Package: libpam-runtime Version: 1.0.1-9 Severity: grave I was suprised today to turn on this system and notice I could log in as root or any other user w/o being prompted for a password. While convienent, not exactly secure..
So, the last upgrade seems to have somehow hosed the pam configuration. Luckily I have full before, during, and after git snapshots of /etc, so I can probably provide any details you might find useful about the contents of those files. The relevant bit seemed to be that files in pam.d had changed during the last upgrade. Running pam-auth-update and manually selecting option "1. Unix authentication" fixed the problem. I vaguely remember seeing the pam-auth-update question during the last upgrade, and I would have just hit enter. Now, this sytem is configured to use debconf's text frontend, and it does not have libterm-readline-gnu-perl installed. (It is also configured to display questions of medium priority or greater.) In that configuration, debconf is crippled by not being able to pre-fill prompts with defaults, and it will prompt as follows: 1. You absolutely need this to avoid flaming death 2. None of the above Choose your antidote: _ If the user presses Enter here, as most users *will*, nothing at all is selected. To handle this case, please make pam-auth-update check for empty answers to the question, and redisplay it if the user selects nothing, or at least display a warning that the user is about to break their system by not enabling any auth modules. You may also want to reconsider asking a question that has only one right answer. Ie, if the system only has pam_unix as an answer to the question, *dont't ask about it*. If the system has pam_unix, and kerberos available, do ask it. -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.29-1-686 (SMP w/1 CPU core) Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1) Shell: /bin/sh linked to /bin/bash Versions of packages libpam-runtime depends on: ii debconf 1.5.26 Debian configuration management sy libpam-runtime recommends no packages. libpam-runtime suggests no packages. -- debconf information: libpam-runtime/conflicts: libpam-runtime/override: false libpam-runtime/profiles: unix -- see shy jo -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
