Bug#326263: marked as done (libpam-heimdal & xdm)

Thu, 30 Mar 2006 15:39:46 -0800 

Your message dated Thu, 30 Mar 2006 15:03:12 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#326263: fixed in libpam-heimdal 1.2.0-1
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message --- 
Package: libpam-heimdal
Version: 1.0-17
Severity: important

xdm does not work with libpam-heimdal
Upon entering a correct password, the xdm login screen disappears, as though login were proceeding, then xdm stops & the login screen reappears
I avoid this problem with the no_ccache option, though this obviates most of libpam-heimdal's usefulness, since single sign-on authentication no-longer works - 


auth    sufficient      pam_krb5.so use_first_pass no_ccache
Chip explains in bug #251088 that the problem is duplicate calls to pam_setcred in xdm. He suggests - 


> In xdm, I simply replace the second call to pam_setcred (the one in
> xc/programs/xdm/session.c) with pam_open_session.


He also suggests -


> In libpam-heimdal, I replace the existing open_session/close_session
> no-op functions with functions that setup and destroy the credentials
> cache.
I don't know whether this more recent pam_krb5 module already includes improved open_session/close_session functions - http://pam-krb5.sourceforge.net/
Unfortunately I'm not familiar with the PAM interface, but from what I've read, the duplicate calls to pam_setcred constitute an important bug in xdm
If not, then libpam-heimdal's reaction to duplicate pam_setcred calls constitutes an important bug in libpam-heimdal 

Many thanks for your sage contributions to Debian!

Jack

--- End Message ---
--- Begin Message --- 
Source: libpam-heimdal
Source-Version: 1.2.0-1

We believe that the bug you reported is fixed in the latest version of
libpam-heimdal, which is due to be installed in the Debian FTP archive:

libpam-heimdal_1.2.0-1.diff.gz
  to pool/main/libp/libpam-heimdal/libpam-heimdal_1.2.0-1.diff.gz
libpam-heimdal_1.2.0-1.dsc
  to pool/main/libp/libpam-heimdal/libpam-heimdal_1.2.0-1.dsc
libpam-heimdal_1.2.0-1_i386.deb
  to pool/main/libp/libpam-heimdal/libpam-heimdal_1.2.0-1_i386.deb
libpam-heimdal_1.2.0.orig.tar.gz
  to pool/main/libp/libpam-heimdal/libpam-heimdal_1.2.0.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Matthijs Mohlmann <[EMAIL PROTECTED]> (supplier of updated libpam-heimdal 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Thu, 23 Mar 2006 00:03:01 +0100
Source: libpam-heimdal
Binary: libpam-heimdal
Architecture: source i386
Version: 1.2.0-1
Distribution: unstable
Urgency: low
Maintainer: Matthijs Mohlmann <[EMAIL PROTECTED]>
Changed-By: Matthijs Mohlmann <[EMAIL PROTECTED]>
Description: 
 libpam-heimdal - PAM module for Heimdal Kerberos 5
Closes: 234882 326263 344927
Changes: 
 libpam-heimdal (1.2.0-1) unstable; urgency=low
 .
   * New upstream release (Closes: #344927)
   * Bug fixes to upstream version (Taken from the libpam-krb5 package)
     - Succeed silently in account management if Kerberos wasn't used.
     - Parse ccache_dir correctly.
     - Bring the man page up to date.
     - Link with -z defs to ensure all symbols were found.
   * Use the krb5-config tool to get the CFLAGS and the LDFLAGS.
   * Convert all error_message to krb5_get_err_text to properly compile this
     module and get some nice error messages instead of "krb5 unknown error
     code"
   * Only initialize the credentials cache ones, no matter how many times it's
     called. This works around a bug in xdm. (Closes: #326263)
   * README.Debian lists a recommended configuration for pam_krb5.so
     (Closes: #234882)
   * Same upstream version as the libpam-krb5 package only this can't be build
     from the same source because of conflicting build dependencies.
   * Several patches from Russ Allbery <[EMAIL PROTECTED]>, see the changelog of
     libpam-krb5 for more information.
Files: 
 0d4b91e6ce8baba6d2c11818e695ae3a 657 net optional libpam-heimdal_1.2.0-1.dsc
 042ca5830e58ae76d9bec0e97d203c68 42653 net optional 
libpam-heimdal_1.2.0.orig.tar.gz
 460d1fffa3d7c0ed6509c0514e12b4a5 18658 net optional 
libpam-heimdal_1.2.0-1.diff.gz
 70afb8691a130e876fa32b177ecc9928 22680 net optional 
libpam-heimdal_1.2.0-1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFELF/Tf+2upy2F5boRAvjgAJ9tCSGCua/ivWcIDXdASmmuAdh0lgCgzic6
WrCH17Sz1BEL1O6W4Z0Kykk=
=on0F
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to