Just in case anyone missed this on the changes mail list, and so I
can explain some of the changes, what I have done and why.
First off, my goals were:
1) Upgrade to the latest version
2) Close as many bugs as possible (closed 10 or so that were lingering
but already fixed, and actually closed ~22 with this release).
3) Start working towards making this actually usable in the base
installation.
4) Get a FAQ/HOWTO complete for developers to use in implementing
pam in their packages (coming soon)
The upgrade to the latest version went fine, you will note that the
0.6x releases are pre. I'm hoping that this is released or atleast
rather stable by the time potato releases. Going through the bug
reports took most of the time, but I've cleared out all but 4 bugs
with this upload, and those I will have fixed by the next upload, I
want this setup tested well before then though.
The modules have been moved from /lib/security to /lib/security.0,
where '0' is the soname of the library. There is a script included with
the runtime package that allows preinst and prerm scripts to link
/lib/security with the proper /lib/security.? directory. This was only
because update-alternatives doesn't work on directories, but serves the
same purpose. This should not break anything of the packages that
depend on libpam (samba, and netatalk). I'de like those maintainers
feedback on how well it works.
I took the shadow package and did a test compile with libpam support
builtin to check out the setup. Everything works well (only passwd
really has pam support right now it seems), even md5 password support.
I then installed cracklib and the libpam0g-cracklib package and setup
passwd to use this as the primary password mechanism with pam_pwdb as
the secondary. This also worked well, with the exception of a small
glitch I will look into.
Couple of comments I would like help with:
1) Should pam_pwdb be the default in the base installation or are the
pam_unix_*.so modules ok for this (pam_pwdb depends on libpwdb) ?
2) One of the bug reports claims that pam_lastlog.so should make a call
to a wtmp function, a) is this really what it should do, if it is then
b) where is a sample setup I can look at to implement this.
thanks,
Ben (who wants potato PAMified)
-----BEGIN PGP SIGNED MESSAGE-----
Format: 1.6
Date: Wed, 20 Jan 1999 07:09:15 -0500
Source: pam
Binary: libpam0g-dbg libpam-runtime libpam-doc libpam0g-dev libpam0g-modules
libpam0g-cracklib libpam0g
Architecture: source i386 all
Version: 0.66-1
Distribution: unstable
Urgency: low
Maintainer: Ben Collins <[EMAIL PROTECTED]>
Description:
libpam-doc - Documentation of PAM
libpam-runtime - Runtime support for the PAM library
libpam0g - Pluggable Authentication Modules library
libpam0g-cracklib - PAM module to enable cracklib support.
libpam0g-dbg - Static library with debugging symbols for libpam
libpam0g-dev - Development files for PAM
libpam0g-modules - Pluggable Authentication Modules for PAM
Closes: 7725 10234 10406 10941 12210 14533 16882 25915 28075 30862 31191 31548
Changes:
pam (0.66-1) unstable; urgency=low
.
* New maintainer
* New upstream release. closes: #16882, #30862, #7725
* Created a better split of the main lib and the runtime to kill the
circular dependencies and make it possible to have two .so version of
the library installed for upgrades. closes: #10234, #10406, #12210,
bug #14291, #15528, #15529, #20660, #25330, #29868, #31088, #31128,
bug #9131, #9919.
* Harcoded modules directory prefixed with the .so version, and
used alternatives to create the symlink to the 'default' modules
directory. libpam will use the full path when specified, but use the
versioned modules directory for relative names.
* Put libpam0g-cracklib modules back in (own package). This means that
cracklib support is _not_ in the static libpam.a, also cracklib
support is _not_ in pam_unix_passwd.o, but only in pam_cracklib.so
by itself.
* Fixed a few typos in the source causing compile errors
* Fixed source #include's so that pam _didn't_ have to be installed
in order to compile the source ( changed from <> to "" )
* Removed empty directories from built packages
* Opted not to build examples, only going to put *.c files in examples
directory for libpam0g-dev
* Moved *.sgml files for modules into their own directory (looks like
that is what the original maintainer wanted to do, but it didn't go)
* Moved doc build to arch-indep build in rules so that it doesn't get
built when specifying -B with debuild/dpkg-buildpackage.
* Moved `touch .quiet...' to build-stamp in order to have -B builds not
ask about pam.conf
* Split out non-standard modules to their own package, so as to make the
base install smaller (planning for base inclusion here)
* Created small manpage for pwdb_chkpwd. closes: #10941
* The Copright file in /usr/doc/*/ was already named copright and not
compressed. closes: #14533
* Package is now lintian clean. closes #19383, #5132
* There is a maintainer now and the patch for #25915 is still included
so.... closes: #25915
* Added check for editor backup files in /etc/pam.d (*~). closes: #28075
* Applied patch for md5.h in pam_pwdb module. closes: #31548
* Added support for dhelp in libpam-doc. closes: #31191
Files:
4f096ea3d2a57dc74251b9b2948369c9 701 libs optional pam_0.66-1.dsc
da838b6eb93667549ef651e95205f3df 366619 libs optional pam_0.66.orig.tar.gz
07c8da1335fdbcd3e3b56bc7e51c1925 16054 libs optional pam_0.66-1.diff.gz
b7f6d1891217a3413ef98389950c43e9 558844 libs optional libpam-doc_0.66-1_all.deb
d72cc1dd48df2d68fe07e56a2cdc68c9 81622 libs optional libpam0g_0.66-1_i386.deb
5040105fc3a0b37ba1a656744e024ed2 82422 libs optional
libpam0g-modules_0.66-1_i386.deb
92f2d59b370718a2f4333e2ffb87dfdf 44302 libs optional
libpam-runtime_0.66-1_i386.deb
2f3b1831e968a6fc3ac641c6ecbf9b13 107032 libs optional
libpam0g-dev_0.66-1_i386.deb
21cb313d671e14d507b906be1cf52237 189364 libs optional
libpam0g-dbg_0.66-1_i386.deb
032c853c0bf74b61c9e2a171b50898b5 29748 libs optional
libpam0g-cracklib_0.66-1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv
iQCVAwUBNrYROSo9WkFm9rsJAQGeLgP9GSnMhtn8gBb9BMWP/SmSY/m1ajamp9ye
UQLmp7wwrChZbs9cMND1EKNAk9364ukFVkQPJQfvfPXetB2woeqk8wbpzJvEF70Y
FHsb8YC75ntnAMqkHQgKfHL1R04TyRJjV4ctJK/5FBkrvMxNlYi6neQepjuV+jF6
KivRALAlkL8=
=FdOq
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
----- End forwarded message -----
--
----- -- - -------- --------- ---- ------- ----- - - --- --------
Ben Collins <[EMAIL PROTECTED]> Debian GNU/Linux
UnixGroup Admin - Jordan Systems Inc. [EMAIL PROTECTED]
------ -- ----- - - ------- ------- -- The Choice of the GNU Generation
