より大きな制限を適用してPAMを再構築してください。

Question

より大きな制限を適用してPAMを再構築してください。

sudo権限を持つ一般ユーザーとしてスクリプトを実行します。

BZR（= Bazaar）を使用したUbuntuスクリプト（実際にはテストされていません！）

以下を使用してvi build_pam_via_ubuntu_and_bzr.shファイルを作成します。chmod +x build_pam_via_ubuntu_and_bzr.sh./build_pam_via_ubuntu_and_bzr.sh

#!/usr/bin/env bash

# Stop when folder exists (please delete manually):
[ -e /opt/bzr/pam/ ] && exit 0

# Update sources:
sudo apt-get update || exit 1

# Install source control:
sudo apt-get install bzr bzr-builddeb -y || exit 1

# Create folder:
sudo mkdir -p /opt/bzr/pam/ || exit 1

# Change owner and group:
sudo chown -R $(id -u):$(id -g) /opt/bzr/pam/  || exit 1

# Enter folder:
cd /opt/bzr/pam/ || exit 1

# Clone PAM repo
bzr branch lp:ubuntu/vivid/pam || exit 1

# Join folder:
cd /opt/bzr/pam/ubuntu/ || exit 1

# Main point: Change BUF_SIZE limit:
sed -i "s/#define BUF_SIZE 1024/#define BUF_SIZE 8192/" modules/pam_env/pam_env.c || exit 1

# Add new version number to debian/changelog:
dch -n "Change environment variable limit from 1024 to 8192." || exit 1

# `bzr builddeb -- -uc -us` will fail with `unmet build dependencies`, install them:
sudo apt-get install libcrack2-dev debhelper quilt flex bison libfl-dev libdb-dev libselinux1-dev po-debconf dh-autoreconf autopoint libaudit-dev pkg-config xsltproc libxml2-utils docbook-xml docbook-xsl w3m -y || exit 1

# Another error lead me to remove fop (maybe not necessary):
###sudo apt-get remove fop || exit 1

# Build packages without signing them (takes ~ 20 minutes):
bzr builddeb -- -uc -us || exit 1

# Install local packages and dependencies with apt-get (possible since Ubuntu 16.04)
# Otherwise (Ubuntu 14.04) use dpkg
sudo apt-get install /opt/bzr/pam/*.deb || sudo dpkg --force-all -i /opt/bzr/pam/*.deb || exit 1

# Now you can have env variables with ~ 8192 chars:
sudo bash -c "echo 'BLUBB123=\"'$(tr -dc 'a-z0-9' < /dev/urandom | head -c8000)'\"' >> /etc/environment" || exit 1

Ubuntu 14.04.5用Gitスクリプト（テスト済み）

以下を使用してvi build_pam_via_trusty_and_git.shファイルを作成します。chmod +x build_pam_via_trusty_and_git.sh./build_pam_via_trusty_and_git.sh

#!/usr/bin/env bash

# Stop when folder exists (please delete manually):
[ -e /opt/git/pam/ ] && exit 0

# Update sources:
sudo apt-get update || exit 1

# Install source control:
sudo apt-get install git git-buildpackage -y || exit 1

# Create folder:
sudo mkdir -p /opt/git/pam/ || exit 1

# Change owner and group:
sudo chown -R $(id -u):$(id -g) /opt/git/pam/  || exit 1

# Enter folder:
cd /opt/git/pam/ || exit 1

# Clone PAM repo
git clone -b ubuntu/trusty-security https://git.launchpad.net/~usd-import-team/ubuntu/+source/pam || exit 1

# Join folder:
cd /opt/git/pam/pam/ || exit 1

# Main point: Change BUF_SIZE limit:
sed -i "s/#define BUF_SIZE 1024/#define BUF_SIZE 8192/" modules/pam_env/pam_env.c || exit 1

# Add new version number to debian/changelog (coming from 1.1.8-1ubuntu2.2):
dch -n "Change environment variable limit from 1024 to 8192." || exit 1

# Add changed files to Git index:
git add /opt/git/pam/pam/modules/pam_env/pam_env.c || exit 1
git add /opt/git/pam/pam/debian/changelog || exit 1

