..5c380704 --- /dev/null +++ b/debian/po/sk.po @@ -0,0 +1,91 @@ +# Slovak translation of pam +# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER +# This file is distributed under the same license as the pam package. +# Ivan Masár <helix84@centrum.sk>, 2008. +# +msgid "" +msgstr "" +"Project-Id-Version: pam\n" +"Report-Msgid-Bugs-To: vorlon@debian.org\n" +"POT-Creation-Date: 2007-09-24 17:06-0700\n" +"PO-Revision-Date: \n" +"Last-Translator: Ivan Masár <helix84@centrum.sk>\n" +"Language-Team: Slovak <sk-i18n@lists.linux.sk>\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "Services to restart for PAM library upgrade:" +msgstr "Pri aktualizácii knižnice PAM reštartovať nasledovné služby:" + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "" +"Most services that use PAM need to be restarted to use modules built for " +"this new version of libpam. Please review the following space-separated " +"list of init.d scripts for services to be restarted now, and correct it if " +"needed." +msgstr "" +"Väčšinu služieb využívajúcich PAM je potrebné reštartovať, aby začali " +"používať moduly zostavené pre túto novú verziu libpam. Prosím, skontrolujte " +"nasledovný zoznam init.d skriptov (oddelené čiarkami), ktoré sa majú teraz " +"reštartovať a ak je to potrebné, opravte ho." + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "" +"Some other services such as xscreensaver, gnome-screensaver, and xlockmore " +"cannot be restarted for you. You will not be able to authenticate to these " +"services until you restart them manually." +msgstr "" +"Niektoré ďalšie služby ako xscreensaver, gnome-screensaver a xlockmore nie " +"je možné automaticky reštartovať. Pokým tieto služby nereštartujete ručne, " +"nebudete sa voči nim môcť overovať." + +#. Type: error +#. Description +#: ../libpam0g.templates:2001 +msgid "Display manager must be restarted manually" +msgstr "Správcu obrazovky je potrebné reštartovať ručne" + +#. Type: error +#. Description +#: ../libpam0g.templates:2001 +msgid "" +"The kdm, wdm, and xdm display managers require a restart for the new version " +"of libpam, but there are X login sessions active on your system that would " +"be terminated by this restart. You will therefore need to restart these " +"services by hand before further X logins will be possible." +msgstr "" +"Správcovia obrazovky kdm, wdm a xdm vyžadujú reštart kvôli novej verzii " +"libpam, ale na vašom systéme sú aktívne prihlasovacie relácie X, ktoré by " +"tento reštart ukončil. Preto tieto služby budete musieť reštartovať ručne " +"predtým, než bude možné uskutočniť ďalšie prihlásenie k X." + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "Failure restarting some services for PAM upgrade" +msgstr "Zlyhal reštart niektorých služieb pri aktualizácii PAM" + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "" +"The following services could not be restarted for the PAM library upgrade:" +msgstr "" +"Nasledovné služby nebolo možné reštartovať pri aktualizácii knižnice PAM:" + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "" +"You will need to start these manually by running '/etc/init.d/<service> " +"start'." +msgstr "" +"Budete ich musieť reštartovať ručne spustením „/etc/init.d/<service> start”." diff --git a/debian/po/sv.po b/debian/po/sv.po new file mode 100644 index 00000000..1b8b0863 --- /dev/null +++ b/debian/po/sv.po @@ -0,0 +1,92 @@ +# Debconf questions for the Linux-PAM package. +# Copyright (C) 2007 Steve Langasek <vorlon@debian.org> +# This file is distributed under the same license as the pam package. +# Christer Andersson <klamm@comhem.se>, 2007. +# +msgid "" +msgstr "" +"Project-Id-Version: pam 0.99.7.1-5\n" +"Report-Msgid-Bugs-To: vorlon@debian.org\n" +"POT-Creation-Date: 2007-09-24 17:06-0700\n" +"PO-Revision-Date: 2007-12-24 12:29+0100\n" +"Last-Translator: Christer Andersson <klamm@comhem.se>\n" +"Language-Team: Swedish <debian-l10n-swedish@lists.debian.org>\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=iso-8859-1\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "Services to restart for PAM library upgrade:" +msgstr "Tjnster att starta om fr PAM-biblioteksuppgradering:" + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "" +"Most services that use PAM need to be restarted to use modules built for " +"this new version of libpam. Please review the following space-separated " +"list of init.d scripts for services to be restarted now, and correct it if " +"needed." +msgstr "" +"De flesta tjnster som anvnder PAM behver startas om fr att anvnda\n" +"moduler som byggts fr denna nya libpam-version. G igenom fljande lista\n" +"av init.d-skript (separerade med mellanslag) fr tjnster som nu kommer \n" +"att startas om och korrigera den om ndvndigt." + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "" +"Some other services such as xscreensaver, gnome-screensaver, and xlockmore " +"cannot be restarted for you. You will not be able to authenticate to these " +"services until you restart them manually." +msgstr "" +"Vissa andra tjnster som xscreensaver, gnome-screensaver och xlockmore\n" +"kan inte startas om t dig. Du kommer inte att kunna autentisera dig fr \n" +"dessa tjnster frrn du startat om dem manuellt." + +#. Type: error +#. Description +#: ../libpam0g.templates:2001 +msgid "Display manager must be restarted manually" +msgstr "Skrmhanterare mste startas om manuellt" + +#. Type: error +#. Description +#: ../libpam0g.templates:2001 +msgid "" +"The kdm, wdm, and xdm display managers require a restart for the new version " +"of libpam, but there are X login sessions active on your system that would " +"be terminated by this restart. You will therefore need to restart these " +"services by hand before further X logins will be possible." +msgstr "" +"Skrmhanterarna kdm, wdm och xdm mste startas om fr den nya versionen\n" +"av libpam men det finns X-inloggningssessioner som skulle avslutas av en\n" +"sdan omstart. Du behver drfr starta om dessa tjnster manuellt innan\n" +"ytterligare X-inloggningar r mjliga." + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "Failure restarting some services for PAM upgrade" +msgstr "Misslyckades med att starta om vissa tjnster fr PAM-uppgradering" + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "" +"The following services could not be restarted for the PAM library upgrade:" +msgstr "" +"Fljande tjnster kunde inte startas om efter PAM-biblioteksuppgradering:" + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "" +"You will need to start these manually by running '/etc/init.d/<service> " +"start'." +msgstr "" +"Du behver starta om dessa manuellt genom att kra \"/etc/init.d/<tjnst> " +"start\"." diff --git a/debian/po/templates.pot b/debian/po/templates.pot new file mode 100644 index 00000000..0d388eec --- /dev/null +++ b/debian/po/templates.pot @@ -0,0 +1,79 @@ +# Debconf questions for the Linux-PAM package. +# Copyright (C) 2007 Steve Langasek <vorlon@debian.org> +# This file is distributed under the same license as the pam package. +# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR. +# +#, fuzzy +msgid "" +msgstr "" +"Project-Id-Version: pam 0.99.7.1-5\n" +"Report-Msgid-Bugs-To: vorlon@debian.org\n" +"POT-Creation-Date: 2007-09-24 17:06-0700\n" +"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" +"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" +"Language-Team: LANGUAGE <LL@li.org>\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=CHARSET\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "Services to restart for PAM library upgrade:" +msgstr "" + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "" +"Most services that use PAM need to be restarted to use modules built for " +"this new version of libpam. Please review the following space-separated " +"list of init.d scripts for services to be restarted now, and