From b793c72560535d64ff441e5af5b1ad832c9f5e1f Mon Sep 17 00:00:00 2001 From: Steve Langasek Date: Tue, 8 Jan 2019 17:25:08 -0800 Subject: fix-up commit to match 1.1.0-6 from the archive --- TODO | 25 +++++++++++++++++++++++++ debian/changelog | 3 +++ debian/libpam-cracklib.postinst | 2 +- debian/libpam-modules.postrm | 7 +++++++ debian/libpam-runtime.postinst | 2 +- 5 files changed, 37 insertions(+), 2 deletions(-) create mode 100644 TODO create mode 100644 debian/libpam-modules.postrm diff --git a/TODO b/TODO new file mode 100644 index 00000000..df748cba --- /dev/null +++ b/TODO @@ -0,0 +1,25 @@ +----------------------------------- + +when calling the helper: call setuid(0) unconditionally? (saves us a +syscall) + +'nullok' is totally redundant in the passwd phase, and I never noticed +this :( + +refactor passverify.c a bit more, helper_log_err() is used in places it +doesn't need to be + +longstanding goofiness (duplication) in the shadow verification code: + + if ((curdays - spent->sp_lstchg > spent->sp_max) + && (curdays - spent->sp_lstchg > spent->sp_inact) + && (curdays - spent->sp_lstchg > spent->sp_max + spent->sp_inact) + + +sepermit README.xml listed as 'entity pamaccess'? +sepermit example is SHIT! + +go over all the XML and fix the English :P + +unix_update should eventually support suid root operation as well, +maybe? diff --git a/debian/changelog b/debian/changelog index d6ed50ca..3fd03520 100644 --- a/debian/changelog +++ b/debian/changelog @@ -8,6 +8,9 @@ pam (1.0.1-6) UNRELEASED; urgency=low pass; this Linux-PAM deviation from the original PAM spec causes a number of problems, in particular causing wrong return values when using the refactored pam-auth-update stack. LP: #303515, #305882. + * debian/local/pam-auth-update (et al): new interface for managing + /etc/pam.d/common-*, using drop-in config snippets provided by module + packages. -- Steve Langasek Fri, 27 Feb 2009 16:20:24 -0800 diff --git a/debian/libpam-cracklib.postinst b/debian/libpam-cracklib.postinst index 637d38f2..cf52f262 100644 --- a/debian/libpam-cracklib.postinst +++ b/debian/libpam-cracklib.postinst @@ -2,7 +2,7 @@ set -e -if dpkg --compare-versions "$2" lt 1.0.1-5; then +if dpkg --compare-versions "$2" lt 1.0.1-6; then pam-auth-update --package fi diff --git a/debian/libpam-modules.postrm b/debian/libpam-modules.postrm new file mode 100644 index 00000000..20fdf998 --- /dev/null +++ b/debian/libpam-modules.postrm @@ -0,0 +1,7 @@ +#!/bin/sh + +set -e + +if [ "$1" = "purge" ]; then + rm -f /etc/environment +fi diff --git a/debian/libpam-runtime.postinst b/debian/libpam-runtime.postinst index e684db9a..f5d28a34 100644 --- a/debian/libpam-runtime.postinst +++ b/debian/libpam-runtime.postinst @@ -4,7 +4,7 @@ # -- only create on package install. force= -if [ -z "$2" ] || dpkg --compare-versions "$2" lt 1.0.1-5 +if [ -z "$2" ] || dpkg --compare-versions "$2" lt 1.0.1-6 then force=--force for configfile in common-auth common-account common-session \ -- cgit v1.2.3