Arch Linux

Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines

Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!
Tasklist

FS#9218 - kde-common: upgrade overrides /etc/pam.d/kde*

Attached to Project: Arch Linux
Opened by Apollon Oikonomopoulos (apoikos) - Tuesday, 15 January 2008, 09:39 GMT
Last edited by Tobias Powalowski (tpowa) - Saturday, 26 January 2008, 16:14 GMT
Task Type Bug Report
Category Packages: Extra
Status Closed
Assigned To Tobias Powalowski (tpowa)
Architecture All
Severity Medium
Priority Normal
Reported Version 2007.08-2
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

Description:
kde-common does not list /etc/pam.d/kde* as configuration files. Thus any upgrade of the package simply overwrites the older pam configuration files, discarding any manual changes made. This behaviour conflicts with the standard used by pacman for configuration files.

Additional info:
* package version: 3.5.8-2

Steps to reproduce:
1. Make changes to /etc/pam.d/kde or /etc/pam.d/kde-np
2. Upgrade or re-install kde-common
3. The kde* files under /etc/pam.d/ are replaced by those in the package

This task depends upon

Closed by  Tobias Powalowski (tpowa)
Saturday, 26 January 2008, 16:14 GMT
Reason for closing:  Fixed
Additional comments about closing:  3.5.8-3
Comment by Roman Kyrylych (Romashka) - Tuesday, 15 January 2008, 17:43 GMT
Are files in /etc/pam.d/ supposed to be modified by user? If not then the current behaviou is ok and NoUpgrade is the solution.
Comment by Apollon Oikonomopoulos (apoikos) - Tuesday, 15 January 2008, 18:00 GMT
A quick `grep' reveals that the following packages in core do 'backup' the /etc/pam.d/* files:

base/pam
base/coreutils
support/sudo
support/openssh

Of course the user is supposed to modify the pam.d files, that's what they're there for ;-) IMHO the pam.d files should definitely be backed up as they interfere with system authentication (a rather critical function). I use kerberos authentication (pam_krb5.so) at work, and today I couldn't login via KDM because of the kde-common upgrade. Furthermore, imagine if openssh for example did replace the pam.d/ssh file and you ended up locked out of a server - with no physical access - using pam_ldap.so.

Loading...