diff options
| author | Roger Leigh <rleigh@debian.org> | 2012-07-18 23:11:35 +0100 |
|---|---|---|
| committer | Roger Leigh <rleigh@debian.org> | 2012-07-18 23:11:35 +0100 |
| commit | c48aa531a2c88fd1b926dadba98c87498a94652a (patch) | |
| tree | e876d86f977392d194283772e14eefead8e141e8 | |
| parent | 6ceb4eb4332908007457c32d1b3293a750121d74 (diff) | |
| parent | 61ed3ed09676f7c6995aa6cc842571336d070a9d (diff) | |
| download | schroot-c48aa531a2c88fd1b926dadba98c87498a94652a.tar.gz | |
Merge branch 'master' of ssh+git://git.debian.org/git/buildd-tools/schroot
Conflicts:
NEWS
debian/changelog
| -rw-r--r-- | NEWS | 10 | ||||
| -rw-r--r-- | debian/changelog | 11 | ||||
| -rw-r--r-- | etc/pam/schroot | 8 | ||||
| -rw-r--r-- | sbuild/sbuild-auth.cc | 4 |
4 files changed, 30 insertions, 3 deletions
@@ -1,12 +1,20 @@ NEWS -*- outline -*- ---- -Welcome to schroot 1.6.1. Please read these release notes carefully. +Welcome to schroot 1.6.2. Please read these release notes carefully. Full installation instructions are provided in the INSTALL file. The README file also contains more specific notes regarding building and configuration. +* Major changes in 1.6.2: + + 1) PAM pam_env is used to set up additional environment from + /etc/security/pam_env.conf and /etc/default/locale. + + 2) /usr/bin/X11 and /usr/games have been removed from the + default PATH. + * Major changes in 1.6.1: None. diff --git a/debian/changelog b/debian/changelog index 6c56f335..20324587 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,14 @@ +schroot (1.6.2-1) UNRELEASED; urgency=low + + * New upstream stable release. + * schroot: + - PAM pam_env is used to set up additional environment from + /etc/security/pam_env.conf and /etc/default/locale. + - /usr/bin/X11 and /usr/games have been removed from the + default PATH. + + -- Roger Leigh <rleigh@debian.org> Wed, 18 Jul 2012 23:10:24 +0100 + schroot (1.6.1-1) unstable; urgency=low * New upstream stable release. diff --git a/etc/pam/schroot b/etc/pam/schroot index 95e34d82..d8c575c7 100644 --- a/etc/pam/schroot +++ b/etc/pam/schroot @@ -16,6 +16,14 @@ # be allowed to use schroot at all. # auth required pam_wheel.so deny group=noschroot +# This module parses environment configuration file(s) +# and also allows you to use an extended config +# file /etc/security/pam_env.conf. +# +session required pam_env.so readenv=1 +session required pam_env.so readenv=1 envfile=/etc/default/locale + + # This allows root to use schroot without passwords (normal operation) auth sufficient pam_rootok.so diff --git a/sbuild/sbuild-auth.cc b/sbuild/sbuild-auth.cc index 948d9f99..939630df 100644 --- a/sbuild/sbuild-auth.cc +++ b/sbuild/sbuild-auth.cc @@ -284,9 +284,9 @@ auth::get_minimal_environment () const // For security, PATH is always set to a sane state for root, but // only set in other cases if not preserving the environment. if (this->uid == 0) - minimal.add(std::make_pair("PATH", "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/bin/X11")); + minimal.add(std::make_pair("PATH", "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin")); else - minimal.add(std::make_pair("PATH", "/usr/local/bin:/usr/bin:/bin:/usr/bin/X11:/usr/games")); + minimal.add(std::make_pair("PATH", "/usr/local/bin:/usr/bin:/bin")); if (!this->home.empty() ) minimal.add(std::make_pair("HOME", this->home)); |