From 1fc1fc26694c3fb9165e08350b98f07c5d71d0f2 Mon Sep 17 00:00:00 2001 From: ramonskie Date: Fri, 14 Jun 2024 09:01:31 +0200 Subject: [PATCH] pam_lastlog is deprecated move to pam_lostlog2 #343 --- bosh-stemcell/spec/os_image/ubuntu_noble_spec.rb | 2 +- stemcell_builder/stages/base_ubuntu_packages/apply.sh | 2 +- .../stages/password_policies/assets/centos/system-auth.patch | 2 +- .../password_policies/assets/opensuse/common-password.patch | 2 +- .../password_policies/assets/ubuntu/common-password.patch | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/bosh-stemcell/spec/os_image/ubuntu_noble_spec.rb b/bosh-stemcell/spec/os_image/ubuntu_noble_spec.rb index cbd773f6e..6447cda77 100644 --- a/bosh-stemcell/spec/os_image/ubuntu_noble_spec.rb +++ b/bosh-stemcell/spec/os_image/ubuntu_noble_spec.rb @@ -304,7 +304,7 @@ context 'display the number of unsuccessful logon/access attempts since the last successful logon/access (stig: V-51875)' do describe file('/etc/pam.d/common-password') do - its(:content) { should match /session\trequired\t\t\tpam_lastlog\.so showfailed/ } + its(:content) { should match /session\trequired\t\t\tpam_lastlog2\.so showfailed/ } end end diff --git a/stemcell_builder/stages/base_ubuntu_packages/apply.sh b/stemcell_builder/stages/base_ubuntu_packages/apply.sh index bfcb439f0..615a08674 100755 --- a/stemcell_builder/stages/base_ubuntu_packages/apply.sh +++ b/stemcell_builder/stages/base_ubuntu_packages/apply.sh @@ -15,7 +15,7 @@ libaio1t64 gdb libcap2-bin libcap2-dev libbz2-dev \ cmake uuid-dev libgcrypt-dev ca-certificates \ scsitools mg htop module-assistant debhelper runit parted \ cloud-guest-utils anacron software-properties-common \ -xfsprogs gdisk chrony dbus nvme-cli rng-tools fdisk \ +xfsprogs gdisk chrony dbus nvme-cli rng-tools fdisk util-linux \ ethtool libpam-pwquality gpg-agent libcurl4 libcurl4-openssl-dev resolvconf net-tools ifupdown" pkg_mgr purge netplan.io diff --git a/stemcell_builder/stages/password_policies/assets/centos/system-auth.patch b/stemcell_builder/stages/password_policies/assets/centos/system-auth.patch index 73f091439..fffab65fb 100644 --- a/stemcell_builder/stages/password_policies/assets/centos/system-auth.patch +++ b/stemcell_builder/stages/password_policies/assets/centos/system-auth.patch @@ -10,4 +10,4 @@ > password required pam_cracklib.so retry=3 minlen=14 dcredit=-1 ucredit=-1 ocredit=-1 lcredit=-1 > password sufficient pam_unix.so try_first_pass use_authtok sha512 shadow remember=24 minlen=14 18a19 -> session required pam_lastlog.so showfailed +> session required pam_lastlog2.so showfailed diff --git a/stemcell_builder/stages/password_policies/assets/opensuse/common-password.patch b/stemcell_builder/stages/password_policies/assets/opensuse/common-password.patch index 297863f4e..1bb98bbd7 100644 --- a/stemcell_builder/stages/password_policies/assets/opensuse/common-password.patch +++ b/stemcell_builder/stages/password_policies/assets/opensuse/common-password.patch @@ -4,4 +4,4 @@ --- > password requisite pam_cracklib.so retry=3 minlen=14 dcredit=-1 ucredit=-1 ocredit=-1 lcredit=-1 > password required pam_unix.so use_authtok sha512 shadow try_first_pass remember=24 minlen=14 -> session required pam_lastlog.so showfailed +> session required pam_lastlog2.so showfailed diff --git a/stemcell_builder/stages/password_policies/assets/ubuntu/common-password.patch b/stemcell_builder/stages/password_policies/assets/ubuntu/common-password.patch index 62a895ada..48ffc242a 100644 --- a/stemcell_builder/stages/password_policies/assets/ubuntu/common-password.patch +++ b/stemcell_builder/stages/password_policies/assets/ubuntu/common-password.patch @@ -13,5 +13,5 @@ # since the modules above will each just jump around password required pam_permit.so # and here are more per-package modules (the "Additional" block) -+# session required pam_lastlog.so showfailed #NOBLE_TODO: Commented out when pam_lastlog is availble again ++ session required pam_lastlog2.so showfailed # end of pam-auth-update config