|
Home > Archive > Debian Developers > January 2007 > How to change the severity of a bug to serious???
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
How to change the severity of a bug to serious???
|
|
| Jacques Normand 2007-01-25, 1:35 am |
| Hi,
I am trying to change the bug #383889 to serious and make it release
critical. I have explained in it why I want it RC and the document at
http://release.debian.org/etch_rc_policy.txt lists that
* makes unrelated software on the system (or the whole system)
break
is a reason for rc-bug. In this case, the whole desktop locks and there
is no easy way to unlock it. (Which is effectively breaking the system).
So how do I do that?
thanks
jacques
| |
| Ben Finney 2007-01-25, 1:35 am |
| Jacques Normand <jnormand@nerim.net> writes:
> So how do I do that?
Much information about the Debian BTS is available at its website:
<URL:http://www.debian.org/Bugs/>
That page has a link to the information on manipulating bug reports
via email:
<URL:http://www.debian.org/Bugs/server-control>
--
\ "Ice Water? Get some onions - that'll make your eyes water!" |
`\ -- Groucho Marx |
_o__) |
Ben Finney
--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
| |
| Steve Langasek 2007-01-25, 1:35 am |
| severity 383889 important
thanks
On Wed, Jan 24, 2007 at 07:44:35PM -0600, Jacques Normand wrote:
> I am trying to change the bug #383889 to serious and make it release
> critical. I have explained in it why I want it RC and the document at
> http://release.debian.org/etch_rc_policy.txt lists that
> * makes unrelated software on the system (or the whole system)
> break
> is a reason for rc-bug. In this case, the whole desktop locks and there
> is no easy way to unlock it. (Which is effectively breaking the system).
> So how do I do that?
You seem to have gotten your answer on the procedure, but your rationale for
upgrading this particular bug is flawed. The package doesn't render the
system unusable, it's your misconfiguration of PAM that does so.
I've tested gnome-screensaver here and it work fine with this config.
/etc/pam.d/common-auth:
auth sufficient pam_krb5.so ignore_root
auth required pam_unix.so try_first_pass nullok_secure
/etc/pam.d/common-account:
account sufficient pam_krb5.so
account required pam_unix.so
Note that the default /etc/pam.d/gnome-screensaver shipped is misleading; it
doesn't mention that this service will query the authorization functions
("acct") in addition to the authorization functions. You may need to check
there for the source of your authentication problem.
--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
vorlon@debian.org http://www.debian.org/
--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
| |
| Russ Allbery 2007-01-25, 1:35 am |
| Steve Langasek <vorlon@debian.org> writes:
> On Wed, Jan 24, 2007 at 07:44:35PM -0600, Jacques Normand wrote:
[vbcol=seagreen]
[vbcol=seagreen]
[vbcol=seagreen]
[vbcol=seagreen]
> You seem to have gotten your answer on the procedure, but your rationale
> for upgrading this particular bug is flawed. The package doesn't render
> the system unusable, it's your misconfiguration of PAM that does so.
You cannot enable verify_ap_req_nofail unless everything that's going to
do PAM configuration can read the system keytab file. Most of the screen
savers run as a normal user and can't read the keytab unless it's readable
by the user running the screen saver.
Later versions of pam-krb5 will support configuring it to look at a
different keytab so that you can provide a lower-privilege world-readable
keytab for this purpose. Until then, you either want to leave the
Kerberos library default, which will verify the tickets if the keytab is
readable and otherwise skip that step, or make the system keytab readable
by any user who may run the screen saver.
For more information, see:
<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=399002>
The support alluded to in that bug is already implemented in the upstream
version of pam-krb5, but I also incorporated PKINIT support and the code
has been rather unstable. I'm holding off upgrading the Debian package
until after the etch release.
--
Russ Allbery (rra@debian.org) <http://www.eyrie.org/~eagle/>
--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
|
|
|
|
|