On Wed, Dec 01, 2010 at 09:32:35AM +0100, Agustin Martin wrote: > Package: libpam-encfs > Version: 0.1.4.1-4 > Severity: normal > > Please make use of new mechanism that enables pam module after installation > without explicitly editing /etc/pam.d/common-auth. > > Best reference I know for this is > > https://wiki.ubuntu.com/PAMConfigFrameworkSpec > > (pam packages do not yet properly describe this, see #549701) > > I am playing with a possible NMU for this based in config file submitted to > > https://bugs.launchpad.net/ubuntu/+source/libpam-encfs/+bug/287904 > > that will also deal with other minor (and not so minor) stuff. Current > changelog > for that NMU is > > * Integrate libpam-encfs with pam-auth-update. Original > pam-config file by Simon Mungewell (LP: #287904) > * Fix debian/copyright. > * Add debian/README.source file. > * Fix lintian debhelper-but-no-misc-depends. > * Fix lintian maintainer-script-ignores-errors for preinst and postinst. > * Bump Standards-Version. > * Update watch file. Thanks Yan Morin (Closes: #550802). > * debian/control: Update Homepage. > * 02_pam_encfs.conf: Fix conflicting options in config. Thanks again > Simon Mungewell (LP: #287929). > > Will submit full diff soon.
Please find attached a diff against my current test version. Once fuse.conf is modified I checked that is working in my box for login shells. Did not yet check for gdm and friends. A sid libpam-encfs package with my changes is available at http://people.debian.org/~agmartin/debian-store/misc along with some other personal stuff. Please feel free to use my NMU proposal as base for a new maintainer upload if you find it OK. Otherwise I do not intend to NMU shortly, because of the freeze. It is a pity that I noticed this so late in the squeeze cycle, I think the pam-auth-update integration should have really gone into squeeze. If I feel squeeze gets delayed too long and I do not hear from you before I will consider uploading an NMU. Regards, -- Agustin
diff -wu libpam-encfs-0.1.4.1/debian/rules libpam-encfs-0.1.4.1/debian/rules --- libpam-encfs-0.1.4.1/debian/rules +++ libpam-encfs-0.1.4.1/debian/rules @@ -11,6 +11,8 @@ PACKAGE = libpam-encfs +PAM_CONFIG_DIR = $(CURDIR)/debian/libpam-encfs/usr/share/pam-configs + include /usr/share/dpatch/dpatch.make CFLAGS = -Wall -g @@ -51,7 +53,7 @@ install: build dh_testdir - dh_clean -k + dh_prep dh_installdirs # Add here commands to install the package into debian/libpam-encfs. @@ -68,6 +70,8 @@ dh_testroot dh_installchangelogs dh_installdocs + mkdir -p $(PAM_CONFIG_DIR) + install -m 0644 debian/encfs.pam-config $(PAM_CONFIG_DIR)/encfs dh_link dh_strip dh_compress diff -wu libpam-encfs-0.1.4.1/debian/compat libpam-encfs-0.1.4.1/debian/compat --- libpam-encfs-0.1.4.1/debian/compat +++ libpam-encfs-0.1.4.1/debian/compat @@ -1 +1 @@ -4 +7 diff -wu libpam-encfs-0.1.4.1/debian/control libpam-encfs-0.1.4.1/debian/control --- libpam-encfs-0.1.4.1/debian/control +++ libpam-encfs-0.1.4.1/debian/control @@ -3,13 +3,13 @@ Priority: optional Maintainer: Rubén Porras Campo <[email protected]> Uploaders: Bartosz Fenski <[email protected]> -Build-Depends: debhelper (>= 4.0.0), libpam0g-dev, dpatch -Standards-Version: 3.7.3 -Homepage: http://hollowtube.mine.nu/wiki/index.php?n=Projects.PamEncfs +Build-Depends: debhelper (>= 7.0.0), libpam0g-dev, dpatch +Standards-Version: 3.9.1 +Homepage: http://code.google.com/p/pam-encfs