pam 1.1.8-3.6ubuntu1 source package in Ubuntu


pam (1.1.8-3.6ubuntu1) bionic; urgency=medium

  * Merge with Debian unstable.
    - Fixes unescaped brace in pam_getenv regex.  LP: #1538284.
    - Fixes pam_namespace defaults for compatibility with dash.  LP: #1081323.
  * Remaining changes:
    - debian/control: have libpam-modules recommend update-motd package
    - debian/libpam-modules.postinst: Add PATH to /etc/environment if it's
      not present there or in /etc/security/pam_env.conf. (should send to
    - debian/libpam0g.postinst: only ask questions during update-manager when
      there are non-default services running.
    - debian/libpam0g.postinst: check if gdm is actually running before
      trying to reload it.
    - debian/libpam0g.postinst: the init script for 'samba' is now named
      'smbd' in Ubuntu, so fix the restart handling.
    - debian/patches-applied/ubuntu-rlimit_nice_correction: Explicitly
      initialise RLIMIT_NICE rather than relying on the kernel limits.
    - debian/patches-applied/pam_umask_usergroups_from_login.defs.patch:
      Deprecate pam_unix's explicit "usergroups" option and instead read it
      from /etc/login.def's "USERGROUP_ENAB" option if umask is only defined
      there. This restores compatibility with the pre-PAM behaviour of login.
    - debian/patches-applied/pam_motd-legal-notice: display the contents of
      /etc/legal once, then set a flag in the user's homedir to prevent
      showing it again.
    - debian/update-motd.5, debian/libpam-modules.manpages: add a manpage
      for update-motd, with some best practices and notes of explanation.
    - debian/patches/update-motd-manpage-ref: add a reference in pam_motd(8)
      to update-motd(5)
    - debian/local/common-session{,-noninteractive}: Enable pam_umask by
      default, now that the umask setting is gone from /etc/profile.
    - debian/local/pam-auth-update: Add the new md5sums for pam_umask addition.
    - debian/patches-applied/extrausers.patch: Add a pam_extrausers module
      that is basically just a copy of pam_unix but looks at
      /var/lib/extrausers/{group,passwd,shadow} instead of /etc/
    - debian/libpam-modules-bin.install: install the helper binaries for
      pam_extrausers to /sbin
    - debian/rules: Make pam_extrausers_chkpwd sguid shadow
    - pam-configs/mkhomedir: Added a config for pam_mkhomedir, disabled
      by default.
    - don't notify about xdm restarts during a release-upgrade
    - debian/patches-applied/cve-2015-3238.patch: removed manpage changes
      so they don't get regenerated during build and cause a multiarch
      installation issue.
  * Dropped changes, included in Debian:
    - Build-depend on libfl-dev.
    - debian/patches-applied/pam-limits-nofile-fd-setsize-cap: cap the default
      soft nofile limit read from pid 1 to FD_SETSIZE.
  * Fix references to /var/run in update-motd.5.  LP: #1571864
  * Fix service restart handling to integrate with systemd instead of

pam (1.1.8-3.6) unstable; urgency=medium

  * Non-maintainer upload.
  * cve-2015-3238.patch: Add the changes in the generated pam_exec.8
    and pam_unix.8 in addition to (and after) the changes to the
    source .xml files. This avoids unwanted rebuilds that can cause
    problems due to differing files on different architectures of
    the Multi-Arch: same libpam-modules. (Closes: #851545)

pam (1.1.8-3.5) unstable; urgency=medium

  * Non-maintainer upload.
  * Build-Depend on libfl-dev:native as well, for cross builds.
    Re-closes: #846459
  * Fix "Unescaped left brace in regex" with Perl 5.22. Closes: #810873

pam (1.1.8-3.4) unstable; urgency=medium

  * Non-maintainer upload.
  * Add libfl-dev to Build-Depends, fixing FTBFS.  Closes: #846459
  * Move xsl stuff to Build-Depends from -Indep to fix misbuilt manpages.
    Closes: #812566

pam (1.1.8-3.3) unstable; urgency=low

  * Non-maintainer upload.
  [ Steve Langasek ]
  * Updated Swedish translation to correct a typo, thanks to Anders Jonsson
    and Martin Bagge.  Closes: #743875
  * Updated Turkish translation, thanks to Mert Dirik <email address hidden>.
    (closes: #756756)
  * d/applied-patches/pam-limits-nofile-fd-setsize-cap: cap the default
    soft nofile limit read from pid 1 to FD_SETSIZE.  Thanks to Robie Basak
    <email address hidden> for the patch.  Closes: #783105.
  * Acknowledge security NMU.
  * pam-auth-update: don't mishandle trailing whitespace in profiles.
    LP: #1487103.

  [ Laurent Bigonville ]
  * debian/control: Fix Vcs-* and Homepage fields (Closes: #752343)
  * debian/watch: Update watch file and point it to
  * debian/patches-applied/pam_namespace_fix_bashism.patch: Fix bashism in
    namespace.init script (Closes: #624842)
  * debian/control: Build-depends against debhelper (>= 9) to match the
    defined debhelper compatibility
  * Rename the cve-2011-4708.patch to cve-2010-4708.patch to match reality,
    thanks to Jakub Wilk <email address hidden> for noticing (Closes: #761594)
  * debian/control: Bump Standards-Version to 3.9.8 (no further changes)
  * debian/libpam-doc.doc-base.applications-guide: Fix spelling
  * debian/libpam0g-dev.examples: Do not use shell brace expansion
  * debian/patches-applied/pam-loginuid-in-containers: Updated with the version
    from Ubuntu, this should fix logins in containers (Closes: #726661)
  * debian/patches-applied/update-motd: Updated with the version from Ubuntu:
    use /run/motd.dynamic instead of /var/run/motd, nothing in the archive
    uses the later (Closes: #743286)
  * debian/patches-applied/make_documentation_reproducible.patch: Make the
    build reproducible, removes differences when building with different
    locale values (Closes: #792127)

 -- Steve Langasek <email address hidden>  Thu, 26 Oct 2017 23:23:18 -0700

Upload details

Uploaded by:
Steve Langasek
Uploaded to:
Original maintainer:
Ubuntu Developers
any all
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section


File Size SHA-256 Checksum
pam_1.1.8.orig.tar.gz 1.8 MiB 4183409a450708a976eca5af561dbf4f0490141a08e86e4a1e649c7c1b094876
pam_1.1.8-3.6ubuntu1.diff.gz 198.5 KiB 483534b012f7a45f721598ce18626ddd1fe3dc353a5773f29d8da44f1034a1f6
pam_1.1.8-3.6ubuntu1.dsc 2.7 KiB 9ac79dd9a14f1a7cdd9f222c3e18f5135f39ad568bbc95445334b83ebc7d7190

View changes file

Binary packages built by this source

libpam-cracklib: PAM module to enable cracklib support

 This package includes libpam_cracklib, a PAM module that tests
 passwords to make sure they are not too weak during password change.

libpam-cracklib-dbgsym: debug symbols for libpam-cracklib
libpam-doc: Documentation of PAM

 Contains documentation (in HTML, ASCII, and PostScript format) for libpam,
 the Pluggable Authentication Modules library, a library that enables the
 local system administrator to choose how applications authenticate users.

libpam-modules: Pluggable Authentication Modules for PAM

 This package completes the set of modules for PAM. It includes the module as well as some specialty modules.

libpam-modules-bin: Pluggable Authentication Modules for PAM - helper binaries

 This package contains helper binaries used by the standard set of PAM
 modules in the libpam-modules package.

libpam-modules-bin-dbgsym: debug symbols for libpam-modules-bin
libpam-modules-dbgsym: debug symbols for libpam-modules
libpam-runtime: Runtime support for the PAM library

 Contains configuration files and directories required for
 authentication to work on Debian systems. This package is required
 on almost all installations.

libpam0g: Pluggable Authentication Modules library

 Contains the shared library for Linux-PAM, a library that enables the
 local system administrator to choose how applications authenticate users.
 In other words, without rewriting or recompiling a PAM-aware application,
 it is possible to switch between the authentication mechanism(s) it uses.
 One may entirely upgrade the local authentication system without touching
 the applications themselves.

libpam0g-dbgsym: debug symbols for libpam0g
libpam0g-dev: Development files for PAM

 Contains C header files and development libraries for libpam, the Pluggable
 Authentication Modules, a library that enables the local system
 administrator to choose how applications authenticate users.
 PAM decouples applications from the authentication mechanism, making it
 possible to upgrade the authentication system without recompiling or
 rewriting the applications.