From 46d6d056ab004b26355a31e7a327ed07803267c5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Mr=C3=A1z?= Date: Fri, 3 Feb 2006 12:41:29 +0000 Subject: [PATCH] - new upstream version - updated db4 to 4.3.29 - added module pam_tally2 with auditing support - added manual pages for system-auth and config-util (#179584) --- .cvsignore | 6 ++--- config-util.5 | 36 ++++++++++++++++++++++++++++++ pam.spec | 32 +++++++++++++-------------- sources | 6 ++--- system-auth.5 | 61 +++++++++++++++++++++++++++++++++++++++++++++++++++ 5 files changed, 119 insertions(+), 22 deletions(-) create mode 100644 config-util.5 create mode 100644 system-auth.5 diff --git a/.cvsignore b/.cvsignore index ac33cc3..8e3d545 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1,3 +1,3 @@ -db-4.3.27.tar.gz -Linux-PAM-0.99.2.1.tar.bz2 -pam-redhat-0.99.2-1.tar.bz2 +Linux-PAM-0.99.3.0.tar.bz2 +db-4.3.29.tar.gz +pam-redhat-0.99.3-1.tar.bz2 diff --git a/config-util.5 b/config-util.5 new file mode 100644 index 0000000..17d7f8a --- /dev/null +++ b/config-util.5 @@ -0,0 +1,36 @@ +.TH SYSTEM-AUTH 5 "2006 Feb 3" "Red Hat" "Linux-PAM Manual" +.SH NAME + +config-util \- Common PAM configuration file for configuration utilities + +.SH SYNOPSIS +.B /etc/pam.d/config-util +.sp 2 +.SH DESCRIPTION + +The purpose of this configuration file is to provide common +configuration file for all configuration utilities which must be run +from the supervisor account and use the userhelper wrapper application. + +.sp +The +.BR config-util +configuration file is included from all individual configuration +files of such utilities with the help of the +.BR include +directive. +There are not usually any other modules in the individual configuration +files of these utilities. + +.sp +It is possible for example to modify duration of the validity of the +authentication timestamp there. See +.BR pam_timestamp(8) +for details. + +.SH BUGS +.sp 2 +None known. + +.SH "SEE ALSO" +pam(8), config-util(5), pam_timestamp(8) diff --git a/pam.spec b/pam.spec index 2c5f86a..8381eec 100644 --- a/pam.spec +++ b/pam.spec @@ -4,14 +4,14 @@ %define _sysconfdir /etc %define pwdb_version 0.62 -%define db_version 4.3.27 +%define db_version 4.3.29 %define db_conflicting_version 4.4.0 -%define pam_redhat_version 0.99.2-1 +%define pam_redhat_version 0.99.3-1 Summary: A security tool which provides authentication for applications. Name: pam -Version: 0.99.2.1 -Release: 3 +Version: 0.99.3.0 +Release: 1 License: GPL or BSD Group: System Environment/Base Source0: ftp.us.kernel.org:/pub/linux/libs/pam/pre/library/Linux-PAM-%{version}.tar.bz2 @@ -22,16 +22,15 @@ Source5: other.pamd Source6: system-auth.pamd Source7: config-util.pamd Source8: dlopen.sh +Source9: system-auth.5 +Source10: config-util.5 Patch1: pam-0.99.2.1-redhat-modules.patch Patch21: pam-0.78-unix-hpux-aging.patch Patch28: pam-0.75-sgml2latex.patch Patch34: pam-0.99.2.1-dbpam.patch -Patch65: pam-0.99.2.1-audit.patch Patch70: pam-0.99.2.1-selinux-nofail.patch -Patch72: pam-0.99.2.1-pie.patch +Patch72: pam-0.99.3.0-pie.patch Patch80: pam-0.99.2.1-selinux-drop-multiple.patch -Patch83: pam-0.77-succif-netgroup.patch -Patch84: pam-0.99.2.1-lastlog-fixes.patch BuildRoot: %{_tmppath}/%{name}-root Requires: cracklib, cracklib-dicts >= 2.8 @@ -84,14 +83,9 @@ cp $RPM_SOURCE_DIR/config-util.pamd . %patch21 -p1 -b .unix-hpux-aging %patch28 -p1 -b .doc %patch34 -p1 -b .dbpam -%if %{WITH_AUDIT} -%patch65 -p1 -b .audit -%endif %patch70 -p1 -b .nofail %patch72 -p1 -b .pie %patch80 -p1 -b .drop-multiple -%patch83 -p1 -b .succif-netgroup -%patch84 -p0 -b .lastlog-fixes for readme in modules/pam_*/README ; do cp -f ${readme} doc/txts/README.