subject:"Bug#1032914\: phog\: ships \/etc\/pam.d\/greetd"

Bug#1032914: phog: ships /etc/pam.d/greetd

2023-04-18 Thread Jochen Sprickerhof


Hi,

I've filled #1034595 to get phog unblocked as well.

(also this hopefully delays the autoremoval of phog).

Cheers Jochen

* Marc Dequènes  [2023-04-07 19:45]:

Quack Arnaud,

greetd was unblocked today. Thanks for your help :-).

\_o<

--
Marc Dequènes


signature.asc
Description: PGP signature

Bug#1032914: phog: ships /etc/pam.d/greetd

2023-04-07 Thread duck


Quack Arnaud,

greetd was unblocked today. Thanks for your help :-).

\_o<

--
Marc Dequènes

Bug#1032914: phog: ships /etc/pam.d/greetd

2023-03-30 Thread duck


Quack,

On 2023-03-24 18:24, Arnaud Ferraris wrote:


Well yes, it was only supposed to be transitional waiting for
https://lists.sr.ht/~kennylevinsen/greetd/patches/36264 to land
upstream, but I went a bit too optimistic on that one, my bad...


That's fine.


The greeter PAM config drops the gnome-keyring/kwallet bits in order
to be a bit lighter at runtime (those lines cause at least
"gnome-keyring-daemon" to be started for user "_greetd", which is
basically useless as it's a system user with no actual use of a
keyring). Therefore I feel it's best to keep both config separate, but
I'd be fine with a single config if you prefer it that way.


Ok, makes sense, I was not aware it spawned anything.


Thanks for the comments, I'm attaching the updated patches.


Thanks for your work. I just merged it and will be uploading shortly.

Regards.
\_o<

--
Marc Dequènes

Bug#1032914: phog: ships /etc/pam.d/greetd

2023-03-24 Thread Arnaud Ferraris


Hi,

Le 22/03/2023 à 17:58, Marc Dequènes (duck) a écrit :

Quack,

Honestly when I read the title I really wondered how phog could have 
ended-up shipping this file. I forgot it initially, was asked about it 
and added it quickly, so it's not like I would have rejected the idea.


Well yes, it was only supposed to be transitional waiting for 
https://lists.sr.ht/~kennylevinsen/greetd/patches/36264 to land 
upstream, but I went a bit too optimistic on that one, my bad...


Anyway, back to the patch itself. First I wonder if it's useful to 
ship the second PAM config since in the code 
(greetd/src/server.rs#211) it simply use the base greetd PAM 
configuration as a fallback; this is not a blocker though.


The greeter PAM config drops the gnome-keyring/kwallet bits in order to 
be a bit lighter at runtime (those lines cause at least 
"gnome-keyring-daemon" to be started for user "_greetd", which is 
basically useless as it's a system user with no actual use of a 
keyring). Therefore I feel it's best to keep both config separate, but 
I'd be fine with a single config if you prefer it that way.


Then I would prefer if the changelog entries were shipped with the 
corresponding changes and not in a lump afterwards. Also the "debian:" 
and "d/*:" prefixes are not the style I use. Maybe I'm missing why 
some people still use it but with the VCS taking care of remembering 
which files have been changed I don't feel the need to add this 
anymore and it's not very non-DD friendly. I like your comments to 
clearly explain the rationale.


Thanks for the comments, I'm attaching the updated patches.

Cheers,
Arnaud



Regards.
\_o<

From 3494b22e9819cf6e1fd8c20623060272c1ea2c51 Mon Sep 17 00:00:00 2001
From: Arnaud Ferraris 
Date: Wed, 15 Mar 2023 13:51:11 +0100
Subject: [PATCH 1/2] Update PAM configuration(s)

Except for the gnome-keyring bits, all items currently set in the
`greetd` PAM config are already part of the `login` config. Including
the latter makes the `greetd` config simpler.

This commit also calls the PAM modules needed for unlocking the KDE
wallet as well, and adds the `greetd-greeter` config (simply including
`login` as the greeter itself doesn't need to deal with keyrings).

