Stephen Gallagher
4ef6823ff4
Add pam_motd to the PAM stack
...
This will allow Cockpit to update /etc/motd.d/cockpit with
information informing the user of the location of the admin console
on the system if it is available.
Resolves: rhbz#1591381
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2018-06-14 11:28:51 -04:00
Jakub Jelen
04ca5e7b0b
7.7p1-3 + 0.10.3-4
2018-04-16 11:15:43 +02:00
Jakub Jelen
48cef7a0b8
Opening tun devices fails + other regressions in OpenSSH v7.7 fixed upstream
2018-04-16 11:15:37 +02:00
Jakub Jelen
836590e795
7.7p1-2 + 0.10.3-4
2018-04-12 10:35:14 +02:00
Jakub Jelen
ab24bd6608
Do not break quotes parsing in configuration file ( #1566295 )
2018-04-12 10:26:26 +02:00
Jakub Jelen
b0815ca514
7.7p1-1 + 0.10.3-4
2018-04-04 16:59:45 +02:00
Jakub Jelen
af10de8f01
Update to latest version of URI patch passing the new tests + rebase to 7.7
2018-04-04 16:59:45 +02:00
Jakub Jelen
273086d13a
Need a p11-kit to allow default pkcs11 proxy
2018-04-04 16:59:45 +02:00
Jakub Jelen
42fe13ff31
Allow loading more keys from single PKCS#11 module
2018-04-04 16:58:34 +02:00
Jakub Jelen
077597136c
PKCS#11: Load public keys from ECDSA certificates
...
Submitted in upstream bugzilla
https://bugzilla.mindrot.org/show_bug.cgi?id=2474#c21
2018-04-04 16:57:59 +02:00
Jakub Jelen
aad4430f17
Print PKCS#11 URI also for ECDSA keys
2018-04-04 16:57:59 +02:00
Jakub Jelen
7e9748a2b5
PKCS#11: Support ECDSA keys and PKCS#11 URIs
...
Based on the patches in upstream bugzilla:
ECDSA:
https://bugzilla.mindrot.org/show_bug.cgi?id=2474
PKCS#11 URI:
https://bugzilla.mindrot.org/show_bug.cgi?id=2817
2018-04-04 16:56:59 +02:00
Jakub Jelen
3cd4899257
Rebase to latest OpenSSH 7.7p1 ( #1563223 )
2018-04-04 16:50:43 +02:00
Jakub Jelen
1ce235ac38
tests/pam_ssh_agent_auth: Add a new sanity test
2018-03-12 16:48:08 +01:00
Jakub Jelen
6b2140deea
tests/port-forwarding: Do not expect the nc will succeed
2018-03-12 15:54:35 +01:00
Jakub Jelen
b4cbb0fe23
tests/port-forwarding: Do not require rhts makefile
2018-03-12 15:54:35 +01:00
Jakub Jelen
830acce379
revert part of the nss removal from LDAP
2018-03-06 15:15:03 +01:00
Jakub Jelen
cbb6ca5123
openssh-7.6p1-7 + 0.10.3-3
2018-03-06 14:37:01 +01:00
Jakub Jelen
c8f1381d11
Remove bogus nss linking
2018-03-06 14:37:01 +01:00
Jakub Jelen
92b8e55bea
Crypto policies changed path
2018-03-06 13:53:17 +01:00
Jakub Jelen
bd5b563008
Require crypto policies
2018-03-06 13:53:02 +01:00
Jakub Jelen
c2a9e41702
Recommend crypto policies also for a server
2018-02-19 12:10:48 +01:00
Jakub Jelen
07c951f665
Require gcc
...
https://fedoraproject.org/wiki/Changes/Remove_GCC_from_BuildRoot
2018-02-19 12:10:48 +01:00
Igor Gnatenko
a6b5c2c42d
Remove %clean section
...
None of currently supported distributions need that.
Last one was EL5 which is EOL for a while.
Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>
2018-02-14 08:27:35 +01:00
Igor Gnatenko
5f6f10859d
Remove BuildRoot definition
...
None of currently supported distributions need that.
It was needed last for EL5 which is EOL now
Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>
2018-02-13 23:58:21 +01:00
Fedora Release Engineering
13efdb1d7f
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
...
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2018-02-08 17:49:28 +00:00
Jakub Jelen
6a6c2bc3ab
We need systemd-devel for sdnotify()
2018-02-01 16:30:07 +01:00
Jakub Jelen
0780f33c5f
removal of systemd-units and conforming to packaging guidelines
...
Per announcement on fedora-devel:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/LLG4T53FW2BGVZLGLKNYTKPD5SQNBZ2Y/
2018-01-27 10:57:06 +01:00
Jakub Jelen
bb4b7b77fc
openssh-7.6p1-6 + 0.10.3-3
2018-01-26 16:26:50 +01:00
Florian Weimer
f61eaad2bd
Rebuild to work around gcc bug leading to sshd miscompilation ( #1538648 )
2018-01-25 16:48:03 +01:00
Jakub Jelen
c45ece5fe8
Do not audit partial auth failures
2018-01-22 12:58:09 +01:00
Jakub Jelen
6996c6f503
Do not audit passsword authentication, if handled by PAM
...
and avoid auditing none auth method (not acually a method)
2018-01-22 12:58:09 +01:00
Jakub Jelen
9b05c6d476
USER_AUTH: Remove bogus rport, add required grantors
2018-01-22 12:58:09 +01:00
Jakub Jelen
667e6f013f
Do not audit final success ( #1534577 )
2018-01-22 12:58:09 +01:00
Jakub Jelen
57349a88a8
Use correct audit event for pubkey auth
2018-01-22 12:58:09 +01:00
Björn Esser
427beb2f9e
Rebuilt for switch to libxcrypt
2018-01-20 23:07:25 +01:00
Jakub Jelen
b1ec43ef50
Add missing header to make it build (related to #1534577 )
2018-01-19 10:46:01 +01:00
Jakub Jelen
0f4b4ccdea
Audit correctly the res= after upstream refactoring
2018-01-19 10:18:51 +01:00
Jakub Jelen
38b67ad605
Avoid undefined TRUE/FALSE in ldap patch to build in rawhide
2018-01-17 10:50:05 +01:00
Jakub Jelen
4d97279349
openssh-7.6p1-5 + 0.10.3-3
2018-01-17 10:13:18 +01:00
Jakub Jelen
f284c5eb83
Do not attempt to pass hostnames to audit (inconsistency) ( #1534577 )
2018-01-17 10:10:28 +01:00
Jakub Jelen
32dc9bd1cd
Drop unused function from audit
2018-01-16 16:24:27 +01:00
Jakub Jelen
316553ade0
Remove TCP wrappers support ( #1530163 )
2018-01-16 15:06:23 +01:00
Jakub Jelen
871dc3ed3e
openssh-7.6p1-4 + 0.10.3-3
2017-12-14 10:23:37 +01:00
Jakub Jelen
17cd512319
Whitelist gettid() syscall for systemd (cleanup procedure?)
2017-12-12 14:19:35 +01:00
Jakub Jelen
1f2a7f3926
openssh-7.6p1-3 + 0.10.3-3
2017-12-11 11:54:38 +01:00
Jakub Jelen
fde6b96b35
Avoid gcc warnings about uninitialized variables
2017-12-11 11:53:10 +01:00
Jakub Jelen
217da75d53
Do not segfault for repetitive cipher_free() from audit ( #1524233 )
2017-12-11 11:53:03 +01:00
Jakub Jelen
eef660e534
7.6p1-2 + 0.10.3-3
2017-11-22 08:57:03 +01:00
Jakub Jelen
e3f4c1243d
Do not build all the binaries against libldap
2017-11-15 10:17:46 +01:00