pam_motd: assume update-motd responsibilities

Marking as affecting update-motd, as update-motd will be obsoleted and removed once pam has this functionality.

:-Dustin

PAM patch attached.

I've tested that this patch a fair amount, and can confirm that it does the right thing. I'm hoping Steve will take a better look at it, and perhaps get this upstream as well?

:-Dustin

Triaging this bug against the packages who's debian/control dependencies against update-motd will need to be adjusted once pam_motd has this functionality.

They should continue installing scripts into /etc/update-motd.d, but the dependency can be removed.

:-Dustin

Also affects base-files, which should install a motd header at /etc/update-motd.d/00-header, such that the /var/run/motd generated by run-parts gets the header appropriately.

:-Dustin

This bug was fixed in the package base-files - 5.0.0ubuntu6

---------------
base-files (5.0.0ubuntu6) karmic; urgency=low

  * etc/00-header, debian/directory-list, debian/rules: pam_motd will
    now dynamically build a MOTD by running all scripts in
    /etc/update-motd.d and concatenating the output; seed that MOTD
    with the standard header, LP: #399071

 -- Dustin Kirkland <email address hidden> Mon, 13 Jul 2009 21:30:55 -0500

Splitting this into two patches to pam, one for the update-motd implementation and the other for legal. The first will go straight to the Debian package, the second is currently Ubuntu-specific.

I've also tweaked the first patch slightly, to avoid clobbering /var/run/motd if the run-parts dir is absent or the run-parts call fails; revised patch attached.

This bug was fixed in the package pam - 1.0.1-9ubuntu2

---------------
pam (1.0.1-9ubuntu2) karmic; urgency=low

  [ Dustin Kirkland ]
  * debian/patches/update-motd: run the update-motd scripts in pam_motd;
    render update-motd obsolete, LP: #399071
  * debian/patches-applied/pam_motd-legal-notice: display the contents of
    /etc/legal once, then set a flag in the user's homedir to prevent showing
    it again.

 -- Steve Langasek <email address hidden> Wed, 15 Jul 2009 20:41:52 -0700

Hi mvo-

I committed the following change to the update-notifier bzr branch:

diff -Nru update-notifier-0.86/debian/control update-notifier-0.87/debian/control
--- update-notifier-0.86/debian/control 2009-07-14 09:51:37.000000000 -0500
+++ update-notifier-0.87/debian/control 2009-07-16 14:52:34.000000000 -0500
@@ -21,7 +21,7 @@
 Replaces: update-notifier (<< 0.75.1)
 Architecture: all
 Depends: ${shlibs:Depends}, ${misc:Depends}, python-apt (>= 0.6.12)
-Recommends: update-motd (>= 1.9)
+Recommends: libpam-modules (>= 1.0.1-9ubuntu3)
 Description: Files shared between update-notifier and adept
  Apt setup files and reboot notification scripts shared between
  update-notifier and adept-notifier.

However, when I bzr-buildpackage -S, I get a lot of automake/autobuild cruft in the debdiff. I'm a little afraid of uploading this as is. Please take a look and release when you get a chance.

:-Dustin

This bug was fixed in the package update-notifier - 0.87

---------------
update-notifier (0.87) karmic; urgency=low

  [ Dustin Kirkland ]
  * debian/control: recommend libpam-modules rather than update-motd,
    LP: #399071

 -- Dustin Kirkland <email address hidden> Thu, 16 Jul 2009 17:18:45 -0500

This bug was fixed in the package update-motd - 3.3-0ubuntu1

---------------
update-motd (3.3-0ubuntu1) karmic; urgency=low

  [ Dustin Kirkland ]
  * control, dirs, install, rules: this package is now just a placeholder,
    depending on libpam-modules which provides pam_motd; empty out the
    installed contents of this package; leaving the sources in bzr for
    historical purposes (ah, memories); LP: #399071, #400131

  [ Loïc Minier ]
  * Call dh_installchangelogs to install debian/changelog in /usr/share/doc.
  * Drop references to build-stamp, configure-stamp and the configure target
    ase these aren't used.
  * Call dh_* with -i in binary-indep.
  * Strip boilerplate from rules.
  * Drop useless dirs from debian/dirs.
  * Drop unused/bogus po-debconf from build-deps.
  * Use debian/manpages instead of args to dh_installman for consistency.

