Bug#984835: /usr/sbin/pam-auth-update: allow comments in pam-config files

Package: libpam-runtime Version: 1.3.1-5 Severity: wishlist File: /usr/sbin/pam-auth-update Tags: patch Dear Maintainer, we are shipping some custom pam-configs with our automation, for clarity we want to include comments in these files. Currently this is not supported and leeds to perl warning

Bug#982530: libpam-modules: unable to login when using pam_tally2 after upgrade to libpam-modules >1.4.0

Hi Sam, that looks mostly good. Now I had some time to test your changes, and I have some things, that may need another check. I have added pam_tally to common-auth and the upgrade did not stop when installing the new libpam-modules. I believe the regex is missing these files, since it does not

Bug#982530: libpam-modules: unable to login when using pam_tally2 after upgrade to libpam-modules >1.4.0

It looks like Steve had an explicit reason for disabling pam_tally here and I don't want to go second guess that. (Steve, if I'm wrong, please chime in). In particular, Steve kept pam_cracklib, which also requires an extra option, but did not keep pam_tally. Oh, sorry there was some detail

Bug#982530: libpam-modules: unable to login when using pam_tally2 after upgrade to libpam-modules >1.4.0

Hi Sam, I apologize for taking a while to come up to speed on this and for a couple of false starts. It's been a while since pam has been a major focus of mine, but I offered to help Steve out so I'm coming back up to speed. Sure, no problem there. I also get regular headaches when dealing

Bug#982530: libpam-modules: unable to login when using pam_tally2 after upgrade to libpam-modules >1.4.0

It sounds like you're assuming that someone will add pam_tally or pam_pam_tally2 using a package profile in /usr/share/pam-configs. I was assuming someone would add pam_tally or pam_tally2 by modifying the config in /etc/pam.d directly. Yes, I was assuming this. after I discovered

Bug#982530: libpam-modules: unable to login when using pam_tally2 after upgrade to libpam-modules >1.4.0

I had another talk with someone more familiar with debian. In this talk we came up with following approach. If you like this better, I can submit a patch for this. Approach: First look into /usr/share/pam-configs for any config including pam_tally. If something is found, disable it with

Bug#982530: libpam-modules: unable to login when using pam_tally2 after upgrade to libpam-modules >1.4.0

Am 2021-02-12 00:46, schrieb Sam Hartman: Why wouldn't we just comment out the lines in the upgrade rather than blocking the upgrade? I absolutely want to avoid breaking pam config for the user. I am not sure if we can comment out something without possibly causing havoc. I am not overly

Bug#982530: libpam-modules: unable to login when using pam_tally2 after upgrade to libpam-modules >1.4.0

Package: libpam-modules Version: 1.4.0-4 Severity: normal Tags: patch upstream X-Debbugs-Cc: debian-b...@drachen-server.de Dear Maintainer, with libpam-modules 1.4.0 the old and deprecated modules pam_tally and pam_tally2 were removed from the upstream package. However a lot of hardening guides