Your message dated Mon, 26 Sep 2016 10:22:21 +0000
with message-id <[email protected]>
and subject line Bug#836711: fixed in ejabberd 16.09-1
has caused the Debian Bug report #836711,
regarding Regression: upgrading from 16.06-3~bpo8+1 to 16.08-1~bpo8+1 breaks
authentication with pam
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
836711: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=836711
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: ejabberd
Version: 16.08-1~bpo8+1
Severity: important
Dear Maintainer,
I use pam authantication with ejabberd and after upgrading to 16.08-1~bpo8+1
I can no longer authenticate.
The epam process is running as ejabberd:ejabberd even tho it is still setgid
shadow, which means that unix_chkpwd cat't access /etc/shadow and actually
check the password.
Downgrading to 16.06-3~bpo8+1 makes it work again.
I've had a brief look at the upstream changelogs and there does not appear to
be any
obvious changes that could of caused this.
Some info:
# ls -l /usr/lib/erlang/p1_pam/bin/epam
-rwxr-sr-x 1 root shadow 55176 Jul 3 11:09 /usr/lib/erlang/p1_pam/bin/epam
With 16.08-1~bpo8+1:
# ps -p `pidof epam` -o
user,group,egroup,euser,fgid,fgroup,fuid,fuser,ruser,rgroup,sgroup,suser,supgrp,comm,args
| cat
USER GROUP EGROUP EUSER FGID FGROUP FUID FUSER RUSER
RGROUP SGROUP SUSER SUPGRP COMMAND
COMMAND
ejabberd ejabberd ejabberd ejabberd 120 ejabberd 113 ejabberd ejabberd
ejabberd ejabberd ejabberd ejabberd epam
/usr/lib/erlang/p1_pam/bin/epam
With 16.06-3~bpo8+1:
# ps -p `pidof epam` -o
user,group,egroup,euser,fgid,fgroup,fuid,fuser,ruser,rgroup,sgroup,suser,supgrp,comm,args
| cat
USER GROUP EGROUP EUSER FGID FGROUP FUID FUSER RUSER
RGROUP SGROUP SUSER SUPGRP COMMAND
COMMAND
ejabberd shadow shadow ejabberd 42 shadow 113 ejabberd ejabberd
ejabberd shadow ejabberd ejabberd epam
/usr/lib/erlang/p1_pam/bin/epam
-- System Information:
Debian Release: 8.5
APT prefers stable
APT policy: (990, 'stable'), (500, 'stable-updates')
Architecture: amd64 (x86_64)
Kernel: Linux 4.6.0-0.bpo.1-amd64 (SMP w/24 CPU cores)
Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages ejabberd depends on:
ii adduser 3.113+nmu3
ii debconf [debconf-2.0] 1.5.56
ii erlang-asn1 1:17.3-dfsg-4
ii erlang-base [erlang-abi-17.0] 1:17.3-dfsg-4
ii erlang-crypto 1:17.3-dfsg-4
ii erlang-inets 1:17.3-dfsg-4
ii erlang-lager 2.0.3-1
ii erlang-mnesia 1:17.3-dfsg-4
ii erlang-odbc 1:17.3-dfsg-4
ii erlang-p1-cache-tab 1.0.3-1~bpo8+1
ii erlang-p1-iconv 1.0.1-1~bpo8+1
ii erlang-p1-stringprep 1.0.5-1~bpo8+1
ii erlang-p1-tls 1.0.6-1~bpo8+1
ii erlang-p1-utils 1.0.5-1~bpo8+1
ii erlang-p1-xml 1.1.14-1~bpo8+1
ii erlang-p1-yaml 1.0.5-1~bpo8+1
ii erlang-p1-zlib 1.0.1-2~bpo8+1
ii erlang-public-key 1:17.3-dfsg-4
ii erlang-ssl 1:17.3-dfsg-4
ii erlang-syntax-tools 1:17.3-dfsg-4
ii erlang-xmerl 1:17.3-dfsg-4
ii init-system-helpers 1.22
ii openssl 1.0.1t-1+deb8u2
ii ucf 3.0030
ejabberd recommends no packages.
