Tomas Mraz
4baf0f6949
- upgrade to new upstream release fixing CVE-2010-3316 CVE-2010-3435
...
CVE-2010-3853
- try to connect to an abstract X-socket first to verify we are
at real console (#647191 )
2010-11-01 23:42:26 +01:00
Jesse Keating
9a28cb58ea
- Rebuilt for gcc bug 634757
2010-09-29 14:57:32 -07:00
Tomas Mraz
acc35880d3
- do not build some auxiliary tools that are not installed that require
...
flex-static to build
2010-09-20 12:16:26 +02:00
Tomas Mraz
ca3ead6784
- add pam_faillock module implementing temporary account lock out based
...
on authentication failures during a specified interval
- upgrade to new upstream release
2010-09-17 17:37:07 +02:00
Tomáš Mráz
4b7a0b2c99
- do not overwrite tallylog with empty file on upgrade
2010-07-15 13:24:33 +00:00
Tomáš Mráz
e3430d85d2
- change the default password hash to sha512
2010-02-15 17:25:28 +00:00
Tomáš Mráz
3f424c65d3
- fix wrong prompt when pam_get_authtok is used for new password
2010-01-22 17:49:54 +00:00
Tomáš Mráz
68bf40d031
- fix build with disabled audit and SELinux ( #556211 , #556212 )
2010-01-18 09:09:31 +00:00
Tomáš Mráz
1802942b8d
- new upstream version with minor changes
2009-12-17 14:29:39 +00:00
Tomáš Mráz
430b952f8e
- pam_console: fix memory corruption when executing handlers (patch by Stas
...
Sergeev) and a few more fixes in the handler execution code (#532302 )
2009-11-02 07:56:12 +00:00
Tomáš Mráz
0e45b7f2c2
- pam_xauth: set the approprate context when creating .xauth files
...
(#531530 )
2009-10-29 15:32:22 +00:00
Tomáš Mráz
4774498127
- do not change permissions with pam_console_apply
...
- drop obsolete pam_tally module and the faillog file (#461258 )
2009-09-01 16:03:13 +00:00
Tomáš Mráz
6572482d29
- leftover comment and license tag
2009-08-26 18:43:27 +00:00
Tomáš Mráz
155e7e9f93
- rebuild with new libaudit
2009-08-19 19:06:40 +00:00
Tomáš Mráz
e307a99b74
- fix source URLs
2009-08-11 11:50:50 +00:00
Tomáš Mráz
8d3cbe5e32
- fix for pam_cracklib from upstream
2009-07-27 15:23:22 +00:00
Jesse Keating
8f8af7e93e
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
2009-07-25 23:08:11 +00:00
Tomáš Mráz
47e2c2f3d9
- update to new upstream version
2009-06-24 07:09:21 +00:00
Tomáš Mráz
da8b25143b
- update to new upstream version
2009-05-13 10:59:18 +00:00
Tomáš Mráz
4b9fc2208b
- add password-auth, fingerprint-auth, and smartcard-auth for applications
...
which can use them namely gdm (#494874 ) patch by Ray Strode
2009-04-10 16:06:24 +00:00
Tomáš Mráz
02fa35ccd2
- bump release
2009-03-26 11:26:22 +00:00
Tomáš Mráz
f3a8a94868
- replace also other std descriptors ( #491471 )
2009-03-26 11:17:16 +00:00
Tomáš Mráz
837a5499fa
- replace also other std descriptors ( #491471 )
2009-03-26 09:28:14 +00:00
Tomáš Mráz
1343a8ed17
- we must replace the stdin when execing the helper ( #490644 )
2009-03-17 14:13:16 +00:00
Tomáš Mráz
a78e55c069
- do not close stdout/err when execing the helpers ( #488147 )
2009-03-16 13:47:00 +00:00
Tomáš Mráz
2c482b26a1
- the buildrequires on glibc will make it install a conflicting version
2009-03-09 20:58:38 +00:00
Tomáš Mráz
3ecbdb09e8
- upgrade to new upstream release
2009-03-09 16:14:30 +00:00
Tomáš Mráz
5b6ef5fcbd
- fix parsing of config files containing non-ASCII characters
...
- fix CVE-2009-0579 (mininimum days for password change ignored) (#487216 )
- pam_access: improve handling of hostname resolution
2009-02-27 12:52:52 +00:00
Jesse Keating
32a45d5cc0
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
2009-02-26 09:28:43 +00:00
Tomáš Mráz
64be9b675a
- add helper to pam_mkhomedir for proper SELinux confinement ( #476784 )
2009-01-19 09:18:56 +00:00
Tomáš Mráz
d4ff57cf6f
- upgrade to new upstream release
...
- add --disable-prelude (#466242 )
2008-12-16 15:17:16 +00:00
Tomáš Mráz
e30408c5d9
- new password quality checks in pam_cracklib
...
- report failed logins from btmp in pam_lastlog
- allow larger groups in modutil functions
- fix leaked file descriptor in pam_tally
2008-09-23 14:06:48 +00:00
Tomáš Mráz
8955a466b5
- pam_loginuid: uids are unsigned ( #460241 )
...
- new minor upstream release
- use external db4
- drop tests for not pulling in libpthread (as NPTL should be safe)
2008-09-08 11:01:44 +00:00
Tomáš Mráz
7d29dd0246
- update internal db4
2008-07-09 12:27:35 +00:00
Tomáš Mráz
a37d2c7046
- pam_namespace: allow safe creation of directories owned by user ( #437116 )
...