 -- Dustin Kirkland <email address hidden> Thu, 16 Jul 2009 17:33:44 -0500

mvo-

Nevermind, figured it out. Error on my part. It's clean, and uploaded. Cheers,

:-Dustin

Also take note that in jaunty, update-motd is disabled by laptop-mode when going into battery mode (it stops anacron and cron). This behaviour should be supported if possible to avoid unnecessary hdd spinups on logins (because of resources required to run update-motd).

With update-motd, it was obvious and easy to stop it changing /var/run/motd. How do you do that with pam_motd? I don't wish to have the system change my motd.

Comment pam_motd out of:
/etc/pam.d/login:session optional pam_motd.so
/etc/pam.d/sshd:session optional pam_motd.so # [1]

Shouldn't pam_motd be included in common-account instead of just login?
My /etc/motd is not created when I start gnome / gdm.

On Fri, Nov 20, 2009 at 10:34:40PM -0000, Mike.lifeguard wrote:
> With update-motd, it was obvious and easy to stop it changing
> /var/run/motd. How do you do that with pam_motd? I don't wish to have
> the system change my motd.

If you don't want the system changing your motd, then it should be enough to
remove the /etc/motd symlink to /var/run/motd and maintain /etc/motd as a
static file.

That won't stop the scripts in /etc/update-motd.d from running; if you wish,
you can remove these files to eliminate the overhead of generating the
/var/run/motd you aren't using.

--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
Ubuntu Developer http://www.debian.org/
<email address hidden> <email address hidden>

On Mon, Apr 12, 2010 at 06:38:10AM -0000, Savvas Radevic wrote:
> Shouldn't pam_motd be included in common-account instead of just login?
> My /etc/motd is not created when I start gnome / gdm.

Why do you need it to be? GNOME doesn't display the motd on login.

--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
Ubuntu Developer http://www.debian.org/
<email address hidden> <email address hidden>

Sorry, I forgot I customized the file ~/.bashrc [ cat /etc/motd ] in order to display the motd in gnome-terminal :)
I expected that /etc/motd would be automatically generated as it did before with update-motd.
Cheers!

Hello,

upgrading from lucid to maverik (server edition), for some reason, the package update-notifier-common was removed.
As main effect I have pam_motd to not refresh the /var/run/motd file.

Looking into the code (mainly the Steve's patch revision) I found the problem.
As Steve said: "I've also tweaked the first patch slightly, to avoid clobbering /var/run/motd if [...] the run-parts call fails;"
This is useful, but in my case, I have had a "dirty" update-motd.d directory, with some scripts exiting with error (ie: "run-parts: /etc/update-motd.d/20-cpu-checker exited with return code 2").
The system() call returns the error and the file /var/run/motd.new was never renamed into /var/run/motd.

Consider that even if some scripts of the update-mod.d chain fail, the file /var/run/motd.new is created and written to disk with the only output of the working scripts.

I have attached a patch that should solve this problem (at least I think it is a problem :) ).
The rename() call is not blocked by the system() call and moreover if run-parts exits with error (system()!=0) pam_syslog is used to log it and help sysadmins to find rapidly the problem.
If run-parts fails totally and /var/run/motd.new is not created, the rename() call returns the error (but we are not interested in it).

I hope to be useful.
Yusef

Hi Yusef,

Thanks for the information and patch. It would *really* be best if
you filed a brand new bug on this, as it looks like a new issue, and
not the same one as in this bug.

Thanks,
Dustin

Hi Dustin,

I'm sorry for having written in the wrong place.
I have filed the bug right now (#661654)

Thanks,
Yusef