Source: pam Version: 1.7.0-5 Severity: wishlist Tags: patch X-Debbugs-Cc: [email protected] User: [email protected] Usertags: dpkg-root-support
Hello pam maintainers, thank you for adding the --root option to pam-auth-update back in the day as the fix of Debian bug #983427 or pam [MR6]. [MR6] https://salsa.debian.org/vorlon/pam/-/merge_requests/6 According to codesearch.d.n the libpam-runtime postinst maintainer script is the only place in Debian which currently passes that option to pam-auth-update. I was in the process of adding the --root parameter to the postinst of libpam-systemd but instead of adding the --root parameter to every maintainer script which uses it, maybe we could do what other Debian-specific scripts (e.g.: update-alternatives, update-rc.d, deb-systemd-helper) do and make the value of $DPKG_ROOT the default value of the --root option. Doing so makes sense for scripts which are * Debian specific ($DPKG_ROOT is not useful for upstream projects which are supposed to work outside Debian) * are predominantly used in maintainer scripts (where dpkg will set $DPKG_ROOT to a non-empty value if it is run with --force-script-chrootless) The pam-auth-update program fulfills these conditions, so I propose to change the default value of the --root parameter to be $DPKG_ROOT. I prepared a patch which implements this in this MR: https://salsa.debian.org/vorlon/pam/-/merge_requests/33 Like last time, this patch was tested as part of our weekly CI setup at https://salsa.debian.org/helmutg/dpkg-root-demo/ What do you think? Do you agree that the value of the $DPKG_ROOT environment variable value would be a good default for the --root option? I'm wondering whether I should either patch libpam-systemd so that it uses the --root option or whether I can leave libpam-systemd untouched and change pam-auth-update instead. Let me know what you think. Thanks! cheers, josch
