Bug#1054505: marked as done (su/sudo broken)

[Debian Bug Tracking System]

Your message dated Tue, 24 Oct 2023 18:20:44 +0000
with message-id <e1qvm1e-00gahx...@fasolo.debian.org>
and subject line Bug#1054505: fixed in pam 1.5.2-9.1
has caused the Debian Bug report #1054505,
regarding su/sudo broken
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1054505: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054505
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: libpam-modules-bin
Version: 1.5.2-8
Severity: grave

With pam 1.5.2-8 installed, my i386 chroots can't run su or sudo
anymore:

(sid-i386)root@turing:/home/myon# su -
su: Permission denied

(sid-i386)root@turing:/home/myon# sudo -i
sudo: PAM account management error: Permission denied
sudo: a password is required

amd64 is unaffected.

(sid-i386)root@turing:/home/myon# strace su -
execve("/usr/bin/su", ["su", "-"], 0xffc17124 /* 17 vars */) = 0
brk(NULL)                               = 0x57956000
mmap2(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 
0xf7eef000
...
socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
connect(4, {sa_family=AF_UNIX, sun_path="/dev/log"}, 110) = -1 ENOENT (No such 
file or directory)
close(4)                                = 0
socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
connect(4, {sa_family=AF_UNIX, sun_path="/dev/log"}, 110) = -1 ENOENT (No such 
file or directory)
close(4)                                = 0
read(3, "", 4096)                       = 0
close(3)                                = 0
getuid32()                              = 0
socket(AF_NETLINK, SOCK_RAW, NETLINK_AUDIT) = 3
fcntl64(3, F_SETFD, FD_CLOEXEC)         = 0
readlink("/proc/self/exe", "/usr/bin/su", 4096) = 11
sendto(3, [{nlmsg_len=140, nlmsg_type=0x44c /* NLMSG_??? */, 
nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=1, nlmsg_pid=0}, 
"\x6f\x70\x3d\x50\x41\x4d\x3a\x61\x75\x74\x68\x65\x6e\x74\x69\x63\x61\x74\x69\x6f\x6e\x20\x67\x72\x61\x6e\x74\x6f\x72\x73\x3d\x70"...],
 140, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 140
poll([{fd=3, events=POLLIN}], 1, 500)   = 1 ([{fd=3, revents=POLLIN}])
recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, 
nlmsg_seq=1, nlmsg_pid=627976}, {error=0, msg={nlmsg_len=140, 
nlmsg_type=AUDIT_FIRST_USER_MSG, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, 
nlmsg_seq=1, nlmsg_pid=0}}], 8988, MSG_PEEK|MSG_DONTWAIT, 
{sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, [12]) = 36
recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, 
nlmsg_seq=1, nlmsg_pid=627976}, {error=0, msg={nlmsg_len=140, 
nlmsg_type=AUDIT_FIRST_USER_MSG, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, 
nlmsg_seq=1, nlmsg_pid=0}}], 8988, MSG_DONTWAIT, {sa_family=AF_NETLINK, 
nl_pid=0, nl_groups=00000000}, [12]) = 36
close(3)                                = 0
socket(AF_NETLINK, SOCK_RAW, NETLINK_AUDIT) = 3
fcntl64(3, F_SETFD, FD_CLOEXEC)         = 0
sendto(3, [{nlmsg_len=124, nlmsg_type=0x44d /* NLMSG_??? */, 
nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=2, nlmsg_pid=0}, 
"\x6f\x70\x3d\x50\x41\x4d\x3a\x61\x63\x63\x6f\x75\x6e\x74\x69\x6e\x67\x20\x67\x72\x61\x6e\x74\x6f\x72\x73\x3d\x3f\x20\x61\x63\x63"...],
 124, 0, {sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000}, 12) = 124
