Package: libpam-runtime
Version: 1.3.1-5
Severity: wishlist
File: /usr/sbin/pam-auth-update
Tags: patch
Dear Maintainer,
we are shipping some custom pam-configs with our automation, for clarity
we want to include comments in these files. Currently this is not
supported and leeds to perl warning
Hi Sam,
that looks mostly good. Now I had some time to test your changes, and I
have some things, that may need another check.
I have added pam_tally to common-auth and the upgrade did not stop when
installing the new libpam-modules. I believe the regex is missing these
files, since it does not
It looks like Steve had an explicit reason for disabling pam_tally here
and I don't want to go second guess that.
(Steve, if I'm wrong, please chime in).
In particular, Steve kept pam_cracklib, which also requires an extra
option, but did not keep pam_tally.
Oh, sorry there was some detail
Hi Sam,
I apologize for taking a while to come up to speed on this and for
a couple of false starts. It's been a while since pam has been a major
focus of mine, but I offered to help Steve out so I'm coming back up to
speed.
Sure, no problem there. I also get regular headaches when dealing
It sounds like you're assuming that someone will add pam_tally or
pam_pam_tally2 using a package profile in /usr/share/pam-configs.
I was assuming someone would add pam_tally or pam_tally2 by modifying
the config in /etc/pam.d directly.
Yes, I was assuming this. after I discovered
I had another talk with someone more familiar with debian. In this talk
we came up with following approach. If you like this better, I can
submit a patch for this.
Approach:
First look into /usr/share/pam-configs for any config including
pam_tally. If something is found, disable it with
Am 2021-02-12 00:46, schrieb Sam Hartman:
Why wouldn't we just comment out the lines in the upgrade rather than
blocking the upgrade?
I absolutely want to avoid breaking pam config for the user. I am not
sure if we can comment out something without possibly causing havoc.
I am not overly
Package: libpam-modules
Version: 1.4.0-4
Severity: normal
Tags: patch upstream
X-Debbugs-Cc: debian-b...@drachen-server.de
Dear Maintainer,
with libpam-modules 1.4.0 the old and deprecated modules pam_tally and
pam_tally2 were removed from the upstream package. However a lot of
hardening guides
8 matches
Mail list logo