Conversation
GabrielNagy
force-pushed
the
debian-packaging
branch
from
26b6a2c to
7d2aacb
Compare
didrocks
left a comment
didrocks
left a comment
There was a problem hiding this comment.
Excellent work! I have one real required change (leftover of other project copy/paste I think), and 2 questions!
Also, along those line, can you ensure that current copy of: pam/go-loader/libpam-authd.pam-auth-update allows to have our PAM module being called before pam_unix.so as otherwise, this latter will always request a password for us?
3v1n0
left a comment
3v1n0
left a comment
There was a problem hiding this comment.
Few comments on my side :)
Yes, |
GabrielNagy
force-pushed
the
debian-packaging
branch
2 times, most recently
from
460fb8c to
433bbcd
Compare
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #120 +/- ##
==========================================
- Coverage 88.14% 87.98% -0.17%
==========================================
Files 32 32
Lines 2430 2430
==========================================
- Hits 2142 2138 -4
- Misses 221 224 +3
- Partials 67 68 +1 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
|
So I believe I made all the requested changes, but the package doesn't build anymore with vendored dependencies due to https://github.com/ubuntu/authd/blob/bf88ae20223faf371eb743ee385b08e786462f22/pam/pam.go#L1 |
GabrielNagy
force-pushed
the
debian-packaging
branch
3 times, most recently
from
d103435 to
9097f56
Compare
|
Addressed the issue above in the last commit. Confirmed the package builds and test pass on all avenues. |
GabrielNagy
force-pushed
the
debian-packaging
branch
3 times, most recently
from
c48ff9d to
7f4520e
Compare
3v1n0
left a comment
3v1n0
left a comment
There was a problem hiding this comment.
I think we're almost there, but I noticed few more things 👼
GabrielNagy
force-pushed
the
debian-packaging
branch
from
7f4520e to
06e75a1
Compare
GabrielNagy
force-pushed
the
debian-packaging
branch
4 times, most recently
from
a8088ec to
e408ced
Compare
|
@3v1n0 I'd appreciate if you could go over your first round of review comments and mark everything applicable as resolved, otherwise it's hard to follow what was done and what was not 🙏🏼 |
I would love to... But I can't :( I think i've not the permissions in this repo, as I was trying to this the whole time and I couldn't find a way. |
3v1n0
left a comment
3v1n0
left a comment
There was a problem hiding this comment.
I think we're good... Please just drop that ls subshell in the vendor script and we're good to go from my POV.
Similar to what we have in aad-auth, this helps keep the XS-Vendored-Sources-Rust field in debian/changelog up-to-date.
GabrielNagy
force-pushed
the
debian-packaging
branch
from
44f0ff4 to
1a4eecc
Compare
Build the authd package in a single binary package containing the daemon, PAM & NSS modules. Add hooks to ensure PAM & NSS are properly configured and un-configured. Most of this was inspired by adsys and aad-auth packaging where we also ship PAM (and NSS) modules. Fixes UDENG-1781
On the account of it being needed when building the source package.
We depend on github.com/msteinert/pam/cmd/pam-moduler to generate the pam_module.go file for the PAM module. This poses an issue if we are trying to run it with vendored dependencies, as we cannot vendor the cmd package. This can be fixed multiple ways, but in the interest of keeping the fix close to the problem, and avoid moving the generate statement to a separate package/file, simply skip the call if we detect a vendor directory at the root of the project.
This is not added automatically, presumably because the name of the packge does not contain "lib". Add it using Debian's guidelines[1]. [1] https://www.debian.org/doc/debian-policy/ch-sharedlibs.html#ldconfig
GabrielNagy
force-pushed
the
debian-packaging
branch
from
1a4eecc to
aef2d42
Compare
5 participants
Build the authd package in a single binary package containing the daemon, PAM & NSS modules.
Add hooks to ensure PAM & NSS are properly configured and un-configured.
Most of this was inspired by adsys and aad-auth packaging where we also ship PAM (and NSS) modules.
d/copyright is still incomplete but it's an arduous task we can handle afterwards.
Fixes UDENG-1781
A passing LP build can be seen here: https://launchpad.net/~gabuscus/+archive/ubuntu/ppa/+sourcepub/15403265/+listing-archive-extra
I've also ran the autopkgtests for amd64 locally with qemu.
I haven't added systemd units yet because I did some tests and something is afoot causing the entire boot to hang. It looks like if authd starts right after dbus, both services will remain in an "activating" state. I'm not sure why this happens, but my assumption is that we are connecting to the system bus before it's actually ready to accept connections. I'll open a card and we can investigate the issue separately without needing to block this one.