Bug 188014 - Review Request: pam_otpw - One time password support for PAM
Review Request: pam_otpw - One time password support for PAM
Product: Fedora
Classification: Fedora
Component: Package Review (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Tomas Mraz
Fedora Package Reviews List
Depends On:
  Show dependency treegraph
Reported: 2006-04-05 08:22 EDT by Luke Ross
Modified: 2007-11-30 17:11 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2006-11-08 13:55:51 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Luke Ross 2006-04-05 08:22:51 EDT
Spec Name or Url: pam_otpw.spec
SRPM Name or Url: http://lukeross.name/pam_otpw-1.3-1.src.rpm

The pam_otpw package consists of the one-time-password generator otpw-gen
plus a PAM module that provides auth and session stages. Login software
extended this way will allow reasonably secure user authentication over
insecure network lines. The user carries a password list on paper. The
scheme is designed to be robust against theft of the paper list and
race-for-the-last-letter attacks. Cryptographic hash values of the
one-time passwords are stored for verification in the user's home

This is a follow-on from bugzilla #188002. This is my first Extras package,
so needs sponsoring.
Comment 1 Tomas Mraz 2006-04-05 10:25:58 EDT
rpmlint complaints on the srpm:
W: pam_otpw strange-permission otpw-1.3.tar.gz 0600
W: pam_otpw strange-permission pam_otpw.spec 0600
W: pam_otpw buildprereq-use pam-devel

(Use 644 perms and BuildRequires)

rpmlint complaints on the built rpm:
W: pam_otpw unstripped-binary-or-object /lib/security/pam_otpw.so
E: pam_otpw library-not-linked-against-libc /lib/security/pam_otpw.so

The Makefile must be patched so it calls gcc as a linker for the pam_otpw.so

Also the CFLAGS="$RPM_OPT_FLAGS" and LDFLAGS="$RPM_OPT_FLAGS" should be added to
the spec when calling make.
Comment 2 Luke Ross 2006-04-05 11:14:37 EDT
Updated, please try http://lukeross.name/pam_otpw-1.3-2.src.rpm 
Comment 3 Tomas Mraz 2006-04-05 11:42:45 EDT
It still isn't quite right because you must call the
make as:

instead of exporting the CFLAGS and LDFLAGS first.
And the Makefile should be patched to contain $(LDFLAGS) in all linker commands.
Comment 4 Luke Ross 2006-04-06 08:51:56 EDT
Please try http://lukeross.name/pam_otpw-1.3-3.src.rpm 
Comment 5 Tomas Mraz 2006-04-07 03:22:00 EDT
There's a mistake in the spec file. The pam_otpw.8 manpage is installed as
otpw-gen.8 (also in the %files section).

Also please patch the Makefile to contain $(LDFLAGS) in the linking of otpw-gen.
Comment 6 Luke Ross 2006-04-10 11:43:48 EDT
Updated, http://lukeross.name/pam_otpw-1.3-4.src.rpm 
Comment 7 Tomas Mraz 2006-04-10 14:10:05 EDT
All errors above seem to be corrected.

rpmlint doesn't complain anymore.


You should contact the upstream author to include the GPL License text in a
separate file too so it can be added as %doc file next time.

I'll sponsor you after you create your account and request sponsorship for the
Comment 8 Tomas Mraz 2006-04-19 13:48:37 EDT
Any problems with creating the account?
Comment 9 Tomas Mraz 2006-11-08 13:55:51 EST
No action from reporter.

Note You need to log in before you can comment on or make changes to this bug.