Your message dated Thu, 13 Nov 2008 19:17:06 +0000 with message-id <[EMAIL PROTECTED]> and subject line Bug#492039: fixed in libpam-krb5 3.12-1 has caused the Debian Bug report #492039, regarding libpam-krb5: document ssh requirement for session group to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 492039: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492039 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems
--- Begin Message ---Package: libpam-krb5 Version: 2.6-1 Severity: normal By default, for ssh logins that are authenticated by prompting for a kerberos password, pam_krb5.so will put user credentials in /tmp/krb5cc_0, overwriting any existing file by that name, no matter which user owns the file. The ccache option is supposed to allow customizing the name of the credentials file. Regarding that option, the man page says: This option can be set in krb5.conf and is only applicable to the auth and session groups. This is incorrect -- ccache cannot be set in krb5.conf Instead, the ccache option must be specified on the pam_krb5.so command line in /etc/pam.d/common-session as stated in http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=341926 Presumably the ccache_dir option has the same problem, but I did not investigate this. An email associated with bug 341926 mentions updating the NEWS file to make people aware of this, but I saw no such entry in the NEWS file or any mention of it in the README files. Unless the code is modified to match the man page description, the behavior of the ccache option should be more clearly documented. -- System Information: Debian Release: 4.0 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-6-amd64 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Versions of packages libpam-krb5 depends on: ii krb 1.16 Configuration files for Kerberos V ii lib 2.3.6.ds1-13etch5 GNU C Library: Shared libraries ii lib 1.39+1.40-WIP-2006.11.14+dfsg-2etch1 common error description library ii lib 1.4.4-7etch5 MIT Kerberos runtime libraries ii lib 0.79-5 Pluggable Authentication Modules l libpam-krb5 recommends no packages. -- no debconf information
--- End Message ---
--- Begin Message ---Source: libpam-krb5 Source-Version: 3.12-1 We believe that the bug you reported is fixed in the latest version of libpam-krb5, which is due to be installed in the Debian FTP archive: libpam-krb5_3.12-1.diff.gz to pool/main/libp/libpam-krb5/libpam-krb5_3.12-1.diff.gz libpam-krb5_3.12-1.dsc to pool/main/libp/libpam-krb5/libpam-krb5_3.12-1.dsc libpam-krb5_3.12-1_i386.deb to pool/main/libp/libpam-krb5/libpam-krb5_3.12-1_i386.deb libpam-krb5_3.12.orig.tar.gz to pool/main/libp/libpam-krb5/libpam-krb5_3.12.orig.tar.gz A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Russ Allbery <[EMAIL PROTECTED]> (supplier of updated libpam-krb5 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Thu, 13 Nov 2008 10:56:30 -0800 Source: libpam-krb5 Binary: libpam-krb5 Architecture: source i386 Version: 3.12-1 Distribution: experimental Urgency: low Maintainer: Russ Allbery <[EMAIL PROTECTED]> Changed-By: Russ Allbery <[EMAIL PROTECTED]> Description: libpam-krb5 - PAM module for MIT Kerberos Closes: 492039 492379 Changes: libpam-krb5 (3.12-1) experimental; urgency=low . * New upstream release. - New alt_auth_map, force_alt_auth, and only_alt_auth options to map usernames to alternative Kerberos principals for authentication. - Log to authpriv, not auth. - Correctly log an exit status of ignore during debugging. - Document ssh session requirement. (Closes: #492039) - Document ignore handling with [] actions. (Closes: #492379) * Update to debhelper compatibility mode V7. - Use debhelper rule minimization except for configure. - Let the upstream Makefile do the installation. * Remove NEWS.Debian, only of interest in upgrades from sarge. Checksums-Sha1: 78c3f83470053242a65680b5b2a61efd643577cb 1214 libpam-krb5_3.12-1.dsc 363b4c7a1031f134164190c2cf116f41170012ad 153230 libpam-krb5_3.12.orig.tar.gz 82ce59a933c0fb19b43d5555643ffa4974017649 12376 libpam-krb5_3.12-1.diff.gz b7b5909150fc62766e6831f12d279f166becf1f8 54562 libpam-krb5_3.12-1_i386.deb Checksums-Sha256: cc631de9ad0a93e366354934af3a59d36f002df953b0964f23ff84313ed22e39 1214 libpam-krb5_3.12-1.dsc f5242f509212ab08cdf87b7f399469eca08ea8f3f885dc589d35b225d39b30db 153230 libpam-krb5_3.12.orig.tar.gz b7682760003ab6db158ae66ba83c79aa2a098c71abf858d5be9517c24771519b 12376 libpam-krb5_3.12-1.diff.gz a1bdc5b50d6aac0ab180979a3dcbe327466812cfe735b9914af884619cdc535b 54562 libpam-krb5_3.12-1_i386.deb Files: d5c222c92737e80c2a5762bc8388503a 1214 net optional libpam-krb5_3.12-1.dsc 0480bf5e428f6c25bc7b69d0c73478df 153230 net optional libpam-krb5_3.12.orig.tar.gz 862208e13429f625134eb91c9cad019a 12376 net optional libpam-krb5_3.12-1.diff.gz 4d8bd21ad2e812d6e30792ed7c9a6a04 54562 net optional libpam-krb5_3.12-1_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkkcerkACgkQ+YXjQAr8dHZHzwCeNfxmOgIPgm+C6tOcbUmMfMws inAAoIErB9q3mFyN8qQGmZyo9TveBRDl =3Ul1 -----END PGP SIGNATURE-----
--- End Message ---
