[SRU] Please set MOTD_SHOWN=pam when MOTD was shown
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
pam (Ubuntu) |
Fix Released
|
Undecided
|
Balint Reczey | ||
Eoan |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
[Impact]
* Users of containers may never see the MOTD of the container if they are always to the container's shell without PAM being involved.
* MOTD contains important information about the system's health including the security updates to be installed thus it is desired to show MOTD in container shells, too.
* The fix in update-motd is creating a snippet in /etc/profile.d which shows MOTD, but only if UPDATE_MOTD is not set, to avoid printing MOTD twice.
[Test Case]
* Log in to the system, where PAM prints the MOTD.
* After seeing the MOTD observe MOTD_SHOWN set:
$ echo $MOTD_SHOWN
pam
$
[Regression Potential]
* The fix is simple thus it is unlikely to see any regression due to bad implementation.
* The newly set environment variable may interact with existing software, but this variable seems to be not used:
https:/
* With this change pam_motd module starts reporting errors and, most of the time, success. This is being refined at upstream to not report success, just PAM_IGNORE and errors: https:/
$ grep -A1 -B5 pam_motd /etc/pam.d/login
# Prints the message of the day upon successful login.
# (Replaces the `MOTD_FILE' option in login.defs)
# This includes a dynamically generated part from /run/motd.dynamic
# and a static (admin-editable) part from /etc/motd.
session optional pam_motd.so motd=/run/
session optional pam_motd.so noupdate
However, I plan reverting the behaviour change in the follow-up upload (LP: #1856703) right after it is finalized at upstream. I propose releasing this change in the current form to Eoan, because it is needed by the update-motd SRU and the ubuntu-meta SRU that enables printing MOTD in the Eoan Ubuntu WSL instances.
Changed in pam (Ubuntu): | |
assignee: | nobody → Balint Reczey (rbalint) |
status: | New → In Progress |
description: | updated |
tags: | added: patch |
tags: | added: wsl |
description: | updated |
tags: | added: id-5d78fc6cca6d1b77a77952cc |
Forwarded patch to https:/ /github. com/linux- pam/linux- pam/pull/ 155