pam (0.99.7.1-4ubuntu1) gutsy; urgency=low * Resynchronise with Debian (LP: #43169, #14505, #80431). Remaining changes: - debian/control, debian/local/common-session{,md5sums}: use libpam-foreground for session management. - debian/rules: install unix_chkpwd setgid shadow instead of setuid root. The nis package handles overriding this as necessary. - debian/libpam-modules.postinst: Add PATH to /etc/environment if it's not present there or in /etc/security/pam_env.conf. - debian/patches-applied/ubuntu-fix_standard_types: Use standard u_int8_t type rather than __u8. - debian/patches-applied/ubuntu-rlimit_nice_correction: Explicitly initialise RLIMIT_NICE rather than relying on the kernel limits. Bound RLIMIT_NICE from below as well as from above. Fix off-by-one error when converting RLIMIT_NICE to the range of values used by the kernel. (Originally patch 101; converted to quilt.) - debian/patches-applied/ubuntu-user_defined_environment: Look at ~/.pam_environment too, with the same format as /etc/security/pam_env.conf. (Originally patch 100; converted to quilt.) * Dropped: - debian/rules: bashism fixes (merged upstream). - debian/control: Conflict on ancient nis (expired with Breezy). - debian/libpam-runtime.postinst: check for ancient pam (expired with Breezy). pam (0.99.7.1-4) unstable; urgency=low * libpam0g.postinst, libpam0g.templates: gdm doesn't need to be restarted to fix the library skew, only reloaded; special-case this daemon in the postinst and remove the mention of it from the debconf template, also tightening the language of the debconf template in the process. Closes: #440074. * Add courier-authdaemon to the list of services that need to be restarted; thanks to Micah Anderson for reporting. * New patch pam_env_ignore_garbage.patch: fix pam_env to really skip over garbage lines in /etc/environment and log an error, instead of failing with an obscure error; and ignore any PAM_BAD_ITEM values returned by pam_putenv(), since this is the expected error return when trying to delete a non-existent var. Closes: #439984. * Yet another thinko in hurd_no_setfsuid and in 029_pam_limits_capabilities; this code should really be Hurd-safe at last... * getline() returns -1 on EOF, not 0; check this appropriately, to fix an infinite loop in pam_rhosts_auth. Thanks to Stephan Springl