diff options
| author | Steve Langasek <vorlon@debian.org> | 2009-07-27 16:15:58 +0200 |
|---|---|---|
| committer | Steve Langasek <vorlon@debian.org> | 2019-01-08 19:41:59 -0800 |
| commit | f4c836a0a7917a2c41a20625263cf19912f8a399 (patch) | |
| tree | 2a98fa9e28df7f2890a938badc0dda37a0f77cc7 /debian/local | |
| parent | 535cd44225f00c8092854e986692f742fef284f7 (diff) | |
| download | pam-f4c836a0a7917a2c41a20625263cf19912f8a399.tar.gz pam-f4c836a0a7917a2c41a20625263cf19912f8a399.tar.bz2 pam-f4c836a0a7917a2c41a20625263cf19912f8a399.zip | |
When no profiles are chosen in pam-auth-update, throw an error message
and prompt again instead of letting the user end up with an insecure
system. This introduces a new debconf template. Closes: #519927.
Diffstat (limited to 'debian/local')
| -rwxr-xr-x | debian/local/pam-auth-update | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/debian/local/pam-auth-update b/debian/local/pam-auth-update index 42690850..b059bf94 100755 --- a/debian/local/pam-auth-update +++ b/debian/local/pam-auth-update @@ -35,6 +35,7 @@ my $inputdir = '/usr/share/pam-configs'; my $template = 'libpam-runtime/profiles'; my $errtemplate = 'libpam-runtime/conflicts'; my $overridetemplate = 'libpam-runtime/override'; +my $blanktemplate = 'libpam-runtime/no_profiles_chosen'; my $confdir = '/etc/pam.d'; my $savedir = '/var/lib/pam'; my (%profiles, @sorted, @enabled, @conflicts, %removals); @@ -193,7 +194,10 @@ do { } fset($template,'seen','false'); set($template, join(', ', @enabled)); -} while (@conflicts); + if (!@enabled) { + input('high',$blanktemplate); + } +} while (@conflicts || !@enabled); # the decision has been made about what configs to use, so even if # something fails after this, we shouldn't go munging the default |