subject:"\[Touch\-packages\] \[Bug 1067779\] Re\: missing pam

[Touch-packages] [Bug 1067779] Re: missing pam_loginuid.so breaks getlogin()

2016-02-03 Thread dino99

cron (3.0pl1-124.1) unstable; urgency=medium

  * Non-maintainer upload.
  * Add pam_loginuid module to the PAM session stack (Closes: #677443)
  * Add systemd service file. Thanks to Michael Stapelberg (Closes: #652440)

 -- Laurent Bigonville   Sun, 25 May 2014 21:21:19
+0200

** Changed in: cron (Ubuntu)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to shadow in Ubuntu.
https://bugs.launchpad.net/bugs/1067779

Title:
  missing pam_loginuid.so breaks getlogin()

Status in at package in Ubuntu:
  Fix Released
Status in cron package in Ubuntu:
  Fix Released
Status in openssh package in Ubuntu:
  Fix Released
Status in shadow package in Ubuntu:
  Fix Released
Status in at package in Debian:
  Fix Released
Status in cron package in Debian:
  Fix Released
Status in openssh package in Debian:
  Fix Released
Status in shadow package in Debian:
  Fix Released

Bug description:
  getlogin() call in new glibc checks /proc/self/loginuid presence and
  trust its value as most safe source (due it's audit-related nature).
  But default /etc/pam.d/common-account doesn't contains entry to
  pam_loginuid.so which modify /proc/self/loginuid properly. This breaks
  getlogin() at many scenarios like this:

  (pam session without pam_loginuid)$  perl -e '$t=getlogin; print "$t\n";'
  root
  (pam session without pam_loginuid)$  id
  uid=1000(...

  just because /proc/self/loginuid contains '0' value

  If I add pam_loginuid.so to /etc/pam.d/common-account like
  http://manpages.ubuntu.com/manpages/precise/man8/pam_loginuid.8.html
  recommend, everything worked as expected:

  (pam session with pam_loginuid)$  perl -e '$t=getlogin; print "$t\n";'
  user
  (pam session with pam_loginuid)$  id
  uid=1000(...

  # cat /etc/lsb-release 
  DISTRIB_ID=Ubuntu
  DISTRIB_RELEASE=12.04
  DISTRIB_CODENAME=precise
  DISTRIB_DESCRIPTION="Ubuntu 12.04 LTS"

  # dpkg -l|fgrep libpam
  ii  libpam-ck-connector  0.4.5-2  
ConsoleKit PAM module
  ii  libpam-modules   1.1.3-7ubuntu2   
Pluggable Authentication Modules for PAM
  ii  libpam-modules-bin   1.1.3-7ubuntu2   
Pluggable Authentication Modules for PAM - helper binaries
  ii  libpam-runtime   1.1.3-7ubuntu2   
Runtime support for the PAM library
  ii  libpam0g 1.1.3-7ubuntu2   
Pluggable Authentication Modules library

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/at/+bug/1067779/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1067779] Re: missing pam_loginuid.so breaks getlogin()

2016-02-03 Thread dino99

at (3.1.15-1) unstable; urgency=medium

  * New upstream release:
+ pam.conf: require pam_loginuid.so (Closes: #677442)
  * Bumped Standards-Version to 3.9.5 (no changes).

 -- Ansgar Burchardt   Sun, 10 Aug 2014 14:03:16
+0200

** Changed in: at (Ubuntu)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to shadow in Ubuntu.
https://bugs.launchpad.net/bugs/1067779

Title:
  missing pam_loginuid.so breaks getlogin()

Status in at package in Ubuntu:
  Fix Released
Status in cron package in Ubuntu:
  Fix Released
Status in openssh package in Ubuntu:
  Fix Released
Status in shadow package in Ubuntu:
  Fix Released
Status in at package in Debian:
  Fix Released
Status in cron package in Debian:
  Fix Released
Status in openssh package in Debian:
  Fix Released
Status in shadow package in Debian:
  Fix Released

Bug description:
  getlogin() call in new glibc checks /proc/self/loginuid presence and
  trust its value as most safe source (due it's audit-related nature).
  But default /etc/pam.d/common-account doesn't contains entry to
  pam_loginuid.so which modify /proc/self/loginuid properly. This breaks
  getlogin() at many scenarios like this:

  (pam session without pam_loginuid)$  perl -e '$t=getlogin; print "$t\n";'
  root
  (pam session without pam_loginuid)$  id
  uid=1000(...

  just because /proc/self/loginuid contains '0' value

  If I add pam_loginuid.so to /etc/pam.d/common-account like
  http://manpages.ubuntu.com/manpages/precise/man8/pam_loginuid.8.html
  recommend, everything worked as expected:

  (pam session with pam_loginuid)$  perl -e '$t=getlogin; print "$t\n";'
  user
  (pam session with pam_loginuid)$  id
  uid=1000(...

  # cat /etc/lsb-release 
  DISTRIB_ID=Ubuntu
  DISTRIB_RELEASE=12.04
  DISTRIB_CODENAME=precise
  DISTRIB_DESCRIPTION="Ubuntu 12.04 LTS"

  # dpkg -l|fgrep libpam
  ii  libpam-ck-connector  0.4.5-2  
ConsoleKit PAM module
  ii  libpam-modules   1.1.3-7ubuntu2   
Pluggable Authentication Modules for PAM
  ii  libpam-modules-bin   1.1.3-7ubuntu2   
Pluggable Authentication Modules for PAM - helper binaries
  ii  libpam-runtime   1.1.3-7ubuntu2   
Runtime support for the PAM library
  ii  libpam0g 1.1.3-7ubuntu2   
Pluggable Authentication Modules library

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/at/+bug/1067779/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1067779] Re: missing pam_loginuid.so breaks getlogin()

2016-02-03 Thread Launchpad Bug Tracker

This bug was fixed in the package shadow - 1:4.2-3.1ubuntu1

---
shadow (1:4.2-3.1ubuntu1) xenial; urgency=low

  * Merge from Debian unstable.
- Includes pam_loginuid in login PAM config.  LP: #1067779.
- Fixes typo in usermod -h output.  LP: #1348873.
  * Remaining changes:
- debian/passwd.upstart: Add an upstart job to clear locks on
  [shadow-]passwd/group.
- debian/login.defs:
  + Update documentation of USERGROUPS_ENAB: with pam_umask, the UPG
handling does not only apply to "former (pre-PAM) uses".
  + Update documentation of UMASK: Explain that USERGROUPS_ENAB
will modify this default for UPGs.
- debian/{source_shadow.py,rules}: Add apport hook
- Pass noupdate to pam_motd call for /run/motd.dynamic, to avoid running
  /etc/update-motd.d/* scripts twice.
- debian/patches/1010_extrausers.patch: Add support to passwd for
  libnss-extrausers
- debian/patches/1011_extrausers_toggle.patch: extrausers support for
  useradd and groupadd
- debian/patches/userns/subuids-nonlocal-users: Don't limit
  subuid/subgid support to local users.
  * Dropped changes, included in Debian:
- Allow LXC devices (lxc/console, lxc/tty[1234]), used from precise on.
- Add uidmap package based on upstream patches that introduce
  newuidmap/newgidmap as well as /etc/subuid and /etc/subgid. Additional
  updates on those to widen the default allocation to 65536 uids and gids
  and only assign ranges to non-system users.
- debian/patches/1020_fix_user_busy_errors: Call sub_uid_close in all
  error cases.
  * Dropped changes, included upstream:
- debian/patches/495_stdout-encrypted-password: chpasswd can report
  password hashes on stdout.
- debian/patches/496_su_kill_process_group: Kill the child process group,
  rather than just the immediate child.
  * Fix pam_motd calls so that the second pam_motd is the noupdate one rather
than the first, ensuring /run/motd.dynamic is always populated and shown
on the first login after boot.  LP: #1368864.
  * Don't call 'pam_exec uname', a change adopted in Debian without
coordination with the Debian PAM maintainer
  * Use dh_installinit now for installing the upstart job, as we no longer
generate a dependency on upstart-job.
  * Include /etc/sub[ug]id in the list of files to clear locks for on boot.
LP: #1304505
  * Add a systemd unit to go with the upstart job, so that lock clearing works
on newer Ubuntu releases.

