summaryrefslogtreecommitdiff
path: root/debian
diff options
context:
space:
mode:
Diffstat (limited to 'debian')
-rwxr-xr-xdebian/local/pam-auth-update11
-rw-r--r--debian/pam-configs/cracklib4
-rw-r--r--debian/pam-configs/unix16
3 files changed, 17 insertions, 14 deletions
diff --git a/debian/local/pam-auth-update b/debian/local/pam-auth-update
index 829833b8..3989f9f6 100755
--- a/debian/local/pam-auth-update
+++ b/debian/local/pam-auth-update
@@ -299,7 +299,7 @@ sub create_from_template
$output = $profiles->{$mod}{$uctype . '-Initial'};
$i++;
} else {
- $output = $profiles->{$mod}{$uctype . '-Final'};
+ $output = $profiles->{$mod}{$uctype};
}
# bypasses a perl warning about @_, sigh
my @tmparr = split("\n+",$output);
@@ -322,7 +322,7 @@ sub create_from_template
$output = $profiles->{$mod}{$uctype . '-Initial'};
$i++;
} else {
- $output = $profiles->{$mod}{$uctype . '-Final'};
+ $output = $profiles->{$mod}{$uctype};
}
for my $line (split("\n",$output)) {
$line = merge_one_line($line,$diff,
@@ -459,7 +459,7 @@ sub write_profiles
$output = $profiles->{$mod}{$uctype . '-Initial'};
$i++;
} else {
- $output = $profiles->{$mod}{$uctype . '-Final'};
+ $output = $profiles->{$mod}{$uctype};
}
if ($output) {
print OUTPUT "Module: $mod\n";
@@ -611,12 +611,15 @@ sub parse_pam_profile
while (<PROFILE>) {
if (/^(\S+):\s+(.*)$/) {
$fieldname = $1;
+ # compatibility with the first implementation round;
+ # "Auth-Final" is now just called "Auth"
+ $fieldname =~ s/-Final$//;
if ($fieldname eq 'Conflicts') {
foreach my $elem (split(/, /, $2)) {
$profile{'Conflicts'}->{$elem} = 1;
}
} else {
- $profile{$1} = $2;
+ $profile{$fieldname} = $2;
}
} else {
chomp;
diff --git a/debian/pam-configs/cracklib b/debian/pam-configs/cracklib
index fb7dc08e..1c48274f 100644
--- a/debian/pam-configs/cracklib
+++ b/debian/pam-configs/cracklib
@@ -3,7 +3,7 @@ Default: yes
Priority: 1024
Conflicts: unix-zany
Password-Type: Primary
-Password-Initial:
+Password:
requisite pam_cracklib.so retry=3 minlen=8 difok=3
-Password-Final:
+Password-Initial:
requisite pam_cracklib.so retry=3 minlen=8 difok=3
diff --git a/debian/pam-configs/unix b/debian/pam-configs/unix
index ee56a867..3bc350e7 100644
--- a/debian/pam-configs/unix
+++ b/debian/pam-configs/unix
@@ -2,22 +2,22 @@ Name: Unix authentication
Default: yes
Priority: 256
Auth-Type: Primary
+Auth:
+ [success=end default=ignore] pam_unix.so nullok_secure try_first_pass
Auth-Initial:
[success=end default=ignore] pam_unix.so nullok_secure
-Auth-Final:
- [success=end default=ignore] pam_unix.so nullok_secure try_first_pass
Account-Type: Primary
-Account-Initial:
+Account:
[success=end default=ignore] pam_unix.so
-Account-Final:
+Account-Initial:
[success=end default=ignore] pam_unix.so
Session-Type: Additional
-Session-Initial:
+Session:
required pam_unix.so
-Session-Final:
+Session-Initial:
required pam_unix.so
Password-Type: Primary
+Password:
+ [success=end default=ignore] pam_unix.so obscure use_authtok try_first_pass md5
Password-Initial:
[success=end default=ignore] pam_unix.so obscure md5
-Password-Final:
- [success=end default=ignore] pam_unix.so obscure use_authtok try_first_pass md5