Finally, switch to using debhelper for installing the configs instead of
handling those manually.
---
 debian/changelog | 14 ++
 debian/greetd.greetd-greeter.pam |  2 ++
 debian/greetd.greetd.pam |  8 
 debian/greetd.install|  1 -
 debian/pam.d/greetd  | 22 --
 debian/rules |  5 -
 6 files changed, 28 insertions(+), 24 deletions(-)
 create mode 100644 debian/greetd.greetd-greeter.pam
 create mode 100644 debian/greetd.greetd.pam
 delete mode 100644 debian/pam.d/greetd

diff --git a/debian/changelog b/debian/changelog
index 707afdf..ae9095e 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,17 @@
+greetd (0.9.0-3) UNRELEASED; urgency=medium
+
+  * Update PAM configuration(s)
+Except for the gnome-keyring bits, all items currently set in the
+`greetd` PAM config are already part of the `login` config. Including
+the latter makes the `greetd` config simpler.
+This commit also calls the PAM modules needed for unlocking the KDE
+wallet as well, and adds the `greetd-greeter` config (simply including
+`login` as the greeter itself doesn't need to deal with keyrings).
+Finally, switch to using debhelper for installing the configs instead of
+handling those manually.
+
+ -- Arnaud Ferraris   Fri, 24 Mar 2023 10:20:21 +0100
+
 greetd (0.9.0-2) unstable; urgency=medium
 
   * Provide PAM configuration (Closes: #1032786).
diff --git a/debian/greetd.greetd-greeter.pam b/debian/greetd.greetd-greeter.pam
new file mode 100644
index 000..1ed7162
--- /dev/null
+++ b/debian/greetd.greetd-greeter.pam
@@ -0,0 +1,2 @@
+#%PAM-1.0
+@include login
diff --git a/debian/greetd.greetd.pam b/debian/greetd.greetd.pam
new file mode 100644
index 000..7f2a906
--- /dev/null
+++ b/debian/greetd.greetd.pam
@@ -0,0 +1,8 @@
+#%PAM-1.0
+@include login
+
+-authoptionalpam_gnome_keyring.so
+-authoptionalpam_kwallet5.so
+
+-session optionalpam_gnome_keyring.so auto_start
+-session optionalpam_kwallet5.so auto_start
diff --git a/debian/greetd.install b/debian/greetd.install
index 0a3fbfb..83f2dad 100644
--- a/debian/greetd.install
+++ b/debian/greetd.install
@@ -1,4 +1,3 @@
 greetd.service /lib/systemd/system/
 config.toml /etc/greetd/
 debian/needrestart/50_greetd.conf /etc/needrestart/conf.d/
-debian/pam.d/greetd /etc/pam.d/
diff --git a/debian/pam.d/greetd b/debian/pam.d/greetd
deleted file mode 100644
index 062217b..000
--- a/debian/pam.d/greetd
+++ /dev/null
@@ -1,22 +0,0 @@
-#%PAM-1.0
-
-# Block login if they are globally disabled
-auth  requisite pam_nologin.so
-
-# Load environment from /etc/environment and ~/.pam_environment
-session

Bug#1032914: phog: ships /etc/pam.d/greetd

2023-03-22 Thread duck


Quack,

On 2023-03-21 18:49, Arnaud Ferraris wrote:


@duck, any comment on the above?


Thanks for the contribution.

Honestly when I read the title I really wondered how phog could have 
ended-up shipping this file. I forgot it initially, was asked about it 
and added it quickly, so it's not like I would have rejected the idea.


Anyway, back to the patch itself. First I wonder if it's useful to ship 
the second PAM config since in the code (greetd/src/server.rs#211) it 
simply use the base greetd PAM configuration as a fallback; this is not 
a blocker though.
Then I would prefer if the changelog entries were shipped with the 
corresponding changes and not in a lump afterwards. Also the "debian:" 
and "d/*:" prefixes are not the style I use. Maybe I'm missing why some 
people still use it but with the VCS taking care of remembering which 
files have been changed I don't feel the need to add this anymore and 
it's not very non-DD friendly. I like your comments to clearly explain 
the rationale.


