Bug#502140: Could this bug be related to the pam upgrade?
Quoting Steve Langasek ([EMAIL PROTECTED]): The one thing I would note is that, in the rare case that there are no system-level daemons running on your system that use PAM, the message will not be shown. Michael, before the screensaver locked up on you, did you see the debconf warning that Christian quotes above? If not, what services do My fear is that, indeed, some users will anyway leave the system unattended as soon as it enters the moment where packages are unpacked, or debconf questions asked. But, there, xscreensaver should lock before it is itself upgraded. you have installed on your system? (Even at, cron, cups, gdm, or samba should trigger display of this message.) And what debconf settings did you use when running the upgrade? I'd bet 'non-interactive' There's also another possible explanation: - xscreensaver is running and has the old libpam loaded - libpam0g is unpacked - libpam-modules is unpacked - libpam0g is configured, triggering the display of the debconf question - but the screen is already locked and can't be unlocked because libpam-modules is now broken, needing symbols from a newer libpam than the one loaded by xscreensaver If this is the cause of the problem, then we could address that by either: - having libpam-modules pre-depend on libpam0g (= 0.99.7.1), forcing the question to be displayed before libpam-modules is unpacked or - adding a separate debconf question about screensavers only, shown in the package preinst advising the user to disable their screen lock for the duration of the upgrade. Christian, what's your opinion? That last option could helpexcept if the problem Michael ran into was that he was using debconf in non-interactive more. In such case, the debconf note will not help. Another option is to mention this in the release notes and advise against running the etch-lenny upgrade if xscreensaver is running. signature.asc Description: Digital signature
Bug#502140: Could this bug be related to the pam upgrade?
The one thing I would note is that, in the rare case that there are no system-level daemons running on your system that use PAM, the message will not be shown. Michael, before the screensaver locked up on you, did you see the debconf warning that Christian quotes above? I do not recall seeing any warnings or dialogs. I followed the instructions (almost) as posted: I changed my sources.list to lenny and installed apt, dpkg, and aptitude. Then I ran apt-get dist-upgrade rather than aptitude upgrade. Then I let the download start and left the computers. When I came back I was unable to log in. If not, what services do you have installed on your system? (Even at, cron, cups, gdm, or samba should trigger display of this message.) And what debconf settings did you use when running the upgrade? I'm running cups and gdm. I'm not sure what debconf settings I used... I'm guessing I used the defaults? If this is the cause of the problem, then we could address that by either: - having libpam-modules pre-depend on libpam0g (= 0.99.7.1), forcing the question to be displayed before libpam-modules is unpacked or - adding a separate debconf question about screensavers only, shown in the package preinst advising the user to disable their screen lock for the duration of the upgrade. As a user, I would prefer the first of the two solutions. As long as I can log in when I come back to the computer and have that dialog waiting, I would be content. Otherwise there are going to be a lot of people (that don't have the patience to read instructions) that will get locked out and be ticked off. This is one of those issues that the reviews will bitch and moan about. If this problem can be dealt with now, before the release, then it should. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#502140: Could this bug be related to the pam upgrade?
I very much suspect that bug #502140 is related to the upgrade of pam. While looking at PAM debconf templates, I see this: Description: Services to restart for PAM library upgrade: Most services that use PAM need to be restarted to use modules built for this new version of libpam. Please review the following space-separated list of init.d scripts for services to be restarted now, and correct it if needed. . Some other services such as xscreensaver, gnome-screensaver, and xlockmore cannot be restarted for you. You will not be able to authenticate to these services until you restart them manually. So, apparently, that can cause nasty situations like the one Michael experienced during his upgrade tests -- signature.asc Description: Digital signature
Bug#502140: Could this bug be related to the pam upgrade?
reassign 502140 pam thanks On Sun, Oct 19, 2008 at 03:21:51PM +0200, Christian Perrier wrote: I very much suspect that bug #502140 is related to the upgrade of pam. While looking at PAM debconf templates, I see this: Description: Services to restart for PAM library upgrade: Most services that use PAM need to be restarted to use modules built for this new version of libpam. Please review the following space-separated list of init.d scripts for services to be restarted now, and correct it if needed. . Some other services such as xscreensaver, gnome-screensaver, and xlockmore cannot be restarted for you. You will not be able to authenticate to these services until you restart them manually. So, apparently, that can cause nasty situations like the one Michael experienced during his upgrade tests Yes, quite. Unfortunately we're already doing just about everything we can to warn users about this issue on upgrade, so I fear this may be a 'wontfix' bug. The one thing I would note is that, in the rare case that there are no system-level daemons running on your system that use PAM, the message will not be shown. Michael, before the screensaver locked up on you, did you see the debconf warning that Christian quotes above? If not, what services do you have installed on your system? (Even at, cron, cups, gdm, or samba should trigger display of this message.) And what debconf settings did you use when running the upgrade? There's also another possible explanation: - xscreensaver is running and has the old libpam loaded - libpam0g is unpacked - libpam-modules is unpacked - libpam0g is configured, triggering the display of the debconf question - but the screen is already locked and can't be unlocked because libpam-modules is now broken, needing symbols from a newer libpam than the one loaded by xscreensaver If this is the cause of the problem, then we could address that by either: - having libpam-modules pre-depend on libpam0g (= 0.99.7.1), forcing the question to be displayed before libpam-modules is unpacked or - adding a separate debconf question about screensavers only, shown in the package preinst advising the user to disable their screen lock for the duration of the upgrade. Christian, what's your opinion? -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developerhttp://www.debian.org/ [EMAIL PROTECTED] [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
