[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#442088: marked as done (xdm: with "xlogin.Login.allowRootLogin: false" root can login)

Your message dated Sat, 22 Oct 2011 16:34:24 +0000
with message-id <E1RHeWe-0003BX-H1@franck.debian.org>
and subject line Bug#442088: fixed in xdm 1:1.1.11-1
has caused the Debian Bug report #442088,
regarding xdm: with "xlogin.Login.allowRootLogin: false" root can login
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org

442088: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=442088
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
Package: xdm
Version: 1:1.1.6-2
Severity: normal

-- System Information:
Debian Release: lenny/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)

Kernel: Linux 2.6.23-rc6c0
Locale: LANG=en_IE.UTF-8, LC_CTYPE=en_IE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages xdm depends on:
ii  cpp                         4:4.1.2-9    The GNU C preprocessor (cpp)
ii  debconf [debconf-2.0]       1.5.14       Debian configuration management sy
ii  libc6                       2.6.1-1+b1   GNU C Library: Shared libraries
ii  libfontconfig1              2.4.2-1.2    generic font configuration library
ii  libice6                     2:1.0.4-1    X11 Inter-Client Exchange library
ii  libpam0g             Pluggable Authentication Modules l
ii  libselinux1                 2.0.15-2+b1  SELinux shared libraries

ii  libsm6                      2:1.0.3-1+b1 X11 Session Management library
ii  libx11-6                    2:1.0.3-7    X11 client-side library
ii  libxau6                     1:1.0.3-2    X11 authorisation library
ii  libxaw7                     2:1.0.4-1    X11 Athena Widget library
ii  libxdmcp6                   1:1.0.2-2    X11 Display Manager Control Protoc
ii  libxext6                    1:1.0.3-2    X11 miscellaneous extension librar
ii  libxft2                     2.1.12-2     FreeType-based font drawing librar
ii  libxinerama1                1:1.0.2-1    X11 Xinerama extension library
ii  libxmu6                     1:1.0.3-1    X11 miscellaneous utility library
ii  libxpm4                     1:3.5.7-1    X11 pixmap library
ii  libxrender1                 1:0.9.3-1    X Rendering Extension client libra
ii  libxt6                      1:1.0.5-3    X11 toolkit intrinsics library
ii  lsb-base                    3.1-24       Linux Standard Base 3.1 init scrip
ii  x11-common                  1:7.2-5      X Window System (X.Org) infrastruc
ii  xbase-clients               1:7.2.ds2-2  miscellaneous X clients

xdm recommends no packages.

-- debconf-show failed

<above the emacs debian-bug command output>

The exact and complete text of any error messages printed or logged:
Any message showed when login
Sep 12 22:05:26 camelia : pam_unix(xdm:session): session opened for
user root by root(uid=0)
Sep 12 22:05:28 camelia : pam_unix(xdm:session): session closed for user root

(Xserver killed as soo as started, that is why are only  2 seconds
between messages)

A description of the incorrect behaviour: exactly what behaviour
you were expecting, and what you observed.

even with the xlogin.Login.allowRootLogin: false in
/etc/X11/xdm/Xresources root is allowed to login.
I were expecting that  he were not.

Suggested fix:
I do not know  the internal mechanics why it do not work, my workaround was
to add the following lins to the

# Disallows root logins except on tty's listed in /etc/securetty
# (Replaces the `CONSOLE' setting from login.defs)
auth       requisite  pam_securetty.so

and only write console in /etc/securetty

Thank you for your work and time.

Best regards

--- End Message ---
--- Begin Message ---
Source: xdm
Source-Version: 1:1.1.11-1

We believe that the bug you reported is fixed in the latest version of
xdm, which is due to be installed in the Debian FTP archive:

  to main/x/xdm/xdm_1.1.11-1.diff.gz
  to main/x/xdm/xdm_1.1.11-1.dsc
  to main/x/xdm/xdm_1.1.11-1_amd64.deb
  to main/x/xdm/xdm_1.1.11.orig.tar.gz

A summary of the changes between this version and the previous one is

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 442088@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
Julien Cristau <jcristau@debian.org> (supplier of updated xdm package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)

Hash: SHA256

Format: 1.8
Date: Sat, 22 Oct 2011 18:03:53 +0200
Source: xdm
Binary: xdm
Architecture: source amd64
Version: 1:1.1.11-1
Distribution: unstable
Urgency: low
Maintainer: Debian X Strike Force <debian-x@lists.debian.org>
Changed-By: Julien Cristau <jcristau@debian.org>
 xdm        - X display manager
Closes: 442088 556694 575486 598777 634466
 xdm (1:1.1.11-1) unstable; urgency=low
   [ Joe Hansen ]
   * Updated Danish debconf template translation (closes: #598777).
   [ Julien Cristau ]
   * Remove David and Brice from Uploaders.
   * Drop obsolete Pre-Depends on x11-common.
   * Use linux-any wildcard for libselinux build-dep (closes: #634466).
   * New upstream release
     + Check for allowRootLogin on PAM and non-OpenBSD passwd authentication
       backends (closes: #442088)
     + greeter: Add echoPasswdChar resource to set character to display
       (closes: #575486)
     + Fix linking with gold (closes: #556694)
   * Update patches 06_hurd_utsname.diff, 20_xdm_log_timestamp.diff,
     21_xdm_log_append.diff, debian.diff, doc_mention_xdm.options.diff,
   * Don't require fakeroot for debian/rules clean.
   * Upstream dropped the option to link the greeter statically, so install
     libXdmGreeter.so and don't pass the --disable-dynamic-greeter option to
   * Add patch to link the greeter against -lXrender.
   * Use dpkg-buildflags and enable pie and bindnow hardening.
   * Disable silent rules.
 69b44234bd8960f610c9951d6fa4f53f85f494cc 2032 xdm_1.1.11-1.dsc
 0024e9e2e26c87ce0ce6881244b9e134007f074b 566582 xdm_1.1.11.orig.tar.gz
 7dcffdf635fd283409d6ae8188976aad9d39bf4b 66388 xdm_1.1.11-1.diff.gz
 9634b27e04ecf20916592558a8cc13aa9062bada 211664 xdm_1.1.11-1_amd64.deb
 02123007685f65fad7865fdcf38d4c6c4ff7eb925ed08d570cc3e4168f830a92 2032 xdm_1.1.11-1.dsc
 38c544a986143b1f24566c1a0111486b339b92224b927be78714eeeedca12a14 566582 xdm_1.1.11.orig.tar.gz
 6aaa2e7757ad0ee4cf655160267330b5c5cd673b68020b55c77fedbfddd96a5c 66388 xdm_1.1.11-1.diff.gz
 8fb0c541a9463053ad0879273805d8cf9bf3b7fb488264264ce9ea4612d92e45 211664 xdm_1.1.11-1_amd64.deb
 30fe44716d4b763e30d23f4e1c3ced78 2032 x11 optional xdm_1.1.11-1.dsc
 aaf8c3d05d4a1e689d2d789c99a6023c 566582 x11 optional xdm_1.1.11.orig.tar.gz
 061785616f0c1101894a615114a5049b 66388 x11 optional xdm_1.1.11-1.diff.gz
 d2591a92ea4ff62ed4b905a032732150 211664 x11 optional xdm_1.1.11-1_amd64.deb

Version: GnuPG v1.4.11 (GNU/Linux)


--- End Message ---

Reply to: