summaryrefslogtreecommitdiff
path: root/debian
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2004-03-01 03:21:10 +0000
committerColin Watson <cjwatson@debian.org>2004-03-01 03:21:10 +0000
commit4d4421e0ed7e00c66e4cd714d93ed87b000ed031 (patch)
tree84d82590031ef986f6b977463e4d7d9b53849435 /debian
parentd66ce7c93847d7fd57d14848b0914228c4c5c841 (diff)
Since PAM session modules are run as root, we can turn pam_limits back on
by default, and it no longer spits out "Operation not permitted" to syslog (closes: #171673).
Diffstat (limited to 'debian')
-rw-r--r--debian/changelog3
-rw-r--r--debian/ssh.pam5
2 files changed, 5 insertions, 3 deletions
diff --git a/debian/changelog b/debian/changelog
index a232b42da..a8259ef8e 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -3,6 +3,9 @@ openssh (1:3.8p1-1) UNRELEASED; urgency=low
3 * New upstream release (closes: #232281): 3 * New upstream release (closes: #232281):
4 - New PAM implementation based on that in FreeBSD. This runs PAM session 4 - New PAM implementation based on that in FreeBSD. This runs PAM session
5 modules before dropping privileges (closes: #132681, #150968). 5 modules before dropping privileges (closes: #132681, #150968).
6 - Since PAM session modules are run as root, we can turn pam_limits back
7 on by default, and it no longer spits out "Operation not permitted" to
8 syslog (closes: #171673).
6 - Password expiry works again (closes: #153235). 9 - Password expiry works again (closes: #153235).
7 - 'ssh -q' suppresses login banner (closes: #134589). 10 - 'ssh -q' suppresses login banner (closes: #134589).
8 - sshd doesn't lie to PAM about invalid usernames (closes: #157078). 11 - sshd doesn't lie to PAM about invalid usernames (closes: #157078).
diff --git a/debian/ssh.pam b/debian/ssh.pam
index 81c18371e..8882053df 100644
--- a/debian/ssh.pam
+++ b/debian/ssh.pam
@@ -22,9 +22,8 @@ session optional pam_motd.so # [1]
22# Print the status of the user's mailbox upon successful login. 22# Print the status of the user's mailbox upon successful login.
23session optional pam_mail.so standard noenv # [1] 23session optional pam_mail.so standard noenv # [1]
24 24
25# Set up user limits. Uncomment this and read /etc/security/limits.conf to 25# Set up user limits from /etc/security/limits.conf.
26# enable this functionality. 26session required pam_limits.so
27# session required pam_limits.so
28 27
29# Standard Un*x password updating. 28# Standard Un*x password updating.
30@include common-password 29@include common-password