correct it if " +"needed." +msgstr "" + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "" +"Some other services such as xscreensaver, gnome-screensaver, and xlockmore " +"cannot be restarted for you. You will not be able to authenticate to these " +"services until you restart them manually." +msgstr "" + +#. Type: error +#. Description +#: ../libpam0g.templates:2001 +msgid "Display manager must be restarted manually" +msgstr "" + +#. Type: error +#. Description +#: ../libpam0g.templates:2001 +msgid "" +"The kdm, wdm, and xdm display managers require a restart for the new version " +"of libpam, but there are X login sessions active on your system that would " +"be terminated by this restart. You will therefore need to restart these " +"services by hand before further X logins will be possible." +msgstr "" + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "Failure restarting some services for PAM upgrade" +msgstr "" + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "" +"The following services could not be restarted for the PAM library upgrade:" +msgstr "" + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "" +"You will need to start these manually by running '/etc/init.d/<service> " +"start'." +msgstr "" diff --git a/debian/po/tr.po b/debian/po/tr.po new file mode 100644 index 00000000..d6273c1f --- /dev/null +++ b/debian/po/tr.po @@ -0,0 +1,96 @@ +# Debconf questions for the Linux-PAM package. +# Copyright (C) 2008 Mert Dirik <mertdirik@gmail.com> +# This file is distributed under the same license as the pam package. +# Mert Dirik <mertdirik@gmail.com>, 2008. +# +msgid "" +msgstr "" +"Project-Id-Version: pam 0.99.7.1-5\n" +"Report-Msgid-Bugs-To: vorlon@debian.org\n" +"POT-Creation-Date: 2007-09-24 17:06-0700\n" +"PO-Revision-Date: 2008-07-15 01:39+0200\n" +"Last-Translator: Mert Dirik <mertdirik@gmail.com>\n" +"Language-Team: Debian L10n Turkish <debian-l10n-turkish@lists.debian.org>\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Poedit-Language: Turkish\n" +"Plural-Forms: nplurals=1; plural=0;\n" + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "Services to restart for PAM library upgrade:" +msgstr "" +"PAM kitaplığının yükseltilmesi için yeniden başlatılacak olan hizmetler:" + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "" +"Most services that use PAM need to be restarted to use modules built for " +"this new version of libpam. Please review the following space-separated " +"list of init.d scripts for services to be restarted now, and correct it if " +"needed." +msgstr "" +"PAM kullanan çoğu hizmet, libpam'ın bu yeni sürümü için derlenmiş " +"modüllerden yararlanabilmek için yeniden başlatılmak zorunda. Lütfen " +"yeniden başlatılacak hizmetlerin init.d betiklerinin aşağıdaki boşluklarla " +"ayrılmış listesini inceleyin ve gerekliyse listeyi düzeltin." + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "" +"Some other services such as xscreensaver, gnome-screensaver, and xlockmore " +"cannot be restarted for you. You will not be able to authenticate to these " +"services until you restart them manually." +msgstr "" +"xscreensaver, gnome-screensaver ve xlockmore gibi bazı hizmetler sizin için " +"yeniden başlatılamaz. Siz bu hizmetleri elle yeniden başlatana kadar bu " +"hizmetlere kimlik doğrulaması yapılamayacak." + +#. Type: error +#. Description +#: ../libpam0g.templates:2001 +msgid "Display manager must be restarted manually" +msgstr "Görüntü yöneticisinin elle yeniden başlatılması gerekli" + +#. Type: error +#. Description +#: ../libpam0g.templates:2001 +msgid "" +"The kdm, wdm, and xdm display managers require a restart for the new version " +"of libpam, but there are X login sessions active on your system that would " +"be terminated by this restart. You will therefore need to restart these " +"services by hand before further X logins will be possible." +msgstr "" +"kdm, wdm ve xdm görüntü yöneticileri, libpam'ın yeni sürümünden " +"yararlanabilmek için yeniden başlatılmalı; fakat sisteminizde etkin X " +"oturumları var. Görüntü yöneticisi yeniden başlatılırsa bu oturumlar da " +"kapatılır. Bu yüzden ileride yeni X oturumları açabilmek için bu hizmetleri " +"elle yeniden başlatmanız gerekecek. " + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "Failure restarting some services for PAM upgrade" +msgstr "Bazı hizmetler PAM yükseltmesi için yeniden başlatılamadı" + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "" +"The following services could not be restarted for the PAM library upgrade:" +msgstr "" +"Aşağıdaki hizmetler PAM kitaplığının yükseltmesi için yeniden başlatılamadı:" + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "" +"You will need to start these manually by running '/etc/init.d/<service> " +"start'." +msgstr "" +"Bu hizmetleri '/etc/init.d/<hizmet> start' komutunu kullanarak elinizle " +"başlatmanız gerekecek." diff --git a/debian/po/vi.po b/debian/po/vi.po new file mode 100644 index 00000000..df7e1bf2 --- /dev/null +++ b/debian/po/vi.po @@ -0,0 +1,106 @@ +# Vietnamese translation for PAM. +# Copyright © 2007 Free Software Foundation, Inc. +# Clytie Siddall <clytie@riverland.net.au>, 2007 +# +msgid "" +msgstr "" +"Project-Id-Version: pam 0.99.7.1-5\n" +"Report-Msgid-Bugs-To: vorlon@debian.org\n" +"POT-Creation-Date: 2007-09-24 17:06-0700\n" +"PO-Revision-Date: 2007-09-28 23:58+0930\n" +"Last-Translator: Clytie Siddall <clytie@riverland.net.au>\n" +"Language-Team: Vietnamese <vi-VN@googlegroups.com>\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"Plural-Forms: nplurals=1; plural=0;\n" +"X-Generator: LocFactoryEditor 1.7b1\n" + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "Services to restart for PAM library upgrade:" +msgstr "Dịch vụ cần khởi chạy lại khi nâng cấp thư viện PAM:" + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "" +"Most services that use PAM need to be restarted to use modules built for " +"this new version of libpam. Please review the following space-separated " +"list of init.d scripts for services to be restarted now, and correct it if " +"needed." +msgstr "" +"Phần lớn dịch vụ sử dụng PAM cũng cần phải được khởi chạy lại để sử dụng các " +"mô-đun được xây dựng cho phân vùng libpam mới này. Hãy xem lại danh sách " +"định giới bằng dấu cách theo đây hiển thị các dịch vụ cần khởi chạy lại ngay " +"bây giờ, và sửa chữa nếu cần thiết." + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "" +"Some other services such as xscreensaver, gnome-screensaver, and xlockmore " +"cannot be restarted for you. You will not be able to authenticate to these " +"services until you restart them manually." +msgstr "" +"Một số dịch vụ khác như xscreensaver, gnome-screensaver, và xlockmore không " +"thể được khởi chạy lại cho bạn.Bạn sẽ không thể xác thực được tới dịch vụ " +"như vậy nếu bạn chưa tự khởi chạy lại nó." + +#. Type: error +#. Description +#: ../libpam0g.templates:2001 +msgid "Display manager must be restarted manually" +msgstr "Trình quản lý trình bày phải được khởi chạy bằng tay" + +#. Type: error +#. Description +#: ../libpam0g.templates:2001 +msgid "" +"The kdm, wdm, and xdm display managers require a restart for the new version " +"of libpam, but there are X login sessions active on your system that would " +"be terminated by this restart. You will therefore need to restart these " +"services by hand before further X logins will be possible." +msgstr "" +"Trình quản lý trình bày kdm, wdm, hay xdm cần thiết được khởi chạy lại để sử " +"dụng phiên bản mới của thư viện libpam, nhưng việc khởi chạy lại dịch vụ này " +"sẽ cũng chấm dứt phiên chạy X đang hoạt động. Vì vậy bạn cần phải tự khởi " +"chạy trình quản lý trình bày để có khả năng sử dụng nó lại." + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "Failure restarting some services for PAM upgrade" +msgstr "Lỗi khởi chạy lại một số