shadow (20000902-12) unstable; urgency=high
* "oops"
* /etc/login.defs: /var/spool/mail -> /var/mail, closes: #125311
-- Karl Ramm <kcr@debian.org> Sun, 7 Apr 2002 11:54:48 -0400
shadow (20000902-11) unstable; urgency=low
* Fix some nits:
* remove changelog~ file. oops. closes: #139711
* fix typo in control. closes: #139564
* Hmmm. People open more bugs when I upload new versions of things.
Maybe they just notice them more then, or maybe it's just Murphy.
-- K. Ramm <kcr@debian.org> Tue, 26 Mar 2002 12:14:33 -0500
shadow (20000902-10) unstable; urgency=low
* We hates the automake. We hates it forever. closes: #139293
* stupid ommision: logoutd still in postinst. closes: #139422
* make login.defs a bit clearer. closes: #138809
-- Karl Ramm <kcr@debian.org> Fri, 22 Mar 2002 12:09:07 -0500
shadow (20000902-9) unstable; urgency=medium
* Get rid of logoutd, it doesn't work, didn't work in potato, and now
it's causing people to open RC bugs. closes: #138259, #66153, #121940
I'm told the timeoutd package does a better job anyway.
* add /bin/tcsh to /etc/shells, closes: #118103, #122112
* add /bin/ksh to /etc/shells, closes: #123556
* remove text about password aging from passwd(5), closes: #137493
* spanish debconf template for passwd, closes: #136463
* document the fact that you can not have a valid password in
/etc/shadow. closes: #131690
* /etc/login.defs: /var/spool/mail -> /var/mail, closes: #125311
* fix locations of utmp and wtmp in login(1), closes: #119656
* The package description for passwd refers to README.Debian.gz
but only README.debian.gz actually exists. Most packages use
README.Debian.gz, but the control file is the only place that gets it
wrong for this package. When in doubt, fix the documentation. :-)
closes: #116955
-- Karl Ramm <kcr@debian.org> Thu, 14 Mar 2002 17:05:56 -0500
shadow (20000902-8) unstable; urgency=low
* check in passwd.expire.cron for already-expired passwords; closes: #102319
* note in chage.1 and shadowconfig.8 that password aging information
only works when shadow passwords are enabled. closes: #103702
* enable changing the name in chfn by default. closes: #107819
* fail to mangle files in lib/commonio.c, thanks to matt@linuxbox.nu
* add /dev/console to the secure ttys list. because. closes: #113949
* find the FHS mail spool first in configure. closes: #114951
(thanks to mjb@debian.org)
* above sadly causes automake to go bonkers, and I don't want to
reassemble the build system before woody is released. Keep automake
from going off on its own.
* terminate argument validation in login when it hits a '--'.
closes: #66368
-- Karl Ramm <kcr@debian.org> Mon, 22 Oct 2001 11:17:35 -0400
shadow (20000902-7) unstable; urgency=low
* the "I'm sorry, I should've done this earlier" release
* Cancel login timeout after authentication so that patient people
timing out on network directory services can log in with local
accounts. Closes: #107148
* Add Brazillian Portugese debconf template translation for passwd.
Closes: #105292, #93223
* Pull /usr/share/doc/$package/README.shadow-paper.gz. Closes: #98058
* Use getent instead of group to verify existence of shadow group
[works better for distributed group files]. Closes: #99902
[Note that this sort of problem is rampant in these postinst and
config scripts, but that's not getting fixed in woody.]
* Amend reference to /usr/doc in shadowconfig.8. Closes: #102804
* su should set $USER. Closes: #102995
* userdel now deletes user groups from /etc/gshdow as well as
/etc/group. Closes: #99442
* grpck now has an (otherwise undocumented) -p option, so that
shadowconfig can clean up the results of the above, so the config
script will fail randomly less often. Closes: #103385
-- Karl Ramm <kcr@debian.org> Wed, 22 Aug 2001 12:09:27 -0400
shadow (20000902-6.1) unstable; urgency=low
* Non-maintainer upload.
