Debian Package Tracker

From: Russ Allbery <rra@debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted libpam-krb5 1.2.0-2 (source i386)
Date: Tue, 24 Jan 2006 23:17:05 -0800
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Mon, 16 Jan 2006 18:11:57 -0800
Source: libpam-krb5
Binary: libpam-krb5
Architecture: source i386
Version: 1.2.0-2
Distribution: unstable
Urgency: low
Maintainer: Sam Hartman <hartmans@debian.org>
Changed-By: Russ Allbery <rra@debian.org>
Description: 
 libpam-krb5 - PAM module for MIT Kerberos
Closes: 339734 341926 342271 344003
Changes: 
 libpam-krb5 (1.2.0-2) unstable; urgency=low
 .
   * Always use a disk cache for temporary storage of credentials and cope
     with not having module-specific data during pam_sm_setcred by passing
     the cache path in an environment variable.  This is required to cope
     with OpenSSH's technique (when using ChallengeResponseAuthentication)
     of doing PAM authentication in a child process and then opening the
     session in the parent.  (Closes: #339734)
   * Only initialize the ticket cache once no matter how many times setcred
     is called.  Saves duplicate work and works around a bug in xdm, which
     calls setcred repeatedly and discards the environment set by the final
     call.
   * Don't assume we already have a context when changing passwords; passwd
     doesn't work that way.  (Closes: #344003)
   * Fix the test for the new password.  I don't think this would have
     worked at all before.
   * Improve debugging output for password changes.
   * If search_k5login is specified but no .k5login is found, still check
     the user with krb5_kuserok in case there are custom principal mappings
     defined.
   * Handle ignore_root in a cleaner fashion and add support for
     ignore_root on password changes.
   * Depend on krb5-config.  (Closes: #342271)
   * Document that ccache and ccache_dir must be specified as options to
     the session module.  (Closes: #341926)
   * Document that pam_sm_authenticate and pam_sm_setcred also call
     krb5_kuserok.
   * Properly override the upstream CFLAGS so that debugging builds work.
   * Don't ignore errors from make clean.
   * Providing binary-indep in debian/rules is required by Policy even if
     there are no arch-independent packages.  Whoops.
Files: 
 66ea3b8e445835dc6ce8ebf794325529 657 net optional libpam-krb5_1.2.0-2.dsc
 c9f5ce7e96c44a8e91c8c3885f4f15f4 17408 net optional libpam-krb5_1.2.0-2.diff.gz
 1d0f6fff2d06e30d735432be350e948a 32606 net optional libpam-krb5_1.2.0-2_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFD1yM1+YXjQAr8dHYRAoeBAJ9Wiq6fuRuf/WdwSDkmRyicqqISIQCgmChF
Y2sYBLEcFkqb7AMJWkJSSfc=
=wemy
-----END PGP SIGNATURE-----


Accepted:
libpam-krb5_1.2.0-2.diff.gz
  to pool/main/libp/libpam-krb5/libpam-krb5_1.2.0-2.diff.gz
libpam-krb5_1.2.0-2.dsc
  to pool/main/libp/libpam-krb5/libpam-krb5_1.2.0-2.dsc
libpam-krb5_1.2.0-2_i386.deb
  to pool/main/libp/libpam-krb5/libpam-krb5_1.2.0-2_i386.deb
News for package libpam-krb5