Regards.
\_o<

--
Marc Dequènes

Bug#1032914: phog: ships /etc/pam.d/greetd

2023-03-21 Thread Arnaud Ferraris


Control: tags -1 + patch

Hi,

On Tue, 14 Mar 2023 00:20:10 +0100 Andreas Beckmann  wrote:
>
> Hi,
>
> during a test with piuparts I noticed your package failed to install
> because it tries to overwrite other packages files.
>
> From the attached log (scroll to the bottom...):
>
> 
https://ci.debian.net/data/autopkgtest/testing/amd64/p/phog/32130044/log.gz

>
> Preparing to unpack .../phog_0.1.3-1_amd64.deb ...
> Unpacking phog (0.1.3-1) ...
> dpkg: error processing archive 
/var/cache/apt/archives/phog_0.1.3-1_amd64.deb (--unpack):
> trying to overwrite '/etc/pam.d/greetd', which is also in package 
greetd 0.9.0-2

> Errors were encountered while processing:
> /var/cache/apt/archives/phog_0.1.3-1_amd64.deb
> E: Sub-process /usr/bin/dpkg returned an error code (1)
>
>
> greetd recently started to ship /etc/pam.d/greetd (with different
> content) itself.

Thanks for the heads-up!

I have a pending MR for fixing this bug on phog's side (see 
https://salsa.debian.org/DebianOnMobile-team/phog/-/merge_requests/5), 
however this would require small changes to greetd as well (+cc duck for 
that matter) to ensure users don't end up in a messed up situation.


I opened a MR on salsa's greetd 
(https://salsa.debian.org/debian/greetd/-/merge_requests/1), attaching 
the corresponding patches here as well for completeness.


@duck, any comment on the above?

Cheers,
Arnaud

>
>
> cheers,
>
> Andreas
>
>
From eca07bda4c0b272ded196008c3d4528c756f5bb6 Mon Sep 17 00:00:00 2001
From: Arnaud Ferraris 
Date: Wed, 15 Mar 2023 13:51:11 +0100
Subject: [PATCH 1/3] debian: update PAM config(s)

Except for the gnome-keyring bits, all items currently set in the
`greetd` PAM config are already part of the `login` config. Including
the latter makes the `greetd` config simpler.

This commit also calls the PAM modules needed for unlocking the KDE
wallet as well, and adds the `greetd-greeter` config (simply including
`login` as the greeter itself doesn't need to deal with keyrings).

Finally, switch to using debhelper for installing the configs instead of
handling those manually.
---
 debian/greetd.greetd-greeter.pam |  2 ++
 debian/greetd.greetd.pam |  8 
 debian/greetd.install|  1 -
 debian/pam.d/greetd  | 22 --
 debian/rules |  5 -
 5 files changed, 14 insertions(+), 24 deletions(-)
 create mode 100644 debian/greetd.greetd-greeter.pam
 create mode 100644 debian/greetd.greetd.pam
 delete mode 100644 debian/pam.d/greetd

