[ubuntu/oneiric] pam 1.1.3-2ubuntu1 (Accepted)

Kees Cook kees at ubuntu.com
Fri Aug 19 01:05:21 UTC 2011


pam (1.1.3-2ubuntu1) oneiric; urgency=low

  * Merge with Debian to get bug fix for unknown kernel rlimits. Remaining
    changes:
    - debian/libpam-modules.postinst: Add PATH to /etc/environment if it's
      not present there or in /etc/security/pam_env.conf. (should send to
      Debian).
    - debian/libpam0g.postinst: only ask questions during update-manager when
      there are non-default services running.
    - Change Vcs-Bzr to point at the Ubuntu branch.
    - debian/patches-applied/series: Ubuntu patches are as below ...
    - debian/patches-applied/ubuntu-rlimit_nice_correction: Explicitly
      initialise RLIMIT_NICE rather than relying on the kernel limits.
    - debian/patches-applied/pam_motd-legal-notice: display the contents of
      /etc/legal once, then set a flag in the user's homedir to prevent
      showing it again.
    - debian/update-motd.5, debian/libpam-modules.manpages: add a manpage
      for update-motd, with some best practices and notes of explanation.
    - debian/patches/update-motd-manpage-ref: add a reference in pam_motd(8)
      to update-motd(5)
    - debian/libpam0g.postinst: drop kdm from the list of services to
      restart.
    - debian/libpam0g.postinst: check if gdm is actually running before
      trying to reload it.
    - debian/local/common-session{,-noninteractive}: Enable pam_umask by
      default, now that the umask setting is gone from /etc/profile.
    - debian/local/pam-auth-update: Add the new md5sums for pam_umask addition.
    - add debian/patches-applied/pam_umask_usergroups_from_login.defs.patch:
      Deprecate pam_unix' explicit "usergroups" option and instead read it
      from /etc/login.def's "USERGROUP_ENAB" option if umask is only defined
      there. This restores compatibility with the pre-PAM behaviour of login.
      (Closes: #583958)
  * Dropped changes:
    - debian/patches-applied/027_pam_limits_better_init_allow_explicit_root:
      no need to bump the hard limit for number of file descriptors any more
      since we read kernel limits directly now.

pam (1.1.3-2) unstable; urgency=low

  [ Kees Cook ]
  * debian/patches-applied/027_pam_limits_better_init_allow_explicit_root:
    - only report about unknown kernel rlimits when "debug" is set
      (Closes: 625226, LP: #794531).

  [ Steve Langasek ]
  * Build for multiarch.  Closes: #463420.
  * debian/patches-applied/027_pam_limits_better_init_allow_explicit_root:
    don't reset the process niceness for root; since it's root, they can
    still renice to a lower nice level if they need to and changing the
    nice level by default is unexpected behavior.  Closes: #594377.

