Red Hat Bugzilla – Bug 188014
Review Request: pam_otpw - One time password support for PAM
Last modified: 2007-11-30 17:11:29 EST
Spec Name or Url: pam_otpw.spec
SRPM Name or Url: http://lukeross.name/pam_otpw-1.3-1.src.rpm
The pam_otpw package consists of the one-time-password generator otpw-gen
plus a PAM module that provides auth and session stages. Login software
extended this way will allow reasonably secure user authentication over
insecure network lines. The user carries a password list on paper. The
scheme is designed to be robust against theft of the paper list and
race-for-the-last-letter attacks. Cryptographic hash values of the
one-time passwords are stored for verification in the user's home
This is a follow-on from bugzilla #188002. This is my first Extras package,
so needs sponsoring.
rpmlint complaints on the srpm:
W: pam_otpw strange-permission otpw-1.3.tar.gz 0600
W: pam_otpw strange-permission pam_otpw.spec 0600
W: pam_otpw buildprereq-use pam-devel
(Use 644 perms and BuildRequires)
rpmlint complaints on the built rpm:
W: pam_otpw unstripped-binary-or-object /lib/security/pam_otpw.so
E: pam_otpw library-not-linked-against-libc /lib/security/pam_otpw.so
The Makefile must be patched so it calls gcc as a linker for the pam_otpw.so
Also the CFLAGS="$RPM_OPT_FLAGS" and LDFLAGS="$RPM_OPT_FLAGS" should be added to
the spec when calling make.
Updated, please try http://lukeross.name/pam_otpw-1.3-2.src.rpm
It still isn't quite right because you must call the
make CFLAGS="$RPM_OPT_FLAGS" LDFLAGS="$RPM_OPT_FLAGS"
instead of exporting the CFLAGS and LDFLAGS first.
And the Makefile should be patched to contain $(LDFLAGS) in all linker commands.
Please try http://lukeross.name/pam_otpw-1.3-3.src.rpm
There's a mistake in the spec file. The pam_otpw.8 manpage is installed as
otpw-gen.8 (also in the %files section).
Also please patch the Makefile to contain $(LDFLAGS) in the linking of otpw-gen.
All errors above seem to be corrected.
rpmlint doesn't complain anymore.
You should contact the upstream author to include the GPL License text in a
separate file too so it can be added as %doc file next time.
I'll sponsor you after you create your account and request sponsorship for the
Any problems with creating the account?
No action from reporter.