poll([{fd=3, events=POLLIN}], 1, 500)   = 1 ([{fd=3, revents=POLLIN}])
recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, 
nlmsg_seq=2, nlmsg_pid=627976}, {error=0, msg={nlmsg_len=124, nlmsg_type=0x44d 
/* AUDIT_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=2, 
nlmsg_pid=0}}], 8988, MSG_PEEK|MSG_DONTWAIT, {sa_family=AF_NETLINK, nl_pid=0, 
nl_groups=00000000}, [12]) = 36
recvfrom(3, [{nlmsg_len=36, nlmsg_type=NLMSG_ERROR, nlmsg_flags=NLM_F_CAPPED, 
nlmsg_seq=2, nlmsg_pid=627976}, {error=0, msg={nlmsg_len=124, nlmsg_type=0x44d 
/* AUDIT_??? */, nlmsg_flags=NLM_F_REQUEST|NLM_F_ACK, nlmsg_seq=2, 
nlmsg_pid=0}}], 8988, MSG_DONTWAIT, {sa_family=AF_NETLINK, nl_pid=0, 
nl_groups=00000000}, [12]) = 36
close(3)                                = 0
getpid()                                = 627976
socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 3
connect(3, {sa_family=AF_UNIX, sun_path="/dev/log"}, 110) = -1 ENOENT (No such 
file or directory)
close(3)                                = 0
getpid()                                = 627976
openat(AT_FDCWD, "/var/log/btmp", O_WRONLY|O_LARGEFILE) = 3
alarm(0)                                = 0
rt_sigaction(SIGALRM, {sa_handler=0xf7e13d90, sa_mask=[], sa_flags=0}, 
{sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0
alarm(10)                               = 0
fcntl64(3, F_SETLKW, {l_type=F_WRLCK, l_whence=SEEK_SET, l_start=0, l_len=0}) = 0
alarm(0)                                = 10
rt_sigaction(SIGALRM, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, NULL, 8) = 0
_llseek(3, 0, [384], SEEK_END)          = 0
write(3, "\6\0\0\0\10\225\t\0pts/3\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 
384) = 384
fcntl64(3, F_SETLKW, {l_type=F_UNLCK, l_whence=SEEK_SET, l_start=0, l_len=0}) = 0
close(3)                                = 0
munmap(0xf7c6a000, 16392)               = 0
munmap(0xf7c37000, 208144)              = 0
munmap(0xf7b97000, 651928)              = 0
munmap(0xf7b92000, 16416)               = 0
munmap(0xf7b8c000, 20488)               = 0
munmap(0xf7b87000, 16392)               = 0
munmap(0xf7b7f000, 28680)               = 0
openat(AT_FDCWD, "/etc/login.defs", O_RDONLY|O_LARGEFILE) = 3
statx(3, "", AT_STATX_SYNC_AS_STAT|AT_NO_AUTOMOUNT|AT_EMPTY_PATH, 
STATX_BASIC_STATS, {stx_mask=STATX_BASIC_STATS|STATX_MNT_ID, stx_attributes=0, 
stx_mode=S_IFREG|0644, stx_size=12273, ...}) = 0
read(3, "#\n# /etc/login.defs - Configurat"..., 4096) = 4096
read(3, " issuing \n# the \"mesg y\" command"..., 4096) = 4096
read(3, "users to gain permanent\n# access"..., 4096) = 4081
read(3, "", 4096)                       = 0
close(3)                                = 0
openat(AT_FDCWD, "/etc/default/su", O_RDONLY|O_LARGEFILE) = -1 ENOENT (No such 
file or directory)
clock_nanosleep(CLOCK_REALTIME, 0, {tv_sec=1, tv_nsec=0}, 0xffc847bc) = 0
write(2, "su: ", 4su: )                     = 4
write(2, "Permission denied", 17Permission denied)       = 17
write(2, "\n", 1
)                       = 1
dup(1)                                  = 3
close(3)                                = 0
dup(2)                                  = 3
close(3)                                = 0
exit_group(1)                           = ?
+++ exited with 1 +++

(I have no idea if the problem is in this part of the strace.)

