Hello Seth, or anyone else affected, Accepted pam into focal-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/pam/1.3.1-5ubuntu4.3 in a few hours, and then in the -proposed repository.
Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed- focal to verification-done-focal. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification- failed-focal. In either case, without details of your testing we will not be able to proceed. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping! N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days. ** Changed in: pam (Ubuntu Focal) Status: In Progress => Fix Committed ** Tags added: verification-needed verification-needed-focal -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to pam in Ubuntu. https://bugs.launchpad.net/bugs/1860826 Title: pam_unix(sudo:auth): Couldn't open /etc/securetty: No such file or directory Status in pam package in Ubuntu: Fix Released Status in pam source package in Focal: Fix Committed Status in pam source package in Groovy: Won't Fix Status in pam package in Debian: Fix Released Bug description: [Impact] Removal of the /etc/securetty file from the system results in useless log messages whenever pam_unix is invoked, which for some systems is quite a lot of logging. /etc/securetty is not coming back, and this is not an error. [Test Plan] 1. Run 'sudo -s'. Confirm that 'journalctl | grep sudo.*securetty' returns a line 'sudo[...]: pam_unix(sudo:auth): Couldn't open /etc/securetty: No such file or directory'. 2. Install libpam-modules update from -proposed. 3. Confirm that 'grep nullok_secure' /etc/pam.d/common-auth returns no lines. 4. Run 'sudo -k'. 5. Run 'sudo -s' again. 6. Confirm that sudo succeeds and gives you a root shell. 7. Confirm that 'journalctl | grep sudo.*securetty' does not show any new lines. [Where problems could occur] PAM is a sensitive package because it's used in all authentication operations on the system. A bug here could render a user unable to log in to their system. Risks are mitigated by: - including a patch that treats the obsolete 'nullok_secure' as an alias for 'nullok' to ensure any user-edited configurations continue to work rather than throwing errors about unknown options - editing the system-managed /etc/pam.d/common-auth config to use 'nullok' instead of 'nullok_secure' for future compatibility. Because we are editing the system config, this could also cause issues on future upgrades with undesirable prompts to the user. However, the maintainer scripts are not meant to prompt on changes to the pam- config, and this code has been in Debian for a while with no reports of problems. [Original description] Hello, after upgrading to focal I found the following in my journalctl output: Jan 24 23:07:00 millbarge sudo[32120]: pam_unix(sudo:auth): Couldn't open /etc/securetty: No such file or directory Jan 24 23:07:01 millbarge sudo[32120]: pam_unix(sudo:auth): Couldn't open /etc/securetty: No such file or directory The login package stopped packaging this file: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=731656 and now forcibly removes the file: https://paste.ubuntu.com/p/myh9cGWrHD/ However, the pam package's pam_unix.so module has not yet been adapted to ignore this file: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=674857#25 Thanks ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: libpam-modules 1.3.1-5ubuntu4 ProcVersionSignature: Ubuntu 5.4.0-9.12-generic 5.4.3 Uname: Linux 5.4.0-9-generic x86_64 NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair ApportVersion: 2.20.11-0ubuntu15 Architecture: amd64 Date: Fri Jan 24 23:35:33 2020 ProcEnviron: TERM=rxvt-unicode-256color PATH=(custom, no user) XDG_RUNTIME_DIR=<set> LANG=en_US.UTF-8 SHELL=/bin/bash SourcePackage: pam UpgradeStatus: Upgraded to focal on 2020-01-24 (0 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/pam/+bug/1860826/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