* Upgrade to latest config.sub and config.guess. Closes: #88547
-- Gerhard Tonn <gt@debian.org> Fri, 1 Jun 2001 20:38:43 +0200
shadow (20000902-6) unstable; urgency=medium
* actually set root's password when appropriate
patch thanks to joeyh, closes #98402
* fix error in expiry man page. Such damage. closes: #99291
* fix group of setgid program chage and expiry, closes: #98122
-- Karl Ramm <kcr@debian.org> Thu, 31 May 2001 07:38:59 -0400
shadow (20000902-5) unstable; urgency=low
* add build dependency on file, to keep libtool happy. closes: #97498
-- Karl Ramm <kcr@debian.org> Wed, 16 May 2001 06:57:23 -0400
shadow (20000902-4) unstable; urgency=low
* Change maintainers, closes: #92355
-- Karl Ramm <kcr@debian.org> Sun, 13 May 2001 03:28:07 -0400
shadow (20000902-3.1) unstable; urgency=low
* Non-maintainer upload
* Recompile to fix ARM lossage
-- Philip Blundell <philb@armlinux.org> Sun, 11 Mar 2001 07:47:27 -0500
shadow (20000902-3) unstable; urgency=low
* Update config.sub and config.guess so ia64 compiled, closes: #81897
* libmisc/sub.c: skip '*' in shell name when doing subsystem, closes:
#82893
* src/su.c: don't assume uid 0 == "root", use getpwuid to fetch it,
closes: #81924
* This was fixed in a previous version, closes: #77057
* Update passwd long desc, closes: #88299
* Conflict with suidmanager << 0.5, and remove suid{,un}register calls,
closes: #87157
* Update policy to 3.5.0.0
* Added debconf support for passwd from base-config
-- Ben Collins <bcollins@debian.org> Sat, 3 Mar 2001 07:26:57 -0500
shadow (20000902-2) unstable frozen; urgency=low
* control.hurd->control.gnu: closes: #77940
* Cannot reproduce, closes: #79447
* User never sent a patch, plus I think removing the passwd/account when
doing passwd -l is a bad idea. Makes it so you cannot unlock the
account. closes: #77824
* Don't allow shadowconfig to change perms of other binaries, close: #77057
* IMO, this is not a bug. It's part of a feature, and can be disabled by
turning off USER_GROUPS. closes: #76806
* /bin/login is suid root for several good reasons. For one, it allows
daemons that use it to run as non-root. This is a good thing since it
means only one program is running as root, and not several. closes: #17911
* sulog is fairly easy to grep or parse so I don't see how the
similarity of the log entries for failed and successful is a problem.
'-' for failed, '+' for success. closes: #63801
* logoutd.8: s,/etc/utmp,/var/run/utmp, closes: #80494
* Fix case where pam_auth returns a NULL username, closes: #76817, #75510
* Hmm, Linux is a sysv derivative, so the comment is perfectly
legitimate, closes: #76898
* MAX_PASSWORD is used by useradd, and CHFN_AUTH is actually used by
* chfn to decide if the current user needs to auth in order to change
their info, closes: #71114
* login.1: Fix \' closes: #75435
* login -f works for me assuming you call it as root. I tested this with
plain pam_unix.so, and also with pam_unix.so stacked with pam_ldap.so.
So if it doesn't work with telnet-heimdal, then that program is not
doing something right. closes: #78186
* login.pam.d: made pam_nologin.so requisite. closes: #80111
* su to root seems pretty quick to me, closes: #64756
* xmalloc.c: remove decleration of malloc, which was causing system
* header conflicts. closes: #80398
-- Ben Collins <bcollins@debian.org> Sun, 31 Dec 2000 14:33:47 -0500
shadow (20000902-1) unstable frozen; urgency=low
* New upstream release, lots of Debian patches merged, closes: #72735
* man/passwd.1: removed reference to passwd(3), closes: #72704
* man/chsh.1,man/chfn.1: document login.defs affects on these programs,
closes: #68029
* not a bug, expected behavior, closes: #74137
* IMO, this is a bug in the user's setup, closes: #65600
* securetty: add devfs console devices, closes: #71946
* libmisc/sulog.c: removed arbitrary limit on number of chars printed of
the tty name (truncated to 6 chars, which is silly), closes: #65404
* tested this, and it works fine for me so long as pam_unix.so is called
with the nullok option (which it isn't by default because of security
concerns), closes: #75063
* appears to be fixed by PAM, closes: #70627
* src/useradd.c: user mkstemp instead of mktemp, per libc6 linktime
warning
* src/su.c: fixup arg handling passed to shell, closes: #75326
-- Ben Collins <bcollins@debian.org> Mon, 23 Oct 2000 13:22:29 -0400
shadow (19990827-21) unstable frozen; urgency=low
* Added build deps
* Use pre-generated files for hurd/linux control file. The old method of
using cpp would have broken with the new gcc.
