188014 – Review Request: pam_otpw - One time password support for PAM

Bug 188014 - Review Request: pam_otpw - One time password support for PAM

Summary: Review Request: pam_otpw - One time password support for PAM

Keywords:
Status:	CLOSED NOTABUG
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	Package Review
Sub Component:
Version:	rawhide
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Tomas Mraz
QA Contact:	Fedora Package Reviews List
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	FE-DEADREVIEW
TreeView+	depends on / blocked

Reported:	2006-04-05 12:22 UTC by Luke Ross
Modified:	2007-11-30 22:11 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2006-11-08 18:55:51 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Luke Ross 2006-04-05 12:22:51 UTC

Spec Name or Url: pam_otpw.spec
SRPM Name or Url: http://lukeross.name/pam_otpw-1.3-1.src.rpm
Description: 

The pam_otpw package consists of the one-time-password generator otpw-gen
plus a PAM module that provides auth and session stages. Login software
extended this way will allow reasonably secure user authentication over
insecure network lines. The user carries a password list on paper. The
scheme is designed to be robust against theft of the paper list and
race-for-the-last-letter attacks. Cryptographic hash values of the
one-time passwords are stored for verification in the user's home
directory.

This is a follow-on from bugzilla #188002. This is my first Extras package,
so needs sponsoring.

Comment 1 Tomas Mraz 2006-04-05 14:25:58 UTC

rpmlint complaints on the srpm:
W: pam_otpw strange-permission otpw-1.3.tar.gz 0600
W: pam_otpw strange-permission pam_otpw.spec 0600
W: pam_otpw buildprereq-use pam-devel

(Use 644 perms and BuildRequires)

rpmlint complaints on the built rpm:
W: pam_otpw unstripped-binary-or-object /lib/security/pam_otpw.so
E: pam_otpw library-not-linked-against-libc /lib/security/pam_otpw.so

The Makefile must be patched so it calls gcc as a linker for the pam_otpw.so

Also the CFLAGS="$RPM_OPT_FLAGS" and LDFLAGS="$RPM_OPT_FLAGS" should be added to
the spec when calling make.

Comment 2 Luke Ross 2006-04-05 15:14:37 UTC

Updated, please try http://lukeross.name/pam_otpw-1.3-2.src.rpm

Comment 3 Tomas Mraz 2006-04-05 15:42:45 UTC

It still isn't quite right because you must call the
make as:
make CFLAGS="$RPM_OPT_FLAGS" LDFLAGS="$RPM_OPT_FLAGS"

instead of exporting the CFLAGS and LDFLAGS first.
And the Makefile should be patched to contain $(LDFLAGS) in all linker commands.

Comment 4 Luke Ross 2006-04-06 12:51:56 UTC

Please try http://lukeross.name/pam_otpw-1.3-3.src.rpm 
 
Thanks.

Comment 5 Tomas Mraz 2006-04-07 07:22:00 UTC

There's a mistake in the spec file. The pam_otpw.8 manpage is installed as
otpw-gen.8 (also in the %files section).

Also please patch the Makefile to contain $(LDFLAGS) in the linking of otpw-gen.

Comment 6 Luke Ross 2006-04-10 15:43:48 UTC

Updated, http://lukeross.name/pam_otpw-1.3-4.src.rpm 
 
Thanks.

Comment 7 Tomas Mraz 2006-04-10 18:10:05 UTC

All errors above seem to be corrected.

rpmlint doesn't complain anymore.

APPROVED

You should contact the upstream author to include the GPL License text in a
separate file too so it can be added as %doc file next time.

I'll sponsor you after you create your account and request sponsorship for the
FE CVS.

Comment 8 Tomas Mraz 2006-04-19 17:48:37 UTC

Any problems with creating the account?

Comment 9 Tomas Mraz 2006-11-08 18:55:51 UTC

No action from reporter.

Note You need to log in before you can comment on or make changes to this bug.