Your message dated Fri, 18 Nov 2005 16:32:19 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#309345: fixed in libpam-krb5 1.2.0-1
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 16 May 2005 16:19:08 +0000
>From [EMAIL PROTECTED] Mon May 16 09:19:07 2005
Return-path: <[EMAIL PROTECTED]>
Received: from (rowdy.as.in.athenacr.com) [66.150.84.1]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DXiJ8-0005Py-00; Mon, 16 May 2005 09:19:06 -0700
Received: from [192.168.0.6] (helo=jack.dev.in.athenacr.com)
by rowdy.as.in.athenacr.com with esmtp (Exim 3.35 #1 (Debian))
id 1DXiId-0000u2-00
for <[EMAIL PROTECTED]>; Mon, 16 May 2005 12:18:35 -0400
Subject: libpam-krb5: PAM_REINITIALIZE_CRED isn't handled correctly
From: Andres Salomon <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Content-Type: text/plain
Date: Mon, 16 May 2005 12:18:35 -0400
Message-Id: <[EMAIL PROTECTED]>
Mime-Version: 1.0
X-Mailer: Evolution 2.0.2
Content-Transfer-Encoding: 7bit
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
Package: libpam-krb5
Version: 1.0-12
Hi,
pam_krb5_auth.c's pam_sm_authenticate() does not actually do anything
useful when PAM_REINITIALIZE_CREDS is passed as a flag. Alternatively,
PAM_REFRESH_CREDS should also be supported (apparently sun treats them
as synonymous). Suggested behavior is to have it simply reinitialize
the ccache, as that will destroy the old ccache (for FILE and MEMORY)
and create a new one. I'll follow up w/ a patch in a bit, after some
testing.
Bug #191001 was related to this.
---------------------------------------
Received: (at 309345-close) by bugs.debian.org; 19 Nov 2005 00:41:42 +0000
>From [EMAIL PROTECTED] Fri Nov 18 16:41:42 2005
Return-path: <[EMAIL PROTECTED]>
Received: from katie by spohr.debian.org with local (Exim 4.50)
id 1EdGeR-0001hw-6L; Fri, 18 Nov 2005 16:32:19 -0800
From: Russ Allbery <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.56 $
Subject: Bug#309345: fixed in libpam-krb5 1.2.0-1
Message-Id: <[EMAIL PROTECTED]>
Sender: Archive Administrator <[EMAIL PROTECTED]>
Date: Fri, 18 Nov 2005 16:32:19 -0800
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
Source: libpam-krb5
Source-Version: 1.2.0-1
We believe that the bug you reported is fixed in the latest version of
libpam-krb5, which is due to be installed in the Debian FTP archive:
libpam-krb5_1.2.0-1.diff.gz
to pool/main/libp/libpam-krb5/libpam-krb5_1.2.0-1.diff.gz
libpam-krb5_1.2.0-1.dsc
to pool/main/libp/libpam-krb5/libpam-krb5_1.2.0-1.dsc
libpam-krb5_1.2.0-1_i386.deb
to pool/main/libp/libpam-krb5/libpam-krb5_1.2.0-1_i386.deb
libpam-krb5_1.2.0.orig.tar.gz
to pool/main/libp/libpam-krb5/libpam-krb5_1.2.0.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Russ Allbery <[EMAIL PROTECTED]> (supplier of updated libpam-krb5 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Fri, 18 Nov 2005 14:48:57 -0800
Source: libpam-krb5
Binary: libpam-krb5
Architecture: source i386
Version: 1.2.0-1
Distribution: unstable
Urgency: low
Maintainer: Sam Hartman <[EMAIL PROTECTED]>
Changed-By: Russ Allbery <[EMAIL PROTECTED]>
Description:
libpam-krb5 - PAM module for MIT Kerberos
Closes: 309345 321319
Changes:
libpam-krb5 (1.2.0-1) unstable; urgency=low
.
* New upstream maintainer and version.
- Now supports reinitialization of credentials properly, allowing
programs such as xlock to refresh credentials. (Closes: #309345)
This currently only works with versions of xlock that try to refresh
credentials (xlockmore does not).
- Do not include the principal name in the prompt. This breaks some
SSH clients and isn't necessary. (Closes: #321319)
- New ignore_root option to skip this module for root authentication,
ameliorating pam_krb5 problems when the network is down. Partially
addresses #315622.
* Bug fixes to upstream version (all sent back to the maintainer):
- Succeed silently in account management if Kerberos wasn't used.
- Parse ccache_dir correctly.
- Bring the man page up to date.
- Link with -z defs to ensure all symbols were found.
* Readd the ccache option with a better implementation and allow for
randomization of the filename using mkstemp even if ccache is used.
* Add search_k5login option to allow authentication based on the
principals listed in ~/.k5login when the local account name doesn't
easily map to the Kerberos principal.
* Add specific configuration recommendations to README.Debian.
* Install upstream changelog now that there is one.
* Add a watch file.
* Update standards version to 3.6.2 (no changes required).
* Remove maintainer from uploaders; dak can handle this properly.
* Update uploader address.
* Remove unnecessary code from debian/rules.
Files:
78d9413ae0878321f8ecd68bf33ecc9d 657 net optional libpam-krb5_1.2.0-1.dsc
042ca5830e58ae76d9bec0e97d203c68 42653 net optional
libpam-krb5_1.2.0.orig.tar.gz
f9f2f42b69a2b06b5466ce4593721745 13602 net optional libpam-krb5_1.2.0-1.diff.gz
af53aa299851604b543ab9bc740711b3 30568 net optional
libpam-krb5_1.2.0-1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFDfm/n+YXjQAr8dHYRAuzUAJ0T5fkNRLLa7/7f3AC7eiebi1cQewCePz6z
U6ZkvwcGXoF46dPGGeQoIM0=
=VWe4
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
