Hi systemd Maintainers, I just reported a debconf bug which causes pam_systemd to be disabled by pam-auth-update (run by libpam-cap package update) when using the debconf dialog frontend with whiptail, even if it appears to be enabled. Since it affects libpam-systemd, I wanted to mention it here as well.
Details below: On Wed, 2019-02-13 at 22:51 -0700, Kevin Locke wrote: > Package: debconf > Version: 1.5.70 > Severity: normal > Tags: patch > > Dear Maintainer, > > After upgrading libpam-cap, systemd user sessions stopped working. I > traced the problem to pam-auth-update, which uses debconf to manage the > PAM configuration. Using the dialog frontend with whiptail in a > terminal that is 80 characters wide, it is not possible to enable the > pam_systemd module, even if it is selected in whiptail. To reproduce: > > DEBIAN_FRONTEND=dialog DEBCONF_DEBUG=developer PERL_DL_NONLAZY=1 > /usr/share/debconf/frontend sh -c ' > . /usr/share/debconf/confmodule > db_x_loadtemplatefile /var/lib/dpkg/info/libpam-runtime.templates > libpam-runtime > db_subst libpam-runtime/profiles profile_names unix, systemd, mkhomedir, > cgfs, capability > db_subst libpam-runtime/profiles profiles Unix authentication, Register user > sessions in the systemd control group hierarchy, Create home directory on > login, Create cgroups for user login sessions, Inheritable Capabilities > Management > db_fset libpam-runtime/profiles seen false > db_set libpam-runtime/profiles unix, systemd, cgfs, capability > db_input critical libpam-runtime/profiles || echo $RET > db_go > db_get libpam-runtime/profiles > echo "<$RET>"' > > Which will produce output like the following: > > debconf (developer): frontend started > debconf (developer): Trying to find a templates file.. > debconf (developer): Trying sh.templates > debconf (developer): Trying /usr/share/debconf/templates/sh.templates > debconf (developer): Couldn't find a templates file. > debconf (developer): frontend running, package name is > debconf (developer): starting sh -c > . /usr/share/debconf/confmodule > db_x_loadtemplatefile /var/lib/dpkg/info/libpam-runtime.templates > libpam-runtime > db_subst libpam-runtime/profiles profile_names unix, systemd, mkhomedir, > cgfs, capability > db_subst libpam-runtime/profiles profiles Unix authentication, Register user > sessions in the systemd control group hierarchy, Create home directory on > login, Create cgroups for user login sessions, Inheritable Capabilities > Management > db_fset libpam-runtime/profiles seen false > db_set libpam-runtime/profiles unix, systemd, cgfs, capability > db_input critical libpam-runtime/profiles || echo $RET > db_go > db_get libpam-runtime/profiles > echo "<$RET>" > debconf (developer): <-- X_LOADTEMPLATEFILE > /var/lib/dpkg/info/libpam-runtime.templates libpam-runtime > debconf (developer): --> 0 > debconf (developer): <-- SUBST libpam-runtime/profiles profile_names unix, > systemd, mkhomedir, cgfs, capability > debconf (developer): --> 0 > debconf (developer): <-- SUBST libpam-runtime/profiles profiles Unix > authentication, Register user sessions in the systemd control group > hierarchy, Create home directory on login, Create cgroups for user login > sessions, Inheritable Capabilities Management > debconf (developer): --> 0 > debconf (developer): <-- FSET libpam-runtime/profiles seen false > debconf (developer): --> 0 false > debconf (developer): <-- SET libpam-runtime/profiles unix, systemd, cgfs, > capability > debconf (developer): --> 0 value set > debconf (developer): <-- INPUT critical libpam-runtime/profiles > debconf (developer): --> 0 question will be asked > debconf (developer): <-- GO > debconf (developer): Input value, "Register user sessions in the systemd > control group ..." not found in C choices! This should never happen. Perhaps > the templates were incorrectly localized. > debconf (developer): --> 0 ok > debconf (developer): <-- GET libpam-runtime/profiles > debconf (developer): --> 0 unix, cgfs, capability > <unix, cgfs, capability> > > Note that systemd does not appear in the output regardless of whether or > not the option is selected. The problem is that the ellipsized choice > text can't be mapped back to the choice value. I have attached a patch > which adds this mapping. It also handles the case that ellipsized > options become ambiguous by allowing screen overflow instead of blindly > mapping both to a single value. > > Thanks for considering, > Kevin > > P.S. I have set Severity: normal, but the systemd breakage was severe > and difficult to track down without familiarity with systemd user > sessions. The issue may have significant impact. _______________________________________________ Pkg-systemd-maintainers mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-systemd-maintainers