-- Ben Collins <bcollins@debian.org> Wed, 26 Jul 2000 21:04:03 -0400
shadow (19990827-20) unstable frozen; urgency=low
* Release Manager
None of these are marked as RC in the BTS, however, they do make the
package unsuitable for release. Since this is an essential package (IOW,
installed on every Debian system), I hope you can see how important it
is to make sure this package is perfect. None of the changes are
functional (except the fix in logoutd's init script, which was a 20 char
change), so please consider this for the next test cycle.
* Fix logoutd init script from spurious output when /etc/porttime is not
there, closes: #63962, #64067
* su: Fix typo in usage output, closes: #60226
* passwd: Fixed typo and missing newline in output for successful password
change, closes: #64106, #63703
* passwd.1: Add documentation on the -f, -e, -s and -d command line
options, closes: #64339, #64410
* login: Verified that utmp/wtmp works when called by telnet with -h
option, closes: #56854
-- Ben Collins <bcollins@debian.org> Tue, 23 May 2000 14:40:01 -0400
shadow (19990827-19) unstable frozen; urgency=low
* debian/local/shells: added esh, closes: #59934
* logoutd: modify to work with pam_time.so's time.conf file, modify
manpage to reflect this, closes: #61300
* userdel.8: added note about group removal, closes: #56723
* base-config handles md5 setup, closes: #60125
* cppw: make sure it gets installed, closes: #62960
* passwd: correct error message for "not you", closes: #61313
* sulog.c: fixed extern for char (char foo[] -> char *foo), closes: #61643
* userdel.8: documented userdel's exit values, closes: #54775
* passwd: error messages are two fold, the second is actually from
pam_strerror(), closes: #61937
* passwd: print "success" on successful password change, closes: #58676
-- Ben Collins <bcollins@debian.org> Sat, 29 Apr 2000 10:26:56 -0400
shadow (19990827-18) unstable frozen; urgency=low
* Crap, all the bug fixes from -17 need to go to frozen too
-- Ben Collins <bcollins@debian.org> Tue, 29 Feb 2000 14:57:14 -0500
shadow (19990827-17) unstable; urgency=low
* Fixed typo in login.defs, closes: #54877
* logoutd.init.d: Check for /etc/security/time.conf, closes: #54900
* login.defs: Added note about the MAIL env option, closes: #54768
* login.pam.d,passwd.pam.d: Use new options in pam_unix.so to enable
obsure password checks. This mimics the old behavior in pre-PAM
shadow, closes: #58203
* Use patch from Topi Miettinen <tom@pluto.nic.fi> to add pam session
ability to su, closes: #57526, #55873, #57532
* Made login's -f option also able to use the username after -- if none
was passed as it's optarg, closes: #53702
-- Ben Collins <bcollins@debian.org> Mon, 28 Feb 2000 12:37:22 -0500
shadow (19990827-16) unstable; urgency=low
* got rid of g+s directories in the source tarball, closes: #54585
* make su mode 4755 in the package. This way there is no chance of a
failed dpkg install causing it to be left without suid root perms
before suidmanager or chmod is called in the postinst.
* src/login.c: added faillog support to the pam_authenticate loop. This
loop is now completely rewritten, and should produce better results on
failures, closes: #53164
-- Ben Collins <bcollins@debian.org> Sun, 9 Jan 2000 23:35:08 -0500
shadow (19990827-15) unstable; urgency=low
* src/su.c: moved signal() call to re-establish SIGINT to right place,
closes: #54496
* src/login.c: if hostname is blank (not a remote login via rlogin or
telnet), then use the tty to log failures in syslog, closes: #53966
* passwd: Locking a password by appending '!' appears to be pretty
standard, so ssh needs to check for it.
