[Pkg-shadow-commits] r2124 - debian/branches/lenny/debian/patches
nekral-guest at alioth.debian.org
nekral-guest at alioth.debian.org
Thu Jun 12 22:13:46 UTC 2008
Author: nekral-guest
Date: 2008-06-12 22:13:46 +0000 (Thu, 12 Jun 2008)
New Revision: 2124
Modified:
debian/branches/lenny/debian/patches/008_su_get_PAM_username
debian/branches/lenny/debian/patches/406_vipw_resume_properly
debian/branches/lenny/debian/patches/414_remove-unwise-advices
debian/branches/lenny/debian/patches/434_login_stop_checking_args_after--
debian/branches/lenny/debian/patches/487_passwd_chauthtok_failed_message
debian/branches/lenny/debian/patches/491_configure.in_friendly_selinux_detection
Log:
Tag applied upstream patches.
Modified: debian/branches/lenny/debian/patches/008_su_get_PAM_username
===================================================================
--- debian/branches/lenny/debian/patches/008_su_get_PAM_username 2008-06-12 22:12:19 UTC (rev 2123)
+++ debian/branches/lenny/debian/patches/008_su_get_PAM_username 2008-06-12 22:13:46 UTC (rev 2124)
@@ -1,10 +1,23 @@
-Goal: ???
+Goal: Retrieve the PAM username in case a module changed the PAM_USER
+ item.
-Notes:
- * It still needs more investigation.
- I don't know what this patch is used for. IMO, the user name is
- already known before calling pam_get_item(pamh, PAM_USER, ...)
+According to Linux-PAM_ADG:
+ * Note, modules can change the values of PAM_USER and PAM_RUSER during
+ any of the pam_*() library calls. For this reason, the application
+ should take care to use the pam_get_item() every time it wishes to
+ establish who the authenticated user is (or will currently be).
+PAM_USER description:
+
+ The username of the entity under whose identity service will be given. That
+ is, following authentication, PAM_USER identifies the local entity that
+ gets to use the service. Note, this value can be mapped from something
+ (eg., "anonymous") to something else (eg. "guest119") by any module in the
+ PAM stack. As such an application should consult the value of PAM_USER
+ after each call to a PAM function.
+
+See also: https://www.redhat.com/archives/pam-list/2008-May/msg00009.html
+
Index: shadow-4.1.0/src/su.c
===================================================================
--- shadow-4.1.0.orig/src/su.c
Modified: debian/branches/lenny/debian/patches/406_vipw_resume_properly
===================================================================
--- debian/branches/lenny/debian/patches/406_vipw_resume_properly 2008-06-12 22:12:19 UTC (rev 2123)
+++ debian/branches/lenny/debian/patches/406_vipw_resume_properly 2008-06-12 22:13:46 UTC (rev 2124)
@@ -4,7 +4,7 @@
Author: dean gaudet <dean at arctic.org>
-Status wrt upstream: should be forwarded
+Status wrt upstream: Fixed upstream
Index: shadow-4.1.0/src/vipw.c
===================================================================
Modified: debian/branches/lenny/debian/patches/414_remove-unwise-advices
===================================================================
--- debian/branches/lenny/debian/patches/414_remove-unwise-advices 2008-06-12 22:12:19 UTC (rev 2123)
+++ debian/branches/lenny/debian/patches/414_remove-unwise-advices 2008-06-12 22:13:46 UTC (rev 2124)
@@ -1,7 +1,7 @@
Goal: Remove quite unwise password choice advices in passwd manpage
Fixes: #386818
-Status wrt upstream: Forwarded without patch but ignored up to now
+Status wrt upstream: Applied upstream
Note:
@@ -9,14 +9,16 @@
===================================================================
--- shadow-4.1.0.orig/man/passwd.1.xml
+++ shadow-4.1.0/man/passwd.1.xml
-@@ -114,35 +114,9 @@
+@@ -113,36 +113,10 @@
+ </para>
<para>
- Your password must be easily remembered so that you will not be forced
+- Your password must be easily remembered so that you will not be forced
- to write it on a piece of paper. This can be accomplished by
- appending two small words together and separating each with a
- special character or digit. For example, Pass%word.
-+ to write it on a piece of paper.
++ You can find advices on how to choose a strong password on
++ http://en.wikipedia.org/wiki/Password_strength
</para>
- <para>
Modified: debian/branches/lenny/debian/patches/434_login_stop_checking_args_after--
===================================================================
--- debian/branches/lenny/debian/patches/434_login_stop_checking_args_after-- 2008-06-12 22:12:19 UTC (rev 2123)
+++ debian/branches/lenny/debian/patches/434_login_stop_checking_args_after-- 2008-06-12 22:13:46 UTC (rev 2124)
@@ -1,9 +1,7 @@
Goal: terminate argument validation in login when it hits a '--'.
Fixes: #66368
-Status wrt upstream: It could certainly be submitted to upstream.
- Upstream comment: "Better will be rewrite login
- for use getopt_long()."
+Status wrt upstream: Applied upstream.
Index: shadow-4.1.0/src/login.c
===================================================================
Modified: debian/branches/lenny/debian/patches/487_passwd_chauthtok_failed_message
===================================================================
--- debian/branches/lenny/debian/patches/487_passwd_chauthtok_failed_message 2008-06-12 22:12:19 UTC (rev 2123)
+++ debian/branches/lenny/debian/patches/487_passwd_chauthtok_failed_message 2008-06-12 22:13:46 UTC (rev 2124)
@@ -4,7 +4,7 @@
Fixes: #352137
-Status wrt upstream: not forwarded yet
+Status wrt upstream: Applied upstream.
Index: shadow-4.1.0/libmisc/pam_pass.c
===================================================================
Modified: debian/branches/lenny/debian/patches/491_configure.in_friendly_selinux_detection
===================================================================
--- debian/branches/lenny/debian/patches/491_configure.in_friendly_selinux_detection 2008-06-12 22:12:19 UTC (rev 2123)
+++ debian/branches/lenny/debian/patches/491_configure.in_friendly_selinux_detection 2008-06-12 22:13:46 UTC (rev 2124)
@@ -5,7 +5,7 @@
Author: Mike Frysinger <vapier at gentoo.org>
-Status wrt upstream: reported by Mike, not applied yet
+Status wrt upstream: Fixed upstream.
Index: shadow-4.1.0/configure.in
===================================================================
More information about the Pkg-shadow-commits
mailing list