# Commit Git index:
git commit -m "Change environment variable limit from 1024 to 8192." || exit 1

sudo apt-get install libcrack2-dev debhelper quilt flex bison libfl-dev libdb-dev libselinux1-dev po-debconf dh-autoreconf autopoint libaudit-dev pkg-config xsltproc libxml2-utils docbook-xml docbook-xsl w3m -y || exit 1

# Another error lead me to remove fop (maybe not necessary):
###sudo apt-get remove fop || exit 1

# Build packages without signing them (takes ~ 20 minutes):
gbp buildpackage --git-debian-branch="ubuntu/trusty-security" --git-ignore-new --git-upstream-tree="ubuntu/trusty-security" -uc -us || exit 1

# Install local packages:
sudo dpkg --force-all -i /opt/git/pam/*.deb || exit 1

# Now you can have env variables with ~ 8192 chars:
sudo bash -c "echo 'BLUBB123=\"'$(tr -dc 'a-z0-9' < /dev/urandom | head -c8000)'\"' >> /etc/environment" || exit 1

Ubuntu 16.04.4用Gitスクリプト（テスト済み）

以下を使用してvi build_pam_via_xenial_and_git.shファイルを作成します。chmod +x build_pam_via_xenial_and_git.sh./build_pam_via_xenial_and_git.sh

#!/usr/bin/env bash

# Stop when folder exists (please delete manually):
[ -e /opt/git/pam/ ] && exit 0

# Update sources:
sudo apt-get update || exit 1

# Install source control:
sudo apt-get install git git-buildpackage -y || exit 1

# Create folder:
sudo mkdir -p /opt/git/pam/ || exit 1

# Change owner and group:
sudo chown -R $(id -u):$(id -g) /opt/git/pam/  || exit 1

# Enter folder:
cd /opt/git/pam/ || exit 1

# Clone PAM repo
git clone -b ubuntu/xenial https://git.launchpad.net/~usd-import-team/ubuntu/+source/pam || exit 1

# Join folder:
cd /opt/git/pam/pam/ || exit 1

# Main point: Change BUF_SIZE limit:
sed -i "s/#define BUF_SIZE 1024/#define BUF_SIZE 8192/" modules/pam_env/pam_env.c || exit 1

# Add new version number to debian/changelog (coming from 1.1.8-3.2ubuntu2.1):
dch --distribution unstable --package "pam" --newversion "1.1.8-3.2ubuntu2.2" "Change environment variable limit from 1024 to 8192." || exit 1
# dch -n "Change environment variable limit from 1024 to 8192." || exit 1

# Add changed files to Git index:
git add /opt/git/pam/pam/modules/pam_env/pam_env.c || exit 1
git add /opt/git/pam/pam/debian/changelog || exit 1

# Commit Git index:
git commit -m "Change environment variable limit from 1024 to 8192." || exit 1

sudo apt-get install libcrack2-dev debhelper quilt flex bison libfl-dev libdb-dev libselinux1-dev po-debconf dh-autoreconf autopoint libaudit-dev pkg-config xsltproc libxml2-utils docbook-xml docbook-xsl w3m -y || exit 1

# Another error lead me to remove fop (maybe not necessary):
###sudo apt-get remove fop || exit 1

# Build packages without signing them (takes ~ 20 minutes):
gbp buildpackage --git-debian-branch="ubuntu/xenial" --git-ignore-new --git-upstream-tree="ubuntu/xenial" -uc -us || exit 1

# Install local packages and dependencies with apt-get (possible since Ubuntu 16.04):
sudo apt-get install /opt/git/pam/*.deb -y || exit 1

# Now you can have env variables with ~ 8192 chars:
sudo bash -c "echo 'BLUBB123=\"'$(tr -dc 'a-z0-9' < /dev/urandom | head -c8000)'\"' >> /etc/environment" || exit 1

テスト

コンピュータを再起動してください（不要な場合があります）。

sudo reboot

インストールされているバージョン番号を確認してください。

sudo apt install apt-show-versions
sudo apt-show-versions libpam-modules

次のようなものを返します

libpam-modules:amd64 1.1.8-3.2ubuntu2.1 newer than version in archive
libpam-modules:i386 not installed

どちらが正しいですか？

8000文字を含む環境変数BLUBB123を再接続して表示します。

echo $BLUBB123

より大きな制限を適用してPAMを再構築してください。

sudo権限を持つ一般ユーザーとしてスクリプトを実行します。

BZR（= Bazaar）を使用したUbuntuスクリプト（実際にはテストされていません！）

以下を使用してvi build_pam_via_ubuntu_and_bzr.shファイルを作成します。chmod +x build_pam_via_ubuntu_and_bzr.sh./build_pam_via_ubuntu_and_bzr.sh

