Your message dated Sat, 15 May 2010 15:49:38 +0000
with message-id <[email protected]>
and subject line Bug#580037: fixed in libpam-ccreds 10-4
has caused the Debian Bug report #580037,
regarding libpam-ccreds: Should not cache the root password
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
580037: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=580037
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: libpam-ccreds
Version: 10-2
With LDAP + ccreds set up on a laptop, I just discovered that cc_dump
report that the root password is also cached. I believe this is a
waste (and a minor security issue), as the root password already is
stored in /etc/shadow.
Can libpam-ccreds be changed to not store the password for root, or
perhaps support an argument minimum_uid (like libpam-heimdal does), to
allow us to limit ccreds to uids >= 1000.
Happy hacking,
--
Petter Reinholdtsen
--- End Message ---
--- Begin Message ---
Source: libpam-ccreds
Source-Version: 10-4
We believe that the bug you reported is fixed in the latest version of
libpam-ccreds, which is due to be installed in the Debian FTP archive:
libpam-ccreds_10-4.debian.tar.gz
to main/libp/libpam-ccreds/libpam-ccreds_10-4.debian.tar.gz
libpam-ccreds_10-4.dsc
to main/libp/libpam-ccreds/libpam-ccreds_10-4.dsc
libpam-ccreds_10-4_i386.deb
to main/libp/libpam-ccreds/libpam-ccreds_10-4_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Guido Günther <[email protected]> (supplier of updated libpam-ccreds package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sat, 15 May 2010 16:08:26 +0200
Source: libpam-ccreds
Binary: libpam-ccreds
Architecture: source i386
Version: 10-4
Distribution: experimental
Urgency: low
Maintainer: Guido Günther <[email protected]>
Changed-By: Guido Günther <[email protected]>
Description:
libpam-ccreds - Pam module to cache authentication credentials
Closes: 580037
Changes:
libpam-ccreds (10-4) experimental; urgency=low
.
* [e6358e9] New patch 0002-add-minimum_uid-option.patch add minimum_uid
option (Closes: #580037)
* [fcec739] Use minimum_uid argument within pam-auth-update
* [5ce84cf] Swith to 3.0 (quilt) format
Checksums-Sha1:
b9be74b6a1738a9576dc1edcb11eff3437de96e2 1246 libpam-ccreds_10-4.dsc
9ad19c7957a2aab7f5d0d04cd9f884a7a6bdb053 5931 libpam-ccreds_10-4.debian.tar.gz
1f1b663dd0e6971e69a966dff8787a1eb1785022 19926 libpam-ccreds_10-4_i386.deb
Checksums-Sha256:
a3a10b03e1ec8cdb1e0b1aa5f69df1010785b7b86d6113be6ac843b06437663a 1246
libpam-ccreds_10-4.dsc
1528a9058a1c990899f1a7b5633e41f35ef8547d43fbd3e81ba8b4b1061daf10 5931
libpam-ccreds_10-4.debian.tar.gz
f37cf0823e96627708dc84d98f71a2dce237b433ed55ecd479093c16e65933ce 19926
libpam-ccreds_10-4_i386.deb
Files:
738609dcb1b0239896fc7b4f7d07476e 1246 admin extra libpam-ccreds_10-4.dsc
4c13e9d2595e9fad8449acac7fe15f72 5931 admin extra
libpam-ccreds_10-4.debian.tar.gz
82b646c60b769da72f9f8fcc6b18e19e 19926 admin extra libpam-ccreds_10-4_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iD8DBQFL7qtbn88szT8+ZCYRAk+LAJ9JMgbYKhPLbljO/ORGEqEKVI18uQCdF9wr
W1Il/VL5iGzH4vk6d2ctUXI=
=AvL0
-----END PGP SIGNATURE-----
--- End Message ---
