** Description changed: The cifs-utils source package contains the pam_cifscreds.so PAM module; however, this is not built and supplied in a resulting binary package. This is necessary functionality for our local managed deployment. We have worked around this issue by building our own patched version of the package; however, this is liable to be clobbered by any future upstream updates. Hence, it would be valuable if our modifications, or some variant of them, could be adopted upstream. The changes required are minimal; simply add libpam0g-dev to Build- Depends, and add some appropriate flags to ./configure in debian/rules to ensure the requisite library is built and installed in the correct location. See attached patch. + + ## SRU Justification + + [Impact] + + As David has found, users are currently unable to use the cifscreds PAM + module to unlock credentials at login because existing package doesn't + compile the module along with the rest of the package. + + Davids patch adds libpam-0g-dev to the Build depends, and amends the + debian rules file so that the PAM module is built along with the rest of + the application and installed into the correct location. + + I'm requesting this to be backported to the existing releases, this change is a + feature which is highly desired in managed deployments, the changes are minimal and as this patch only adds functionality and is largely unobtrusive I see no reason for the Ubuntu community to benefit from its inclusion considering the regression potential is minimal. + + This feature has been added to Zesty already as part of the merge done + in LP: #1660372. + + [Test Case] + + Install the package and check for the existance of the PAM module at: + /lib/x86_64-linux-gnu/security/pam_cifscreds.so + + At present this file is missing as it isn't compiled along with the rest + of the package. + + [Regression Potential] + + I've been testing this myself on a number of systems and have discovered + no issues as yet, with this patch the supplied module is built and + placed into the correct location, as is the manpage, and both perform as + intended. + + This change has an overall low chance of regression as it's only adding + functionality should already be there. + + The only regression I could think of is that for some reason the patch + could result in some of the other binaries being linked against PAM (and + potentially have their behavior changed) as a result of the addition of + PAM, but I find this extremely unlikely, and I have verified that PAM + isn't linked to except for pam_cifscreds.so so I find the possibility of + this happening negligible. + + Documentation for the feature is provided as a manpage and is + distributed along with the updated package.
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1611816 Title: pam_cifscreds.so not supplied in package To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/cifs-utils/+bug/1611816/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
