aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSam Hartman <hartmans@debian.org>2023-08-16 16:40:20 -0600
committerSam Hartman <hartmans@debian.org>2023-08-16 16:45:04 -0600
commit8708337078144b30c8ce03b506d4cc47020661bb (patch)
tree2eb976d5afc1637ace6ad215beda577763c23276
parent5d5d1a88a5851679c669162a0b64e29bc56c1d70 (diff)
downloadpam-8708337078144b30c8ce03b506d4cc47020661bb.tar.gz
pam-8708337078144b30c8ce03b506d4cc47020661bb.tar.bz2
pam-8708337078144b30c8ce03b506d4cc47020661bb.zip
Fix pam-auth-update --disable logic error, Closes: #1039873
Diffstat
-rw-r--r--debian/local/pam-auth-update4
-rw-r--r--debian/tests/pam-auth-update4
2 files changed, 7 insertions, 1 deletions
diff --git a/debian/local/pam-auth-update b/debian/local/pam-auth-update
index b3de86e7..ac00b1c9 100644
--- a/debian/local/pam-auth-update
+++ b/debian/local/pam-auth-update
@@ -162,7 +162,9 @@ push(@enabled,
# Disable anything explicitly disabled
@enabled = grep {!$to_disable{$_} } @enabled;
# And we've seen anything we disable
-delete @seen{ keys %to_disable};
+foreach my $i (keys %to_disable) {
+ $seen{$i} = 1;
+}
# an empty module set is an error, so in that case grab all the defaults
if (!@enabled) {
diff --git a/debian/tests/pam-auth-update b/debian/tests/pam-auth-update
index e4973bff..d2649f36 100644
--- a/debian/tests/pam-auth-update
+++ b/debian/tests/pam-auth-update
@@ -28,7 +28,11 @@ grep -i rounds /etc/pam.d/common-password &&fail rounds parameter already specif
sed -i -e 's/obscure yescrypt/obscure yescrypt rounds=3/' /etc/pam.d/common-password
grep rounds /etc/pam.d/common-password ||fail sed did not update common password
+( echo get libpam-runtime/profiles |debconf-communicate |grep mkhomedir) || fail mkhomedir not in enabled profiles
+
# Confirm removing mkhomedir preserves rounds parameter
pam-auth-update --disable mkhomedir ||fail pam-auth-update disable failed
+( echo get libpam-runtime/profiles |debconf-communicate |grep mkhomedir) && fail mkhomedir still in profiles
+grep mkhomedir /var/lib/pam/seen || fail mkhomedir removed from seen after disable
grep mkhomedir /etc/pam.d/common-session &&fail pam_mkhomedir not removed
grep rounds /etc/pam.d/common-password || fail rounds parameter not preserved
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-18 04:32:51 +0000