[ Steve Langasek ] * debian/patches/pam_motd-legal-notice: use pam_modutil_gain/drop_priv common helper functions, instead of hand-rolled uid-setting code.
[ Martin Pitt ] * debian/local/common-session{,-noninteractive}: Enable pam_umask by default, now that the umask setting is gone from /etc/profile. (LP: #253096, UbuntuSpec:umask-to-0002) * debian/local/pam-auth-update: Add the new md5sum of above files. * Add debian/patches-applied/pam_umask_usergroups_from_login.defs.patch: Deprecate pam_unix' explicit "usergroups" option and instead read it from /etc/login.def's "USERGROUP_ENAB" option if umask is only defined there. This restores compatibility with the pre-PAM behaviour of login. (Closes: #583958)