* passwd and login come with a README.pam that discusses the differences
between the PAM and old non-PAM versions. It also talks about where to
look for details. Also now that I have added the extra examples to the
pam.d files, I hope this satisfies...closes: #52917
* A new package, base-config, which will be used by boot floppies is
going to have an option to configure MD5 usage for passwords. Since
this is the best place for it, and I don't really have any control
over it, I am .... closes: #47620
* libmisc/chowntty.c: applied patch for read-only root, closes: #52069
-- Ben Collins <bcollins@debian.org> Sat, 8 Jan 2000 22:11:29 -0500
shadow (19990827-14) unstable; urgency=low
* debian/local/shells: added /bin/zsh, closes: #53883
-- Ben Collins <bcollins@debian.org> Sun, 2 Jan 2000 13:51:42 -0500
shadow (19990827-13) unstable; urgency=low
* su.c: ignore SIGINT while authenticating, closes: #52372
* su.pam.d: added 2 new examples of how to allow su for wheel users
without prompting for a password, and also how to deny users of a
specific group.
-- Ben Collins <bcollins@debian.org> Sat, 1 Jan 2000 22:29:46 -0500
shadow (19990827-12) unstable; urgency=low
* Recompiled against latest libpam and up'd the module deps,
closes: #52171
* login.pam.d: added "noenv" option so we don't clobber login's setting,
closes: #51441
-- Ben Collins <bcollins@debian.org> Tue, 14 Dec 1999 22:41:40 -0500
shadow (19990827-11) unstable; urgency=low
* debian/passwd.in: add a preinst (matches login's) to fix the latest
build change (only affected hurd since it doesn't use login).
* debian/scripts/passwd.mk: use passwd.preinst instead of login.preinst
to complete the fix above.
-- Ben Collins <bcollins@debian.org> Mon, 6 Dec 1999 18:25:07 -0500
shadow (19990827-10) unstable; urgency=low
* src/login.c: only set pam_fail_delay if > 0. Also make the default 0
so not defining it has the same affect as disabling it, closes: #51178
* src/userdel.c: make sure we remove the shadow group entries when
removing the users own group, closes: #50005, #50138
-- Ben Collins <bcollins@debian.org> Fri, 26 Nov 1999 22:37:44 -0500
shadow (19990827-9) unstable; urgency=low
* src/su.c: Fixed getopt parsing, and added a usage output
* man/su.1: minor typos
-- Ben Collins <bcollins@debian.org> Mon, 8 Nov 1999 22:13:05 -0500
shadow (19990827-8) unstable; urgency=low
* src/login.c: fixed loggin of username on succesful login (was using
the normal username, when it should have used pam_user),
closes: #47819
* src/login.c: check for hushed login and pass PAM_SILENT if true,
closes: #48002
* src/useradd.c: set def_shell to /bin/bash, closes: #48304
* doc/README.debian: add note about how to avoid issues with nscd's
lag in aging the cache, closes: #48629
* src/cppw.c: new program to assist copying a passwd/group file without
corruption, closes: #42141
-- Ben Collins <bcollins@debian.org> Tue, 2 Nov 1999 21:46:28 -0500
shadow (19990827-7) unstable; urgency=low
* {passwd,login}.pam.d: added blurb about how to use the pam_cracklib
module, and also changed it to use pam_unix and not pam_pwdb (gah!
