[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#669699: marked as done (openssh-server: Please support dynamic motd (initscripts change))



Your message dated Sat, 26 May 2012 23:12:13 +0000
with message-id <E1SYQ9d-0003oQ-TE@franck.debian.org>
and subject line Bug#669699: fixed in openssh 1:6.0p1-1
has caused the Debian Bug report #669699,
regarding openssh-server: Please support dynamic motd (initscripts change)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
669699: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=669699
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
Package: openssh-server
Version: 1:5.9p1-5
Severity: normal
Tags: patch

Separation of static and dynamic motd components
================================================

Currently initscripts generates the motd, and stores it in
/var/run/motd.  /etc/motd is a symlink to this file, and
/etc/motd.tail contains the static user-editable part.  This is not
ideal for a number of reasons, including /etc/motd not being a file as
documented, and not behaving like a conffile, and being generally
complex and confusing.  It also unnecessarily wastes space on /run.

In a future upload of initscripts, this will be simplified:

- /etc/motd will contain the user-editable part, and will be a regular
  file; /etc/motd.tail will be migrated here.
- The dynamic part (uname -a) will be stored in /run/motd.dynamic;
  this will be generated at boot like we do now.  There is scope for
  supporting other dynamically generated info in the future, should
  there ever be any demand for that, but for now we are simply going
  to retain the existing behaviour.  Users can extend this should
  they wish.

This does require two separate pam_motd lines in your pam service
file, one for the dynamic and one for the static parts (patch
attached).  Enabling the use of /run/motd.dynamic before I create
it in initscripts is harmless, and it means we can seamlessly
switch over once you have made this change.


Thanks,
Roger

-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (550, 'unstable'), (500, 'testing'), (400, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages openssh-server depends on:
ii  adduser                3.113+nmu1
ii  debconf [debconf-2.0]  1.5.42
ii  dpkg                   1.16.2
ii  libc6                  2.13-30
ii  libcomerr2             1.42.2-2
ii  libgssapi-krb5-2       1.10+dfsg~beta1-2
ii  libkrb5-3              1.10+dfsg~beta1-2
ii  libpam-modules         1.1.3-7
ii  libpam-runtime         1.1.3-7
ii  libpam0g               1.1.3-7
ii  libselinux1            2.1.9-4
ii  libssl1.0.0            1.0.1-4
ii  libwrap0               7.6.q-23
ii  lsb-base               4.1+Debian0
ii  openssh-client         1:5.9p1-5
ii  procps                 1:3.3.2-3
ii  zlib1g                 1:1.2.6.dfsg-2

Versions of packages openssh-server recommends:
ii  openssh-blacklist        0.4.1
ii  openssh-blacklist-extra  0.4.1
ii  xauth                    1:1.0.6-1

Versions of packages openssh-server suggests:
pn  molly-guard   <none>
pn  monkeysphere  <none>
pn  rssh          <none>
pn  ssh-askpass   1:1.2.4.1-9
pn  ufw           <none>

-- debconf information excluded
diff -urN openssh-5.9p1.original/debian/openssh-server.sshd.pam openssh-5.9p1/debian/openssh-server.sshd.pam
--- openssh-5.9p1.original/debian/openssh-server.sshd.pam	2010-08-23 23:07:51.000000000 +0100
+++ openssh-5.9p1/debian/openssh-server.sshd.pam	2012-04-21 09:48:09.441916691 +0100
@@ -24,6 +24,9 @@
 @include common-session
 
 # Print the message of the day upon successful login.
+# This includes a dynamically generated part from /run/motd.dynamic
+# and a static (admin-editable) part from /etc/motd.
+session    optional     pam_motd.so  motd=/run/motd.dynamic
 session    optional     pam_motd.so # [1]
 
 # Print the status of the user's mailbox upon successful login.

--- End Message ---
--- Begin Message ---
Source: openssh
Source-Version: 1:6.0p1-1

We believe that the bug you reported is fixed in the latest version of
openssh, which is due to be installed in the Debian FTP archive:

openssh-client-udeb_6.0p1-1_i386.udeb
  to main/o/openssh/openssh-client-udeb_6.0p1-1_i386.udeb
openssh-client_6.0p1-1_i386.deb
  to main/o/openssh/openssh-client_6.0p1-1_i386.deb
openssh-server-udeb_6.0p1-1_i386.udeb
  to main/o/openssh/openssh-server-udeb_6.0p1-1_i386.udeb
openssh-server_6.0p1-1_i386.deb
  to main/o/openssh/openssh-server_6.0p1-1_i386.deb
openssh_6.0p1-1.debian.tar.gz
  to main/o/openssh/openssh_6.0p1-1.debian.tar.gz
openssh_6.0p1-1.dsc
  to main/o/openssh/openssh_6.0p1-1.dsc
openssh_6.0p1.orig.tar.gz
  to main/o/openssh/openssh_6.0p1.orig.tar.gz
ssh-askpass-gnome_6.0p1-1_i386.deb
  to main/o/openssh/ssh-askpass-gnome_6.0p1-1_i386.deb
ssh-krb5_6.0p1-1_all.deb
  to main/o/openssh/ssh-krb5_6.0p1-1_all.deb
ssh_6.0p1-1_all.deb
  to main/o/openssh/ssh_6.0p1-1_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 669699@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Colin Watson <cjwatson@debian.org> (supplier of updated openssh package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sat, 26 May 2012 13:48:14 +0100
Source: openssh
Binary: openssh-client openssh-server ssh ssh-krb5 ssh-askpass-gnome openssh-client-udeb openssh-server-udeb
Architecture: source i386 all
Version: 1:6.0p1-1
Distribution: unstable
Urgency: low
Maintainer: Debian OpenSSH Maintainers <debian-ssh@lists.debian.org>
Changed-By: Colin Watson <cjwatson@debian.org>
Description: 
 openssh-client - secure shell (SSH) client, for secure access to remote machines
 openssh-client-udeb - secure shell client for the Debian installer (udeb)
 openssh-server - secure shell (SSH) server, for secure access from remote machines
 openssh-server-udeb - secure shell server for the Debian installer (udeb)
 ssh        - secure shell client and server (metapackage)
 ssh-askpass-gnome - interactive X program to prompt users for a passphrase for ssh-ad
 ssh-krb5   - secure shell client and server (transitional package)
Closes: 643312 650512 669667 669699 671010 671075
Changes: 
 openssh (1:6.0p1-1) unstable; urgency=low
 .
   [ Roger Leigh ]
   * Display dynamic part of MOTD from /run/motd.dynamic, if it exists
     (closes: #669699).
 .
   [ Colin Watson ]
   * Update OpenSSH FAQ to revision 1.113, fixing missing line break (closes:
     #669667).
   * New upstream release (closes: #671010,
     http://www.openssh.org/txt/release-6.0).
     - Fix IPQoS not being set on non-mapped v4-in-v6 addressed connections
       (closes: #643312, #650512, #671075).
     - Add a new privilege separation sandbox implementation for Linux's new
       seccomp sandbox, automatically enabled on platforms that support it.
       (Note: privilege separation sandboxing is still experimental.)
   * Fix a bashism in configure's seccomp_filter check.
   * Add a sandbox fallback mechanism, so that behaviour on Linux depends on
     whether the running system's kernel has seccomp_filter support, not the
     build system's kernel (forwarded upstream as
     https://bugzilla.mindrot.org/show_bug.cgi?id=2011).
Checksums-Sha1: 
 713f6ea84273a3d10aae59fe170f6e13f8222b11 2535 openssh_6.0p1-1.dsc
 f691e53ef83417031a2854b8b1b661c9c08e4422 1126034 openssh_6.0p1.orig.tar.gz
 0d7cfc8b2be51d79225e536bc55b17119dee7747 245085 openssh_6.0p1-1.debian.tar.gz
 6b98e4210e9d32a0b0f8d6be8d328de802c9a7fa 1045028 openssh-client_6.0p1-1_i386.deb
 8d06d2a8439c9bd4853cb7839d6279a72e2a0716 341484 openssh-server_6.0p1-1_i386.deb
 49a0e4492a7da4add87fa1a39fac3f8e36d674c7 1246 ssh_6.0p1-1_all.deb
 69aff554a4fa4a93f7131b208e937d71af4dad4e 88382 ssh-krb5_6.0p1-1_all.deb
 f5739ffe6c550bd8730f561c03b5e274ee60aa77 96478 ssh-askpass-gnome_6.0p1-1_i386.deb
 869cdcfc0e4cb0264be0a89937c79f3f3a338605 181002 openssh-client-udeb_6.0p1-1_i386.udeb
 d11fdbedda23e7662896ee8cf5318e6c5d19bab3 193962 openssh-server-udeb_6.0p1-1_i386.udeb
Checksums-Sha256: 
 34421fd57463f72980eee7db2b2b4d3f5b5144856075a5a3a25c8d533e621850 2535 openssh_6.0p1-1.dsc
 589d48e952d6c017e667873486b5df63222f9133d417d0002bd6429d9bd882de 1126034 openssh_6.0p1.orig.tar.gz
 64979a504f2cc1c6a0f17ce04b74e11b73a4d204e81f6803b6630a7fd5955a5f 245085 openssh_6.0p1-1.debian.tar.gz
 3cc6da79d3ac2102b49c268ed8114343a00e1386a7f102ed00825516446be2e5 1045028 openssh-client_6.0p1-1_i386.deb
 49b2f7ce378d6e8a8001fa83a769b19e27ac29b49e9c33706d8fde7d597eabd4 341484 openssh-server_6.0p1-1_i386.deb
 1e8642f3ffc24ee238a538b66820a59a6e8fbfe921f95b2a987c59e5f5979d54 1246 ssh_6.0p1-1_all.deb
 ba50fdbf029c4fb418eaaa2297be7319bc9690593af25db048161546d96b74a8 88382 ssh-krb5_6.0p1-1_all.deb
 b9daf62704f09f3dd855cd3426fd8f6473dad42ae3441e3e0c1f34762f686af4 96478 ssh-askpass-gnome_6.0p1-1_i386.deb
 610ce905d03f24535833950b5f8712e8a79c0d347103ad02b39716742b470521 181002 openssh-client-udeb_6.0p1-1_i386.udeb
 2e821d368477a26c56f7d6910147097b80be989c20aa42f2c3f45380f38f529c 193962 openssh-server-udeb_6.0p1-1_i386.udeb
Files: 
 c9363937ab3b7e81ed4a295c14924bb6 2535 net standard openssh_6.0p1-1.dsc
 3c9347aa67862881c5da3f3b1c08da7b 1126034 net standard openssh_6.0p1.orig.tar.gz
 da666358d83b7e57175e0a2b41163508 245085 net standard openssh_6.0p1-1.debian.tar.gz
 a15232aa5ffd78ca120548b76bfbeac3 1045028 net standard openssh-client_6.0p1-1_i386.deb
 1c5c1f1b7a8d8a5c85c5a580a673cb08 341484 net optional openssh-server_6.0p1-1_i386.deb
 6bbf690dcefbc288ec71867622cf16c2 1246 net extra ssh_6.0p1-1_all.deb
 4cd2b8d3f3bd27c3b33572f0ca6d9e70 88382 oldlibs extra ssh-krb5_6.0p1-1_all.deb
 d46d11ef4a83561cdf630b235d41f20c 96478 gnome optional ssh-askpass-gnome_6.0p1-1_i386.deb
 5e98e473c0bb456f40c79b0b4d240fe0 181002 debian-installer optional openssh-client-udeb_6.0p1-1_i386.udeb
 7c8844e24a63ce2a66d42884a13da79d 193962 debian-installer optional openssh-server-udeb_6.0p1-1_i386.udeb
Package-Type: udeb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Colin Watson <cjwatson@debian.org> -- Debian developer