Christoph

--- End Message ---

--- Begin Message ---

Source: pam
Source-Version: 1.5.2-9.1
Done: Helmut Grohne <hel...@subdivi.de>

We believe that the bug you reported is fixed in the latest version of
pam, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1054...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Helmut Grohne <hel...@subdivi.de> (supplier of updated pam package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 24 Oct 2023 19:38:53 +0200
Source: pam
Architecture: source
Version: 1.5.2-9.1
Distribution: unstable
Urgency: medium
Maintainer: Sam Hartman <hartm...@debian.org>
Changed-By: Helmut Grohne <hel...@subdivi.de>
Closes: 1054505
Changes:
 pam (1.5.2-9.1) unstable; urgency=medium
 .
   * Non-maintainer upload acked by Sam Hartman.
   * Really fix quilt-related FTBFS: (Closes: #1054505)
     pam is a 3.0 (quilt) source package and has a .pc directory after unpack
     despite having no debian/patches. Even when setting QUILT_PATCH_DIR or
     QUILT_PATCHES, quilt is now mislead to using the non-existent
     debian/patches and this makes dh_quilt_unpatch fail, so we delete that
     directory unless it corresponds to the real debian/patches-applied that we
     want to be used.
Checksums-Sha1:
 70bd5c0dd622b9bd0954a89038384db057a1a408 2502 pam_1.5.2-9.1.dsc
 29450ded9e4ba66dbc99e7bded3df9af44ffc15a 130160 pam_1.5.2-9.1.debian.tar.xz
 a33c8dd8a0280d1da95712c73d202767982b3c47 8691 pam_1.5.2-9.1_amd64.buildinfo
Checksums-Sha256:
 d4b7fa6507e266e715b5d8474ef251d18478e5b69f494f41bbcc49122e4ca42b 2502 
pam_1.5.2-9.1.dsc
 075dbb4cc5b9cd3260861e9e1f65db17f934ff5c02c574a9fdfe0cb334c2f1b5 130160 
pam_1.5.2-9.1.debian.tar.xz
 65bf3d393cd43d408f33e4fe726eb8b7fdd8a815f426c5ea5ae361cd9d36a763 8691 
pam_1.5.2-9.1_amd64.buildinfo
Files:
 af345e3900e2d43ba6492818640f3456 2502 libs optional pam_1.5.2-9.1.dsc
 3d3a21f3c977527af44bb035e7489ecc 130160 libs optional 
pam_1.5.2-9.1.debian.tar.xz
 7b86e1f0ed8296db005123d6b490e266 8691 libs optional 
pam_1.5.2-9.1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEETMLS2QqNFlTb+HOqLRqqzyREREIFAmU4BesACgkQLRqqzyRE
REKT3A//cDnvGMYu1L7GR+6j0hQH9yGSVXjKeaKWmpaNXJfBx7BBmOsNbA6/HOQy
N15vUb/gMXUggXYQZ7nMHeOGFSJnqoqX4ipnP+KLbQhgQN94zBsVwCEdZ588fkAs
/NeKHmSsstT9RCGnX35/h3aKs9qDK8jjWh8uqVckVk0eZqvXGoD6496bretJa7+7
rNFVxKKsNSkuYNjGKOcsxcXa/kJ0zvkNJVI9ucb8iAq+i2+O0DSzBazo0yIIhVpg
MaTf1ZhvCl7z6TVkY6fkCWuIQxY7LoTN36t1rq+IIkPoohs0UBlS1cyeRl0/3otO
qrp3fCin/4XX6sCh0NiwbT0ZC2vs2K+ZRYFq/sCIsq1a9Xy7+usSp8UHux0j0z4y
qqTEz14vonUw3UwbtFtiPzrLwUgx2iPuzYyYq0hOtepJVP4meebuBnMQ7/VmIa5d
peegAFNhEmTkWSPLjUxZOZBIjPG119a53mysnROIsUJSR+cySvXRn49Vrdlh0MDT
NV3k6iHA1QR87WxPwlVmnWBUGs90I42ECA8wSKsfiCyKbegcqK4/EiICCqg+CUBn
z3RMMFJ+3+BWip9Ox6+Uvguzek7Q/13BFJBALGVm3Ijvb7OGjVqnjg5exCWbp9GZ
MhFUo38XFmB8ZLeOb0cYyh/ojN1ayP5fQRYwepbhEcf4wr0zZXQ=
=+tGR
-----END PGP SIGNATURE-----

--- End Message ---