So it seem that around this date every year I do get some kind of “birthday present” (my birthday is on the 28th) by removing something that was bothering me for month (or in this case for years). Last year it was XMMS although that actually gone from the tree for my birthday, while now there’s just a mask, but a good mask.
For security reasons pam_console is going to be removed from the tree in a month.
The whole idea behind pam_console is a bit screwy, and many people, me included, considered it just an hack to allow use of device nodes to the user “sitting at the console”. Unfortunately there are a lot of known drawbacks with this, and one of the well known one is what is now considered a “security vulnerability”.
Anyway, since I promised to myself that the first non-trivial issue would have meant the removal of the whole ebuild, when I found the security bug mail today, I decided that was it.
And now pam_console is masked, pending removal next month, the pam_console USE flag is masked too, and the pam-0.78 ebuild only has mips in its keywords, the rest is gone. The GLSA will suggest everybody to update to PAM 0.99 so even those who were uncertainly about upgrading will finally have to take the step, and that means I can ignore presence of PAM 0.78 until someone decides it’s time to give it a try again on mips.
The only thing now is that I need to update the upgrade documentation to state clearly that pam_console has been masked for security reasons. Oh well, time to start I suppose.
Based on an email sent to gentoo-dev, I already mentioned that pam_console has been removed from Portage in the one document that mentioned it; I linked to the pam .99 upgrade guide as a reference.It’s gone from the docs, too. 🙂
I meant the upgrade guide as docs to fix :)Unfortunately I haven’t had time to touch it yet, will do ASAP.
Alsa for your next birthday? 😀