Ubuntu
shadow package

Merge ~andersson123/ubuntu/+source/shadow:ubuntu/noble-proposed into ubuntu/+source/shadow:ubuntu/noble-devel

  1. Git
  2. lp:~andersson123/ubuntu/+source/shadow
  3. ubuntu/noble-proposed
  4. Merge into ubuntu/noble-devel
Proposed by Tim Andersson
Status: Merged
Merged at revision: d8203aead106b071fd6bde986b74f4ec53329c86
Proposed branch: ~andersson123/ubuntu/+source/shadow:ubuntu/noble-proposed
Merge into: ubuntu/+source/shadow:ubuntu/noble-devel
Diff against target: 32 lines (+9/-4)
2 files modified
debian/changelog (+9/-0)
debian/login.pam (+0/-4)
Reviewer Review Type Date Requested Status
Steve Langasek (community) Approve
Lukas Märdian (community) Needs Fixing
git-ubuntu import Pending
Review via email: mp+476396@code.launchpad.net

Commit message

    * Don't include pam_lastlog.so as optional (LP: #2060676)
      - d/p/remove-lastlog-from-login-config.patch: Remove pam_lastlog.so as optional login dependency

To post a comment you must log in.
Revision history for this message
Lukas Märdian (slyon) wrote :

Hi Tim! I left some inline comments below.

Overall, I'm not sure if the rationale is strong enough for this to be SRUed... As you mentioned in the bug report yourself, it's mostly a cosmetic issue, to avoid a warning log message. I'm not a SRU reviewer, but I'd suggest improving your [Impact] section, if you still want to get this landed.

IMO the risk & impact might be too high for just muting a log message. If you still want to go for it, I'd suggest getting the package into noble-proposed, but then adding the "block-proposed-noble" tag to the SRU bug. That way you could still do the full SRU verification, but keep the package update pending, until some other shadow SRU needs to be done and the two fixes could be deployed together as a bundle to noble-updates.

Another thought: When and why exactly did the pam_lastlog.so disappear? Might it be a better option to get that fixed instead? As that might actually affect users relying on the "last" command. Fixing that root cause (either by bringing back old pam_lastlog.so or some new lastlog2 binary), seems more valuable to me.

review: Needs Fixing
Revision history for this message
Steve Langasek (vorlon) wrote :

Is this change already present in oracular and plucky? By SRU policy it must be before uploading to Bible.

review: Needs Fixing
Revision history for this message
Tim Andersson (andersson123) wrote :

Thanks for your feedback guys! I spoke with juliank last week, and I'm going to do this SRU as a staged upload. I'm going to add information to the bug report about:
- When pam_lastlog.so disappeared
- how we could potentially create an SRU which removes pam_lastlog.so and instead relies on the lastlog2 binary - though this'll involve an SRU of shadow and an SRU of util-linux (lastlog2 is introduced in util-linux=2.40)
- How we could potentially create an SRU of shadow which re-introduces the old pam_lastlog.so binary
- Information on why this issue isn't present in oracular and plucky

Revision history for this message
Tim Andersson (andersson123) wrote :

Aside from that, I've pushed changes based on inline comments

Revision history for this message
Tim Andersson (andersson123) wrote :

I think this is perhaps ready for re-review :) :D

Revision history for this message
Steve Langasek (vorlon) :
review: Needs Fixing
Revision history for this message
Tim Andersson (andersson123) wrote :

Hey Steve! Sorry, I added info to the bug regarding it being fixed in oracular and plucky. Should I also add that info to this MP or is it fine as is?

Revision history for this message
Tim Andersson (andersson123) wrote :

amended and ready for re-review

Revision history for this message
Steve Langasek (vorlon) :
review: Needs Fixing
Revision history for this message
Tim Andersson (andersson123) wrote :

Oh, so sorry, I rushed that last changelog entry and missed that. amended

Revision history for this message
Steve Langasek (vorlon) :
review: Approve
Revision history for this message
Steve Langasek (vorlon) wrote :

And uploaded

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/debian/changelog b/debian/changelog
2index 0f1c0e2..1ae717b 100644
3--- a/debian/changelog
4+++ b/debian/changelog
5@@ -1,3 +1,12 @@
6+shadow (1:4.13+dfsg1-4ubuntu3.3) noble; urgency=medium
7+
8+ * Don't include pam_lastlog.so as optional (LP: #2060676)
9+ * pam_lastlog.so was deprecated prior to noble release, due to it
10+ not being Y2038 compatible. The shared object file doesn't exist
11+ in noble systems, so it should not exist in any pam config.
12+
13+ -- Tim 'andersson123' Andersson <tim.andersson@canonical.com> Wed, 13 Nov 2024 12:55:16 +0000
14+
15 shadow (1:4.13+dfsg1-4ubuntu3.2) noble; urgency=medium
16
17 * d/p/lp2063200/*: amend the patch to fix `useradd -D` breakage
18diff --git a/debian/login.pam b/debian/login.pam
19index aaadc64..f79f840 100644
20--- a/debian/login.pam
21+++ b/debian/login.pam
22@@ -77,10 +77,6 @@ auth optional pam_group.so
23 # (Replaces the use of /etc/limits in old login)
24 session required pam_limits.so
25
26-# Prints the last login info upon successful login
27-# (Replaces the `LASTLOG_ENAB' option from login.defs)
28-session optional pam_lastlog.so
29-
30 # Prints the status of the user's mailbox upon successful login
31 # (Replaces the `MAIL_CHECK_ENAB' option from login.defs).
32 #

Subscribers

People subscribed via source and target branches