Date: Thu, 18 Aug 2011 16:41:18 -0500
Changed-By: Kees Cook <kees at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/oneiric/+source/pam/1.1.3-2ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 18 Aug 2011 16:41:18 -0500
Source: pam
Binary: libpam0g libpam-modules libpam-modules-bin libpam-runtime libpam0g-dev libpam-cracklib libpam-doc
Architecture: source
Version: 1.1.3-2ubuntu1
Distribution: oneiric
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Kees Cook <kees at ubuntu.com>
Description: 
 libpam-cracklib - PAM module to enable cracklib support
 libpam-doc - Documentation of PAM
 libpam-modules - Pluggable Authentication Modules for PAM
 libpam-modules-bin - Pluggable Authentication Modules for PAM - helper binaries
 libpam-runtime - Runtime support for the PAM library
 libpam0g   - Pluggable Authentication Modules library
 libpam0g-dev - Development files for PAM
Closes: 463420 583958 594377 625226
Launchpad-Bugs-Fixed: 794531
Changes: 
 pam (1.1.3-2ubuntu1) oneiric; urgency=low
 .
   * Merge with Debian to get bug fix for unknown kernel rlimits. Remaining
     changes:
     - debian/libpam-modules.postinst: Add PATH to /etc/environment if it's
       not present there or in /etc/security/pam_env.conf. (should send to
       Debian).
     - debian/libpam0g.postinst: only ask questions during update-manager when
       there are non-default services running.
     - Change Vcs-Bzr to point at the Ubuntu branch.
     - debian/patches-applied/series: Ubuntu patches are as below ...
     - debian/patches-applied/ubuntu-rlimit_nice_correction: Explicitly
       initialise RLIMIT_NICE rather than relying on the kernel limits.
     - debian/patches-applied/pam_motd-legal-notice: display the contents of
       /etc/legal once, then set a flag in the user's homedir to prevent
       showing it again.
     - debian/update-motd.5, debian/libpam-modules.manpages: add a manpage
       for update-motd, with some best practices and notes of explanation.
     - debian/patches/update-motd-manpage-ref: add a reference in pam_motd(8)
       to update-motd(5)
     - debian/libpam0g.postinst: drop kdm from the list of services to
       restart.
     - debian/libpam0g.postinst: check if gdm is actually running before
       trying to reload it.
     - debian/local/common-session{,-noninteractive}: Enable pam_umask by
       default, now that the umask setting is gone from /etc/profile.
     - debian/local/pam-auth-update: Add the new md5sums for pam_umask addition.
     - add debian/patches-applied/pam_umask_usergroups_from_login.defs.patch:
       Deprecate pam_unix' explicit "usergroups" option and instead read it
       from /etc/login.def's "USERGROUP_ENAB" option if umask is only defined
       there. This restores compatibility with the pre-PAM behaviour of login.
       (Closes: #583958)
   * Dropped changes:
     - debian/patches-applied/027_pam_limits_better_init_allow_explicit_root:
       no need to bump the hard limit for number of file descriptors any more
       since we read kernel limits directly now.
 .
 pam (1.1.3-2) unstable; urgency=low
 .
   [ Kees Cook ]
   * debian/patches-applied/027_pam_limits_better_init_allow_explicit_root:
     - only report about unknown kernel rlimits when "debug" is set
       (Closes: 625226, LP: #794531).
 .
   [ Steve Langasek ]
   * Build for multiarch.  Closes: #463420.
   * debian/patches-applied/027_pam_limits_better_init_allow_explicit_root:
     don't reset the process niceness for root; since it's root, they can
     still renice to a lower nice level if they need to and changing the
     nice level by default is unexpected behavior.  Closes: #594377.
Checksums-Sha1: 
 c001cfadc4df4c1667a35df008a2711ee094f9c0 2290 pam_1.1.3-2ubuntu1.dsc
 b9310a9b99ed443e0d68ce86aa07b8e49cf1fbbf 285261 pam_1.1.3-2ubuntu1.diff.gz
Checksums-Sha256: 
 a2cd457b1b37276f141aea3457c1ac4048fee63de2302182b7416a15d66ec26d 2290 pam_1.1.3-2ubuntu1.dsc
 e3268472806f28702446a9d3c3e9f038009e5adcc6a5fda184ee462fefdeb2f2 285261 pam_1.1.3-2ubuntu1.diff.gz
Files: 
 68627a7077b7bc2a1210a0b0f61c0485 2290 libs optional pam_1.1.3-2ubuntu1.dsc
 6c381e8b7cffdf00c89844801c4ebf38 285261 libs optional pam_1.1.3-2ubuntu1.diff.gz
Original-Maintainer: Steve Langasek <vorlon at debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Kees Cook <kees at outflux.net>

iQIcBAEBCgAGBQJOTbXSAAoJEIly9N/cbcAm53YQAIMK2JoxzBXF2BL+FyP8Fy93
cDpoOjj41g9JHa4hzenCv16wfPk0xpbry75zaApOk9DUKrZX1Xkc8C7lekY1Ap/q
iEAhncSF7QGpmNiyHTU5UVtBIJQno5cSw9FyXWtI9zAhBR7S4VFbyOVA5+LW7NC/
gadd09MxtuyqGTnqEdvpY40yjF0uBg+oPODuOzymrPGrfYg1jhvSvODTiJgOk6Kj
DrbgnsB0bcZcDH665swvyQqFp8nZ9/lt0+PouCBfyzjk7RoBGxJ+YyrzU5T+i0k/
+y83c0Y9CvVyWdkATdJiO6/gPpGuoJaLTW4DqJuGygR8BiYL4KiqUSgithatRxSl
Pe4Mcqii1l+15nenBGhpf5A507rv/i6uizgL0QANjWlSjB6pDM0q5fC7U0suWjeP
rf4LCzLnNVCk8QVR/8YBB3JhGLvieyrnTCWx5MFNUABuJ8HkkPAGOF4RyvwdZ3pe
nWFk8zyxUUGyQfNJvVa7Dqum9WDbB7DlE410T9fIRatZzjoMTchqhL9+/PDocayh
6uCPLtyKO8RS1qF/fNyg+yfV6cXLov7IVLAX5d2/nWjAM4G3x5uL9oA/ZskHDgmF
v98A8cBxUscHNVjdTvPhZ/XlwkgF6/SB6tCbTn+B+E7ZF7rbpqBiiVmCerB6gZC6
V2WU9DZcXdPz/0RqWqTx
=7wjR
-----END PGP SIGNATURE-----


More information about the Oneiric-changes mailing list