shadow (1:4.2-3.1) unstable; urgency=medium

  * Non-maintainer upload.
  * Fix error handling in busy user detection. (Closes: #778287)

shadow (1:4.2-3) unstable; urgency=low

  * Enforce hardened builds to workaround cdbs sometimes not building
with hardening flags as in 1:4.2-2+b1
Thanks to Dr. Markus Waldeck for pointing the issue and Simon Ruderich
For providing a working patch.

shadow (1:4.2-2) unstable; urgency=low

  * The "Soumaintrain" release
  * The "Rigotte de Condrieu" release was 4.2-1
  * Upload to unstable
  * Last upload integrates the use of dh_autoreconf which has the same
effect then Eric Dorland's patch in 1:4.1.5.1-1.1 NMU to drop the
use of automake1.9. Closes: #724434

  [ Samuel Thibault ]
  * Enable the login package on hurd-any, but without /bin/login, still provided
by the hurd package. Closes: #737805.
This fix was accidentally forgotten in 1:4.2-1

  [ Josh Triplett ]
  * use the new pam_exec functionality from pam 1.1.8-1 to implement the
dynamic motd, rather than using /run/motd.dynamic from initscripts.
This will allow initscripts to drop /etc/init.d/motd.
Closes: #741129

  [ Laurent Bigonville ]
  * Enable libaudit support. Closes: #745774

  [ Trần Ngọc Quân ]
  * Vietnamese translation update.

  [ Christian Perrier ]
  * Add a lintian override for newuidmap and newgidmap setuid binaries
  * Add upstream signing key as debian/upstream-signing-key.asc
  * Check upstream signing key in debian/watch

shadow (1:4.2-1) experimental; urgency=low

  [ Nicolas FRANCOIS (Nekral) ]
  * New upstream release. Fixes:
- Invalid free() in su fixed by using strdup(). Thanks to Serge
  Hallyn for the patch. Closes: #691459
- Kill the child process group, rather than just the
  immediate child; this is needed now that su no
  longer starts a controlling terminal when not running an
  interactive shell. Thanks to Colin Watson for the patch.
  Closes: #713979
- German manpages translation update. Closes: #679152
- Improve login.defs (typographic errors and better format).
  Closes: #685415
- Russian translation update. Closes: #718356
- Do not assume random() is limited by RAND_MAX.  Closes: #677275
- Support C libraries with unknown fields in struct passwd.
  Closes: #675824
- su: child cleanup is performed before terminating PAM sessions. This
  avoids anoying "...terminated" messages when PAM

[Touch-packages] [Bug 1067779] Re: missing pam_loginuid.so breaks getlogin()

2014-10-20 Thread Christian Kastner

3.0pl1-124.1ubuntu1 contains a fix for this.

** Changed in: cron (Ubuntu)
   Status: Confirmed = Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to cron in Ubuntu.
https://bugs.launchpad.net/bugs/1067779

Title:
  missing pam_loginuid.so breaks getlogin()

Status in “at” package in Ubuntu:
  Fix Committed
Status in “cron” package in Ubuntu:
  Fix Committed
Status in “openssh” package in Ubuntu:
  Fix Released
Status in “shadow” package in Ubuntu:
  Confirmed
Status in “at” package in Debian:
  Fix Released
Status in “cron” package in Debian:
  Fix Released
Status in “openssh” package in Debian:
  Fix Released
Status in “shadow” package in Debian:
  Fix Released

Bug description:
  getlogin() call in new glibc checks /proc/self/loginuid presence and
  trust its value as most safe source (due it's audit-related nature).
  But default /etc/pam.d/common-account doesn't contains entry to
  pam_loginuid.so which modify /proc/self/loginuid properly. This breaks
  getlogin() at many scenarios like this:

  (pam session without pam_loginuid)$  perl -e '$t=getlogin; print $t\n;'
  root
  (pam session without pam_loginuid)$  id
  uid=1000(...

  just because /proc/self/loginuid contains '0' value

  If I add pam_loginuid.so to /etc/pam.d/common-account like
  http://manpages.ubuntu.com/manpages/precise/man8/pam_loginuid.8.html
  recommend, everything worked as expected:

  (pam session with pam_loginuid)$  perl -e '$t=getlogin; print $t\n;'
  user
  (pam session with pam_loginuid)$  id
  uid=1000(...