dịch vụ để nâng cấp PAM" + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "" +"The following services could not be restarted for the PAM library upgrade:" +msgstr "" +"Những dịch vụ theo đây không thể được khởi chạy lại để nâng cấp thư viện PAM:" + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "" +"You will need to start these manually by running '/etc/init.d/<service> " +"start'." +msgstr "" +"Bạn cần phải tự khởi chạy lại chúng bằng cách chạy lệnh « /etc/init.d/" +"<tên_dịch_vụ> start »." + +#~ msgid "" +#~ "Among the services that require restarting are the display managers kdm, " +#~ "wdm, and xdm. If you are upgrading from within an X session started with " +#~ "one of these display managers, restarting that service will terminate " +#~ "your X session. It is recommended that you remove that service from the " +#~ "list here and restart it later at your convenience." +#~ msgstr "" +#~ "Các dịch vụ cần khởi chạy lại bao gồm trình quản lý trình bày kđm, wdm và " +#~ "xdm. Nếu bạn đang nâng cấp từ bên trong phiên chạy X được bắt đầu bằng " +#~ "một của những trình quản lý trình bày này, việc khởi chạy lại dịch vụ đó " +#~ "sẽ cũng chấm dứt phiên chạy X của bạn. Khuyên bạn gỡ bỏ dịch vụ đó khỏi " +#~ "danh sách ở đây, rồi khởi chạy lại nó về sau." diff --git a/debian/po/zh_CN.po b/debian/po/zh_CN.po new file mode 100644 index 00000000..e4fb11fa --- /dev/null +++ b/debian/po/zh_CN.po @@ -0,0 +1,91 @@ +# Simplified Chinese translation for debconf templates of the pam package +# +# The original English strings (msgid) are: +# Copyright (C) 2007 Steve Langasek <vorlon@debian.org> +# The translations (msgstr) are: +# Copyright (C) 2007 Ming Hua <minghua-guest@users.alioth.debian.org> +# +# This file is distributed under the same license as the pam package. +# +msgid "" +msgstr "" +"Project-Id-Version: pam 0.99.7.1-5\n" +"Report-Msgid-Bugs-To: vorlon@debian.org\n" +"POT-Creation-Date: 2007-09-24 17:06-0700\n" +"PO-Revision-Date: 2007-09-25 23:06-0500\n" +"Last-Translator: Ming Hua <minghua-guest@users.alioth.debian.org>\n" +"Language-Team: Debian Chinese [GB] <debian-chinese-gb@lists.debian.org>\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "Services to restart for PAM library upgrade:" +msgstr "因 PAM 库升级而需要重新启动的服务:" + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "" +"Most services that use PAM need to be restarted to use modules built for " +"this new version of libpam. Please review the following space-separated " +"list of init.d scripts for services to be restarted now, and correct it if " +"needed." +msgstr "" +"为了使用基于这个新版本 libpam 编译的模块,绝大部分使用 PAM 的服务都需要被重新" +"启动。请复查下面这个需要重新启动的服务所对应的 init.d script 列表,script 名" +"称之间以半角空格分隔。如列表有误,请直接更正。" + +#. Type: string +#. Description +#: ../libpam0g.templates:1001 +msgid "" +"Some other services such as xscreensaver, gnome-screensaver, and xlockmore " +"cannot be restarted for you. You will not be able to authenticate to these " +"services until you restart them manually." +msgstr "" +"无法为您重新启动如 xscreensaver、gnome-screensaver 和 xclockmore 一类的服务。" +"在您手动重新启动它们之前,将无法在这些服务中验证身份。" + +#. Type: error +#. Description +#: ../libpam0g.templates:2001 +msgid "Display manager must be restarted manually" +msgstr "必须手动重新启动显示管理器" + +#. Type: error +#. Description +#: ../libpam0g.templates:2001 +msgid "" +"The kdm, wdm, and xdm display managers require a restart for the new version " +"of libpam, but there are X login sessions active on your system that would " +"be terminated by this restart. You will therefore need to restart these " +"services by hand before further X logins will be possible." +msgstr "" +"由于 lipam 更新到新版本,显示管理器 kdm、wdm 和 xdm 需要被重新启动。但是您的" +"系统上有正在运行的 X 登录会话,而如果重新启动显示管理器服务,这些 X 会话就会" +"被强行结束。