package libpam-rsa
retitle 604215 libpam-rsa: installation fails. Ask questions, then
asks to overwrite the file.
forcemerge 604215 444770
tag 604215 +patch +pending
thanks
2010/11/28 gregor herrmann <gre...@debian.org>:
> tag 604215 + confirmed
> thanks
>
>> > Setting up libpam-rsa (0.8-9-2.1) ...
>> >
>> > Configuration file `/etc/security/pam_rsa.conf'
>> > ==> File on system created by you or by a script.
>> > ==> File also in package provided by package maintainer.
>
> Right, /etc/security/pam_rsa.conf gets written by the .config script,
> and it's also shipped in the package (installed manually in
> debian/rules). That's a bit too much :)
This seems caused by the same problem already reported in #444770
(libpam-rsa: ask questions, then asks to overwrite the file, cc'ing
submitter). I am merging both bugs leaving #604215 as master since it
is of higher severity.
Also noticed that /etc/security/pam_rsa.conf is generated from
libpam.rsa.config instead of postinst. Not sure if /etc/security is
part of the base system, but if not this may even lead to a write
attempt before the directory exists.
I am attaching a first cut for a NMU candidate. Its versioning still
corresponds to my internal test versioning. Relevant changelog entry
is
* Fix installation problems with pam_rsa.conf (Closes: #444770, #604215).
- Install pam_rsa.conf as pam_rsa.conf.sample
- Move automatic mode pam_rsa.conf generation from config to postinst.
- Add libpam-rsa.postrm to make sure /etc/security/pam_rsa.conf is
removed on purge
Since #444770 received no attention at all for more than three years I
consider this bug as a 0-day NMU candidate. Maintainer, if you want to
add something, please do ASAP. I will leave a minimal grace period to
wait for comments from people involved in this bug report before
uploading final NMU if still needed.
--
Agustin
diff -Nru --exclude po --exclude Makefile libpam-rsa-0.8-9/debian/changelog libpam-rsa-0.8-9/debian/changelog
--- libpam-rsa-0.8-9/debian/changelog 2010-12-06 14:25:58.000000000 +0100
+++ libpam-rsa-0.8-9/debian/changelog 2010-12-06 14:25:59.000000000 +0100
@@ -1,3 +1,14 @@
+libpam-rsa (0.8-9-2.2~amd1) unstable; urgency=low
+
+ * Non-maintainer upload.
+ * Fix installation problems with pam_rsa.conf (Closes: #444770, #604215).
+ - Install pam_rsa.conf as pam_rsa.conf.sample
+ - Move automatic mode pam_rsa.conf generation from config to postinst.
+ - Add libpam-rsa.postrm to make sure /etc/security/pam_rsa.conf is
+ removed on purge
+
+ -- Agustin Martin Domingo <agmar...@debian.org> Mon, 06 Dec 2010 13:54:34 +0100
+
libpam-rsa (0.8-9-2.1) unstable; urgency=low
* Non-maintainer upload.
diff -Nru --exclude po --exclude Makefile libpam-rsa-0.8-9/debian/libpam-rsa.config libpam-rsa-0.8-9/debian/libpam-rsa.config
--- libpam-rsa-0.8-9/debian/libpam-rsa.config 2010-12-06 14:25:58.000000000 +0100
+++ libpam-rsa-0.8-9/debian/libpam-rsa.config 2010-12-06 14:25:59.000000000 +0100
@@ -16,15 +16,4 @@
db_input low libpam-rsa/pam_prompt || true
db_input low libpam-rsa/log_auth_result || true
db_go || true
-
- db_get libpam-rsa/pubkey_dir
- echo "pubkey_dir $RET" > /etc/security/pam_rsa.conf
- db_get libpam-rsa/privkey_dir
- echo "privkey_dir $RET" >> /etc/security/pam_rsa.conf
- db_get libpam-rsa/privkey_name_hash
- echo "privkey_name_hash $RET" >> /etc/security/pam_rsa.conf
- db_get libpam-rsa/pam_prompt
- echo "pam_prompt $RET" >> /etc/security/pam_rsa.conf
- db_get libpam-rsa/log_auth_result
- echo "log_auth_result $RET" >> /etc/security/pam_rsa.conf
fi
diff -Nru --exclude po --exclude Makefile libpam-rsa-0.8-9/debian/libpam-rsa.postinst libpam-rsa-0.8-9/debian/libpam-rsa.postinst
--- libpam-rsa-0.8-9/debian/libpam-rsa.postinst 2010-12-06 14:25:58.000000000 +0100
+++ libpam-rsa-0.8-9/debian/libpam-rsa.postinst 2010-12-06 14:25:59.000000000 +0100
@@ -21,7 +21,33 @@
case "$1" in
configure)
+ db_get libpam-rsa/no_configuration
+ if [ "$RET" = "false" ]
+ then
+ cat <<EOF > /etc/security/pam_rsa.conf
+# Configuration file for libpam-rsa
+#
+# This file has been automatically generated by libpam-rsa.postinst
+# If you want to manually handle this file, run
+#
+# dpkg-reconfigure libpam-rsa
+#
+# and select no automatic configuration option
+#
+# Please read pam_rsa (8) for further instructions
+EOF
+ db_get libpam-rsa/pubkey_dir
+ echo "pubkey_dir $RET" >> /etc/security/pam_rsa.conf
+ db_get libpam-rsa/privkey_dir
+ echo "privkey_dir $RET" >> /etc/security/pam_rsa.conf
+ db_get libpam-rsa/privkey_name_hash
+ echo "privkey_name_hash $RET" >> /etc/security/pam_rsa.conf
+ db_get libpam-rsa/pam_prompt
+ echo "pam_prompt $RET" >> /etc/security/pam_rsa.conf
+ db_get libpam-rsa/log_auth_result
+ echo "log_auth_result $RET" >> /etc/security/pam_rsa.conf
+ fi
;;
abort-upgrade|abort-remove|abort-deconfigure)
diff -Nru --exclude po --exclude Makefile libpam-rsa-0.8-9/debian/libpam-rsa.postrm libpam-rsa-0.8-9/debian/libpam-rsa.postrm
--- libpam-rsa-0.8-9/debian/libpam-rsa.postrm 1970-01-01 01:00:00.000000000 +0100
+++ libpam-rsa-0.8-9/debian/libpam-rsa.postrm 2010-12-06 14:25:59.000000000 +0100
@@ -0,0 +1,11 @@
+#!/bin/sh
+
+set -e
+
+# Make sure /etc/security/pam_rsa.conf is removed on purge
+
+if [ "$1" = "purge" ]; then
+ rm -f /etc/security/pam_rsa.conf
+fi
+
+#DEBHELPER#
diff -Nru --exclude po --exclude Makefile libpam-rsa-0.8-9/debian/rules libpam-rsa-0.8-9/debian/rules
--- libpam-rsa-0.8-9/debian/rules 2010-12-06 14:25:58.000000000 +0100
+++ libpam-rsa-0.8-9/debian/rules 2010-12-06 14:25:59.000000000 +0100
@@ -76,7 +76,7 @@
dh_installdirs
$(MAKE) DESTDIR=$(CURDIR)/debian/libpam-rsa install
- install -o root -g root -m 644 debian/pam_rsa.conf $(CURDIR)/debian/libpam-rsa/etc/security/pam_rsa.conf
+ install -o root -g root -m 644 debian/pam_rsa.conf $(CURDIR)/debian/libpam-rsa/etc/security/pam_rsa.conf.sample
# Build architecture-independent files here.