how did that happen?), closes: #46983
* README.debian: changes to reflect new PAM usage aswell as removing
references to obsolete config files, closes: #46595
* passwd.expire.cron: example script that informs users by email when
their accounts are about to expire, closes: #41393
* lastlogin.c: added -h option and usage aswell as long option support,
closes: #45804
* shadow now only has 3 wishlist bugs and nothing else
-- Ben Collins <bcollins@debian.org> Sat, 9 Oct 1999 11:54:16 -0400
shadow (19990827-6) unstable; urgency=low
* debian/shells: new file, needed to include /bin/sash, closes: #45826
* useradd.8,groupadd.8: added note about the prefered use of adduser
and addgroup when conforming to Debian policy (taken from notes in
adduser's man pages), closes: #22821
* dialups.5: new man page that documents /etc/{dialups,d_passwd},
closes: #42212
* src/su.c: added -m, -p and -s command line options to match GNU options,
also documented in su(1), closes: #45394, #46424
* login.defs.5: clarified usage of TTYTYPE_FILE, closes: #23194
* login.pam.d: added pam_issue.so which replaces the old ISSUE_FILE from
login.defs, this also allows it to grok escapes in the issue file,
also increases the MODDEPS to (>= 0.69-10). By default this module is
not enabled, closes: #21044
* login.defs.pam.linux: added ISSUE_FILE to list of deprecated options
-- Ben Collins <bcollins@debian.org> Mon, 4 Oct 1999 19:56:22 -0400
shadow (19990827-5) unstable; urgency=low
* {login,su}.1: added description of a subsystem login, closes: #31987
* src/chowndir.c: fixed recursive chown's on usermod, also changed it
to use lchown and lstat since we actually want that, closes: #46405
* su.1: removed reference to suauth aswell as added "-c" to the SYNOPSIS,
closes: #45685
* login.1: added options to the SYNOPSIS and documented OPTIONS,
closes: #28763
* login.defs.5: documented the ENVIRON_FILE options (even though it's
not really used in the PAM version), close: #28786
* 010_src_gpasswd.c: new patch, fixes changing group passwords when not
using shadow groups, closes: #25919
* {chfn,chsh,login}.pam.d: added nullok to pam_unix.so auth line to
allow for passwordless accounts, closes: #46510
* login.pam.d: add "standard" to the pam_mail option so we get old
style "You have..." login messages.
-- Ben Collins <bcollins@debian.org> Sun, 3 Oct 1999 13:41:53 -0400
shadow (19990827-4) unstable; urgency=low
* Alright, we are really getting some usage from this now, and seeing
some odd ball setups, so it means more work for me, but more stable
and feature filled software for you :)
* debian/{login,su}.pam.d: Fixed spelling errors, closes: #45234, #45235
* debian/login.pam.d: Added commented pam_access.so reference and
description, closes: #45241
* src/login.c: moved usage of setup_uid_gid() when PAM is enabled or
pam_groups.so's groups get clobbered
* src/newgrp.c: don't call sanitize_env() and also make sure we don't
check passwords when the user is trying to get back to their default
group, closes: #22244
* Closed some other bugs that were either not really bugs, or they weren't
reproducable.
* debian/login.pam.d: moved around the pam_motd and pam_mail modules to
order them the same as old login would have done
-- Ben Collins <bcollins@debian.org> Sun, 19 Sep 1999 19:42:13 -0400
shadow (19990827-3) unstable; urgency=low
* This is a "Sit down and really fix some bugs" update. I'm going through
the ones that really need some work.
* src/vipw.c: use the system() call to invoke the editor so that it accepts
command line args in the EDITOR and VISUAL environment vars, closes: #31029
* src/userdel.c: added code to remove user groups (of the same name) if there
were no members left and USERGROUPS_ENAB is set to yes, closes: #35046
* login.defs: documented above change
* {login,passwd}.postinst: fixed some bashisms, closes: #45159
* login.defs.pam.linux: documented the FAKE_SHELL option, closes: 31987
* su.1,login.1: documented the subsystem root ability in login and su, closes:
* doc directory for both packages now includes the README.shadow-paper file
closes: #15391
-- Ben Collins <bcollins@debian.org> Sun, 19 Sep 1999 15:49:11 -0400
shadow (19990827-2) unstable; urgency=low
* debian/rules: use "$(CC) -E" instead of "cpp" to make it easier to
cross compile for Hurd (requested by Marcus Brinkman).
* debian/login.pam.d: forgot to remove that comment about login not
being PAMified, it is and works fine.
* src/login.c: Added login.defs option to turn on and off the persistent
login, also give note on when it isn't and is needed in login.defs.
* lib/getdef.c: Added CLOSE_SESSIONS for above code.