#!/usr/bin/env bash

# Stop when folder exists (please delete manually):
[ -e /opt/bzr/pam/ ] && exit 0

# Update sources:
sudo apt-get update || exit 1

# Install source control:
sudo apt-get install bzr bzr-builddeb -y || exit 1

# Create folder:
sudo mkdir -p /opt/bzr/pam/ || exit 1

# Change owner and group:
sudo chown -R $(id -u):$(id -g) /opt/bzr/pam/  || exit 1

# Enter folder:
cd /opt/bzr/pam/ || exit 1

# Clone PAM repo
bzr branch lp:ubuntu/vivid/pam || exit 1

# Join folder:
cd /opt/bzr/pam/ubuntu/ || exit 1

# Main point: Change BUF_SIZE limit:
sed -i "s/#define BUF_SIZE 1024/#define BUF_SIZE 8192/" modules/pam_env/pam_env.c || exit 1

# Add new version number to debian/changelog:
dch -n "Change environment variable limit from 1024 to 8192." || exit 1

# `bzr builddeb -- -uc -us` will fail with `unmet build dependencies`, install them:
sudo apt-get install libcrack2-dev debhelper quilt flex bison libfl-dev libdb-dev libselinux1-dev po-debconf dh-autoreconf autopoint libaudit-dev pkg-config xsltproc libxml2-utils docbook-xml docbook-xsl w3m -y || exit 1

# Another error lead me to remove fop (maybe not necessary):
###sudo apt-get remove fop || exit 1

# Build packages without signing them (takes ~ 20 minutes):
bzr builddeb -- -uc -us || exit 1

# Install local packages and dependencies with apt-get (possible since Ubuntu 16.04)
# Otherwise (Ubuntu 14.04) use dpkg
sudo apt-get install /opt/bzr/pam/*.deb || sudo dpkg --force-all -i /opt/bzr/pam/*.deb || exit 1

# Now you can have env variables with ~ 8192 chars:
sudo bash -c "echo 'BLUBB123=\"'$(tr -dc 'a-z0-9' < /dev/urandom | head -c8000)'\"' >> /etc/environment" || exit 1

Ubuntu 14.04.5用Gitスクリプト（テスト済み）

以下を使用してvi build_pam_via_trusty_and_git.shファイルを作成します。chmod +x build_pam_via_trusty_and_git.sh./build_pam_via_trusty_and_git.sh

#!/usr/bin/env bash

# Stop when folder exists (please delete manually):
[ -e /opt/git/pam/ ] && exit 0

# Update sources:
sudo apt-get update || exit 1

# Install source control:
sudo apt-get install git git-buildpackage -y || exit 1

# Create folder:
sudo mkdir -p /opt/git/pam/ || exit 1

# Change owner and group:
sudo chown -R $(id -u):$(id -g) /opt/git/pam/  || exit 1

# Enter folder:
cd /opt/git/pam/ || exit 1

# Clone PAM repo
git clone -b ubuntu/trusty-security https://git.launchpad.net/~usd-import-team/ubuntu/+source/pam || exit 1

# Join folder:
cd /opt/git/pam/pam/ || exit 1

# Main point: Change BUF_SIZE limit:
sed -i "s/#define BUF_SIZE 1024/#define BUF_SIZE 8192/" modules/pam_env/pam_env.c || exit 1

# Add new version number to debian/changelog (coming from 1.1.8-1ubuntu2.2):
dch -n "Change environment variable limit from 1024 to 8192." || exit 1

# Add changed files to Git index:
git add /opt/git/pam/pam/modules/pam_env/pam_env.c || exit 1
git add /opt/git/pam/pam/debian/changelog || exit 1

# Commit Git index:
git commit -m "Change environment variable limit from 1024 to 8192." || exit 1

sudo apt-get install libcrack2-dev debhelper quilt flex bison libfl-dev libdb-dev libselinux1-dev po-debconf dh-autoreconf autopoint libaudit-dev pkg-config xsltproc libxml2-utils docbook-xml docbook-xsl w3m -y || exit 1

# Another error lead me to remove fop (maybe not necessary):
###sudo apt-get remove fop || exit 1

# Build packages without signing them (takes ~ 20 minutes):
gbp buildpackage --git-debian-branch="ubuntu/trusty-security" --git-ignore-new --git-upstream-tree="ubuntu/trusty-security" -uc -us || exit 1

# Install local packages:
sudo dpkg --force-all -i /opt/git/pam/*.deb || exit 1

# Now you can have env variables with ~ 8192 chars:
sudo bash -c "echo 'BLUBB123=\"'$(tr -dc 'a-z0-9' < /dev/urandom | head -c8000)'\"' >> /etc/environment" || exit 1

Ubuntu 16.04.4用Gitスクリプト（テスト済み）

以下を使用してvi build_pam_via_xenial_and_git.shファイルを作成します。chmod +x build_pam_via_xenial_and_git.sh./build_pam_via_xenial_and_git.sh

#!/usr/bin/env bash

# Stop when folder exists (please delete manually):
[ -e /opt/git/pam/ ] && exit 0

# Update sources:
sudo apt-get update || exit 1

# Install source control:
sudo apt-get install git git-buildpackage -y || exit 1

# Create folder:
sudo mkdir -p /opt/git/pam/ || exit 1

# Change owner and group:
sudo chown -R $(id -u):$(id -g) /opt/git/pam/  || exit 1

# Enter folder:
cd /opt/git/pam/ || exit 1

# Clone PAM repo
git clone -b ubuntu/xenial https://git.launchpad.net/~usd-import-team/ubuntu/+source/pam || exit 1

# Join folder:
cd /opt/git/pam/pam/ || exit 1

# Main point: Change BUF_SIZE limit:
sed -i "s/#define BUF_SIZE 1024/#define BUF_SIZE 8192/" modules/pam_env/pam_env.c || exit 1

# Add new version number to debian/changelog (coming from 1.1.8-3.2ubuntu2.1):
dch --distribution unstable --package "pam" --newversion "1.1.8-3.2ubuntu2.2" "Change environment variable limit from 1024 to 8192." || exit 1
# dch -n "Change environment variable limit from 1024 to 8192." || exit 1

# Add changed files to Git index:
git add /opt/git/pam/pam/modules/pam_env/pam_env.c || exit 1
git add /opt/git/pam/pam/debian/changelog || exit 1

# Commit Git index:
git commit -m "Change environment variable limit from 1024 to 8192." || exit 1

sudo apt-get install libcrack2-dev debhelper quilt flex bison libfl-dev libdb-dev libselinux1-dev po-debconf dh-autoreconf autopoint libaudit-dev pkg-config xsltproc libxml2-utils docbook-xml docbook-xsl w3m -y || exit 1

# Another error lead me to remove fop (maybe not necessary):
###sudo apt-get remove fop || exit 1

# Build packages without signing them (takes ~ 20 minutes):
gbp buildpackage --git-debian-branch="ubuntu/xenial" --git-ignore-new --git-upstream-tree="ubuntu/xenial" -uc -us || exit 1

# Install local packages and dependencies with apt-get (possible since Ubuntu 16.04):
sudo apt-get install /opt/git/pam/*.deb -y || exit 1

# Now you can have env variables with ~ 8192 chars:
sudo bash -c "echo 'BLUBB123=\"'$(tr -dc 'a-z0-9' < /dev/urandom | head -c8000)'\"' >> /etc/environment" || exit 1

テスト

コンピュータを再起動してください（不要な場合があります）。

sudo reboot

インストールされているバージョン番号を確認してください。

sudo apt install apt-show-versions
sudo apt-show-versions libpam-modules

次のようなものを返します

libpam-modules:amd64 1.1.8-3.2ubuntu2.1 newer than version in archive
libpam-modules:i386 not installed

どちらが正しいですか？

8000文字を含む環境変数BLUBB123を再接続して表示します。

echo $BLUBB123

より大きな制限を適用してPAMを再構築してください。

ベストアンサー1

より大きな制限を適用してPAMを再構築してください。

BZR（= Bazaar）を使用したUbuntuスクリプト（実際にはテストされていません！）

Ubuntu 14.04.5用Gitスクリプト（テスト済み）

Ubuntu 16.04.4用Gitスクリプト（テスト済み）

テスト

おすすめ記事