因此,您需要手动重新启动这些服务,否则您将无法再登录进 X 窗口系" +"统。" + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "Failure restarting some services for PAM upgrade" +msgstr "为 PAM 升级重新启动某些服务失败" + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "" +"The following services could not be restarted for the PAM library upgrade:" +msgstr "升级 PAM 库时,下列服务无法被重新启动:" + +#. Type: error +#. Description +#: ../libpam0g.templates:3001 +msgid "" +"You will need to start these manually by running '/etc/init.d/<service> " +"start'." +msgstr "您需要运行“/etc/init.d/<服务> start”来手动启动这些服务。" diff --git a/debian/rules b/debian/rules new file mode 100755 index 00000000..7a0ccd87 --- /dev/null +++ b/debian/rules @@ -0,0 +1,150 @@ +#!/usr/bin/make -f +# Made with the aid of dh_make, by Craig Small +# Sample debian/rules that uses debhelper. GNU copyright 1997 by Joey Hess. +# This version is for a hypothetical package that builds an +# architecture-dependant package, as well as an architecture-independant +# package. + +CFLAGS := -g -D_GNU_SOURCE -D_REENTRANT -fPIC + +ifeq (,$(findstring noopt, ${DEB_BUILD_OPTIONS})) +CFLAGS += -O2 +endif + +DEB_HOST_GNU_TYPE := $(shell dpkg-architecture -qDEB_HOST_GNU_TYPE) +DEB_BUILD_GNU_TYPE := $(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE) + +ifeq ($(DEB_BUILD_GNU_TYPE), $(DEB_HOST_GNU_TYPE)) + conf_args = --build $(DEB_BUILD_GNU_TYPE) +else + conf_args = --build $(DEB_BUILD_GNU_TYPE) --host $(DEB_HOST_GNU_TYPE) +endif + +LC_COLLATE=C +export LC_COLLATE + +QUILT_PATCH_DIR = debian/patches-applied +include /usr/share/quilt/quilt.make + +BUILD_TREE=$(CURDIR) + +d = $(CURDIR)/debian +dl = $(d)/local +i = install -p -m 0644 +ie = install -p -m 0755 + +build: configure build-stamp +build-stamp: + dh_testdir + + # Compile everything else + $(MAKE) -C $(BUILD_TREE) CFLAGS="$(CFLAGS)" + + pod2man --section 8 --release="Debian GNU/Linux" $(dl)/pam_getenv >$(dl)/pam_getenv.8 + + touch build-stamp + +configure: patch configure-stamp +configure-stamp: + cd $(BUILD_TREE) && \ + ./configure $(conf_args) \ + --sysconfdir=/etc --prefix=/usr --enable-static --enable-shared \ + --mandir=/usr/share/man --infodir=/usr/share/info --libdir=/lib \ + --sbindir=/sbin --enable-docdir=/usr/share/doc/libpam-doc \ + --with-mailspool=/var/mail --disable-audit + touch configure-stamp + + +clean: clean-patched unpatch + +clean-patched: + dh_testdir + dh_testroot + [ ! -f $(BUILD_TREE)/Makefile ] || $(MAKE) -C $(BUILD_TREE) distclean + rm -f $(dl)/pam_getenv.8 + rm -f build-stamp configure-stamp + dh_clean + +install: build + dh_testdir + dh_testroot + dh_clean -k + dh_installdirs + + $(MAKE) -C $(BUILD_TREE) DESTDIR=$(CURDIR)/debian/tmp install + + # Provided in libpam-cracklib + rm -f $(CURDIR)/debian/libpam-modules/lib/security/pam_cracklib.so + # .la files are teh devil + rm -f $(CURDIR)/debian/tmp/lib/*.la + # for modules, we only want the .so + rm -f $(CURDIR)/debian/tmp/lib/security/*.la \ + $(CURDIR)/debian/tmp/lib/security/*.a + +# Build architecture-independent files here. +binary-indep: install + dh_testdir -i + dh_testroot -i + + mkdir -p debian/tmp/etc/pam.d + mkdir -p debian/tmp/usr/share/pam + $(i) $(dl)/pam.conf $(d)/tmp/etc + -mkdir -p $(d)/tmp/usr/sbin $(d)/tmp/usr/share/man/man8 + $(ie) $(dl)/pam_getenv $(d)/tmp/usr/sbin + $(i) $(dl)/other $(d)/tmp/etc/pam.d + $(i) $(dl)/common-* $(d)/tmp/usr/share/pam/ + + dh_install -i + + dh_installman -i + dh_installdocs -i + dh_installchangelogs -i $(BUILD_TREE)/ChangeLog + dh_compress -i -X.html + dh_link -i + dh_fixperms -i + dh_installdeb -i + dh_gencontrol -i + dh_md5sums -i + dh_builddeb -i + +binary-arch: install + dh_testdir -a + dh_testroot -a + + mkdir -p debian/tmp/usr/lib + mv debian/tmp/lib/*.a debian/tmp/usr/lib + dh_movefiles -plibpam0g-dev -plibpam-cracklib -plibpam0g + dh_movefiles -plibpam-modules `cd $(d)/tmp && ls lib/security/*.so` + dh_link -a + dh_installman -a + rm -rf $(d)/libpam-modules/usr/share/man/man7 + rm -f $(d)/libpam-modules/usr/share/man/man8/pam.8 + rm -f $(d)/libpam-modules/usr/share/man/man5/pam.conf.5 + rm -f $(d)/libpam-modules/usr/share/man/man5/pam.d.5 + + dh_installdebconf -a + dh_installdocs -a $(BUILD_TREE)/README + dh_installexamples -a + find $(d)/libpam0g-dev/usr/share/doc/libpam0g-dev/examples -type f -name 'Makefile*' -print0 | xargs -0 rm -f + + dh_installcron -a + + dh_installchangelogs -a $(BUILD_TREE)/ChangeLog + for pkg in libpam0g libpam-modules; do \ + install -m 0644 -D $(d)/$$pkg.lintian $(d)/$$pkg/usr/share/lintian/overrides/$$pkg || exit; \ + done + + dh_strip -a + dh_compress -a + dh_fixperms -a + chmod 02755 $(d)/libpam-modules/sbin/unix_chkpwd + chgrp shadow $(d)/libpam-modules/sbin/unix_chkpwd + dh_makeshlibs -plibpam0g -V "libpam0g (>= 0.99.10.0)" + dh_installdeb -a + dh_shlibdeps -a -L libpam0g -l$(CURDIR)/debian/libpam0g/lib + dh_gencontrol -a + dh_md5sums -a + dh_builddeb -a + +binary: binary-indep binary-arch +.PHONY: build clean binary-indep binary-arch binary patch unpatch install configure diff --git a/debian/scripts/dbs-build.mk b/debian/scripts/dbs-build.mk new file mode 100644 index 00000000..fb096ff8 --- /dev/null +++ b/debian/scripts/dbs-build.mk @@ -0,0 +1,92 @@ +#!/usr/bin/make -f +# Separate tarball/patch build system by Adam Heath <doogie@debian.org> +# Modified by Ben Collins <bcollins@debian.org> + +SHELL := /bin/bash -e +SOURCE_DIR := build-tree +STAMP_DIR := stampdir +PATCH_DIR := debian/patches + +patched := $(STAMP_DIR)/patch +unpacked := $(STAMP_DIR)/unpack + +ifdef TAR_DIR + BUILD_TREE := $(SOURCE_DIR)/$(TAR_DIR) +else + BUILD_TREE := $(SOURCE_DIR) +endif + +dh_mak_deps := $(shell DH_COMPAT=$(DH_COMPAT) perl debian/scripts/dh_split makedeps) +dh_gen_deps := $(shell DH_COMPAT=$(DH_COMPAT) perl debian/scripts/dh_split gendeps) + +$(dh_mak_deps): $(dh_gen_deps) + perl debian/scripts/dh_split + +setup: $(dh_mak_deps) + dh_testdir + @-up-scripts + $(MAKE) -f debian/rules $(unpacked) $(patched) + +$(patched)/: $(STAMP_DIR)/created $(unpacked) + test -d $(STAMP_DIR)/patches || mkdir -p $(STAMP_DIR)/patches + @if [ -d "$(PATCH_DIR)" ]; then \ + mkdir -p $(STAMP_DIR)/log/patches; \ + for f in `(cd $(PATCH_DIR); find -type f ! -name 'chk-*') | sort | \ + sed s,'./',,g`; do \ + stampfile=$(STAMP_DIR)/patches/$$f; \ + log=$(STAMP_DIR)/log/patches/$$f; \ + if [ ! -e $$stampfile ]; then \ + echo -n "Applying patch $(PATCH_DIR)/$$f ... "; \ + if $(SHELL) debian/scripts/file2cat $(PATCH_DIR)/$$f | \ + (cd $(BUILD_TREE);patch -p1 --no-backup-if-mismatch) > $$log 2>&1; then \ + echo successful.; \ + touch $$stampfile; \ + else \ + echo "failed! (check $$log for reason)"; \ + exit 1; \ + fi; \ + else \ + echo Already applied $(PATCH_DIR)/$$f.; \ + fi; \ + done; \ + fi + touch $@ + +$(unpacked): $(STAMP_DIR)/created + mkdir -p $(STAMP_DIR)/sources $(SOURCE_DIR) $(STAMP_DIR)/log/sources + @for f in `find . -type f -maxdepth 1 -name \*.tgz -o -name \*.tar.gz -o \ + -name \*.tar.bz -o -name \*.tar.bz2 | sort | sed s,'./',,g`; do \ + stampfile=$(STAMP_DIR)/sources/`basename $$f`; \ + log=$(STAMP_DIR)/log/sources/`basename $$f`; \ + if [ ! -e $$stampfile ]; then \ + echo -n "Extracting source $$f ... "; \ + if $(SHELL) debian/scripts/file2cat $$f | \ + (cd $(SOURCE_DIR); tar xv) > $$log 2>&1; then \ + echo successful.; \ + touch $$stampfile; \ + else \ + echo failed!; \ + exit 1; \ + fi; \ + else \ + echo Already unpacked $$f.; \ + fi; \ + done + touch $@ + +make_patch: + mv $(BUILD_TREE) $(BUILD_TREE).new + rm -rf $(STAMP_DIR) + $(MAKE) -f debian/rules $(unpacked) $(patched) +ifndef TAR_DIR + diff -urN $(BUILD_TREE) $(BUILD_TREE).new > new.diff +else + (cd $(SOURCE_DIR) && diff -urN $(TAR_DIR) $(TAR_DIR).new || true) > new.diff +endif + rm -rf $(BUILD_TREE) + mv $(BUILD_TREE).new $(BUILD_TREE) + @echo; ls -l new.diff + +$(STAMP_DIR)/created: + test -d $(STAMP_DIR) || mkdir $(STAMP_DIR) + touch $(STAMP_DIR)/created diff --git a/debian/scripts/file2cat b/debian/scripts/file2cat new file mode 100644 index 00000000..d95d77e3 --- /dev/null +++ b/debian/scripts/file2cat @@ -0,0 +1,13 @@ +#!