- pam_unix: fix multiple error prompts on password change (#443872 )
2008-05-21 08:08:39 +00:00
Tomáš Mráz
3be955e71c
- fix build with new autoconf
2008-05-20 13:31:17 +00:00
Tomáš Mráz
afb096a17d
- pam_selinux: add env_params option which will be used by OpenSSH
2008-05-19 16:55:13 +00:00
Tomáš Mráz
be4deb2d92
- pam_selinux: restore execcon properly ( #443667 )
2008-04-22 19:48:10 +00:00
Tomáš Mráz
65a47ccbca
- upgrade to new upstream release (one bugfix only)
...
- fix pam_sepermit use in screensavers
2008-04-18 08:43:42 +00:00
Tomáš Mráz
2613b27a52
- fix regression in pam_set_item
2008-04-07 09:45:21 +00:00
Tomáš Mráz
1fa0a9e893
- upgrade to new upstream release (bugfix only)
2008-04-04 16:00:50 +00:00
Tomáš Mráz
6aa700f64a
- pam_namespace: fix problem with level polyinst ( #438264 )
...
- pam_namespace: improve override checking for umount
- pam_selinux: fix syslogging a context after free() (#438338 )
2008-03-20 16:50:13 +00:00
Tomáš Mráz
1ba40631bf
- update pam-redhat module tarball
...
- update internal db4
2008-02-28 22:44:06 +00:00
Tomáš Mráz
8938fa9767
- if shadow is readable for an user do not prevent him from authenticating
...
any user with unix_chkpwd (#433459 )
- call audit from unix_chkpwd when appropriate
2008-02-22 15:49:55 +00:00
Tomáš Mráz
0533865ad8
- new upstream release
...
- add default soft limit for nproc of 1024 to prevent accidental fork bombs
(#432903 )
2008-02-15 17:27:28 +00:00
Tomáš Mráz
717cfde74b
- allow the package to build without SELinux and audit support ( #431415 )
...
- macro usage cleanup
2008-02-04 13:06:18 +00:00
Tomáš Mráz
b6b1e29706
- test for setkeycreatecon correctly
...
- add exclusive login mode of operation to pam_selinux_permit (original
patch by Dan Walsh)
2008-01-28 17:59:35 +00:00
Tomáš Mráz
de90b38383
- libpam.so is in libdir
2008-01-23 07:43:33 +00:00
Tomáš Mráz
2badd4f116
- add auditing to pam_access, pam_limits, and pam_time
...
- moved sanity testing code to check script
2008-01-22 21:52:13 +00:00
Tomáš Mráz
392622e8de
- merge review fixes ( #226228 )
2008-01-14 12:49:56 +00:00
Tomáš Mráz
c5d3ee3a3f
- support for sha256 and sha512 password hashes
...
- account expiry checks moved to unix_chkpwd helper
2008-01-08 18:56:11 +00:00
Tomáš Mráz
b99939ffb4
- wildcard match support in pam_tty_audit (by Miloslav Trmač)
2008-01-02 10:42:27 +00:00
Tomáš Mráz
a36aa37b04
- add pam_tty_audit module ( #244352 ) - written by Miloslav Trmač
2007-11-29 13:20:28 +00:00
Tomáš Mráz
9ae80944c1
- add substack support
2007-11-07 11:41:49 +00:00
Tomáš Mráz
991484aaf4
- apply db4 patch correctly
2007-09-25 20:26:29 +00:00
Tomáš Mráz
00939f1c06
- update db4 to 4.6.19 ( #274661 )
2007-09-25 20:15:45 +00:00
Tomáš Mráz
36d9a1c73d
- do not preserve contexts when copying skel and other namespace.init fixes
...
(#298941 )
- do not free memory sent to putenv (#231698 )
2007-09-21 14:08:14 +00:00
Tomáš Mráz
43c3a5a46e
- add pam_selinux_permit module
...
- pam_succeed_if: fix in operator (#295151 )
2007-09-19 18:11:42 +00:00
Tomáš Mráz
ac8e934c7b
- when SELinux enabled always run the helper binary instead of direct
...
shadow access (#293181 )
2007-09-18 20:23:57 +00:00
Tomáš Mráz
9e1a698edf
- do not ask for blank password when SELinux confined ( #254044 )
...
- initialize homedirs in namespace init script (original patch by dwalsh)
2007-08-24 13:15:01 +00:00
Tomáš Mráz
a47d5ca5e4
- multifunction scanner device support ( #251468 )
2007-08-22 19:30:39 +00:00
Tomáš Mráz
73ea19b4f7
- most devices are now handled by HAL and not pam_console (patch by davidz)
...
- license tag fix
2007-08-22 18:03:12 +00:00
Tomáš Mráz
81e34ba414
- fix auth regression when uid != 0 from previous build ( #251804 )
2007-08-13 09:05:04 +00:00
Tomáš Mráz
ecf62ebc17
- make db4 build with new glibc
2007-08-06 14:57:26 +00:00
Tomáš Mráz
8fa0463a67
- updated db4 to 4.6.18 ( #249740 )
...
- added user and new instance parameters to namespace init
- document the new features of pam_namespace
- do not log an audit error when uid != 0 (#249870 )
2007-08-06 12:31:50 +00:00
Jeremy Katz
f6d27e9e3a
- rebuild for toolchain bug
2007-07-25 17:52:58 +00:00
Tomáš Mráz
3f1e71cada
- drop the merged patches
2007-07-23 19:07:42 +00:00
Tomáš Mráz
6c6453458a
- upgrade to latest upstream version
...
- add some firewire devices to default console perms (#240770 )
2007-07-23 18:46:31 +00:00
Tomáš Mráz
09b44afcb6
- pam_namespace: better document behavior on failure ( #237249 )
...
- pam_unix: split out passwd change to a new helper binary (#236316 )
- pam_namespace: add support for temporary logons (#241226 )
2007-06-04 14:22:15 +00:00
Tomáš Mráz
33d3c087e3
- pam_selinux: improve context change auditing ( #234781 )
...
- pam_namespace: fix parsing config file with unknown users (#234513 )
2007-04-13 16:14:38 +00:00
Tomáš Mráz
a28e30cbc4
- pam_console: always decrement use count ( #230823 )
...
- pam_namespace: use raw context for poly dir name (#227345 )
- pam_namespace: truncate long poly dir name (append hash) (#230120 )
- we don't patch any po files anymore
2007-03-23 11:02:35 +00:00
Tomáš Mráz
71ab958a92
- correctly relabel tty in the default case ( #229542 )
...
- pam_unix: cleanup of bigcrypt support
- pam_unix: allow modification of '*' passwords to root
2007-02-21 20:32:28 +00:00
Tomáš Mráz
504a3315ce
- more X displays as consoles ( #227462 )
2007-02-06 15:58:27 +00:00
Tomáš Mráz
bbd6bf031f
- upgrade to new upstream version resolving CVE-2007-0003
...
- pam_namespace: unmount poly dir for override users
2007-01-24 12:14:29 +00:00
Tomáš Mráz
d1daca3136
- add back min salt length requirement which was erroneously removed
...
upstream
2007-01-22 13:11:10 +00:00
Tomáš Mráz
0b9c1bae67
- upgrade to new upstream version
...
- drop pam_stack module as it is obsolete
- some changes to silence rpmlint
2007-01-19 17:42:21 +00:00
Tomáš Mráz
8a453fc0be
- properly include /var/log/faillog and tallylog as ghosts and create them
...
in post script (#209646 )
- update gmo files as we patch some po files (#218271 )
- add use_current_range option to pam_selinux (#220487 )
- improve the role selection in pam_selinux
- remove shortcut on Password: in ja locale (#218271 )
- revert to old euid and not ruid when setting euid in pam_keyinit
(#219486 )
- rename selinux-namespace patch to namespace-level
2007-01-16 20:14:28 +00:00
Daniel J Walsh
7ce306a7c7
- Fix selection of role
2007-01-03 19:18:27 +00:00
Tomáš Mráz
03d7f35c89
- autoreconf won't work with autoconf-2.61 as configure.in is not yet
...
adjusted for it
2006-11-30 13:00:48 +00:00
Tomáš Mráz
19a8f79ca1
- add select-context option to pam_selinux ( #213812 )
2006-11-30 09:40:03 +00:00
Tomáš Mráz
d589c9bdaf
- we don't need this yet
2006-11-13 21:15:30 +00:00
Tomáš Mráz
4f2fe36b29
- update internal db4 to 4.5.20 version
...
- move setgid before setuid in pam_keyinit (#212329 )
- make username check in pam_unix consistent with useradd (#212153 )
2006-11-13 21:05:40 +00:00
Tomáš Mráz
ab60a42b72
- add pam_namespace option no_unmount_on_close, required for newrole
2006-09-28 13:11:14 +00:00
Tomáš Mráz
355576d558
- silence pam_succeed_if in default system-auth ( #205067 )
...
- round the pam_timestamp_check sleep up to wake up at the start of the
wallclock second (#205068 )
2006-09-04 14:31:09 +00:00
Tomáš Mráz
10ddab4186
- upgrade to new upstream version, as there are mostly bugfixes except
...
improved documentation
- add support for session and password service for pam_access and
pam_succeed_if
- system-auth: skip session pam_unix for crond service
2006-08-31 20:51:59 +00:00
Daniel J Walsh
e3f2d52037
- Add new setkeycreatecon call to pam_selinux to make sure keyring has
...
correct context
2006-08-10 20:26:54 +00:00
Tomáš Mráz
685a1895f3
- revoke keyrings properly when pam_keyinit called as root ( #201048 )
...
- pam_succeed_if should return PAM_USER_UNKNOWN when getpwnam fails
(#197748 )
2006-08-10 13:34:26 +00:00
Tomáš Mráz
0b27f99e23
- revoke keyrings properly when pam_keyinit called more than once ( #201048 )
...
patch by David Howells
2006-08-02 18:08:23 +00:00
Tomáš Mráz
3e0c7af627
- don't log pam_keyinit debug messages by default ( #199783 )
2006-07-21 22:36:15 +00:00
Tomáš Mráz
f81d37360c
- drop ainit from console.handlers ( #199561 )
2006-07-21 14:26:46 +00:00
Tomáš Mráz
2851cbe631
- drop ainit from console.handlers ( #199561 )
2006-07-21 14:22:56 +00:00
Tomáš Mráz
fce253b7c0
- don't report error in pam_selinux for nonexistent tty ( #188722 )
...
- add pam_keyinit to the default system-auth file (#198623 )
2006-07-17 11:03:29 +00:00
Jesse Keating
d649923c46
bumped for rebuild
2006-07-12 07:37:04 +00:00
Tomáš Mráz
95ebf27f94
- the patch should be applied with -p0
2006-07-03 13:19:35 +00:00
Tomáš Mráz
e019bcd126
- fixed network match in pam_access (patch by Dan Yefimov)
2006-07-03 12:45:13 +00:00
Tomáš Mráz
4fea4c98d9
- namespace.init was missing from EXTRA_DIST
2006-06-30 10:06:09 +00:00
Tomáš Mráz
00eddc0974
- updated to a new upstream release
...
- added service as value to be matched and list matching to pam_succeed_if
2006-06-30 09:20:33 +00:00
Tomáš Mráz
85a854521e
- a typo
2006-06-08 21:18:21 +00:00
Tomáš Mráz
da4d7fa8c5
- added buildrequires libtool
...
- fixed a few rpmlint warnings
2006-06-08 18:44:01 +00:00
Tomáš Mráz
7dffd3fb2d
- updated pam_namespace with latest patch by Janak Desai
...
- merged pam_namespace patches
2006-06-08 14:27:54 +00:00
Tomáš Mráz
e99dd3962b
- actually don't link to libssl as it is not used ( #191915 )
2006-05-24 09:05:18 +00:00
Tomáš Mráz
fa8c14fa63
- use md5 implementation from pam_unix in pam_namespace
...
- pam_namespace should call setexeccon only when selinux is enabled
2006-05-18 15:50:01 +00:00
Tomáš Mráz
63f5c77f8b
- don't build hmactest in pam_timestamp so openssl-devel is not required
...
- add missing buildrequires (#191915 )
2006-05-16 17:06:29 +00:00
Tomáš Mráz
0730695ea0
- pam_console_apply shouldn't access /var when called with -r ( #191401 )
...
- actually apply the large-uid patch
2006-05-16 16:12:18 +00:00
Tomáš Mráz
fda1b40256
- new module pam_exec
2006-05-10 14:43:55 +00:00
Tomáš Mráz
fbfca3562b
- upgrade to new upstream version
...
- make pam_console_apply not dependent on glib
- support large uids in pam_tally, pam_tally2
2006-05-10 14:16:34 +00:00
Tomáš Mráz
5002e23046
- add namespace.init to %files
2006-05-04 11:53:08 +00:00
Tomáš Mráz
94d78f5a6d
- the namespace instance init script is now in /etc/security ( #190148 )
...
- pam_namespace: added missing braces (#190026 )
- pam_tally(2): never call fclose twice on the same FILE (from upstream)
2006-05-04 11:51:03 +00:00
Tomáš Mráz
4f1df63a4d
- fixed console device class for irda ( #189966 )
...
- make pam_console_apply fail gracefully when a class is missing
2006-04-26 11:56:48 +00:00
Tomáš Mráz
54e490e814
- added pam_namespace module written by Janak Desai (per-user /tmp support)
...
- new pam-redhat modules version
2006-04-25 14:53:39 +00:00
Tomáš Mráz
48968f9a9f
- added try_first_pass option to pam_cracklib
...
- use try_first_pass for pam_unix and pam_cracklib in system-auth (#182350 )
2006-02-24 10:46:47 +00:00
Jesse Keating
222bbd42b7
bump for bug in double-long on ppc(64)
2006-02-11 04:55:08 +00:00
Jesse Keating
65811c5fcf
bump for new gcc/glibc
2006-02-07 13:23:11 +00:00
Tomáš Mráz
46d6d056ab
- new upstream version
...
- updated db4 to 4.3.29
- added module pam_tally2 with auditing support
- added manual pages for system-auth and config-util (#179584 )
2006-02-03 12:41:29 +00:00
Tomáš Mráz
05cc723970
- remove 'initscripts' dependency ( #176508 )
...
- update pam-redhat modules, merged patches
2006-01-03 16:23:10 +00:00
Tomáš Mráz
9c00b5da67
- fix dangling symlinks in -devel ( #175929 )
...
- link libaudit only where necessary
- actually compile in audit support
2005-12-16 15:20:02 +00:00
Tomáš Mráz
f06eb03db8
- support netgroup matching in pam_succeed_if
...
- upgrade to new release
- drop pam_pwdb as it was obsolete long ago
- we don't build static libraries anymore
2005-12-15 23:47:42 +00:00
Jesse Keating
9b4988bee0
gcc update bump
2005-12-09 22:42:36 +00:00
Tomáš Mráz
a74a5d22a6
- pam_stack is deprecated - log its usage
2005-11-15 14:07:51 +00:00
Tomáš Mráz
ea087a7d8d
- forgot to update requirements on audit-libs
2005-10-26 22:49:36 +00:00
Tomáš Mráz
30c2fd8c2e
- fixed CAN-2005-2977 unix_chkpwd should skip user verification only if run
...
as root (#168181 )
- link pam_loginuid to libaudit
- support no tty in pam_access (#170467 )
- updated audit patch (by Steve Grubb)
- the previous pam_selinux change was not applied properly
- pam_xauth: look for the xauth binary in multiple directories (#171164 )
2005-10-26 22:27:20 +00:00
Daniel J Walsh
c678c06cf7
- Eliminate multiple in pam_selinux
2005-10-26 19:23:04 +00:00
Daniel J Walsh
dc2e11c86b
- Eliminate fail over for getseuserbyname call
2005-10-18 15:41:53 +00:00
Daniel J Walsh
cf7b021d49
- Add getseuserbyname call for SELinux MCS/MLS policy
2005-10-13 21:36:33 +00:00
Daniel J Walsh
97c6e8fa55
- Add getseuserbyname call for SELinux MCS/MLS policy
2005-10-13 21:10:48 +00:00
Tomáš Mráz
9f1545ee2e
- pam_console manpage fixes ( #169373 )
2005-10-04 13:46:58 +00:00
Tomáš Mráz
84f70fb55d
- don't include ps and pdf docs ( #168823 )
...
- new common config file for configuration utilities
- remove glib2 dependency (#166979 )
2005-09-30 13:52:28 +00:00
Tomáš Mráz
5cac4c86fa
- pam_unix: always honor nis flag on password change (by Aaron Hope)
2005-09-20 13:42:45 +00:00
Tomáš Mráz
6f66f1e5c6
- process limit values other than RLIMIT_NICE correctly ( #168790 )
2005-09-20 12:34:48 +00:00
Tomáš Mráz
efa997e610
- don't fail in audit code when audit is not compiled in on the newest
...
kernels (#166422 )
2005-08-24 09:15:09 +00:00
Tomáš Mráz
bc4cc2dea1
- add option to pam_loginuid to require auditd
2005-08-01 09:14:07 +00:00
Tomáš Mráz
a92b0ed73f
- fix NULL dereference in pam_userdb ( #164418 )
2005-07-28 09:40:49 +00:00
Tomáš Mráz
4c014b4ae5
- fix 64bit bug in pam_pwdb
...
- don't crash in pam_unix if pam_get_data fail
2005-07-26 08:36:20 +00:00
Tomáš Mráz
009a4f4368
- more pam_selinux permissive fixes (Dan Walsh)
...
- make binaries PIE (#158938 )
2005-07-22 14:17:33 +00:00
Tomáš Mráz
21ad6a063b
- fixed module tests so the pam doesn't require itself to build ( #163502 )
...
- added buildprereq for building the documentation (#163503 )
- relaxed permissions of binaries (u+w)
2005-07-18 16:00:41 +00:00
Tomáš Mráz
f7c051ac6e
- upgrade to new upstream sources
...
- removed obsolete patches
- pam_selinux module shouldn't fail on broken configs unless policy is set
to enforcing (Dan Walsh)
2005-07-14 14:21:56 +00:00
Tomáš Mráz
24d731a55f
- update pam audit patch
...
- add support for new limits in kernel-2.6.12 (#157050 )
2005-06-21 15:03:23 +00:00
Tomáš Mráz
8e736edd31
- pam_loginuid shouldn't report error when /proc/self/loginuid is missing
...
(#159974 )
2005-06-09 21:28:52 +00:00
Tomáš Mráz
7457524347
- add the Requires dependency on audit-libs ( #159885 )
2005-06-09 11:47:18 +00:00
Tomáš Mráz
4d1f895c96
Fix the build breakage - unpackaged files
2005-05-23 14:31:06 +00:00
Tomáš Mráz
e6a42109ce
- don't install the .so links in /lib
2005-05-20 16:05:48 +00:00
Tomáš Mráz
eecc66af23
- update the pam audit patch to support newest audit library, audit also
...
pam_setcred calls (Steve Grubb)
- don't use the audit_fd as global static variable
- don't unset the XAUTHORITY when target user is root
2005-05-20 15:53:01 +00:00
Tomáš Mráz
6eb3fc0500
- update the pam audit patch to support newest audit library (Steve Grubb)
2005-05-19 18:38:45 +00:00
Tomáš Mráz
fd39e73da0
- pam_console: support loading .perms files in the console.perms.d
...
(#156069 )
2005-05-02 09:53:46 +00:00
Tomáš Mráz
d0ec5ba6c1
- pam_xauth: unset the XAUTHORITY variable on error, fix potential memory
...
leaks
- modify path to IDE floppy devices in console.perms (#155560 )
2005-04-26 12:00:40 +00:00
Steve Grubb
8543c3b252
- Adjusted pam audit patch to make exception for ECONNREFUSED
2005-04-16 14:20:05 +00:00
Tomáš Mráz
f1b09e9b25
- added auditing patch by Steve Grubb
...
- added cleanup patches for bugs found by Steve Grubb
- don't clear the shadow option of pam_unix if nis option used
2005-04-12 16:33:08 +00:00
Tomáš Mráz
2f260114b9
- #150537 - flush input first then write the prompt
2005-04-08 15:10:15 +00:00
Tomáš Mráz
2d246d8a30
- make pam_unix LSB 2.0 compliant even when SELinux enabled
...
- #88127 - change both local and NIS passwords to keep them in sync, also
fix a regression in passwd functionality on NIS master server
2005-04-07 18:40:36 +00:00
Tomáš Mráz
ea4ac73989
- #153711 fix wrong logging in pam_selinux when restoring tty label
2005-04-05 07:40:00 +00:00
Tomáš Mráz
a6a9f4a660
- fix NULL deref in pam_tally when it's used in account phase
2005-04-03 17:12:42 +00:00
Tomáš Mráz
f405278c4f
- upgrade to the new upstream release
...
- moved pam_loginuid to pam-redhat repository
2005-03-31 17:15:12 +00:00
Tomáš Mráz
953e2b6048
- fix wrong logging in pam_console handlers
...
- add executing ainit handler for alsa sound dmix
- #147879 , #112777 - change permissions for dri devices
2005-03-23 12:57:40 +00:00
Tomáš Mráz
cba291fef4
- remove ownership and permissions handling from pam_console call
...
pam_console_apply as a handler instead
2005-03-19 18:22:00 +00:00
Tomáš Mráz
6513c12e82
- add pam_loginuid module for setting the the login uid for auditing
...
purposes (by Steve Grubb)
2005-03-14 21:06:07 +00:00
Tomáš Mráz
03d329b496
- must link glib dynamically to .so
2005-03-10 11:01:23 +00:00
Tomáš Mráz
57f66ca8c9
- add functionality for running handler executables from pam_console when
...
console lock was obtained/lost
- removed patches merged to pam-redhat
2005-03-10 08:14:36 +00:00
Tomáš Mráz
36ee704c88
- fixed some warnings and errors in pam_console for gcc4 build
...
- improved parsing pam_console config file
2005-03-01 14:36:54 +00:00
Tomáš Mráz
c337b8bf0b
- echo why tests failed when rebuilding
2005-03-01 09:06:36 +00:00
Tomáš Mráz
889643ba88
- don't log garbage in pam_console_apply ( #147879 )
2005-02-21 15:33:24 +00:00
Tomáš Mráz
6e7f9c67de
- updated pam-redhat from elvis CVS
2005-01-12 11:16:28 +00:00
jbj
02ac0dcb18
- depend on db-4.3.27, not db-4.3.21.
2005-01-03 17:59:12 +00:00
Tomáš Mráz
b0baf41bab
- add argument to pam_console_apply to restrict its work to specified files
2004-11-25 16:40:18 +00:00
Tomáš Mráz
36d4eeff57
- #137802 allow using pam_console for authentication
2004-11-23 15:38:57 +00:00
Tomáš Mráz
056a40e611
- update to Linux-PAM-0.78
...
- #140451 parse passwd entries correctly and test for failure
2004-11-23 15:32:59 +00:00
jbj
0da465a133
- rebuild against db-4.3.21.
2004-11-13 00:33:17 +00:00
Tomáš Mráz
1916d7ac37
- #77646 log failures when renaming the files when changing password
...
- Log failure on missing /etc/security/opasswd when remember option is
present
2004-11-11 13:52:15 +00:00
Tomáš Mráz
91347f07d7
- #87628 pam_timestamp remembers authorization after logout
...
- #116956 fixed memory leaks in pam_stack
2004-11-10 17:52:27 +00:00
Tomáš Mráz
6c581a0e6d
- #74062 modify the pwd-lock patch to remove NIS passwd changing deadlock
2004-10-20 14:46:49 +00:00
Tomáš Mráz
68feec353f
- #134941 pam_console should check X11 socket only on login
2004-10-20 13:10:13 +00:00
Tomáš Mráz
3eef649366
- Fix checking of group in %group syntax in pam_limits
...
- Drop fencepost patch as it was already fixed by upstream change from 0.75
to 0.77
- Fix brokenshadow patch
2004-10-19 14:25:05 +00:00
Tomáš Mráz
8e01e56e3b
- even more console.perms entries
...
- drop the apply to dir patch - it won't work
2004-10-14 16:42:00 +00:00
Tomáš Mráz
b880f65bb5
forgot to remove obsolete patch
2004-10-14 16:03:31 +00:00
Tomáš Mráz
9abd7cf374
- Added bluetooth, raw1394 and flash to console.perms
...
- pam_console manpage fix
- Allow to apply console.perms to dir when
2004-10-14 16:02:39 +00:00
Tomáš Mráz
149b939c53
- #126985 pam_stack should always copy the conversation function
...
- #127524 add /etc/security/opasswd to files
2004-10-11 14:48:11 +00:00
Tomáš Mráz
89f73ad59c
- pam_env shouldn't abort on missing /etc/environment
2004-10-11 12:09:28 +00:00
Phil Knirsch
6dc6125605
- Dropped last patch again, real fix is /etc/environment file in setup
2004-09-28 16:18:30 +00:00
Phil Knirsch
0886c1641c
- Fixed bug in pam_env where wrong initializer was used
2004-09-23 16:21:40 +00:00
Daniel J Walsh
632558e3e9
use checkPasswdAccess in pam_rootok
2004-09-17 17:54:12 +00:00
Jindrich Novy
d52fe82242
- added patches from Tomas Mraz
2004-09-13 13:57:04 +00:00
cvsdist
6e7e8cb073
auto-import changelog data from pam-0.77-55.src.rpm
...
Mon Aug 30 2004 Warren Togami <wtogami@redhat.com> 0.77-55
- #126024 /dev/pmu console perms
2004-09-09 09:59:24 +00:00
cvsdist
89c884f64a
auto-import changelog data from pam-0.77-54.src.rpm
...
Wed Aug 04 2004 Dan Walsh <dwalsh@redhat.com> 0.77-54
- Move pam_console.lock to /var/run/console/
2004-09-09 09:59:18 +00:00
cvsdist
0095dae916
auto-import changelog data from pam-0.77-53.src.rpm
...
Thu Jul 29 2004 Dan Walsh <dwalsh@redhat.com> 0.77-53
- Close fd[1] before pam_modutilread so that unix_verify will complete
2004-09-09 09:59:10 +00:00
cvsdist
a9bb82bba8
auto-import changelog data from pam-0.77-52.src.rpm
...
Tue Jul 27 2004 Alan Cox <alan@redhat.com> 0.77-52
- First chunk of Steve Grubb's resource leak and other fixes
Tue Jul 27 2004 Alan Cox <alan@redhat.com> 0.77-51
- Fixed build testing of modules
- Fixed dependancies
2004-09-09 09:58:59 +00:00
cvsdist
e4862f785f
auto-import pam-0.77-51 from pam-0.77-51.src.rpm
2004-09-09 09:58:35 +00:00
cvsdist
c7e9550fec
auto-import changelog data from pam-0.77-50.src.rpm
...
Tue Jul 20 2004 Dan Walsh <dwalsh@redhat.com> 0.77-50
- Change unix_chkpwd to return pam error codes
2004-09-09 09:58:20 +00:00
cvsdist
21440a7021
auto-import pam-0.77-49 from pam-0.77-49.src.rpm
2004-09-09 09:58:05 +00:00
cvsdist
21937dd94b
auto-import changelog data from pam-0.77-48.src.rpm
...
Sat Jul 10 2004 Alan Cox <alan@redhat.com>
- Fixed the pam glib2 dependancy issue
2004-09-09 09:57:54 +00:00
cvsdist
ae27812230
auto-import changelog data from pam-0.77-47.src.rpm
...
Mon Jun 21 2004 Alan Cox <alan@redhat.com>
- Fixed the pam_limits fencepost error (#79989 ) since nobody seems to be
doing it
Tue Jun 15 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt
Wed Jun 09 2004 Dan Walsh <dwalsh@redhat.com> 0.77-45
- Add requires libselinux > 1.8
2004-09-09 09:57:48 +00:00
cvsdist
ccf51eec26
auto-import changelog data from pam-0.77-44.src.rpm
...
Thu Jun 03 2004 Dan Walsh <dwalsh@redhat.com> 0.77-44
- Add MLS Support to selinux patch
Wed Jun 02 2004 Dan Walsh <dwalsh@redhat.com> 0.77-43
- Modify pam_selinux to use open and close param
2004-09-09 09:57:30 +00:00
cvsdist
4d16522876
auto-import changelog data from pam-0.77-43.src.rpm
...
Fri May 28 2004 Dan Walsh <dwalsh@redhat.com> 0.77-42
- Split pam module into two parts open and close
2004-09-09 09:56:34 +00:00
cvsdist
aad5335ba7
auto-import changelog data from pam-0.77-41.src.rpm
...
Tue May 18 2004 Phil Knirsch <pknirsch@redhat.com> 0.77-41
- Fixed 64bit segfault in pam_succeed_if module.
Wed Apr 14 2004 Dan Walsh <dwalsh@redhat.com> 0.77-40
- Apply changes from audit.
Mon Apr 12 2004 Dan Walsh <dwalsh@redhat.com> 0.77-39
- Change to only report failure on relabel if debug
2004-09-09 09:56:22 +00:00
cvsdist
147d85b558
auto-import changelog data from pam-0.77-38.src.rpm
...
Wed Mar 03 2004 Dan Walsh <dwalsh@redhat.com> 0.77-38
- Fix error handling of pam_unix
Tue Mar 02 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt
Thu Feb 26 2004 Dan Walsh <dwalsh@redhat.com> 0.77-36
- fix tty handling
Thu Feb 26 2004 Dan Walsh <dwalsh@redhat.com> 0.77-35
- remove tty closing and opening from pam_selinux, it does not work.
Fri Feb 13 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt
Thu Feb 12 2004 Nalin Dahyabhai <nalin@redhat.com>
- pam_unix: also log successful password changes when using shadowed
passwords
Tue Feb 10 2004 Dan Walsh <dwalsh@redhat.com> 0.77-33
- close and reopen terminal after changing context.
Thu Feb 05 2004 Dan Walsh <dwalsh@redhat.com> 0.77-32
- Check for valid tty
Tue Feb 03 2004 Dan Walsh <dwalsh@redhat.com> 0.77-31
- Check for multiple > 1
2004-09-09 09:55:13 +00:00
cvsdist
05a94aa964
auto-import changelog data from pam-0.77-30.src.rpm
...
Mon Feb 02 2004 Dan Walsh <dwalsh@redhat.com> 0.77-30
- fix is_selinux_enabled call for pam_rootok
Wed Jan 28 2004 Dan Walsh <dwalsh@redhat.com> 0.77-29
- More fixes to pam_selinux,pam_rootok
Wed Jan 28 2004 Dan Walsh <dwalsh@redhat.com> 0.77-28
- turn on selinux
Wed Jan 28 2004 Dan Walsh <dwalsh@redhat.com> 0.77-27
- Fix rootok check.
Mon Jan 26 2004 Dan Walsh <dwalsh@redhat.com> 0.77-26
- fix is_selinux_enabled call
Sun Jan 25 2004 Dan Walsh <dwalsh@redhat.com> 0.77-25
- Check if ROOTOK for SELinux
Thu Jan 15 2004 Dan Walsh <dwalsh@redhat.com> 0.77-24
- Fix tty handling for pts in pam_selinux
Thu Jan 15 2004 Dan Walsh <dwalsh@redhat.com> 0.77-23
- Need to add qualifier context for sudo situation
Thu Jan 15 2004 Dan Walsh <dwalsh@redhat.com> 0.77-22
- Fix pam_selinux to use prevcon instead of pam_user so it will work for
su.
