[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

New shadow maintainer, pre-release of upcoming packages...

Hello fellow developers,

With Guy's permission I have taken on the shadow packages. I've been busily
building a new version which has _lots_ changed in it. Below is a breakdown
of what I have so far, and a URL for a pre-release of the packages. NOTE,
because this is not an official upload, please do not file any bug reports
on these packages. There are way to many BTS entries already that I have to
take care of with these packages, so please don't make it any harder for me
to sort through them. Also note that the Debian release is 0.1, it will turn
to -1 when I upload.

This set is pretty much the way I want it with a few exceptions noted below
under TODO, so if there are no complaints, and no problems reported _directly_
to me, this will be the uploaded form (save the few TODO items):

1) Upgraded to the latest 19990827 release, this fixes lots of bugs

2) New build setup. I really need Hurd (Marcus?) to test this and make sure
   that it still only produces the passwd package for that OS. This build
   setup is based on Adam Heath's `dbs' system (a great setup btw).

3) PAM functionality completely turned on for login, passwd, su, chsh and chfn.
   Please test, test, and retest this functionality. When doing so, please make
   sure you are using the latest PAM 0.69-2 (other versions may cause problems).
   Note, that the login program was not fully working with PAM (as noted in the
   shadow README.pam doc). I believe I have it working pretty well now. Also, I
   do know that login sticks around until after logout. This is on purpose, so
   that login can call pam_close_session() to get rid of credentials. Also note
   that certain functionality in /etc/login.defs is replaced with PAM. The final
   upload will include a new login.defs that documents this, and the corresponding
   /etc/pam.d/ file for each program will have exmaples of how to implement that
   functionality there. Most notably are MD5 passwords, limits, lastlog, mail check,
   password strength checking (cracklib will be possible now with libpam-cracklib
   package), porttime checks, securetty's, motd file, su wheel group, chfn auth,
   and env file and handling.

4) The default su will now be in the `login' package as opposed to shellutils. The
   shellutils maintainer is holding an upload for that package without su. That
   version of shellutils will depend on the version of login that I upload, and
   this version of login correctly Replaces versions of shellutils lower than the
   new version he has waiting.

5) Many Many bug fixes. If your bug isn't fixed here, don't worry I still plan to
   close more.


- better examples in pam.d files to atleast mirror the capabilities in login.defs and
  then remove the lines in login.defs that are handled by PAM with a note on which ones
- use login.defs FAIL_DELAY to set PAM's fail delay

Thanks, for the help in testing.


Reply to: