Bug#255870: marked as done (ssh: defining SSHD_PAM_SERVICE breaks ability to set PAM service)

[owner@bugs.debian.org (Debian Bug Tracking System)]

Your message dated Wed, 13 Feb 2008 19:02:08 +0000
with message-id <E1JPMrw-0007lF-FV@ries.debian.org>
and subject line Bug#255870: fixed in openssh 1:4.7p1-4
has caused the Debian Bug report #255870,
regarding ssh: defining SSHD_PAM_SERVICE breaks ability to set PAM service
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
255870: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=255870
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: Debian Bug Tracking System <submit@bugs.debian.org>
• Subject: ssh: defining SSHD_PAM_SERVICE breaks ability to set PAM service
• From: Jeff Layton <jtlayton@poochiereds.net>
• Date: Wed, 23 Jun 2004 10:10:45 -0400
• Message-id: <20040623141045.3EDC92EE3F@localhost>

Package: ssh
Version: 1:3.8.1p1-4
Severity: normal

The Debian ssh package is compiled with '-DSSHD_PAM_SERVICE=\"ssh\"'.
This breaks the ability to configure what PAM service is used, as that
is normally decided by the name of the binary.

I rolled a patch to make this settable at runtime without having to
symlink or rename the binary, but it doesn't seem like it will likely
be included in the portability release.

So, the best option would be to remove the above define when building
the package, and rename /etc/pam.d/ssh to /etc/pam.d/sshd. This will
allow the Debian packaged binary to still function as it currently does,
and allow it to use alternate PAM service names if someone synlinks to
the binary.

Any chance of making this change to the package?

-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (990, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.7a
Locale: LANG=C, LC_CTYPE=C

Versions of packages ssh depends on:
ii  adduser                     3.57         Add and remove users and groups
ii  debconf                     1.4.28       Debian configuration management sy
ii  dpkg                        1.10.22      Package maintenance system for Deb
ii  libc6                       2.3.2.ds1-13 GNU C Library: Shared libraries an
ii  libpam-modules              0.76-21      Pluggable Authentication Modules f
ii  libpam-runtime              0.76-21      Runtime support for the PAM librar
ii  libpam0g                    0.76-21      Pluggable Authentication Modules l
ii  libssl0.9.7                 0.9.7d-3     SSL shared libraries
ii  libwrap0                    7.6.dbs-4    Wietse Venema's TCP wrappers libra
ii  zlib1g                      1:1.2.1.1-3  compression library - runtime

-- debconf information:
  ssh/insecure_rshd:
  ssh/privsep_ask: true
* ssh/user_environment_tell:
* ssh/forward_warning:
  ssh/insecure_telnetd:
  ssh/new_config: true
* ssh/use_old_init_script: true
* ssh/SUID_client: true
* ssh/privsep_tell:
  ssh/ssh2_keys_merged:
* ssh/protocol2_only: true
  ssh/encrypted_host_key_but_no_keygen:
* ssh/run_sshd: true

--- End Message ---

--- Begin Message ---

• To: 255870-close@bugs.debian.org
• Subject: Bug#255870: fixed in openssh 1:4.7p1-4
• From: Colin Watson <cjwatson@debian.org>
• Date: Wed, 13 Feb 2008 19:02:08 +0000
• Message-id: <E1JPMrw-0007lF-FV@ries.debian.org>

Source: openssh
Source-Version: 1:4.7p1-4

We believe that the bug you reported is fixed in the latest version of
openssh, which is due to be installed in the Debian FTP archive:

openssh-client-udeb_4.7p1-4_i386.udeb
  to pool/main/o/openssh/openssh-client-udeb_4.7p1-4_i386.udeb
openssh-client_4.7p1-4_i386.deb
  to pool/main/o/openssh/openssh-client_4.7p1-4_i386.deb
openssh-server-udeb_4.7p1-4_i386.udeb
  to pool/main/o/openssh/openssh-server-udeb_4.7p1-4_i386.udeb
openssh-server_4.7p1-4_i386.deb
  to pool/main/o/openssh/openssh-server_4.7p1-4_i386.deb
openssh_4.7p1-4.diff.gz
  to pool/main/o/openssh/openssh_4.7p1-4.diff.gz
openssh_4.7p1-4.dsc
  to pool/main/o/openssh/openssh_4.7p1-4.dsc
ssh-askpass-gnome_4.7p1-4_i386.deb
  to pool/main/o/openssh/ssh-askpass-gnome_4.7p1-4_i386.deb
ssh-krb5_4.7p1-4_all.deb
  to pool/main/o/openssh/ssh-krb5_4.7p1-4_all.deb
ssh_4.7p1-4_all.deb
  to pool/main/o/openssh/ssh_4.7p1-4_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 255870@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Colin Watson <cjwatson@debian.org> (supplier of updated openssh package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Wed, 13 Feb 2008 18:18:52 +0000
Source: openssh
Binary: openssh-client openssh-server ssh ssh-krb5 ssh-askpass-gnome openssh-client-udeb openssh-server-udeb
Architecture: source all i386
Version: 1:4.7p1-4
Distribution: unstable
Urgency: low
Maintainer: Debian OpenSSH Maintainers <debian-ssh@lists.debian.org>
Changed-By: Colin Watson <cjwatson@debian.org>
Description: 
 openssh-client - secure shell client, an rlogin/rsh/rcp replacement
 openssh-client-udeb - secure shell client for the Debian installer (udeb)
 openssh-server - secure shell server, an rshd replacement
 openssh-server-udeb - secure shell server for the Debian installer (udeb)
 ssh        - secure shell client and server (metapackage)
 ssh-askpass-gnome - interactive X program to prompt users for a passphrase for ssh-ad
 ssh-krb5   - secure shell client and server (transitional package)
Closes: 255870 465614
Changes: 
 openssh (1:4.7p1-4) unstable; urgency=low
 .
   [ Caleb Case ]
   * Fix configure detection of getseuserbyname and
     get_default_context_with_level (closes: #465614, LP: #188136).
 .
   [ Colin Watson ]
   * Include the autogenerated debian/copyright in the source package.
   * Move /etc/pam.d/ssh to /etc/pam.d/sshd, allowing us to stop defining
     SSHD_PAM_SERVICE (closes: #255870).
Files: 
 0e18f8e7f7f9b72d5b3952917c970794 1104 net standard openssh_4.7p1-4.dsc
 4255f3e6dfc3e959e4f26886347bf878 187162 net standard openssh_4.7p1-4.diff.gz
 b87b3b7eb6ae5d728158529d4d733637 1040 net extra ssh_4.7p1-4_all.deb
 81a4a99b3e2c660e6920049e5eddbf19 87610 net extra ssh-krb5_4.7p1-4_all.deb
 ba28c94daa90e9cfe439e360db028f42 662204 net standard openssh-client_4.7p1-4_i386.deb
 9ad89f503ab9b5256999b2e7b0b94f76 244132 net optional openssh-server_4.7p1-4_i386.deb
 eb5d36f9539a53095ecf4a364f148c0d 95096 gnome optional ssh-askpass-gnome_4.7p1-4_i386.deb
 43bae32a82388045eb4726ac1ed9dc88 158554 debian-installer optional openssh-client-udeb_4.7p1-4_i386.udeb
 527b769a128dc48fcdbd4faf2b25b833 169090 debian-installer optional openssh-server-udeb_4.7p1-4_i386.udeb
Package-Type: udeb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Colin Watson <cjwatson@debian.org> -- Debian developer

iD8DBQFHsztp9t0zAhD6TNERApdpAJsE46HcZoMa0m3IKAKqlsRYU0VTXQCeIkTS
PriU9C7kzeUm7YCtcyriERw=
=uYmT
-----END PGP SIGNATURE-----

--- End Message ---