Fri Dec 12 2003 Bill Nottingham <notting@redhat.com> 0.77-21.sel
- add alsa devs to console.perms
Thu Dec 11 2003 Jeff Johnson <jbj@jbj.org> 0.77-20.sel
- rebuild with db-4.2.52.
- build db4 in build_unix, not dist.
Wed Nov 26 2003 Dan Walsh <dwalsh@redhat.com> 0.77-19.sel
- Change unix_chkpwd to handle unix_passwd and unix_acct
- This eliminates the need for pam modules to have read/write access to
/etc/shadow.
Thu Nov 20 2003 Dan Walsh <dwalsh@redhat.com> 0.77-18.sel
- Cleanup unix_chkpwd
Mon Nov 03 2003 Dan Walsh <dwalsh@redhat.com> 0.77-17.sel
- Fix tty handling
- Add back multiple handling
Mon Oct 27 2003 Dan Walsh <dwalsh@redhat.com> 0.77-16.sel
- Remove Multiple from man page of pam_selinux
2004-09-09 09:54:59 +00:00
cvsdist
d577226563
auto-import changelog data from pam-0.77-15.src.rpm
...
Thu Oct 23 2003 Nalin Dahyabhai <nalin@redhat.com> 0.77-15
- don't install _pam_aconf.h -- apps don't use it, other PAM headers which
are installed don't use it, and its contents may be different for
arches on a multilib system
- check for linkage problems in modules at %install-time (kill #107093
dead)
- add buildprereq on flex (#101563 )
Wed Oct 22 2003 Nalin Dahyabhai <nalin@redhat.com>
- make pam_pwdb.so link with libnsl again so that it loads (#107093 )
- remove now-bogus buildprereq on db4-devel (we use a bundled copy for
pam_userdb to avoid symbol collisions with other db libraries in apps)
Mon Oct 20 2003 Dan Walsh <dwalsh@redhat.com> 0.77-14.sel
- Add Russell Coker patch to handle /dev/pty
Fri Oct 17 2003 Dan Walsh <dwalsh@redhat.com> 0.77-13.sel
- Turn on Selinux
Fri Oct 17 2003 Dan Walsh <dwalsh@redhat.com> 0.77-12
- Fix pam_timestamp to work when 0 seconds have elapsed
Mon Oct 06 2003 Dan Walsh <dwalsh@redhat.com> 0.77-11
- Turn off selinux
Thu Sep 25 2003 Dan Walsh <dwalsh@redhat.com> 0.77-10.sel
- Turn on Selinux and remove multiple choice of context.
Wed Sep 24 2003 Dan Walsh <dwalsh@redhat.com> 0.77-10
- Turn off selinux
Wed Sep 24 2003 Dan Walsh <dwalsh@redhat.com> 0.77-9.sel
- Add Russell's patch to check password
Wed Sep 17 2003 Dan Walsh <dwalsh@redhat.com> 0.77-8.sel
- handle ttys correctly in pam_selinux
Fri Sep 05 2003 Dan Walsh <dwalsh@redhat.com> 0.77-7.sel
- Clean up memory problems and fix tty handling.
Mon Jul 28 2003 Dan Walsh <dwalsh@redhat.com> 0.77-6
- Add manual context selection to pam_selinux
Mon Jul 28 2003 Dan Walsh <dwalsh@redhat.com> 0.77-5
- Add pam_selinux
Mon Jul 28 2003 Dan Walsh <dwalsh@redhat.com> 0.77-4
- Add SELinux support
2004-09-09 09:54:36 +00:00
cvsdist
325000d723
auto-import changelog data from pam-0.75-50.src.rpm
...
Thu Jul 24 2003 Nalin Dahyabhai <nalin@redhat.com> 0.75-50
- pam_postgresok: add
- pam_xauth: add targetuser= argument
Thu Jul 03 2003 Nalin Dahyabhai <nalin@redhat.com>
- pam_timestamp: use a message authentication code to validate timestamp
files
Mon Jun 30 2003 Nalin Dahyabhai <nalin@redhat.com> 0.75-48.1
- rebuild
Mon Jun 09 2003 Nalin Dahyabhai <nalin@redhat.com> 0.75-49
- modify calls to getlogin() to check the directory of the current TTY
before searching for an entry in the utmp/utmpx file
Wed Jun 04 2003 Elliot Lee <sopwith@redhat.com>
- rebuilt
2004-09-09 09:52:51 +00:00
cvsdist
2cf2651983
auto-import pam-0.75-48 from pam-0.75-48.src.rpm
2004-09-09 09:51:54 +00:00
cvsdist
cb2381bfec
auto-import pam-0.75-46.8.0 from pam-0.75-46.8.0.src.rpm
2004-09-09 09:51:33 +00:00
cvsdist
7414c339bf
auto-import pam-0.75-40 from pam-0.75-40.src.rpm
2004-09-09 09:50:43 +00:00
cvsdist
215cd1a5d8
auto-import pam-0.75-39 from pam-0.75-39.src.rpm
2004-09-09 09:50:31 +00:00