`dirname ${readme} | sed -e 's|^modules/||'` @@ -155,9 +149,7 @@ strip $RPM_BUILD_ROOT%{_sbindir}/* ||: rm doc/*/*pam_pwdb* # Install man pages. -install -d -m 755 $RPM_BUILD_ROOT%{_mandir}/man{3,5,8} -install -m 644 doc/man/*.3 $RPM_BUILD_ROOT%{_mandir}/man3/ -install -m 644 doc/man/*.8 $RPM_BUILD_ROOT%{_mandir}/man8/ +install -m 644 %{SOURCE9} %{SOURCE10} $RPM_BUILD_ROOT%{_mandir}/man5/ # Remove pam_pwdb so it won't error out rm -rf modules/pam_pwdb @@ -279,6 +271,7 @@ fi /%{_lib}/libpam_misc.so.* %{_sbindir}/pam_console_apply %{_sbindir}/pam_tally +%{_sbindir}/pam_tally2 %attr(4755,root,root) %{_sbindir}/pam_timestamp_check %attr(4755,root,root) %{_sbindir}/unix_chkpwd %if %{_lib} != lib @@ -318,6 +311,7 @@ fi /%{_lib}/security/pam_stress.so /%{_lib}/security/pam_succeed_if.so /%{_lib}/security/pam_tally.so +/%{_lib}/security/pam_tally2.so /%{_lib}/security/pam_time.so /%{_lib}/security/pam_timestamp.so /%{_lib}/security/pam_umask.so @@ -357,6 +351,12 @@ fi %{_libdir}/libpam_misc.so %changelog +* Fri Feb 3 2006 Tomas Mraz 0.99.3.0-1 +- new upstream version +- updated db4 to 4.3.29 +- added module pam_tally2 with auditing support +- added manual pages for system-auth and config-util (#179584) + * Tue Jan 3 2006 Tomas Mraz 0.99.2.1-3 - remove 'initscripts' dependency (#176508) - update pam-redhat modules, merged patches diff --git a/sources b/sources index 01b006f..8520599 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -fcc481d52c3b80e20a328f8c0cb042bd db-4.3.27.tar.gz -9e564161c3a5f36bf0678ef227b2a897 Linux-PAM-0.99.2.1.tar.bz2 -6feaf6d9f735ced6372c892db71e27a1 pam-redhat-0.99.2-1.tar.bz2 +aabed0543f57dc3e4eebbb0779daf898 Linux-PAM-0.99.3.0.tar.bz2 +13585a20ce32f113b8e8cdb57f52e3bb db-4.3.29.tar.gz +d1a3f1190c8c9b7ce3cf27660f59a2ab pam-redhat-0.99.3-1.tar.bz2 diff --git a/system-auth.5 b/system-auth.5 new file mode 100644 index 0000000..a1267f7 --- /dev/null +++ b/system-auth.5 @@ -0,0 +1,61 @@ +.TH SYSTEM-AUTH 5 "2006 Feb 3" "Red Hat" "Linux-PAM Manual" +.SH NAME + +system-auth \- Common configuration file for PAMified services + +.SH SYNOPSIS +.B /etc/pam.d/system-auth +.sp 2 +.SH DESCRIPTION + +The purpose of this configuration file is to provide common +configuration file for all applications and service daemons +calling PAM library. + +.sp +The +.BR system-auth +configuration file is included from all individual service configuration +files with the help of the +.BR include +directive. + +.SH NOTES +There should be no +.BR sufficient +modules in the +.BR session +part of +.BR system-auth +file because individual services may add session modules after +.BR include +of the +.BR system-auth +file. Execution of these modules would be skipped if there were sufficient +modules in +.BR system-auth +file. + +.sp +Conversely there should not be any modules after +.BR include +directive in the individual service files in +.BR auth account +and +.BR password +sections otherwise they could be bypassed. + +.SH BUGS +.sp 2 +None known. + +.SH "SEE ALSO" +pam(8), config-util(5) + +The three +.BR Linux-PAM +Guides, for +.BR "system administrators" ", " +.BR "module developers" ", " +and +.BR "application developers" ". "