Please find, for review, the debconf templates and packages descriptions for the pam-mysql source package. This review will last from Sunday, August 26, 2012 to Wednesday, September 05, 2012. Please send reviews as unified diffs (diff -u) against the original files. Comments about your proposed changes will be appreciated. Your review should be sent as an answer to this mail. When appropriate, I will send intermediate requests for review, with "[RFRn]" (n>=2) as a subject tag. When we will reach a consensus, I send a "Last Chance For Comments" mail with "[LCFC]" as a subject tag. Finally, a summary will be sent to the review bug report, and a mail will be sent to this list with "[BTS]" as a subject tag. Rationale: --- pam-mysql.old/debian/libpam-mysql.templates 2012-08-22 06:51:38.940010532 +0200 +++ pam-mysql/debian/libpam-mysql.templates 2012-08-26 17:35:43.650241967 +0200 @@ -1,10 +1,10 @@ Template: pam-mysql/config_file_noread Type: boolean Default: true -Description: Chmod configuration file? - This version of pam-mysql has a configuration file which may include - passwords. Do you want to disable normal users from reading this - file? +_Description: Restrict access to pam-mysql configuration file to root? + This version of pam-mysql uses a configuration file which may include + passwords. It is recommended to restrict access to this file + so that unprivileged users can't read it. . - There is probably no good reason *not* to do this. As the most common - reason to use the configuration file is to hide the password. + If you choose this option, only root will have read access to pam-mysql + configuration file. Make template translatable by prepending "_" "chmod configuration file" is unclear and jargonic. Be clearer. The package "uses" a configuration file. IMHO better than "has". Avoid question in long description (see DevRef) Use "it is recommended" instead of "no good reason *not* to do this" which might be confusing. Explain exactly what's happening. --- pam-mysql.old/debian/control 2012-08-22 06:51:38.940010532 +0200 +++ pam-mysql/debian/control 2012-08-26 17:40:24.714171053 +0200 @@ -11,5 +11,5 @@ Depends: ${shlibs:Depends}, ${misc:Depends} Description: PAM module allowing authentication from a MySQL server This module lets you use a MySQL database as a source of - authentication (but not session or other) information for PAM-enabled - apps. + authentication information for PAM-enabled + applications. It doesn't allow session authentication, though. Small changes but this can be improved again, I guess. --
Template: pam-mysql/config_file_noread Type: boolean Default: true _Description: Restrict access to pam-mysql configuration file to root? This version of pam-mysql uses a configuration file which may include passwords. It is recommended to restrict access to this file so that unprivileged users can't read it. . If you choose this option, only root will have read access to pam-mysql configuration file.
--- pam-mysql.old/debian/libpam-mysql.templates 2012-08-22 06:51:38.940010532 +0200 +++ pam-mysql/debian/libpam-mysql.templates 2012-08-26 17:35:43.650241967 +0200 @@ -1,10 +1,10 @@ Template: pam-mysql/config_file_noread Type: boolean Default: true -Description: Chmod configuration file? - This version of pam-mysql has a configuration file which may include - passwords. Do you want to disable normal users from reading this - file? +_Description: Restrict access to pam-mysql configuration file to root? + This version of pam-mysql uses a configuration file which may include + passwords. It is recommended to restrict access to this file + so that unprivileged users can't read it. . - There is probably no good reason *not* to do this. As the most common - reason to use the configuration file is to hide the password. + If you choose this option, only root will have read access to pam-mysql + configuration file. --- pam-mysql.old/debian/control 2012-08-22 06:51:38.940010532 +0200 +++ pam-mysql/debian/control 2012-08-26 17:40:24.714171053 +0200 @@ -11,5 +11,5 @@ Depends: ${shlibs:Depends}, ${misc:Depends} Description: PAM module allowing authentication from a MySQL server This module lets you use a MySQL database as a source of - authentication (but not session or other) information for PAM-enabled - apps. + authentication information for PAM-enabled + applications. It doesn't allow session authentication, though.
Source: pam-mysql Section: admin Priority: extra Maintainer: Paweł Więcek <coven@debian.org> Uploaders: Lars Bahner <bahner@debian.org> Standards-Version: 3.8.0 Build-Depends: libpam0g-dev, libmysqlclient15-dev, debhelper (>= 5.0.0), libssl-dev, dpatch Package: libpam-mysql Architecture: any Depends: ${shlibs:Depends}, ${misc:Depends} Description: PAM module allowing authentication from a MySQL server This module lets you use a MySQL database as a source of authentication information for PAM-enabled applications. It doesn't allow session authentication, though.
Attachment:
signature.asc
Description: Digital signature