Your message dated Thu, 18 Aug 2022 07:50:45 +0000 with message-id <e1ooaif-00bx4w...@fasolo.debian.org> and subject line Bug#1017467: fixed in pam 1.5.2-1 has caused the Debian Bug report #1017467, regarding libpam-systemd: upgrade broke unix_chkpwd fallback for root user to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1017467: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1017467 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: libpam-systemd Version: 251.4-1 Severity: critical Since the upgrade to 251.4-1 root logins (via local_login or ssh) do not fallback to query the password via unix_chkpwd(8) in case /etc/shadow in not read-able. Other accounts continue to work. On SELinux enabled systems this is the desired behavior to limit the access on /etc/shadow to trusted binaries. -- System Information (after downgrade): Debian Release: bookworm/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 5.18.0-4-amd64 (SMP w/4 CPU threads; PREEMPT) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: SELinux: enabled - Mode: Permissive - Policy name: debian Versions of packages libpam-systemd depends on: ii dbus [default-dbus-system-bus] 1.14.0-2 ii dbus-broker [dbus-system-bus] 32-1 ii libc6 2.34-3 ii libcap2 1:2.44-1 ii libpam-runtime 1.4.0-13 ii libpam0g 1.4.0-13 ii systemd 251.3-1 ii systemd-sysv 251.3-1 Versions of packages libpam-systemd recommends: ii dbus-user-session 1.14.0-2 libpam-systemd suggests no packages. -- no debconf information
--- End Message ---
--- Begin Message ---Source: pam Source-Version: 1.5.2-1 Done: Steve Langasek <vor...@debian.org> We believe that the bug you reported is fixed in the latest version of pam, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1017...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Steve Langasek <vor...@debian.org> (supplier of updated pam package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 18 Aug 2022 07:27:16 +0000 Source: pam Architecture: source Version: 1.5.2-1 Distribution: unstable Urgency: medium Maintainer: Steve Langasek <vor...@debian.org> Changed-By: Steve Langasek <vor...@debian.org> Closes: 986416 998361 1012688 1017467 Changes: pam (1.5.2-1) unstable; urgency=medium . * New upstream release. - fixes compatibility with libpam-systemd. Closes: #1017467. - fixes bashisms in configure.ac. Closes: #998361. * Refresh patches. * Drop patches included or obsoleted upstream: - debian/patches-applied/pam_unix_fix_sgid_shadow_auth.patch - debian/patches-applied/pam_unix_initialize_daysleft - debian/patches-applied/pam_faillock_create_directory - debian/patches-applied/pam_unix_avoid_checksalt - debian/patches-applied/pam_env-allow-environment-files-without-EOL-at-EOF.patch * Drop libpam-cracklib which has been obsoleted upstream. * Add pkgconfig .pc files to libpam0g-dev. Closes: #1012688. * Update .symbols file. * Updated Romanian debconf translation, thanks Andrei Popescu, Closes: #986416 * Drop versioning of quilt build-dependency to quiet lintian, since the version is satisfied by oldoldoldstable. * Drop unused build-build-dependency on bzip2. * Adjust lintian overrides for latest lintian syntax. * Update Standards-Version. * Bump debhelper compat to 13. * debian/not-installed: document upstream files that aren't used. * Override incorrect lintian warning about use of dpkg database. * Override lintian warning for PAM module manpages being in section 8 * Override lintian warning for unused debconf templates * Install additional upstream manpages: faillock(8), environment(5), pwhistory_helper(8) * Install additional helpers in libpam-modules-bin: pam_namespace_helper, pwhistory_helper * Fix wrong syntax in symbols file Checksums-Sha1: fd872db856810e5a12e263b7b157df5e026aceb7 2550 pam_1.5.2-1.dsc 8d20308cbf17823e9b88b01c2c70df3e1ad9d654 988784 pam_1.5.2.orig.tar.xz 5cc955ab1d9fd3c66c9c89476c1c4c3e22449fb8 120144 pam_1.5.2-1.debian.tar.xz Checksums-Sha256: ec4b88972153be76fe12a4b3cf65d7112cb4cb5a4606c55e2f265b85abac9b86 2550 pam_1.5.2-1.dsc e4ec7131a91da44512574268f493c6d8ca105c87091691b8e9b56ca685d4f94d 988784 pam_1.5.2.orig.tar.xz 1cc1ab34a7fb7afbeba9c1b8109465e64747a77fdac334ae6e4b4f974a852e29 120144 pam_1.5.2-1.debian.tar.xz Files: 56984ce7c7400214c00d3867f664480f 2550 libs optional pam_1.5.2-1.dsc 895e8adfa14af334f679bbeb28503f66 988784 libs optional pam_1.5.2.orig.tar.xz a9bb8658c2848d8ac4b0b5ad84f70e33 120144 libs optional pam_1.5.2-1.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQJGBAEBCgAwFiEErEg/aN5yj0PyIC/KVo0w8yGyEz0FAmL962ASHHZvcmxvbkBk ZWJpYW4ub3JnAAoJEFaNMPMhshM9GKsP/jU4PDPOkNCQUbKlRcUyzuWmH5uKi4f+ K+9FWgSl/fDY7Bl2TSeJMk+bfAmyPqeCXb51qjKI4NwZFQ7MSnxdUiqJ8CwaeD9u Th5rIkcENVoy2wlrXXqvcmG6bLNaBHAxziU9cMGe+lQ25zZ+xJMwzKje8OmaAqgh 3Klm1BbCZRAIH3fYwh0ekFo9SBrL0ZhEytbOPNmO4VRLm6BkDaOrQYhgqsq34VHS /6l/1gyOa2YQxAbNgui12YPYOtZqtJQoBdu0xLTKpx7x/oGL8KJ+SjTcfyvWaOOp slsGZJD4M3m5FnNp5PoJ/VTOczHFY2pGOUyd1ONlf65G2RmE6+pxin9cX4I9cOrL AF/pY3ADaeBCLUFtLN9aEDaLz2qTM5LN9nPIM+mNufBVO/AMxn4bRd/6lh+sD1B/ tnlLFHmtDCw0c7p1NEO9e5C+/C8GCynQRiu1X4Oa3v6SGvNq/uyS8I4oQ5/QiWGC Z+vimgAxOUuY4qLfK0RKAN/a6QRcFEhpimILnEFq2cOg4iqeYQiv7XJZrWnkq+Te pbQ3Hx+w+HDzTTAWGU9LsZMdh+JbV1ZFzttaAs7SmJURilKucq0FUsqolrfwL1gu wL9btjoNgGXxJMee2B1cZVdfqyoWgg1rXcSXdzis2Yi5dFZqNYyUbQth15QGcW1R IlZAeofb6KET =XqQl -----END PGP SIGNATURE-----
--- End Message ---
