'[Pkg-shadow-devel] Ubuntu shadow 1:4.0.18.2-1ubuntu1'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       pkg-shadow-devel
Subject:    [Pkg-shadow-devel] Ubuntu shadow 1:4.0.18.2-1ubuntu1
From:       Ubuntu Merge-o-Matic <mom () ubuntu ! com>
Date:       2008-02-15 20:41:59
Message-ID: 20080215204159.31690.87206 () casey ! canonical ! com
[Download RAW message or body]

This e-mail has been sent due to an upload to Ubuntu that contains Ubuntu
changes.  It contains the difference between the new version and the
previous version of the same source package in Ubuntu.
["shadow_1:4.0.18.2-1ubuntu1_source.changes" (text/plain)]

Format: 1.7
Date: Fri, 08 Feb 2008 02:20:06 -0500
Source: shadow
Binary: login passwd
Architecture: source
Version: 1:4.0.18.2-1ubuntu1
Distribution: hardy
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss@lists.ubuntu.com>
Changed-By: Caleb Case <ccase@tresys.com>
Description: 
 login      - system login tools
 passwd     - change and administer password and group data
Launchpad-Bugs-Fixed: 191326
Changes: 
 shadow (1:4.0.18.2-1ubuntu1) hardy; urgency=low
 .
   * debian/login.pam: Enable SELinux support in login.pam (LP: #191326).
Files: 
 3a86465ca63e3704dced2b7a303e6e9b 1148 admin required shadow_4.0.18.2-1ubuntu1.dsc
 3ea5f2c42d0d4f8dc9a5c4c255e81d95 91091 admin required shadow_4.0.18.2-1ubuntu1.diff.gz
Original-Maintainer: Shadow package maintainers <pkg-shadow-devel@lists.alioth.debian.org>

["shadow_1:4.0.18.2-1ubuntu1.patch" (text/plain)]

diff -pruN 1:4.0.18.2-1/debian/changelog 1:4.0.18.2-1ubuntu1/debian/changelog
--- 1:4.0.18.2-1/debian/changelog	2008-02-15 20:15:06.000000000 +0000
+++ 1:4.0.18.2-1ubuntu1/debian/changelog	2008-02-15 20:15:05.000000000 +0000
@@ -1,3 +1,9 @@
+shadow (1:4.0.18.2-1ubuntu1) hardy; urgency=low
+
+  * debian/login.pam: Enable SELinux support in login.pam (LP: #191326).
+
+ -- Caleb Case <ccase@tresys.com>  Fri, 08 Feb 2008 02:20:06 -0500
+
 shadow (1:4.0.18.2-1) unstable; urgency=low
 
   * The "Vacherin" release.
diff -pruN 1:4.0.18.2-1/debian/control 1:4.0.18.2-1ubuntu1/debian/control
--- 1:4.0.18.2-1/debian/control	2008-02-15 20:15:06.000000000 +0000
+++ 1:4.0.18.2-1ubuntu1/debian/control	2008-02-15 20:15:05.000000000 +0000
@@ -1,7 +1,8 @@
 Source: shadow
 Section: admin
 Priority: required
-Maintainer: Shadow package maintainers <pkg-shadow-devel@lists.alioth.debian.org>
+Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss@lists.ubuntu.com>
+XSBC-Original-Maintainer: Shadow package maintainers \
<pkg-shadow-devel@lists.alioth.debian.org>  Standards-Version: 3.7.2.0
 Uploaders: Christian Perrier <bubulle@debian.org>, Martin Quinson \
<mquinson@debian.org>, Nicolas FRANCOIS (Nekral) <nicolas.francois@centraliens.net>  \
Build-Depends: autoconf, automake1.9, libtool, gettext, libpam0g-dev, debhelper (>= \
5.0.0), quilt, dpkg-dev (>= 1.13.5), xsltproc, docbook-xsl, docbook-xml, \
libxml2-utils, cdbs, libselinux1-dev [!hurd-i386 !kfreebsd-i386 !kfreebsd-amd64], \
                gnome-doc-utils (>= 0.4.3-1)
diff -pruN 1:4.0.18.2-1/debian/login.pam 1:4.0.18.2-1ubuntu1/debian/login.pam
--- 1:4.0.18.2-1/debian/login.pam	2008-02-15 20:15:06.000000000 +0000
+++ 1:4.0.18.2-1ubuntu1/debian/login.pam	2008-02-15 20:15:05.000000000 +0000
@@ -14,6 +14,12 @@ auth       requisite  pam_securetty.so
 # (Replaces the `NOLOGINS_FILE' option from login.defs)
 auth       requisite  pam_nologin.so
 
+# SELinux needs to be the first session rule. This ensures that any 
+# lingering context has been cleared. Without out this it is possible 
+# that a module could execute code in the wrong domain.  (When SELinux
+# is disabled, this returns success.)
+session    required   pam_selinux.so close
+
 # This module parses environment configuration file(s)
 # and also allows you to use an extended config
 # file /etc/security/pam_env.conf.
@@ -66,12 +72,13 @@ session    optional   pam_motd.so
 # See comments in /etc/login.defs
 session    optional   pam_mail.so standard
 
-# SELinux needs to intervene at login time to ensure that the process
-# starts in the proper default security context.
-# Uncomment the following line to enable SELinux
-# session required pam_selinux.so multiple
-
 # Standard Un*x account and session
 @include common-account
 @include common-session
 @include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this.  (When
+# SELinux is disabled, this returns success.)
+session required pam_selinux.so open



[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic