bug with pam-auth-update ?

To: debian-user@lists.debian.org
Subject: bug with pam-auth-update ?
From: Jean-Louis Mas <Jean-Louis.Mas@imag.fr>
Date: Fri, 8 Apr 2016 10:18:26 +0200
Message-id: <[🔎] 57076952.8060606@imag.fr>

No luck with the french debian list, so I try here

We have some servers running Debian Jessie 8.4 amd64
We update them via a cron script and as you see it, pam-auth-update
freeze our cron update


'ps -efH' extract

root      22723  21862  3 avril03 ?      01:08:58               apt-get
-y -o Dpkg::Options::=--force-confdef -o Dpkg::Options::=--force-confold
dist-upgrade
root      38647  22723  0 avril03 pts/2  00:00:00
/usr/bin/dpkg --force-confdef --force-confold --status-fd 32 --configure
libc-dev-bin:amd64 linux-libc-dev:amd64 libc6-dev:amd64
initramfs-tools:all linux-image-3.16.0-4-amd64:amd64
libpam-systemd:amd64 libpcrecpp0:amd64 libpcre3-dev:amd64
libapt-inst1.5:amd64 libcairo2:amd64 libglib2.0-0:amd64
libcairo-gobject2:amd64 libcairo-script-interpreter2:amd64
libglib2.0-bin:amd64 libglib2.0-dev:amd64 libcairo2-dev:amd64
libgif4:amd64 librsvg2-2:amd64 librsvg2-common:amd64
libgtk2.0-common:all libgtk2.0-0:amd64 gir1.2-gtk-2.0:amd64
libgtk2.0-dev:amd64 libgtk2.0-bin:amd64 libgudev-1.0-0:amd64
libnettle4:amd64 libhogweed2:amd64 libsndfile1:amd64 libsvn1:amd64
subversion:amd64 nslcd:amd64 libnss-ldapd:amd64 libpam-ldapd:amd64
apt-utils:amd64 locales:all libruby:all libsane-common:all
linux-compiler-gcc-4.8-x86:amd64 linux-headers-3.16.0-4-common:amd64
linux-headers-3.16.0-4-amd64:amd64 linux-source-3.16:all ruby:all
nslcd-utils:all
root      42111  38647  0 avril03 pts/2  00:00:00
/bin/sh /var/lib/dpkg/info/libpam-systemd:amd64.postinst configure
215-17+deb8u3
root      42112  42111  0 avril03 pts/2  00:00:00
/usr/bin/perl -w /usr/share/debconf/frontend /usr/sbin/pam-auth-update
--package
root      42122  42112  0 avril03 pts/2  00:00:00
/usr/bin/perl -w /usr/sbin/pam-auth-update --package


What happen here, as the copy/paste above is a bit messy, is a perl
script calling :

/usr/sbin/pam-auth-update --package

freezing our update if we don't manually answer.

But man pam-auth-update says :

"Selection of profiles is done using the standard debconf interface.
The profile selection question will be asked at `medium' priority when
packages are added or removed, so no user interaction is required by
default.  Users may invoke pam-auth-update  directly  to  change their
authentication configuration.

OPTIONS
       --package
              Indicate that the caller is a package maintainer script;
lowers the priority of debconf questions to `medium' so that the user is
not prompted by default."


It don't seems to work the intended way. We use custom etc/pam.d/*
files, with a different umask in mkhomedir, pam_access and pam_ldap,
nothing to special here.

Is this a pam-auth-update, debconf or systemd bug ?
Is our apt-get script with Dpkg options wrong ?

If you have already faced this  kind of problems, I would be happy to
heard about it.
In case this would not be the normal operation of pam-auth-update,
I would open a bug on the subject.

thanks
-- 
Jean Louis Mas

Reply to:

Prev by Date: Re: debian installer 4k sectors
Next by Date: Re: debian installer 4k sectors
Previous by thread: Re: debian installer 4k sectors
Next by thread: Future of policykit
Index(es):
- Date
- Thread