Publishing details

• Published on 2015-01-10

Changelog

pam (1.1.8-1ubuntu2~ubuntu12.04.1~ppa1) precise; urgency=low

  * No-change backport to precise

pam (1.1.8-1ubuntu2) trusty; urgency=medium

  * debian/patches-applied/pam-loginuid-in-containers: pam_loginuid:
    Update patch with follow-up changes to loginuid.c

pam (1.1.8-1ubuntu1) trusty; urgency=medium

  * Merge from Debian unstable, remaining changes:
    - debian/libpam-modules.postinst: Add PATH to /etc/environment if it's
      not present there or in /etc/security/pam_env.conf. (should send to
      Debian).
    - debian/libpam0g.postinst: only ask questions during update-manager when
      there are non-default services running.
    - debian/libpam0g.postinst: check if gdm is actually running before
      trying to reload it.
    - debian/libpam0g.postinst: the init script for 'samba' is now named
      'smbd' in Ubuntu, so fix the restart handling.
    - Change Vcs-Bzr to point at the Ubuntu branch.
    - debian/patches-applied/series: Ubuntu patches are as below ...
    - debian/patches-applied/ubuntu-rlimit_nice_correction: Explicitly
      initialise RLIMIT_NICE rather than relying on the kernel limits.
    - debian/patches-applied/pam_umask_usergroups_from_login.defs.patch:
      Deprecate pam_unix's explicit "usergroups" option and instead read it
      from /etc/login.def's "USERGROUP_ENAB" option if umask is only defined
      there. This restores compatibility with the pre-PAM behaviour of login.
    - debian/patches-applied/pam_motd-legal-notice: display the contents of
      /etc/legal once, then set a flag in the user's homedir to prevent
      showing it again.
    - debian/update-motd.5, debian/libpam-modules.manpages: add a manpage
      for update-motd, with some best practices and notes of explanation.
    - debian/patches/update-motd-manpage-ref: add a reference in pam_motd(8)
      to update-motd(5)
    - debian/local/common-session{,-noninteractive}: Enable pam_umask by
      default, now that the umask setting is gone from /etc/profile.
    - debian/local/pam-auth-update: Add the new md5sums for pam_umask addition.
    - Build-depend on libfl-dev in addition to flex, for cross-building
      support.
    - Add /usr/local/games to PATH.
    - Adjust debian/patches-applied/update-motd to write to
      /run/motd.dynamic, as sysvinit/ssh/login in Debian have been changed
      to use this file and no longer links /etc/motd to /var/run/motd.
  * debian/patches-applied/pam_umask_usergroups_from_login.defs.patch: include
    patch to autogenerated manpage file

pam (1.1.8-1) unstable; urgency=medium

  * New upstream release.
    - includes upstream changes to pam_exec.  Closes: #670147.
    - adds support for newer hashing algorithms to pam_userdb.
      Closes: #671740.
    - fixes handling of 'quiet' argument to pam_listfile, to match the
      documentation.  Closes: #592219.
    - fixes handling of @users@@hosts netgroup syntax in access.conf.
      Closes: #681223.
    - fixes installation of the /etc/security/namespace.d directory.
      Closes: #710998.
    - 027_pam_limits_better_init_allow_explicit_root: support for reading
      /proc/1/limits is upstream, this patch now only handles the policy
      of resetting limits by default and not applying glob limits to root.
    - debian/patches/fix-manpage-crud: drop, manpages now being generated
      upstream with a newer, fixed xsltproc.
    - debian/patches/pam_env-fix-overflow.patch, pam_env-fix-dos.patch,
      glibc-2_16-compilation-fix.patch, sys-types-include.patch: drop,
      included upstream.
  * Add build-dependency on pkg-config.
  * Ensure autogenerated files are after source files in all relevant patches,
    so that regenerating documentation doesn't cause build skew.
  * Drop the --disable-regenerate-docu argument, restoring the HTML manuals
    to the libpam-doc package.  Closes: #700485.
  * No need to override dh_compress in debian/rules, it already handles .html
    files correctly.
  * debian/libpam-cracklib.prerm: use $DPKG_MAINTSCRIPT_PACKAGE_COUNT to avoid
    prematurely removing the PAM config when the package is installed for
    multiple architectures.  Closes: #647428.

pam (1.1.3-11ubuntu1) trusty; urgency=medium

  * Merge from Debian unstable, remaining changes:
    - debian/libpam-modules.postinst: Add PATH to /etc/environment if it's
      not present there or in /etc/security/pam_env.conf. (should send to
      Debian).
    - debian/libpam0g.postinst: only ask questions during update-manager when
      there are non-default services running.
    - debian/libpam0g.postinst: check if gdm is actually running before
      trying to reload it.
    - debian/libpam0g.postinst: the init script for 'samba' is now named
      'smbd' in Ubuntu, so fix the restart handling.
    - Change Vcs-Bzr to point at the Ubuntu branch.
    - debian/patches-applied/series: Ubuntu patches are as below ...
    - debian/patches-applied/ubuntu-rlimit_nice_correction: Explicitly
      initialise RLIMIT_NICE rather than relying on the kernel limits.
    - debian/patches-applied/pam_umask_usergroups_from_login.defs.patch:
      Deprecate pam_unix's explicit "usergroups" option and instead read it
      from /etc/login.def's "USERGROUP_ENAB" option if umask is only defined
      there. This restores compatibility with the pre-PAM behaviour of login.
    - debian/patches-applied/pam_motd-legal-notice: display the contents of
      /etc/legal once, then set a flag in the user's homedir to prevent
      showing it again.
    - debian/update-motd.5, debian/libpam-modules.manpages: add a manpage
      for update-motd, with some best practices and notes of explanation.
    - debian/patches/update-motd-manpage-ref: add a reference in pam_motd(8)
      to update-motd(5)
    - debian/local/common-session{,-noninteractive}: Enable pam_umask by
      default, now that the umask setting is gone from /etc/profile.
    - debian/local/pam-auth-update: Add the new md5sums for pam_umask addition.
    - Build-depend on libfl-dev in addition to flex, for cross-building
      support.
    - Add /usr/local/games to PATH.
    - Adjust debian/patches-applied/update-motd to write to
      /run/motd.dynamic, as sysvinit/ssh/login in Debian have been changed
      to use this file and no longer links /etc/motd to /var/run/motd.
  * Dropped changes, merged in Debian:
    - Disable libaudit for stage1 bootstrap.

pam (1.1.3-11) unstable; urgency=low

  [ Wookey ]
  * Disable libaudit for stage1 bootstrap.

  [ Steve Langasek ]
  * debian/patches-applied/pam-loginuid-in-containers: pam_loginuid:
    Ignore failure in user namespaces.
  * Use [linux-any] in build-deps, instead of hard-coding a list of
    non-Linux archs.  Closes: #634516.

pam (1.1.3-10ubuntu1) trusty; urgency=low

  * Merge from Debian unstable, remaining changes:
    - debian/libpam-modules.postinst: Add PATH to /etc/environment if it's
      not present there or in /etc/security/pam_env.conf. (should send to
      Debian).
    - debian/libpam0g.postinst: only ask questions during update-manager when
      there are non-default services running.
    - debian/libpam0g.postinst: check if gdm is actually running before
      trying to reload it.
    - debian/libpam0g.postinst: the init script for 'samba' is now named
      'smbd' in Ubuntu, so fix the restart handling.
    - Change Vcs-Bzr to point at the Ubuntu branch.
    - debian/patches-applied/series: Ubuntu patches are as below ...
    - debian/patches-applied/ubuntu-rlimit_nice_correction: Explicitly
      initialise RLIMIT_NICE rather than relying on the kernel limits.
    - debian/patches-applied/pam_umask_usergroups_from_login.defs.patch:
      Deprecate pam_unix's explicit "usergroups" option and instead read it
      from /etc/login.def's "USERGROUP_ENAB" option if umask is only defined
      there. This restores compatibility with the pre-PAM behaviour of login.
    - debian/patches-applied/pam_motd-legal-notice: display the contents of
      /etc/legal once, then set a flag in the user's homedir to prevent
      showing it again.
    - debian/update-motd.5, debian/libpam-modules.manpages: add a manpage
      for update-motd, with some best practices and notes of explanation.
    - debian/patches/update-motd-manpage-ref: add a reference in pam_motd(8)
      to update-motd(5)
    - debian/local/common-session{,-noninteractive}: Enable pam_umask by
      default, now that the umask setting is gone from /etc/profile.
    - debian/local/pam-auth-update: Add the new md5sums for pam_umask addition.
    - Build-depend on libfl-dev in addition to flex, for cross-building
      support.
    - Add /usr/local/games to PATH.
    - Disable libaudit for stage1 bootstrap.
    - Adjust debian/patches-applied/update-motd to write to
      /run/motd.dynamic, as sysvinit/ssh/login in Debian have been changed
      to use this file and no longer links /etc/motd to /var/run/motd.

pam (1.1.3-10) unstable; urgency=low

  * Fix pam-auth-update handling of trailing blank lines in the fields of
    profiles.  LP: #1160288.
  * Reintroduce libaudit support now that libaudit has been multiarched.
    Closes: #699159.

pam (1.1.3-9) unstable; urgency=low

  * Revert libaudit support for now, because libaudit isn't multiarched yet
    in unstable so this regresses cross-installability.  Reopens bug
    #699159.
  * Add an or'ed dependency on cdebconf, which also implements the
    xloadtemplatefile extension that prevents us from depending on just
    'debconf-2.0'.  Thanks to Régis Boudin <email address hidden> for the info.
    Closes: #677278.