/bin/sh + +if [ "$1" = "" ]; then + echo "Usage: file2cat <file>" + exit 1 +fi + +case "$1" in + *.gz|*.Z|*.tgz) cmd=zcat;; + *.bz|*.bz2) cmd=bzcat;; + *) cmd=cat;; +esac +$cmd $1 diff --git a/debian/to-be-evaluated/006_compile_warnings b/debian/to-be-evaluated/006_compile_warnings new file mode 100644 index 00000000..dd22f71d --- /dev/null +++ b/debian/to-be-evaluated/006_compile_warnings @@ -0,0 +1,12 @@ +--- Linux-PAM-0.72/modules/pam_tally/pam_tally.c~ Tue Dec 14 12:52:35 1999 ++++ Linux-PAM-0.72/modules/pam_tally/pam_tally.c Tue Dec 14 12:52:29 1999 +@@ -70,7 +70,9 @@ + #endif + + static struct faillog faillog; ++#ifndef MAIN + static time_t fail_time; ++#endif + + /*---------------------------------------------------------------------*/ + diff --git a/debian/to-be-evaluated/040_hurd_limits b/debian/to-be-evaluated/040_hurd_limits new file mode 100644 index 00000000..e601992d --- /dev/null +++ b/debian/to-be-evaluated/040_hurd_limits @@ -0,0 +1,97 @@ + +diff -urN Linux-PAM-0.72/modules/pam_limits/Makefile Linux-PAM-0.72.new/modules/pam_limits/Makefile +--- Linux-PAM-0.72/modules/pam_limits/Makefile Wed Jul 4 20:58:43 2001 ++++ Linux-PAM-0.72.new/modules/pam_limits/Makefile Wed Jul 4 19:31:37 2001 +@@ -6,7 +6,7 @@ + # Created by Cristian Gafton <gafton@redhat.com> 1996/09/10 + # + +-ifeq ($(OS),linux) ++ifneq (,$(findstring $(OS),gnu linux)) + TITLE=pam_limits + CONFD=$(CONFIGED)/security + export CONFD +@@ -22,7 +22,10 @@ + LIBOBJD = $(addprefix dynamic/,$(LIBOBJ)) + LIBOBJS = $(addprefix static/,$(LIBOBJ)) + ++ifeq (linux,$(OS)) + LINKLIBS+=-lcap ++CFLAGS+=-DUSE_CAPABILITIES ++endif + + dynamic/%.o : %.c + $(CC) $(CFLAGS) $(DYNAMIC) $(CPPFLAGS) $(TARGET_ARCH) -c $< -o $@ +diff -urN Linux-PAM-0.72/modules/pam_limits/pam_limits.c Linux-PAM-0.72.new/modules/pam_limits/pam_limits.c +--- Linux-PAM-0.72/modules/pam_limits/pam_limits.c Wed Jul 4 20:58:48 2001 ++++ Linux-PAM-0.72.new/modules/pam_limits/pam_limits.c Wed Jul 4 19:31:31 2001 +@@ -13,12 +13,10 @@ + * See end for Copyright information + */ + +-#if !(defined(linux)) +-#error THIS CODE IS KNOWN TO WORK ONLY ON LINUX !!! +-#endif +- ++#ifdef USE_CAPABILITIES + #include <sys/capability.h> + #include <sys/prctl.h> ++#endif + + #include <stdio.h> + #include <unistd.h> +@@ -62,9 +60,11 @@ + specific user or to count all logins */ + static int priority; /* the priority to run user process with */ + static char chroot_dir[8092] = ""; /* directory to chroot into */ ++#ifdef USE_CAPABILITIES + static cap_t capabilities; /* capability handle */ + static int caps_set = 0; /* capabilities set */ + static int caps_allocated = 0; /* capabilities allocated */ ++#endif + + #define LIMIT_LOGIN RLIM_NLIMITS+1 + #define LIMIT_NUMSYSLOGINS RLIM_NLIMITS+2 +@@ -261,11 +261,13 @@ + priority = 0; + login_limit = -2; + login_limit_def = LIMITS_DEF_NONE; ++#ifdef USE_CAPABILITIES + if (caps_allocated) + cap_free(capabilities); + capabilities = cap_init(); + caps_allocated = 1; + caps_set = 0; ++#endif + return retval; + } + +@@ -401,9 +403,13 @@ + } else if (limit_item == LIMIT_CHROOT) { + strncpy(chroot_dir, value_orig, sizeof(chroot_dir)); + } else if (limit_item == LIMIT_CAPS) { ++#ifdef USE_CAPABILITIES + capabilities = cap_from_text(value_orig); + prctl(PR_SET_KEEPCAPS, 1); + caps_set = 1; ++#else ++ _pam_log(LOG_WARNING, "capabilities not supported on this system, ignoring them"); ++#endif + } + return; + } +@@ -533,12 +539,14 @@ + if (i != 0) + retval = LIMIT_ERR; + } ++#ifdef USE_CAPABILITIES + if (!retval && caps_set) { + retval = cap_set_proc(capabilities) ? LIMIT_ERR : 0; + cap_free(capabilities); + caps_set = 0; + caps_allocated = 0; + } ++#endif + return retval; + } +
\ No newline at end of file diff --git a/debian/watch b/debian/watch new file mode 100644 index 00000000..da5e1ef6 --- /dev/null +++ b/debian/watch @@ -0,0 +1,3 @@ +version=3 +opts=pasv ftp://ftp.kernel.org/pub/linux/libs/pam/library/Linux-PAM-(.*).tar.gz + |