* man/login.defs.5: document the new CLOSE_SESSION option for login
* logoutd: disabled until I can fix it to grok /etc/security/time.conf
-- Ben Collins <bcollins@debian.org> Mon, 13 Sep 1999 18:57:47 -0400
shadow (19990827-1) unstable; urgency=low
* New Maintainer, with Guy's consent.
closes: #22296, #22331 (closed some NMU bug reports)
* New upstream release, closes: #15879, #24712, #25739, #28785, #32991
closes: #38672, #39933, #41060, #42480, #22534, #12690, #36150, #26412
closes: #40398, #43750
* Ok, now for some dusting and house cleaning (aka The Bug Killfile
Begins Here):
%%- login package
- Not a bug in login anymore, closes: #28098
- No longer pertinent, and is not controlled by the login program,
closes: #23155
- This does not appear to be a bug anymore, closes: #32424
- This is not a login problem. Xterm itself prints the LOGIN message
and it does _not_ read login.access, closes: #16958
- Seems to be fixed, closes: #28098
- Huge list of "Fixed" bugs, that I want to close. I really need to
start with a clean slate in order to get some of this cleaned up,
closes: #3439, #11443, #13485, #13815, #15176, #15998, #16187, #17529
closes: #17532, #17532, #18133, #18225, #20052, #20876, #21280, #21357
closes: #21687, #21695, #21746, #21767, #22716, #24710
- lastlog(8): Clarified differences in the usage of "login-name" and
UID, closes: #26727
%%- passwd package
- newuser: appears to be working correctly and placing x, not !,
closes: #19620
- userdel(8): added note about user's mail spool also being deleted,
closes: #20790
- Can't reproduce this one, closes: #21639
- -e expire_date
The date on which the user account will be dis-
abled. The date is specified in the format
MM/DD/YY.
Bug filer was trying to use an integer instead of the documented
format, closes: #22533
- chfn's command line options seem to work for root and non-root,
closes: #25396
- seems to have been fixed by the latest upstream, #25670
- Removed references to shadow(3), closes: #32859
- passwd only saves first 8 chars...duh :) closes: #33368
- userdel can only do so much, the admin should know to check some
things on their own, closes: #35418
- Lot's of Y2K issues fixed in this release, closes: #37232
- useradd requires the -m option to make it create a home directory
if one does not exist, closes: #39581
- useradd's -p option requires the password to already be encrypted
as documented in useradd(8), closes: #39870, #39874
- More "Fixed" bugs in passwd, closes: #13753, #16893, #17894, #18132
closes: #18628, #12691
%%- su (no longer a package, but has bugs just the same, will be
forwarded to the login package soon)
- Sorry, but su (all su's) invoke the shell with -c "cmd". This is
documented, not a bug, it's a standard interface that su expects,
go fix sash's bug for not supporting it, closes: #14551
- Acknoledged NMU: closes: #20058
- More "Fixed" bugs getting closed...CLOSED AT LAST, closes: #17593
closes: #20057, #12689
* Switched to a new build setup (dbs)
* Split makes into seperate files to make it a little cleaner
* FHS compliance changes (usr/{doc,man} to usr/share/{doc,man})
* debian/tar.c: removed
* su: su is now going to be provided by shadow's login package and
removed from shellutils (the shellutils maintainer agreed to this)
in preperation for future PAM support. Added conflicts with older
version of shellutils that does provide the su binary.
* debian/control.in: removed the secure-su package since login now
contains su and all of it's components
* debian/control.in: modified the package descriptions to be a little
more explicative of what they do.
* Upgraded standards version to 3.0.1.1
* Setup suidmanager support for all +s apps, closes: #15705, #15704, #15699
* Enabled PAM. Support now for su, passwd, chfn, chsh. I am working on the
support in login.
* expiry: Changed to be installed as sgid shadow instead of suid root
since it doesn't need root priviledges. Also added man page expiry(1) based
on the comments found in expiry.c.
* Removed bashism's in control scripts. Now lintian clean (smells fresh too)
* chage.c: Keep chage from locking when not running as root, since it just
needs to read the shadow and password files. This let's it run sgid shadow
instead of suid root. When run as root, it can lock files for editing.
* login.c: Pam support Works For Me(tm)!
* login.c: Fixed PAM's auth when PAM_USER was not set from the command line,
also call pam_fail_delay() with FAIL_DELAY as the arg before authentication.
* etc/login.defs.pam.linux: new file, reflects options that PAM takesover
* etc/login.defs.pam.hurd: new file, same for Hurd
* debian/passwd.mk: make sure that login.defs.5 get's installed for Hurd
* pam.d/: Modified defaults for each service to reflect the old style and also
added commented options on how to enable obsoleted options from login.defs
in the PAM Way(tm).
