Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 188014 - Review Request: pam_otpw - One time password support for PAM
Summary: Review Request: pam_otpw - One time password support for PAM
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Fedora
Classification: Fedora
Component: Package Review
Version: rawhide
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Tomas Mraz
QA Contact: Fedora Package Reviews List
URL:
Whiteboard:
Depends On:
Blocks: FE-DEADREVIEW
TreeView+ depends on / blocked
 
Reported: 2006-04-05 12:22 UTC by Luke Ross
Modified: 2007-11-30 22:11 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2006-11-08 18:55:51 UTC


Attachments (Terms of Use)

Description Luke Ross 2006-04-05 12:22:51 UTC
Spec Name or Url: pam_otpw.spec
SRPM Name or Url: http://lukeross.name/pam_otpw-1.3-1.src.rpm
Description: 

The pam_otpw package consists of the one-time-password generator otpw-gen
plus a PAM module that provides auth and session stages. Login software
extended this way will allow reasonably secure user authentication over
insecure network lines. The user carries a password list on paper. The
scheme is designed to be robust against theft of the paper list and
race-for-the-last-letter attacks. Cryptographic hash values of the
one-time passwords are stored for verification in the user's home
directory.

This is a follow-on from bugzilla #188002. This is my first Extras package,
so needs sponsoring.

Comment 1 Tomas Mraz 2006-04-05 14:25:58 UTC
rpmlint complaints on the srpm:
W: pam_otpw strange-permission otpw-1.3.tar.gz 0600
W: pam_otpw strange-permission pam_otpw.spec 0600
W: pam_otpw buildprereq-use pam-devel

(Use 644 perms and BuildRequires)

rpmlint complaints on the built rpm:
W: pam_otpw unstripped-binary-or-object /lib/security/pam_otpw.so
E: pam_otpw library-not-linked-against-libc /lib/security/pam_otpw.so

The Makefile must be patched so it calls gcc as a linker for the pam_otpw.so

Also the CFLAGS="$RPM_OPT_FLAGS" and LDFLAGS="$RPM_OPT_FLAGS" should be added to
the spec when calling make.


Comment 2 Luke Ross 2006-04-05 15:14:37 UTC
Updated, please try http://lukeross.name/pam_otpw-1.3-2.src.rpm 

Comment 3 Tomas Mraz 2006-04-05 15:42:45 UTC
It still isn't quite right because you must call the
make as:
make CFLAGS="$RPM_OPT_FLAGS" LDFLAGS="$RPM_OPT_FLAGS"

instead of exporting the CFLAGS and LDFLAGS first.
And the Makefile should be patched to contain $(LDFLAGS) in all linker commands.


Comment 4 Luke Ross 2006-04-06 12:51:56 UTC
Please try http://lukeross.name/pam_otpw-1.3-3.src.rpm 
 
Thanks. 

Comment 5 Tomas Mraz 2006-04-07 07:22:00 UTC
There's a mistake in the spec file. The pam_otpw.8 manpage is installed as
otpw-gen.8 (also in the %files section).

Also please patch the Makefile to contain $(LDFLAGS) in the linking of otpw-gen.


Comment 6 Luke Ross 2006-04-10 15:43:48 UTC
Updated, http://lukeross.name/pam_otpw-1.3-4.src.rpm 
 
Thanks. 

Comment 7 Tomas Mraz 2006-04-10 18:10:05 UTC
All errors above seem to be corrected.

rpmlint doesn't complain anymore.

APPROVED

You should contact the upstream author to include the GPL License text in a
separate file too so it can be added as %doc file next time.

I'll sponsor you after you create your account and request sponsorship for the
FE CVS.


Comment 8 Tomas Mraz 2006-04-19 17:48:37 UTC
Any problems with creating the account?

Comment 9 Tomas Mraz 2006-11-08 18:55:51 UTC
No action from reporter.


Note You need to log in before you can comment on or make changes to this bug.