Package: libpam-opie
Version: 0.21-8+fbriere+1
Severity: wishlist
Tags: patch
Here's a patch that adds pam-auth-update support to libpam-opie. (I'm
CCing Steve Langasek so that he can tell me if I made a mistake. I'm
especially unsure about the Priority argument.)
I'm a wee bit tempted to raise this bug above wishlist, as the README
instructions are a little dangerous, in that they suggest wedging
pam_opie in between pam_unix and pam_deny. On a modern default Debian
setup, common-auth now looks like this:
auth [success=1 default=ignore] pam_unix.so nullok_secure
auth requisite pam_deny.so
You can guess what happens when someone blindly shoves pam_opie in
there. (No, not me. I'd never do something as silly, especially not
on the road, locking myself out until I get back home. Why'd you ask?
<g>)
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.26.8 (SMP w/1 CPU core)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages libpam-opie depends on:
ii libc6 2.10.1-2 GNU C Library: Shared libraries
ii libpam-runtime 1.1.0-4 Runtime support for the PAM librar
ii libpam0g 1.1.0-4 Pluggable Authentication Modules l
Versions of packages libpam-opie recommends:
ii opie-server 2.32.dfsg.1-0.1 OPIE programs for maintaining an O
libpam-opie suggests no packages.
-- no debconf information
commit 2b2f5403de46a7855dfb0a353df5ca50d9105666
Author: Frédéric Brière <fbri...@fbriere.net>
Date: Fri Oct 30 22:11:37 2009 -0400
Adding pam-auth-update support
diff --git a/debian/control b/debian/control
index 95c5844..fb5691a 100644
--- a/debian/control
+++ b/debian/control
@@ -8,7 +8,7 @@ Standards-Version: 3.6.1.0
Package: libpam-opie
Architecture: any
Recommends: opie-server
-Depends: ${shlibs:Depends}
+Depends: ${shlibs:Depends}, libpam-runtime (>= 1.0.1-6)
Description: Use OTPs for PAM authentication
Use OPIE one time passwords for PAM authentication. A one time password
is useful to avoid having your password sniffed and reused if you log
diff --git a/debian/pam-config b/debian/pam-config
new file mode 100644
index 0000000..0c0fd03
--- /dev/null
+++ b/debian/pam-config
@@ -0,0 +1,6 @@
+Name: One time passwords (OPIE)
+Default: yes
+Priority: 128
+Auth-Type: Primary
+Auth:
+ [success=end default=ignore] pam_opie.so
diff --git a/debian/postinst b/debian/postinst
new file mode 100644
index 0000000..4d26c21
--- /dev/null
+++ b/debian/postinst
@@ -0,0 +1,9 @@
+#!/bin/sh
+
+set -e
+
+pam-auth-update --package
+
+#DEBHELPER#
+
+exit 0
diff --git a/debian/prerm b/debian/prerm
new file mode 100644
index 0000000..809048b
--- /dev/null
+++ b/debian/prerm
@@ -0,0 +1,11 @@
+#!/bin/sh
+
+set -e
+
+if [ "$1" = remove ]; then
+ pam-auth-update --package --remove opie
+fi
+
+#DEBHELPER#
+
+exit 0
diff --git a/debian/rules b/debian/rules
index 88b7464..13afa42 100755
--- a/debian/rules
+++ b/debian/rules
@@ -49,6 +49,8 @@ binary-arch: build install
mkdir -p debian/tmp/usr/share/doc/libpam-opie
cp -r debian/examples debian/tmp/usr/share/doc/libpam-opie
+ mkdir -p debian/tmp/usr/share/pam-configs
+ cp debian/pam-config debian/tmp/usr/share/pam-configs/opie
dh_installman
dh_installchangelogs
