Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package pam for openSUSE:Factory checked in at 2021-08-18 08:55:09 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/pam (Old) and /work/SRC/openSUSE:Factory/.pam.new.1899 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "pam" Wed Aug 18 08:55:09 2021 rev:115 rq:911843 version:1.5.1 Changes: -------- --- /work/SRC/openSUSE:Factory/pam/pam.changes 2021-07-17 23:36:23.590083304 +0200 +++ /work/SRC/openSUSE:Factory/.pam.new.1899/pam.changes 2021-08-18 08:55:16.723017132 +0200 @@ -1,0 +2,14 @@ +Thu Aug 12 14:42:54 UTC 2021 - Thorsten Kukuk <ku...@suse.com> + +- pam_umask-usergroups-login_defs.patch: Deprecate pam_umask + explicit "usergroups" option and instead read it from login.def's + "USERGROUP_ENAB" option if umask is only defined there. + [bsc#1189139] + +------------------------------------------------------------------- +Tue Aug 3 09:26:00 UTC 2021 - pgaj...@suse.com + +- package man5/motd.5 as a man-pages link to man8/pam_motd.8 + [bsc#1188724] + +------------------------------------------------------------------- New: ---- pam_umask-usergroups-login_defs.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ pam.spec ++++++ --- /var/tmp/diff_new_pack.VTP3i2/_old 2021-08-18 08:55:17.539016217 +0200 +++ /var/tmp/diff_new_pack.VTP3i2/_new 2021-08-18 08:55:17.543016211 +0200 @@ -59,6 +59,7 @@ Patch9: pam-pam_cracklib-add-usersubstr.patch Patch10: pam-bsc1181443-make-nofile-unlimited-mean-nr_open.patch Patch11: bsc1184358-prevent-LOCAL-from-being-resolved.patch +Patch12: pam_umask-usergroups-login_defs.patch # https://github.com/linux-pam/linux-pam/commit/e842a5fc075002f46672ebcd8e896624f1ec8068 Patch100: pam_securetty-don-t-complain-about-missing-config.patch Patch101: revert-check_shadow_expiry.diff @@ -172,6 +173,7 @@ %patch9 -p1 %patch10 -p1 %patch11 -p1 +%patch12 -p1 %patch100 -p1 %patch101 -p1 @@ -239,6 +241,8 @@ # Install unix2_chkpwd install -m 755 %{_builddir}/unix2_chkpwd %{buildroot}%{_sbindir} install -m 644 %{_sourcedir}/unix2_chkpwd.8 %{buildroot}/%{_mandir}/man8/ +# bsc#1188724 +echo '.so man8/pam_motd.8' > %{buildroot}%{_mandir}/man5/motd.5 # rpm macros install -D -m 644 %{SOURCE2} %{buildroot}%{_rpmmacrodir}/macros.pam # /run/motd.d @@ -301,6 +305,7 @@ %{_mandir}/man5/environment.5%{?ext_man} %{_mandir}/man5/*.conf.5%{?ext_man} %{_mandir}/man5/pam.d.5%{?ext_man} +%{_mandir}/man5/motd.5%{?ext_man} %{_mandir}/man8/PAM.8%{?ext_man} %{_mandir}/man8/faillock.8%{?ext_man} %{_mandir}/man8/mkhomedir_helper.8%{?ext_man} ++++++ pam_umask-usergroups-login_defs.patch ++++++ Description: Deprecate pam_umask explicit "usergroups" option and instead read it from /etc/login.def's "USERGROUP_ENAB" option if umask is only defined there. Original Author: Martin Pitt <martin.p...@ubuntu.com> Bug-Debian: http://bugs.debian.org/583958 diff -urN Linux-PAM-1.5.1.pre/modules/pam_umask/pam_umask.8.xml Linux-PAM-1.5.1/modules/pam_umask/pam_umask.8.xml --- Linux-PAM-1.5.1.pre/modules/pam_umask/pam_umask.8.xml 2020-11-25 17:57:02.000000000 +0100 +++ Linux-PAM-1.5.1/modules/pam_umask/pam_umask.8.xml 2021-08-12 16:02:56.108249895 +0200 @@ -61,12 +61,13 @@ </listitem> <listitem> <para> - UMASK entry from /etc/login.defs + UMASK entry from <filename>/etc/login.defs</filename> + (influenced by USERGROUPS_ENAB) </para> </listitem> <listitem> <para> - UMASK= entry from /etc/default/login + UMASK= entry from <filename>/etc/default/login</filename> </para> </listitem> </itemizedlist> @@ -118,6 +119,11 @@ If the user is not root and the username is the same as primary group name, the umask group bits are set