Package: libpam-encfs Architecture: any -Depends: encfs, ${shlibs:Depends} +Depends: encfs, libpam-runtime (>= 1.0.1-6), ${shlibs:Depends}, ${misc:Depends} Description: PAM module to automatically mount encfs filesystems on login This PAM module integrates encfs and PAM, so home directories are automatically mounted on login. EncFS provides an encrypted filesystem in diff -wu libpam-encfs-0.1.4.1/debian/postinst libpam-encfs-0.1.4.1/debian/postinst --- libpam-encfs-0.1.4.1/debian/postinst +++ libpam-encfs-0.1.4.1/debian/postinst @@ -1,5 +1,7 @@ #!/bin/sh +set -e + LASTVERSION="0.1.2-4" # Move a conffile without triggering a dpkg question @@ -22,2 +24,4 @@ +pam-auth-update --package encfs + #DEBHELPER# \ No hay ningún carácter de nueva línea al final del fichero diff -wu libpam-encfs-0.1.4.1/debian/watch libpam-encfs-0.1.4.1/debian/watch --- libpam-encfs-0.1.4.1/debian/watch +++ libpam-encfs-0.1.4.1/debian/watch @@ -10 +10,2 @@ -http://hollowtube.mine.nu/releases/pam_encfs/pam_encfs-(.*)\.tar\.gz +http://code.google.com/p/pam-encfs/downloads/list \ +http://pam-encfs.googlecode.com/files/pam_encfs-(.*)\.tar\.gz diff -wu libpam-encfs-0.1.4.1/debian/README.Debian libpam-encfs-0.1.4.1/debian/README.Debian --- libpam-encfs-0.1.4.1/debian/README.Debian +++ libpam-encfs-0.1.4.1/debian/README.Debian @@ -1,11 +1,10 @@ -To use libpam-encfs on Debian you need to modify /etc/pam.d/common-auth and add -pam_encfs to it. Under a normal setup, if you don't use more special pam modules -just add pam_encfs.so *before* pam_unix.so, it should be something like: +As of libpam-encfs (>> 0.1.4.1-4) there is no longer need to manually edit +/etc/pam.d/common-auth. Do not manually edit that file unless you know +*very well* what you are doing, may break login. +libpam-encfs (>> 0.1.4.1-4) package will take care of properly modifying +/etc/pam.d/common-auth. -auth sufficient pam_encfs.so -auth required pam_unix.so nullok_secure use_first_pass +You may still need to enable user_allow_other in /etc/fuse.conf. -Enjoy. - - -- <[email protected]>, Wed Sep 12 14:16:37 2007 + -- Agustin Martin Domingo <[email protected]>, Wed, 1 Dec 2010 16:24:46 +0100 diff -wu libpam-encfs-0.1.4.1/debian/preinst libpam-encfs-0.1.4.1/debian/preinst --- libpam-encfs-0.1.4.1/debian/preinst +++ libpam-encfs-0.1.4.1/debian/preinst @@ -1,5 +1,7 @@ #!/bin/sh +set -e + LASTVERSION="0.1.2-4" # Prepare to move a conffile without triggering a dpkg question diff -wu libpam-encfs-0.1.4.1/debian/changelog libpam-encfs-0.1.4.1/debian/changelog --- libpam-encfs-0.1.4.1/debian/changelog +++ libpam-encfs-0.1.4.1/debian/changelog @@ -1,3 +1,22 @@ +libpam-encfs (0.1.4.1-4.1~amd2) unstable; urgency=low + + * Non-Maintainer upload. + * Integrate libpam-encfs with pam-auth-update. pam-config file + based in one supplied by Simon Mungewell (LP: #287904) + (Closes: #605559). + * Fix debian/copyright. + * Add debian/README.source file. + * Fix lintian debhelper-but-no-misc-depends. + * Fix lintian maintainer-script-ignores-errors for preinst and postinst. + * Bump Standards-Version. + * Update watch file. Thanks Yan Morin (Closes: #550802). + * debian/control: Update Homepage. + * 02_pam_encfs.conf: Fix conflicting options in config. Thanks again + Simon Mungewell (LP: #287929). + * Really close (LP: #205783), was closed in 0.1.4.1-4. + + -- Agustin Martin Domingo <[email protected]> Wed, 01 Dec 2010 16:26:41 +0100 + libpam-encfs (0.1.4.1-4) unstable; urgency=low * Link using gcc instead calling ld directly. Hopefuly closes ubuntu bug diff -wu libpam-encfs-0.1.4.1/debian/libpam-encfs.docs libpam-encfs-0.1.4.1/debian/libpam-encfs.docs --- libpam-encfs-0.1.4.1/debian/libpam-encfs.docs +++ libpam-encfs-0.1.4.1/debian/libpam-encfs.docs @@ -1,0 +2 @@ \ No hay ningún carácter de nueva línea al final del fichero +debian/README.source diff -wu libpam-encfs-0.1.4.1/debian/copyright libpam-encfs-0.1.4.1/debian/copyright --- libpam-encfs-0.1.4.1/debian/copyright +++ libpam-encfs-0.1.4.1/debian/copyright @@ -6,7 +6,18 @@ -Copyright Holder: Anders Aagaard <[email protected]> +Copyright (C) 2004 by Anders Aagaard <[email protected]> -License: + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. -You are free to distribute this software under the terms of the GNU General -Public License. On Debian systems, the complete text of the GNU General Public -License can be found in the file `/usr/share/common-licenses/GPL'. + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +On Debian systems, the complete text of the GNU General Public +License can be found in the file `/usr/share/common-licenses/GPL-2'. diff -wu libpam-encfs-0.1.4.1/debian/patches/02_pam_encfs.conf.dpatch libpam-encfs-0.1.4.1/debian/patches/02_pam_encfs.conf.dpatch --- libpam-encfs-0.1.4.1/debian/patches/02_pam_encfs.conf.dpatch +++ libpam-encfs-0.1.4.1/debian/patches/02_pam_encfs.conf.dpatch @@ -6,10 +6,17 @@ ## DP: taget /home/.enc as default @DPATCH@ -diff -urNad libpam-encfs-0.1.3~/pam_encfs.conf libpam-encfs-0.1.3/pam_encfs.conf ---- libpam-encfs-0.1.3~/pam_encfs.conf 2005-12-04 19:45:54.000000000 +0100 -+++ libpam-encfs-0.1.3/pam_encfs.conf 2005-12-04 19:47:34.918879471 +0100 -@@ -14,6 +14,5 @@ +diff -urNad '--exclude=CVS' '--exclude=.svn' '--exclude=.git' '--exclude=.arch' '--exclude=.hg' '--exclude=_darcs' '--exclude=.bzr' libpam-encfs-0.1.4.1~/pam_encfs.conf libpam-encfs-0.1.4.1/pam_encfs.conf +--- libpam-encfs-0.1.4.1~/pam_encfs.conf 2010-11-30 21:01:18.000000000 +0100 ++++ libpam-encfs-0.1.4.1/pam_encfs.conf 2010-11-30 21:05:59.000000000 +0100 +@@ -8,12 +8,11 @@ + encfs_default --idle=1 + + #Same for fuse, note that allow_root (or allow_other, or --public in encfs) is needed to run gdm/X. +-fuse_default allow_root,nonempty ++fuse_default allow_other,nonempty + + #- means match all, put any overrides over it. #if - is in username it will take source path + "/$USER", and mount to $HOME #USERNAME SOURCE TARGET PATH ENCFS Options FUSE Options only in patch2: --- libpam-encfs-0.1.4.1.orig/debian/encfs.pam-config +++ libpam-encfs-0.1.4.1/debian/encfs.pam-config @@ -0,0 +1,8 @@ +Name: encfs encrypted home directories +Default: yes +Priority: 257 +Auth-Type: Primary +Auth: + sufficient pam_encfs.so +Auth-Initial: + sufficient pam_encfs.so only in patch2: --- libpam-encfs-0.1.4.1.orig/debian/prerm +++ libpam-encfs-0.1.4.1/debian/prerm @@ -0,0 +1,9 @@ +#!/bin/sh + +set -e + +if [ "$1" = remove ]; then + pam-auth-update --package --remove encfs +fi + +#DEBHELPER# only in patch2: --- libpam-encfs-0.1.4.1.orig/debian/README.source +++ libpam-encfs-0.1.4.1/debian/README.source @@ -0,0 +1,7 @@ +This package uses dpatch to manage modifications. See + + /usr/share/doc/dpatch/README.source.gz + +to get more information on how to use it. + + -- Agustin Martin Domingo <[email protected]>, Tue, 30 Nov 2010 20:28:40 +0100