  # cat /etc/lsb-release 
  DISTRIB_ID=Ubuntu
  DISTRIB_RELEASE=12.04
  DISTRIB_CODENAME=precise
  DISTRIB_DESCRIPTION=Ubuntu 12.04 LTS

  # dpkg -l|fgrep libpam
  ii  libpam-ck-connector  0.4.5-2  
ConsoleKit PAM module
  ii  libpam-modules   1.1.3-7ubuntu2   
Pluggable Authentication Modules for PAM
  ii  libpam-modules-bin   1.1.3-7ubuntu2   
Pluggable Authentication Modules for PAM - helper binaries
  ii  libpam-runtime   1.1.3-7ubuntu2   
Runtime support for the PAM library
  ii  libpam0g 1.1.3-7ubuntu2   
Pluggable Authentication Modules library

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/at/+bug/1067779/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1067779] Re: missing pam_loginuid.so breaks getlogin()

2014-08-10 Thread Bug Watch Updater

** Changed in: at (Debian)
   Status: Fix Committed = Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to cron in Ubuntu.
https://bugs.launchpad.net/bugs/1067779

Title:
  missing pam_loginuid.so breaks getlogin()

Status in “at” package in Ubuntu:
  Fix Committed
Status in “cron” package in Ubuntu:
  Confirmed
Status in “openssh” package in Ubuntu:
  Fix Released
Status in “shadow” package in Ubuntu:
  Confirmed
Status in “at” package in Debian:
  Fix Released
Status in “cron” package in Debian:
  Fix Released
Status in “openssh” package in Debian:
  Fix Released
Status in “shadow” package in Debian:
  Fix Released

Bug description:
  getlogin() call in new glibc checks /proc/self/loginuid presence and
  trust its value as most safe source (due it's audit-related nature).
  But default /etc/pam.d/common-account doesn't contains entry to
  pam_loginuid.so which modify /proc/self/loginuid properly. This breaks
  getlogin() at many scenarios like this:

  (pam session without pam_loginuid)$  perl -e '$t=getlogin; print $t\n;'
  root
  (pam session without pam_loginuid)$  id
  uid=1000(...

  just because /proc/self/loginuid contains '0' value

  If I add pam_loginuid.so to /etc/pam.d/common-account like
  http://manpages.ubuntu.com/manpages/precise/man8/pam_loginuid.8.html
  recommend, everything worked as expected:

  (pam session with pam_loginuid)$  perl -e '$t=getlogin; print $t\n;'
  user
  (pam session with pam_loginuid)$  id
  uid=1000(...

  # cat /etc/lsb-release 
  DISTRIB_ID=Ubuntu
  DISTRIB_RELEASE=12.04
  DISTRIB_CODENAME=precise
  DISTRIB_DESCRIPTION=Ubuntu 12.04 LTS

  # dpkg -l|fgrep libpam
  ii  libpam-ck-connector  0.4.5-2  
ConsoleKit PAM module
  ii  libpam-modules   1.1.3-7ubuntu2   
Pluggable Authentication Modules for PAM
  ii  libpam-modules-bin   1.1.3-7ubuntu2   
Pluggable Authentication Modules for PAM - helper binaries
  ii  libpam-runtime   1.1.3-7ubuntu2   
Runtime support for the PAM library
  ii  libpam0g 1.1.3-7ubuntu2   
Pluggable Authentication Modules library

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/at/+bug/1067779/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1067779] Re: missing pam_loginuid.so breaks getlogin()

[Touch-packages] [Bug 1067779] Re: missing pam_loginuid.so breaks getlogin()

[Touch-packages] [Bug 1067779] Re: missing pam_loginuid.so breaks getlogin()

[Touch-packages] [Bug 1067779] Re: missing pam_loginuid.so breaks getlogin()

[Touch-packages] [Bug 1067779] Re: missing pam_loginuid.so breaks getlogin()

5 matches

Site Navigation

Mail list logo

Footer information