From bb527673fb384b8a1130db808be8eeb694f12e1d Mon Sep 17 00:00:00 2001
From: Sunil Mohan Adapa <sunil@medhas.org>
Date: Thu, 15 Dec 2022 15:46:37 -0800
Subject: [PATCH] d/control: Don't recommend libpam-tmpdir

- Use of libpam-tmpdir leads to problems installing MariaDB[1][2][3]. A fix for
the serious issues may not be available for next stable release.

- Services run by systemd don't benefit from libpam-tmpdir[4]. So it's effect is
limited to PAM sessions opened with a terminal. Terminal access is mostly for
debugging in FreedomBox and not a primary use case.

- Services are (or will be) protected with PrivateTmp=yes in case of services
running on FreedomBox. This is better protection compared to what libpam-tmpdir
offers.

Links:

1) https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022994

2) https://jira.mariadb.org/browse/MDEV-29910

3) https://salsa.debian.org/mariadb-team/mariadb-server/-/merge_requests/23

4) https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022994#32

Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
---
 debian/control | 2 --
 1 file changed, 2 deletions(-)

diff --git a/debian/control b/debian/control
index 4a8c95d6e..86f43c6ce 100644
--- a/debian/control
+++ b/debian/control
@@ -156,8 +156,6 @@ Recommends:
  libnss-mdns,
 # Resolve current hostname without /etc/hosts
  libnss-myhostname,
-# Tighter $TMPDIR permissions
- libpam-tmpdir,
 # Block repeated failed PAM login attempts
  libpam-abl,
 # Priority: standard