pam (1.1.3-8ubuntu3) saucy; urgency=low

  * Adjust debian/patches-applied/update-motd to write to /run/motd.dynamic,
    as sysvinit/ssh/login in Debian have been changed to use this file and
    no longer links /etc/motd to /var/run/motd.

pam (1.1.3-8ubuntu2) raring; urgency=low

  * Disable libaudit for stage1 bootstrap (LP: #1126404)

pam (1.1.3-8ubuntu1) raring; urgency=low

  * Merge from Debian unstable, remaining changes:
    - debian/libpam-modules.postinst: Add PATH to /etc/environment if it's
      not present there or in /etc/security/pam_env.conf. (should send to
      Debian).
    - debian/libpam0g.postinst: only ask questions during update-manager when
      there are non-default services running.
    - debian/libpam0g.postinst: check if gdm is actually running before
      trying to reload it.
    - debian/libpam0g.postinst: the init script for 'samba' is now named
      'smbd' in Ubuntu, so fix the restart handling.
    - Change Vcs-Bzr to point at the Ubuntu branch.
    - debian/patches-applied/series: Ubuntu patches are as below ...
    - debian/patches-applied/ubuntu-rlimit_nice_correction: Explicitly
      initialise RLIMIT_NICE rather than relying on the kernel limits.
    - debian/patches-applied/pam_umask_usergroups_from_login.defs.patch:
      Deprecate pam_unix' explicit "usergroups" option and instead read it
      from /etc/login.def's "USERGROUP_ENAB" option if umask is only defined
      there. This restores compatibility with the pre-PAM behaviour of login.
    - debian/patches-applied/pam_motd-legal-notice: display the contents of
      /etc/legal once, then set a flag in the user's homedir to prevent
      showing it again.
    - debian/update-motd.5, debian/libpam-modules.manpages: add a manpage
      for update-motd, with some best practices and notes of explanation.
    - debian/patches/update-motd-manpage-ref: add a reference in pam_motd(8)
      to update-motd(5)
    - debian/local/common-session{,-noninteractive}: Enable pam_umask by
      default, now that the umask setting is gone from /etc/profile.
    - debian/local/pam-auth-update: Add the new md5sums for pam_umask addition.
    - Build-depend on libfl-dev in addition to flex, for cross-building
      support.
    - Add /usr/local/games to PATH.  LP: #110287.

pam (1.1.3-8) unstable; urgency=low

  * Confirm NMU for bug #611136; thanks to Michael Gilbert.
    - As a side effect, there will no longer be errors from reading the
      .pam_environment twice since we are now reading it 0 times.
      LP: #955032.
  * Adjust the pam_env documentation to match the module behavior resulting
    from the previous security upload.  Closes: #693995.
  * debian/rules: never regenerate manpages at build time; this may cause
    build skew that breaks the world in a multiarch context.  LP: #1095887.
  * debian/patches-applied/glibc-2_16-compilation-fix.patch: fix missing
    include causing build failure with eglibc 2.16.  Thanks to Daniel
    Schepler <email address hidden>.  Closes: #693450.
  * Ditch autoconf patch in favor of a build-dependency on dh-autoreconf,
    which will let us keep up-to-date with newer autotools.  In the present
    instance, this gets us aarch64 support.
  * Install pam_timestamp_check - and while we're at it, move the manpage
    to the correct binary package.  Closes: #648695.
  * Update lintian overrides to suppress some noise about hardening and
    manpages.
  * Enable audit support, by popular demand.  This should have no major
    impact unless you're also running auditd; but I reserve the right to
    disable this again in the event that this causes a performance hit or
    breaks upgrades (since the dependency is pulled into libpam, not just
    into pam_tty_audit).  Closes: #699159, LP: #937005.

pam (1.1.3-7.1) unstable; urgency=low

  * Non-maintainer upload.
  * Fix cve-2010-4708: user-configurable .pam_environment allows
    administrator-level changes without root access (closes: #611136).

pam (1.1.3-7ubuntu3) quantal; urgency=low

  [ Nathan Williams ]
  * Add /usr/local/games to PATH.  LP: #110287.
 -- Arctus <email address hidden>   Sat, 10 Jan 2015 12:25:31 +0100

Builds

• amd64
• i386

Package files

• pam_1.1.8-1ubuntu2~ubuntu12.04.1~ppa1.diff.gz (145.5 KiB)
• pam_1.1.8-1ubuntu2~ubuntu12.04.1~ppa1.dsc (2.5 KiB)
• pam_1.1.8.orig.tar.gz (1.8 MiB)