* Merge from Debian unstable, remaining changes: - debian/libpam-modules.postinst: Add PATH to /etc/environment if it's not present there or in /etc/security/pam_env.conf. (should send to Debian). - debian/libpam0g.postinst: only ask questions during update-manager when there are non-default services running. - Change Vcs-Bzr to point at the Ubuntu branch. - debian/patches-applied/series: Ubuntu patches are as below ... - debian/patches-applied/ubuntu-rlimit_nice_correction: Explicitly initialise RLIMIT_NICE rather than relying on the kernel limits. - debian/patches-applied/027_pam_limits_better_init_allow_explicit_root: bump the hard limit for number of file descriptors, to keep pace with the changes in the kernel. - debian/patches-applied/pam_motd-legal-notice: display the contents of /etc/legal once, then set a flag in the user's homedir to prevent showing it again. - debian/update-motd.5, debian/libpam-modules.manpages: add a manpage for update-motd, with some best practices and notes of explanation. - debian/patches/update-motd-manpage-ref: add a reference in pam_motd(8) to update-motd(5) - debian/libpam0g.postinst: drop kdm from the list of services to restart. - debian/libpam0g.postinst: check if gdm is actually running before trying to reload it. - New patch, lib_security_multiarch_compat, which lets us reuse the upstream --enable-isadir functionality to support a true path for module lookups; this way we don't have to force a hard transition to multiarch, but can support resolving modules in both the multiarch and non-multiarch directories. - build for multiarch, splitting our executables out of libpam-modules into a new package, libpam-modules-bin, so that modules can be co-installable between architectures. * Dropped changes: - bumping the service restart version in libpam0g.postinst to ensure servers don't fail to find the pam modules in the new paths; the min version requirement upstream is higher than this now.