Versions of packages ejabberd suggests:
pn apparmor <none>
pn apparmor-utils <none>
pn ejabberd-contrib <none>
pn erlang-luerl <none>
pn erlang-p1-mysql <none>
pn erlang-p1-oauth2 <none>
ii erlang-p1-pam 1.0.0-3~bpo8+1
pn erlang-p1-pgsql <none>
pn erlang-p1-sip <none>
pn erlang-p1-sqlite3 <none>
pn erlang-p1-stun <none>
pn erlang-p1-xmlrpc <none>
pn erlang-redis-client <none>
pn imagemagick | graphicsmagick-imagemagick-compat <none>
pn libunix-syslog-perl <none>
-- Configuration Files:
/etc/default/ejabberd changed:
ERLANG_NODE=ejabberd@monstrosity
EJABBERD_PID_PATH=/run/ejabberd/ejabberd.pid
EJABBERD_CONFIG_PATH=/etc/ejabberd/ejabberd.yml
CONTRIB_MODULES_CONF_DIR=/etc/ejabberd/modules.d
/etc/ejabberd/inetrc [Errno 13] Permission denied: u'/etc/ejabberd/inetrc'
/etc/ejabberd/modules.d/README.modules [Errno 13] Permission denied:
u'/etc/ejabberd/modules.d/README.modules'
-- debconf information excluded
--- End Message ---
--- Begin Message ---
Source: ejabberd
Source-Version: 16.09-1
We believe that the bug you reported is fixed in the latest version of
ejabberd, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Philipp Huebner <[email protected]> (supplier of updated ejabberd package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 26 Sep 2016 10:47:30 +0200
Source: ejabberd
Binary: ejabberd
Architecture: source amd64
Version: 16.09-1
Distribution: unstable
Urgency: medium
Maintainer: Ejabberd Packaging Team <[email protected]>
Changed-By: Philipp Huebner <[email protected]>
Description:
ejabberd - distributed, fault-tolerant Jabber/XMPP server
Closes: 836711
Changes:
ejabberd (16.09-1) unstable; urgency=medium
.
* New upstream version 16.09
* Refreshed patches for ejabberd 16.09
* Updated versions of erlang-* deps
* Improved apparmor file
* Reverted some upstream changes to systemd unit file (Closes: #836711)
* Disabled captcha for web admin in default config
* Removed unnecessary restart from postinst
* Improved systemd unit file to properly shut down ejabberd
Checksums-Sha1:
3ad0e8adfc560def83256dd6e2e928d4ea59e1a9 2625 ejabberd_16.09-1.dsc
d008a8036a7945b37401433fe82d75edef38256b 1580442 ejabberd_16.09.orig.tar.gz
2c0278288b943544605d7387aabc8b157fb0ad1b 54896 ejabberd_16.09-1.debian.tar.xz
5e0e54ff763ef8f149bd8c0bfaacbbe3fdc21826 3825426 ejabberd_16.09-1_amd64.deb
Checksums-Sha256:
a3312b1b91ee79226302a2a37c549e88ab60efed6fadf7300fd75fbc00044f13 2625
ejabberd_16.09-1.dsc
7301b57f793ef20f34444e7082ce88cd24b91b6334e9e6acd34fa86d1be73286 1580442
ejabberd_16.09.orig.tar.gz
ff48269b4ab6af42b5c2569252da667b3dcc5492a6293418bb0d52d047745d4e 54896
ejabberd_16.09-1.debian.tar.xz
93dc2570c429dc0e3bb01030676befa3b5a4293ec52bb324167ae45149b5c16f 3825426
ejabberd_16.09-1_amd64.deb
Files:
3e8cf0261fd30c37abe78a7d77ffc937 2625 net optional ejabberd_16.09-1.dsc
fd8d6d79aeaa314d5433ed0aeea903a8 1580442 net optional
ejabberd_16.09.orig.tar.gz
434c56c766359b4168189781ffa1c060 54896 net optional
ejabberd_16.09-1.debian.tar.xz
c675cb24f3e2112ddbb5a228e10e1154 3825426 net optional
ejabberd_16.09-1_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCAAGBQJX6OevAAoJEOXKjEkl5CBf7IwP/RJjcUJu+hO4+yTWouF0n6zB
yFeRPo9sHcv5V53bOoLR9Yyqwfd+A/SU45NbAN+q5faZ3nGqGdOA6LrF8GmYFOaH
pOeLA6M+Iu0eC78p/AgbO8QFO4FontGVuAB/gaVU+WuXiB2pJGL8hpxfaI8wdZ/x
iG2C9Ez3kK9ninNiWsnZhCg02Vhzhv4jHqMyhSXHuBFDs44j0UVLEtILo247U7tG
SxJbHgtMfZEZBIRFu4q3Fe+LKUrHaH7CUnnf13LTlFfNSy0dLdBYM4fI2h+N3it9
E6ixSXQiSUuBrIkUN/q3aGOuXbNLyYFHTz8z2I+EZ4jcm45b6j2dgIdbOOucZfoG
hNa1d8pPZsA4hDUau12xMbGhDl8firGcV+hHPnKbsowbXLL2iimuKAd3vdSMJpjf
mcJ6tg86sh5TyYVWtE+DqQH1am7+TrCmQ2aoY2IgzprNzclPiqyRknXMwD1E2iZG
IvKbTOfsCjHw0ZWtsXofih2wJve4QZxA1cUzenm1S0YaYmfq6QKXOHF/yrZeBevy
VknvMqiBVNpdHc2mVQZNa8hBVmuP2MLYxh7KGtOi4nb8dhs49ugh0Fk6YP0P7Yeb
EQTikBBaT5tJS1wJG/TK/yoRXp698BNiaxOkbvkLdbbGUgnzVUaK9JE4vY5eB/Uw
RFCJgPpsKKQHphENuOwv
=6Ut9
-----END PGP SIGNATURE-----
--- End Message ---
