Last commit made on 2016-03-16
Get this branch:
git clone -b ubuntu/yakkety https://git.launchpad.net/ubuntu/+source/pam
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information


Recent commits

a9caa03... by Marc Deslauriers on 2016-03-16

Import patches-unapplied version 1.1.8-3.2ubuntu2 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: 9ff544fb088baa359eda655f3937292c714d196b

New changelog entries:
  * debian/patches-applied/cve-2015-3238.patch: removed manpage changes
    so they don't get regenerated during build and cause a multiarch
    installation issue. (LP: #1558114)

9ff544f... by Marc Deslauriers on 2016-03-16

Import patches-unapplied version 1.1.8-3.2ubuntu1 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: 098ff91c5d15b8d9c9292122b6edf85cc674ce45

New changelog entries:
  * Merge from Debian unstable. Remaining changes:
    - debian/libpam-modules.postinst: Add PATH to /etc/environment if it's
      not present there or in /etc/security/pam_env.conf. (should send to
    - debian/libpam0g.postinst: only ask questions during update-manager when
      there are non-default services running.
    - debian/libpam0g.postinst: check if gdm is actually running before
      trying to reload it.
    - debian/libpam0g.postinst: the init script for 'samba' is now named
      'smbd' in Ubuntu, so fix the restart handling.
    - Change Vcs-Bzr to point at the Ubuntu branch.
    - debian/patches-applied/series: Ubuntu patches are as below ...
    - debian/patches-applied/ubuntu-rlimit_nice_correction: Explicitly
      initialise RLIMIT_NICE rather than relying on the kernel limits.
    - debian/patches-applied/pam_umask_usergroups_from_login.defs.patch:
      Deprecate pam_unix's explicit "usergroups" option and instead read it
      from /etc/login.def's "USERGROUP_ENAB" option if umask is only defined
      there. This restores compatibility with the pre-PAM behaviour of login.
    - debian/patches-applied/pam_motd-legal-notice: display the contents of
      /etc/legal once, then set a flag in the user's homedir to prevent
      showing it again.
    - debian/update-motd.5, debian/libpam-modules.manpages: add a manpage
      for update-motd, with some best practices and notes of explanation.
    - debian/patches/update-motd-manpage-ref: add a reference in pam_motd(8)
      to update-motd(5)
    - debian/local/common-session{,-noninteractive}: Enable pam_umask by
      default, now that the umask setting is gone from /etc/profile.
    - debian/local/pam-auth-update: Add the new md5sums for pam_umask addition.
    - Build-depend on libfl-dev in addition to flex, for cross-building
    - Add /usr/local/games to PATH.
    - Adjust debian/patches-applied/update-motd to write to
      /run/motd.dynamic, as sysvinit/ssh/login in Debian have been changed
      to use this file and no longer links /etc/motd to /var/run/motd.
    - debian/patches-applied/pam_umask_usergroups_from_login.defs.patch:
      include patch to autogenerated manpage file
    - debian/patches-applied/pam-loginuid-in-containers: pam_loginuid:
      Update patch with follow-up changes to loginuid.c
    - debian/patches-applied/extrausers.patch: Add a pam_extrausers module
      that is basically just a copy of pam_unix but looks at
      /var/lib/extrausers/{group,passwd,shadow} instead of /etc/
    - debian/libpam-modules-bin.install: install the helper binaries for
      pam_extrausers to /sbin
    - debian/rules: Make pam_extrausers_chkpwd sguid shadow
    - debian/patches-applied/extrausers.patch: Ship pre-generated man page
    - debian/patches-applied/pam-limits-nofile-fd-setsize-cap: cap the default
      soft nofile limit read from pid 1 to FD_SETSIZE.
    - debian/control: have libpam-modules recommend update-motd package

098ff91... by Tianon Gravi on 2016-01-06

Import patches-unapplied version 1.1.8-3.2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: ba9a54a5f21d3f767b01746e8261a32af435001e

New changelog entries:
  * Non-maintainer upload.
  * Fix CVE-2015-3238: DoS/user enumeration due to blocking pipe in pam_unix
    module (Closes: #789986)

ba9a54a... by Michael Gilbert <email address hidden> on 2014-08-09

Import patches-unapplied version 1.1.8-3.1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 1e3e4fdd1efd23d0302f6402307f35d0bef07f01

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * Fix CVE-2013-7041: case-insensitive comparison used for verifying
    passwords in the pam_userdb module (closes: #731368).
  * Fix CVE-2014-2583: multiple directory traversal issues in the
    pam_timestamp module (closes: 757555)

1e3e4fd... by Steve Langasek on 2014-04-08

Import patches-unapplied version 1.1.8-3 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 18dd60abe243570a1addd4ed77ec1ecb4cb8ee2f

New changelog entries:
  * debian/rules: On hurd, link libpam explicitly with -lpthread since glibc
    will not dynamically switch between the libc stubs and the libpthread
    implementations on this architecture. Thanks to Samuel Thibault for the
    patch. Closes: #743891.

18dd60a... by Steve Langasek on 2014-02-13

Import patches-unapplied version 1.1.8-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: ddf435935ce505b74b471c47724c86b1fc0cf719

New changelog entries:
  * Mark the libaudit-dev build-dependency linux-any, since it's not
    available on non-Linux archs. Closes: #737035.

ddf4359... by Steve Langasek on 2014-01-16

Import patches-unapplied version 1.1.8-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 69ead1cbc228a0f82c9104e88717fa7528869176

New changelog entries:
  * New upstream release.
    - includes upstream changes to pam_exec. Closes: #670147.
    - adds support for newer hashing algorithms to pam_userdb.
      Closes: #671740.
    - fixes handling of 'quiet' argument to pam_listfile, to match the
      documentation. Closes: #592219.
    - fixes handling of @users@@hosts netgroup syntax in access.conf.
      Closes: #681223.
    - fixes installation of the /etc/security/namespace.d directory.
      Closes: #710998.
    - 027_pam_limits_better_init_allow_explicit_root: support for reading
      /proc/1/limits is upstream, this patch now only handles the policy
      of resetting limits by default and not applying glob limits to root.
    - debian/patches/fix-manpage-crud: drop, manpages now being generated
      upstream with a newer, fixed xsltproc.
    - debian/patches/pam_env-fix-overflow.patch, pam_env-fix-dos.patch,
      glibc-2_16-compilation-fix.patch, sys-types-include.patch: drop,
      included upstream.
  * Add build-dependency on pkg-config.
  * Ensure autogenerated files are after source files in all relevant patches,
    so that regenerating documentation doesn't cause build skew.
  * Drop the --disable-regenerate-docu argument, restoring the HTML manuals
    to the libpam-doc package. Closes: #700485.
  * No need to override dh_compress in debian/rules, it already handles .html
    files correctly.
  * debian/libpam-cracklib.prerm: use $DPKG_MAINTSCRIPT_PACKAGE_COUNT to avoid
    prematurely removing the PAM config when the package is installed for
    multiple architectures. Closes: #647428.

69ead1c... by Steve Langasek on 2014-01-14

Import patches-unapplied version 1.1.3-11 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 7c1fafa75e2810a101a0dcd17e9038f9df3beda9

New changelog entries:
  [ Wookey ]
  * Disable libaudit for stage1 bootstrap.
  [ Steve Langasek ]
  * debian/patches-applied/pam-loginuid-in-containers: pam_loginuid:
    Ignore failure in user namespaces.
  * Use [linux-any] in build-deps, instead of hard-coding a list of
    non-Linux archs. Closes: #634516.

7c1fafa... by Steve Langasek on 2013-10-20

Import patches-unapplied version 1.1.3-10 to debian/sid

Imported using git-ubuntu import.

Changelog parent: a994cb35f25d060827b9b68328cfe8b6d0d93955

New changelog entries:
  * Fix pam-auth-update handling of trailing blank lines in the fields of
    profiles. LP: #1160288.
  * Reintroduce libaudit support now that libaudit has been multiarched.
    Closes: #699159.

a994cb3... by Steve Langasek on 2013-02-12

Import patches-unapplied version 1.1.3-9 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 0c8ca15168d37c1ce01c7cb7d859008447679269

New changelog entries:
  * Revert libaudit support for now, because libaudit isn't multiarched yet
    in unstable so this regresses cross-installability. Reopens bug
  * Add an or'ed dependency on cdebconf, which also implements the
    xloadtemplatefile extension that prevents us from depending on just
    'debconf-2.0'. Thanks to RĂ©gis Boudin <email address hidden> for the info.
    Closes: #677278.