diff options
author | Gunnar Hjalmarsson <gunnarhj@ubuntu.com> | 2013-03-25 16:41:16 +0000 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2013-03-25 16:41:16 +0000 |
commit | fb0148c9ba78689cd03c9cf2ee05a4fa22a0ed69 (patch) | |
tree | 322702442b150bb55e2681e73e3277b816753efc /debian | |
parent | 60863ef8f8ef60cbbc3c4991989755e7a18e5c86 (diff) |
debian/openssh-server.sshd.pam: Explicitly state that ~/.pam_environment
should be read, and move the pam_env calls from "auth" to "session" so
that it's also read when $HOME is encrypted (LP: #952185).
Diffstat (limited to 'debian')
-rw-r--r-- | debian/changelog | 9 | ||||
-rw-r--r-- | debian/openssh-server.sshd.pam | 14 |
2 files changed, 16 insertions, 7 deletions
diff --git a/debian/changelog b/debian/changelog index 51197feac..78c582918 100644 --- a/debian/changelog +++ b/debian/changelog | |||
@@ -1,3 +1,12 @@ | |||
1 | openssh (1:6.1p1-4) UNRELEASED; urgency=low | ||
2 | |||
3 | [ Gunnar Hjalmarsson ] | ||
4 | * debian/openssh-server.sshd.pam: Explicitly state that ~/.pam_environment | ||
5 | should be read, and move the pam_env calls from "auth" to "session" so | ||
6 | that it's also read when $HOME is encrypted (LP: #952185). | ||
7 | |||
8 | -- Colin Watson <cjwatson@debian.org> Thu, 14 Feb 2013 09:33:00 +0100 | ||
9 | |||
1 | openssh (1:6.1p1-3) experimental; urgency=low | 10 | openssh (1:6.1p1-3) experimental; urgency=low |
2 | 11 | ||
3 | * Give ssh and ssh-krb5 versioned dependencies on openssh-client and | 12 | * Give ssh and ssh-krb5 versioned dependencies on openssh-client and |
diff --git a/debian/openssh-server.sshd.pam b/debian/openssh-server.sshd.pam index c108cdf68..9261e9dca 100644 --- a/debian/openssh-server.sshd.pam +++ b/debian/openssh-server.sshd.pam | |||
@@ -1,12 +1,5 @@ | |||
1 | # PAM configuration for the Secure Shell service | 1 | # PAM configuration for the Secure Shell service |
2 | 2 | ||
3 | # Read environment variables from /etc/environment and | ||
4 | # /etc/security/pam_env.conf. | ||
5 | auth required pam_env.so # [1] | ||
6 | # In Debian 4.0 (etch), locale-related environment variables were moved to | ||
7 | # /etc/default/locale, so read that as well. | ||
8 | auth required pam_env.so envfile=/etc/default/locale | ||
9 | |||
10 | # Standard Un*x authentication. | 3 | # Standard Un*x authentication. |
11 | @include common-auth | 4 | @include common-auth |
12 | 5 | ||
@@ -38,5 +31,12 @@ session required pam_limits.so | |||
38 | # Set up SELinux capabilities (need modified pam) | 31 | # Set up SELinux capabilities (need modified pam) |
39 | # session required pam_selinux.so multiple | 32 | # session required pam_selinux.so multiple |
40 | 33 | ||
34 | # Read environment variables from /etc/environment and | ||
35 | # /etc/security/pam_env.conf. | ||
36 | session required pam_env.so # [1] | ||
37 | # In Debian 4.0 (etch), locale-related environment variables were moved to | ||
38 | # /etc/default/locale, so read that as well. | ||
39 | session required pam_env.so user_readenv=1 envfile=/etc/default/locale | ||
40 | |||
41 | # Standard Un*x password updating. | 41 | # Standard Un*x password updating. |
42 | @include common-password | 42 | @include common-password |