iQIVAwUBT8FfXTk1h9l9hlALAQjdaRAAlO5W2p2rXQJj4OW752b1Zhw5TB9X7wc5
xtKM92u+m1fAHf9oZnAMnsYr9o7lIsmxUEE2eb/aOmLViKH4etiqY02scGTQHsyV
flE3EQswPPnFzPOUMeCkhixFH/rDLTudNYY71KIR88EQGX5/7UU0BN3HwnHt3s/u
aPJrnXllBi6tC+K38UG8PZk/y6aXOmFJA4rQh/Oez28GiSpph+ti5LzJ5fYJMqKW
jymmGK4wyvCN/6gqFM+/R4eGemKUQGqagEP8LXXKIHCAcwJwJPl4BRpNtL390X1S
tIlo9qF7CM2zpZEcFWBoXHXFYgLcXoYasuhAuJ1OLgGx5KFtWxyNakkg994dGhSw
5GMNeZ4N9jd7MxCF6ytAODxsciWtLoAP7+8CUhIV3pL2qEQLll35SbjChBnQ8tT5
QLy1UW2+a+aBlzcWI4MeEylYEqmBYf8axVkG95yf+jR8llvaLYDzCHj2sOGiZA9T
ROPWDdaN640cNOvWLifn+YENmt3yUbY82xYPVS1Vekgx5Gv/poIu5Cj1i+wN0PRZ
/kypiLy+TYMqzQdWzpmxjIFtkWNwIw3WOPviYbwJeapP+haT9NJByoqBmmHh/mdY
IJ73I/kXpQD3f6yMu39ElawFoY5HKaNRZSJ+RWYQvIyG0ZqgoNagKQqOzpTqQhIN
wuvpAYfqLeQ=
=OyFo
-----END PGP SIGNATURE-----



--- End Message ---

Reply to: