Fixing this in noble at this time will require a feature freeze exception, because we would be changing behavior.
The default for user_readenv in pam_env is 0 (off). In the sshd config, ubuntu/debian ship a pam config that sets it to on (1), therefore ~/.pam_environment will be read if it exists.
Upstream has flagged that this feature (of reading user-provided env var files) will be removed in the future, and is thus catching the setting of user_readenv=1 and showing the deprecation notice warning. To get rid of the warning, we have to stop setting user_readenv=1, which will *disable* the feature. Meaning, in noble, if we make this change, ~/.pam_environment (or the file specified by user_envfile) will NOT be read anymore.
Upstream marked this deprecation in version 1.5.0, which means ubuntu Mantic and Noble are affected.
Now is the right time to make this change: mantic had the deprecation notice already, and noble is an LTS.
Fixing this in noble at this time will require a feature freeze exception, because we would be changing behavior.
The default for user_readenv in pam_env is 0 (off). In the sshd config, ubuntu/debian ship a pam config that sets it to on (1), therefore ~/.pam_environment will be read if it exists.
Upstream has flagged that this feature (of reading user-provided env var files) will be removed in the future, and is thus catching the setting of user_readenv=1 and showing the deprecation notice warning. To get rid of the warning, we have to stop setting user_readenv=1, which will *disable* the feature. Meaning, in noble, if we make this change, ~/.pam_environment (or the file specified by user_envfile) will NOT be read anymore.
Upstream marked this deprecation in version 1.5.0, which means ubuntu Mantic and Noble are affected.
Now is the right time to make this change: mantic had the deprecation notice already, and noble is an LTS.