diff --git a/debian/greetd.greetd-greeter.pam b/debian/greetd.greetd-greeter.pam
new file mode 100644
index 000..1ed7162
--- /dev/null
+++ b/debian/greetd.greetd-greeter.pam
@@ -0,0 +1,2 @@
+#%PAM-1.0
+@include login
diff --git a/debian/greetd.greetd.pam b/debian/greetd.greetd.pam
new file mode 100644
index 000..7f2a906
--- /dev/null
+++ b/debian/greetd.greetd.pam
@@ -0,0 +1,8 @@
+#%PAM-1.0
+@include login
+
+-authoptionalpam_gnome_keyring.so
+-authoptionalpam_kwallet5.so
+
+-session optionalpam_gnome_keyring.so auto_start
+-session optionalpam_kwallet5.so auto_start
diff --git a/debian/greetd.install b/debian/greetd.install
index 0a3fbfb..83f2dad 100644
--- a/debian/greetd.install
+++ b/debian/greetd.install
@@ -1,4 +1,3 @@
 greetd.service /lib/systemd/system/
 config.toml /etc/greetd/
 debian/needrestart/50_greetd.conf /etc/needrestart/conf.d/
-debian/pam.d/greetd /etc/pam.d/
diff --git a/debian/pam.d/greetd b/debian/pam.d/greetd
deleted file mode 100644
index 062217b..000
--- a/debian/pam.d/greetd
+++ /dev/null
@@ -1,22 +0,0 @@
-#%PAM-1.0
-
-# Block login if they are globally disabled
-auth  requisite pam_nologin.so
-
-# Load environment from /etc/environment and ~/.pam_environment
-session  required pam_env.so readenv=1
-session  required pam_env.so readenv=1 envfile=/etc/default/locale
-
-@include common-auth
-
--auth  optional pam_gnome_keyring.so
-
-@include common-account
-
-session  requiredpam_limits.so
-session  requiredpam_loginuid.so
-@include common-session
-
--session optionalpam_gnome_keyring.so auto_start
-
-@include common-password
diff --git a/debian/rules b/debian/rules
index 523b72b..1c1d9c5 100755
--- a/debian/rules
+++ b/debian/rules
@@ -30,10 +30,13 @@ execute_after_dh_install:
 	# bad perms
 	chmod a-x debian/greetd/lib/systemd/system/greetd.service
 
+override_dh_installpam:
+	dh_installpam --name=greetd
+	dh_installpam --name=greetd-greeter
+
 override_dh_installsystemd:
 	dh_installsystemd --no-stop-on-upgrade --no-start
 
 execute_after_dh_auto_clean:
 	make -C man clean
 	rm -f debian/cargo-checksum.json
-
-- 
2.39.1

From be90d0cb662cf94de32bbb95f9070a6127b25bef Mon Sep 17 00:00:00 2001
From: Arnaud Ferraris 
Date: Wed, 15 Mar 2023 13:52:39 +0100
Subject: [PATCH 2/3] d/control: break/replace older `phog`

`phog` used to ship the `greetd` and `greetd-greeter` PAM configs,
leading to conflicts with the

Bug#1032914: phog: ships /etc/pam.d/greetd

2023-03-13 Thread Andreas Beckmann

Package: phog
Version: 0.1.3-1
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts
Control: affects -1 + src:greetd

Hi,

during a test with piuparts I noticed your package failed to install
because it tries to overwrite other packages files.

>From the attached log (scroll to the bottom...):

https://ci.debian.net/data/autopkgtest/testing/amd64/p/phog/32130044/log.gz

Preparing to unpack .../phog_0.1.3-1_amd64.deb ...
Unpacking phog (0.1.3-1) ...
dpkg: error processing archive /var/cache/apt/archives/phog_0.1.3-1_amd64.deb 
(--unpack):
 trying to overwrite '/etc/pam.d/greetd', which is also in package greetd 
0.9.0-2
Errors were encountered while processing:
 /var/cache/apt/archives/phog_0.1.3-1_amd64.deb
E: Sub-process /usr/bin/dpkg returned an error code (1)


greetd recently started to ship /etc/pam.d/greetd (with different
content) itself.


cheers,

Andreas

Bug#1032914: phog: ships /etc/pam.d/greetd

Bug#1032914: phog: ships /etc/pam.d/greetd

Bug#1032914: phog: ships /etc/pam.d/greetd

Bug#1032914: phog: ships /etc/pam.d/greetd

Bug#1032914: phog: ships /etc/pam.d/greetd

Bug#1032914: phog: ships /etc/pam.d/greetd

Bug#1032914: phog: ships /etc/pam.d/greetd

7 matches

Site Navigation

Mail list logo

Footer information