* debian/rules: removed --disable-desrpc from configure options since it was
supposedly just a workaround for glibc 2.0
* src/login.c: reset pam_fail_delay after every failure
* debian/rules: remove debian/files on clean target
* src/login.c: removed setup_limits() and check_nologin() usage when PAM is
enabled
* debian/login.pam.d,debian/login.defs.pam.linux: made notes about the pam_limits.so
module, as well as pam_nologin.so
* debian/su.pam.d: made notes about pam_limits.so module
* debian/control.in: removed depends on libpam-motd since it is now in libpam-modules,
also make login conflict with secure-su
* debian/*: setup so that Hurd does not get PAM, since they don't have it ported
completely yet.
* debian/*: Final approach to a final upload, modified login.postinst to check old
obsolete conffiles to see if the user needs a notice that they are no longer used.
-- Ben Collins <bcollins@debian.org> Sat, 11 Sep 1999 19:58:14 -0400
shadow (980403-0.3.3) unstable; urgency=low
* Non maintainer upload.
* Add dpkg-architecture and cross compilation support to the package.
* Changes for the Hurd:
+ Only build passwd, add etc/login.defs.hurd to this package.
+ libmisc/rlogin.c: Conditionalize CBAUD, which is not portable.
-- Marcus Brinkmann <brinkmd@debian.org> Thu, 5 Aug 1999 00:28:12 +0200
shadow (980403-0.3.2) unstable; urgency=low
* configure.in patched for utmpx.h (for arm)
-- Jim Pick <jim@jimpick.com> Sun, 4 Oct 1998 19:06:15 -0700
shadow (980403-0.3.1) frozen unstable; urgency=low
* Non maintainer upload.
changes.{guess,sub} changed to recognize a Arm architecture.
-- Turbo Fredriksson <turbo@debian.org> Fri, 14 Aug 1998 22:37:58 -0400
shadow (980403-0.3) frozen unstable; urgency=high
* Non maintainer upload.
* src/login.c: Applied patch from <marekm@i17linuxb.ists.pwr.wroc.pl> to
fix security hole of login not checking the return code from setgid(),
initgroups() or setuid(). [#24710]
-- James Troup <james@nocrew.org> Fri, 17 Jul 1998 18:56:31 +0100
shadow (980403-0.2) frozen unstable; urgency=low
* (login.defs): fixed UMASK
(thanks to James Troup for noticing my screwup :)
* Pruned non-Debian changelog entries.
-- Joel Klecker <jk@espy.org> Mon, 11 May 1998 11:25:22 -0700
shadow (980403-0.1) frozen unstable; urgency=low
* Non-maintainer release.
* New upstream release (18225).
* (debian/login.postinst)
* Use 'touch' instead of 'cat >' when creating /var/log/faillog
(15998,16187,21687).
* No longer fails if no previous configured version exists (11433).
* (gpasswd): now checks which user invoked it before calling setuid() (18132).
* (debian/passwd.postinst): removed bashism (13753).
* (groupmod): NULL dereference fixed upstream, as a result, it no longer
dumps core when changing group name (16893,17894).
* (useradd): no longer segfaults if /etc/default/useradd is missing (18628).
* (login.defs.1): now documents more options (13485).
* (source): includes 'missing' (13815,18133,21280).
* (login.1):
* Removed mention of "d_passwd(5)", which doesn't exist,
and login.defs.5 now documents /etc/dialups (15176).
* Added /etc/nologin to FILES section and reference nologin(5) (21695).
* The URL mentioned in Bug#15391 is no longer valid.
* (login.defs): no longer sets ULIMIT (17529).
* (login):
* No longer uses static buffers for group lines (17532).
* Doesn't seem to make assumptions about gid_t any longer (21767).
* (faillog.8): s-/usr/adm-/var/log-g (19974).
* (lastlog.8): notes that "some systems" use /var/log instead of
/usr/adm (21746).
* Install upstream changelog as 'changelog.gz' as per policy (20052).
* (secure-su): Changed /etc/suauth to reference the group 'root'
instead of 'wheel' (17593).
