From b12d7595dfcc20c809f3c11c579e34d115b3060e Mon Sep 17 00:00:00 2001 From: Steve Langasek Date: Thu, 24 Jan 2019 11:37:19 -0800 Subject: Fix lintian warnings; thanks to Andreas Henriksson and Florian Vessaz --- debian/changelog | 2 ++ debian/libpam-modules.lintian-overrides | 15 ++------------- debian/libpam-runtime.lintian-overrides | 4 ---- 3 files changed, 4 insertions(+), 17 deletions(-) (limited to 'debian') diff --git a/debian/changelog b/debian/changelog index 5b40b1a7..0f88f1b2 100644 --- a/debian/changelog +++ b/debian/changelog @@ -12,6 +12,8 @@ pam (1.3.0-1) UNRELEASED; urgency=medium - debian/patches-applied/cve-2015-3238.patch - debian/patches-applied/pam_namespace_fix_bashism.patch * Drop unused lintian overrides. + * Fix lintian warnings; thanks to Andreas Henriksson + and Florian Vessaz -- Steve Langasek Wed, 23 Jan 2019 14:44:20 +0000 diff --git a/debian/libpam-modules.lintian-overrides b/debian/libpam-modules.lintian-overrides index c6f25ec7..f9bfa60d 100644 --- a/debian/libpam-modules.lintian-overrides +++ b/debian/libpam-modules.lintian-overrides @@ -1,13 +1,2 @@ -# These are false positives because they don't use any functions that need -# fortifying. Since we know we have hardening turned on globally, suppress -# them. If we ever see this warning again for *other* modules, then we know -# there's a real problem. -libpam-modules: hardening-no-fortify-functions lib/*/security/pam_echo.so -libpam-modules: hardening-no-fortify-functions lib/*/security/pam_filter.so -libpam-modules: hardening-no-fortify-functions lib/*/security/pam_group.so -libpam-modules: hardening-no-fortify-functions lib/*/security/pam_limits.so -libpam-modules: hardening-no-fortify-functions lib/*/security/pam_shells.so -libpam-modules: hardening-no-fortify-functions lib/*/security/pam_tally.so -libpam-modules: hardening-no-fortify-functions lib/*/security/pam_tally2.so -libpam-modules: hardening-no-fortify-functions lib/*/security/pam_time.so -libpam-modules: hardening-no-fortify-functions lib/*/security/pam_wheel.so +# pam_deny.so does not use any symbol from libc. +libpam-modules: library-not-linked-against-libc lib/x86_64-linux-gnu/security/pam_deny.so diff --git a/debian/libpam-runtime.lintian-overrides b/debian/libpam-runtime.lintian-overrides index ad868c24..7a8b1a70 100644 --- a/debian/libpam-runtime.lintian-overrides +++ b/debian/libpam-runtime.lintian-overrides @@ -3,7 +3,3 @@ libpam-runtime: no-debconf-config # this warning is just plain crack, there's no reason that using debconf # outside of a maintainer script implies an error. libpam-runtime: debconf-is-not-a-registry usr/sbin/pam-auth-update -# this warning is wrong for debconf error templates -libpam-runtime: postinst-uses-db-input -# meh. -libpam-runtime: using-first-person-in-templates libpam-runtime/you-had-no-auth -- cgit v1.2.3