to be the same as owner bits (examples: 022 -> 002, 077 -> 007). + Note that using this option explicitly is discouraged. pam_umask + enables this functionality by default if + <filename>/etc/login.defs</filename> enables + USERGROUPS_ENAB, and the umask is not set explicitly in other + places than <filename>/etc/login.defs</filename>. </para> </listitem> </varlistentry> diff -urN Linux-PAM-1.5.1.pre/modules/pam_umask/pam_umask.c Linux-PAM-1.5.1/modules/pam_umask/pam_umask.c --- Linux-PAM-1.5.1.pre/modules/pam_umask/pam_umask.c 2020-11-25 17:57:02.000000000 +0100 +++ Linux-PAM-1.5.1/modules/pam_umask/pam_umask.c 2021-08-12 16:14:40.505589328 +0200 @@ -103,7 +103,23 @@ parse_option (pamh, *argv, options); if (options->umask == NULL) - options->umask = pam_modutil_search_key (pamh, LOGIN_DEFS, "UMASK"); + { + options->umask = pam_modutil_search_key (pamh, LOGIN_DEFS, "UMASK"); + /* login.defs' USERGROUPS_ENAB will modify the UMASK setting there by way + * of usergroups; but we don't want it to influence umask definitions + * from other places (like GECOS). + */ + if (options->umask != NULL) + { + char *result = pam_modutil_search_key (pamh, LOGIN_DEFS, + "USERGROUPS_ENAB"); + if (result != NULL) + { + options->usergroups = (strcasecmp (result, "yes") == 0); + free (result); + } + } + } if (options->umask == NULL) options->umask = pam_modutil_search_key (pamh, LOGIN_CONF, "UMASK"); --- Linux-PAM-1.5.1.pre/modules/pam_umask/pam_umask.8 2021-08-12 16:34:08.314505891 +0200 +++ Linux-PAM-1.5.1/modules/pam_umask/pam_umask.8 2021-08-12 16:14:43.969615764 +0200 @@ -68,7 +68,9 @@ .sp -1 .IP \(bu 2.3 .\} -UMASK entry from /etc/login\&.defs +UMASK entry from +/etc/login\&.defs +(influenced by USERGROUPS_ENAB) .RE .sp .RS 4 @@ -79,7 +81,8 @@ .sp -1 .IP \(bu 2.3 .\} -UMASK= entry from /etc/default/login +UMASK= entry from +/etc/default/login .RE .PP The GECOS field is split on comma \*(Aq,\*(Aq characters\&. The module also in addition to the umask= entry recognizes pri= entry, which sets the nice priority value for the session, and ulimit= entry, which sets the maximum size of files the processes in the session can create\&. @@ -98,7 +101,10 @@ .PP \fBusergroups\fR .RS 4 -If the user is not root and the username is the same as primary group name, the umask group bits are set to be the same as owner bits (examples: 022 \-> 002, 077 \-> 007)\&. +If the user is not root and the username is the same as primary group name, the umask group bits are set to be the same as owner bits (examples: 022 \-> 002, 077 \-> 007)\&. Note that using this option explicitly is discouraged\&. pam_umask enables this functionality by default if +/etc/login\&.defs +enables USERGROUPS_ENAB, and the umask is not set explicitly in other places than +/etc/login\&.defs\&. .RE .PP \fBnousergroups\fR --- Linux-PAM-1.5.1.pre/modules/pam_umask/README 2021-08-12 16:34:08.638508373 +0200 +++ Linux-PAM-1.5.1/modules/pam_umask/README 2021-08-12 16:14:44.241617840 +0200 @@ -15,7 +15,7 @@ ??? umask= argument - ??? UMASK entry from /etc/login.defs + ??? UMASK entry from /etc/login.defs (influenced by USERGROUPS_ENAB) ??? UMASK= entry from /etc/default/login @@ -38,7 +38,10 @@ If the user is not root and the username is the same as primary group name, the umask group bits are set to be the same as owner bits (examples: 022 -> - 002, 077 -> 007). + 002, 077 -> 007). Note that using this option explicitly is discouraged. + pam_umask enables this functionality by default if /etc/login.defs enables + USERGROUPS_ENAB, and the umask is not set explicitly in other places than / + etc/login.defs. nousergroups