-- Joel Klecker <jk@espy.org> Thu, 30 Apr 1998 18:32:12 -0700
shadow (970616-1) unstable; urgency=low
* Upstream upgrade.
* chage works (10561).
* Fix NIS behavior (5634,8734,10032,10545,10984,11160,12064).
* Wrote pwconv,pwunconv,grpconv,grpunconv manpage (10940).
* vipw fixes (10521,10696,11618,11924,12184,13001)
* Fixes for new automake.
* Compile with glibc2. (8627,8777,9824,11713,11719,12082,12108,11442).
* debian/rules fixes (8876,12468).
* /etc/login.defs: UMASK=002 (9102).
* chown /dev/vcs* on login (9421,13255).
* Added tty9-tty12 to /etc/securetty (11644).
* Provide template and manpage for /etc/limits (12289).
* Fix security hole in postinst (11769).
* login fills out ut_addr field in utmp (10701).
* shadowconfig.sh fixes (9189,9328,9386,10968,12452,12469).
* Overcome postinst bug in old shadow-passwd package (9939,12120).
* useradd default GROUP=100 (9244).
* Allow 8 bit chars in chfn (12367).
* secure-su - set HOME, use SHELL if set (11003,11189).
-- Guy Maor <maor@ece.utexas.edu> Fri, 26 Sep 1997 19:23:42 -0500
shadow (970616) unstable; urgency=low
* vipw preserves permissions on edited files (10521).
* various other bug fixes.
-- Marek Michalkiewicz <marekm@piast.t19.ds.pwr.wroc.pl> Mon, 16 Jun 1997 02:02:00 +0200
shadow (970601) unstable; urgency=low
* Fix typo in libmisc/mail.c causing login to segfault.
-- Marek Michalkiewicz <marekm@piast.t19.ds.pwr.wroc.pl> Mon, 2 Jun 1997 07:33:00 +0200
shadow (970502-2) unstable; urgency=low
* Fixes to shadow group support (grpconv didn't work).
-- Marek Michalkiewicz <marekm@piast.t19.ds.pwr.wroc.pl> Fri, 2 May 1997 15:48:00 +0200
shadow (970502-1) unstable; urgency=low
* Upstream upgrade.
-- Marek Michalkiewicz <marekm@piast.t19.ds.pwr.wroc.pl> Fri, 2 May 1997 03:18:00 +0200
shadow (961025-2) frozen unstable; urgency=medium
* Fix useradd -D segfault (8098, 8152, 8733).
* Fix shadowconfig - permfix only on xlock; /etc/init.d/xdm rewrite, chmod
(8102, 8320, 8333, 8708).
* Remove HOWTO from usr/doc/passwd as it's in linux-doc (8150).
* Fixes to su.1 (8153).
* login, passwd, su each conflict and replace with the old shadow-*
version. (8269, 8290, 8393, 8394).
* Put /etc/shells back in passwd (8328).
* Fixed login.postinst for upgrade from shadow-login (8392).
* Added -e to pwck for use in shadowconfig: reports only errors, no
warnings (8542).
* Wrote shadowconfig.8 (8588).
-- Guy Maor <maor@ece.utexas.edu> Sat, 19 Apr 1997 02:34:59 -0500
shadow (961025-1) unstable; urgency=low
* Upstream upgrade, new source format.
-- Guy Maor <maor@ece.utexas.edu> Mon, 10 Feb 1997 02:56:56 -0600
shadow (960530-1) experimental; urgency=LOW
* Added grpunconv script
* Changed prerm/postinst scripts to remove/create shadowed group
file
* Added vipw/vigr binaries
* Renamed package to shadow-passwd
* Added packages shadow-su and shadow-login
* Added 'Essential: yes' to be able to replace passwd and login
* Section now base for shadow-passwd and shadow-login
* Added /etc/shell conffile
* Added /etc/securetty conffile
* Added new conffile /etc/suauth. Set it up so only users in group 0
can su to root.
shadow (960810-1) base; urgency=LOW
* Added useradd default file so that default group is no longer 1
* Also corrected the useradd manpage
* Replaced grpunconv script by real binary which does correct
locking.
* Added 'source' field control file to control files
* Changed version naming in debian.rules
* New upstream version