From 4a01b974a1022c8d88b8f20e9e8c9245ba95a7d0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B6rn=20Esser?= Date: Fri, 19 May 2023 22:48:35 +0200 Subject: [PATCH] Drop pam-1.5.2-pwhistory-config.patch and pam-1.5.2-configure-c99.patch, as those patches are implemented upstream MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Björn Esser --- pam-1.5.2-configure-c99.patch | 35 --- pam-1.5.2-pwhistory-config.patch | 489 ------------------------------- pam.spec | 6 +- 3 files changed, 2 insertions(+), 528 deletions(-) delete mode 100644 pam-1.5.2-configure-c99.patch delete mode 100644 pam-1.5.2-pwhistory-config.patch diff --git a/pam-1.5.2-configure-c99.patch b/pam-1.5.2-configure-c99.patch deleted file mode 100644 index 33488e2..0000000 --- a/pam-1.5.2-configure-c99.patch +++ /dev/null @@ -1,35 +0,0 @@ -From f07fc9cac78851d3dfad1e8c54ee2671e6351853 Mon Sep 17 00:00:00 2001 -From: Sam James -Date: Sun, 11 Sep 2022 16:37:59 +0100 -Subject: [PATCH] configure.ac: fix implicit function declaration in mail spool - directory check - -Fixes the following error with Clang 15 (which makes implicit function -declarations an error by default): -``` -+error: call to undeclared library function 'exit' with type 'void (int) __attribute__((noreturn))'; ISO C99 and later do not support implicit function declarations [-Wimplicit-function-declaration] - exit(0); - ^ - note: include the header or explicitly provide a declaration for 'exit' -``` - -Signed-off-by: Sam James ---- - configure.ac | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/configure.ac b/configure.ac -index 79113ad1..b12c8892 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -297,6 +297,7 @@ if test x$with_mailspool != x ; then - else - AC_RUN_IFELSE([AC_LANG_SOURCE([[ - #include -+#include - int main() { - #ifdef _PATH_MAILDIR - exit(0); --- -2.40.0 - diff --git a/pam-1.5.2-pwhistory-config.patch b/pam-1.5.2-pwhistory-config.patch deleted file mode 100644 index c943450..0000000 --- a/pam-1.5.2-pwhistory-config.patch +++ /dev/null @@ -1,489 +0,0 @@ -diff -up Linux-PAM-1.5.2/modules/pam_pwhistory/Makefile.am.pwhistory-config Linux-PAM-1.5.2/modules/pam_pwhistory/Makefile.am ---- Linux-PAM-1.5.2/modules/pam_pwhistory/Makefile.am.pwhistory-config 2021-09-03 13:59:07.000000000 +0200 -+++ Linux-PAM-1.5.2/modules/pam_pwhistory/Makefile.am 2022-07-18 11:31:50.774295494 +0200 -@@ -9,9 +9,10 @@ MAINTAINERCLEANFILES = $(MANS) README - EXTRA_DIST = $(XMLS) - - if HAVE_DOC --dist_man_MANS = pam_pwhistory.8 pwhistory_helper.8 -+dist_man_MANS = pam_pwhistory.8 pwhistory_helper.8 pwhistory.conf.5 - endif --XMLS = README.xml pam_pwhistory.8.xml pwhistory_helper.8.xml -+XMLS = README.xml pam_pwhistory.8.xml pwhistory_helper.8.xml \ -+ pwhistory.conf.5.xml - dist_check_SCRIPTS = tst-pam_pwhistory - TESTS = $(dist_check_SCRIPTS) - -@@ -26,12 +27,14 @@ if HAVE_VERSIONING - pam_pwhistory_la_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map - endif - --noinst_HEADERS = opasswd.h -+noinst_HEADERS = opasswd.h pwhistory_config.h -+ -+dist_secureconf_DATA = pwhistory.conf - - securelib_LTLIBRARIES = pam_pwhistory.la - pam_pwhistory_la_CFLAGS = $(AM_CFLAGS) - pam_pwhistory_la_LIBADD = $(top_builddir)/libpam/libpam.la @LIBCRYPT@ @LIBSELINUX@ --pam_pwhistory_la_SOURCES = pam_pwhistory.c opasswd.c -+pam_pwhistory_la_SOURCES = pam_pwhistory.c opasswd.c pwhistory_config.c - - sbin_PROGRAMS = pwhistory_helper - pwhistory_helper_CFLAGS = $(AM_CFLAGS) -DHELPER_COMPILE=\"pwhistory_helper\" @EXE_CFLAGS@ -diff -up Linux-PAM-1.5.2/modules/pam_pwhistory/pam_pwhistory.8.xml.pwhistory-config Linux-PAM-1.5.2/modules/pam_pwhistory/pam_pwhistory.8.xml ---- Linux-PAM-1.5.2/modules/pam_pwhistory/pam_pwhistory.8.xml.pwhistory-config 2021-09-03 13:59:07.000000000 +0200 -+++ Linux-PAM-1.5.2/modules/pam_pwhistory/pam_pwhistory.8.xml 2022-07-18 11:35:24.912807324 +0200 -@@ -36,6 +36,9 @@ - - authtok_type=STRING - -+ -+ conf=/path/to/config-file -+ - - - -@@ -104,7 +107,7 @@ - - - The last N passwords for each -- user are saved in /etc/security/opasswd. -+ user are saved. - The default is 10. Value of - 0 makes the module to keep the existing - contents of the opasswd file unchanged. -@@ -137,7 +140,26 @@ - - - -+ -+ -+ -+ -+ -+ -+ Use another configuration file instead of the default -+ /etc/security/pwhistory.conf. -+ -+ -+ -+ - -+ -+ The options for configuring the module behavior are described in the -+ pwhistory.conf -+ 5 manual page. The options -+ specified on the module command line override the values from the -+ configuration file. -+ - - - -@@ -223,6 +245,9 @@ password required pam_unix.so - SEE ALSO - - -+ pwhistory.conf5 -+ , -+ - pam.conf5 - , - -diff -up Linux-PAM-1.5.2/modules/pam_pwhistory/pam_pwhistory.c.pwhistory-config Linux-PAM-1.5.2/modules/pam_pwhistory/pam_pwhistory.c ---- Linux-PAM-1.5.2/modules/pam_pwhistory/pam_pwhistory.c.pwhistory-config 2021-09-03 13:59:07.000000000 +0200 -+++ Linux-PAM-1.5.2/modules/pam_pwhistory/pam_pwhistory.c 2022-07-18 11:34:34.465451167 +0200 -@@ -63,14 +63,8 @@ - - #include "opasswd.h" - #include "pam_inline.h" -+#include "pwhistory_config.h" - --struct options_t { -- int debug; -- int enforce_for_root; -- int remember; -- int tries; --}; --typedef struct options_t options_t; - - - static void -@@ -299,6 +293,8 @@ pam_sm_chauthtok (pam_handle_t *pamh, in - options.remember = 10; - options.tries = 1; - -+ parse_config_file(pamh, argc, argv, &options); -+ - /* Parse parameters for module */ - for ( ; argc-- > 0; argv++) - parse_option (pamh, *argv, &options); -@@ -306,7 +302,6 @@ pam_sm_chauthtok (pam_handle_t *pamh, in - if (options.debug) - pam_syslog (pamh, LOG_DEBUG, "pam_sm_chauthtok entered"); - -- - if (options.remember == 0) - return PAM_IGNORE; - -diff -up Linux-PAM-1.5.2/modules/pam_pwhistory/pwhistory.conf.5.xml.pwhistory-config Linux-PAM-1.5.2/modules/pam_pwhistory/pwhistory.conf.5.xml ---- Linux-PAM-1.5.2/modules/pam_pwhistory/pwhistory.conf.5.xml.pwhistory-config 2022-07-18 11:31:50.774295494 +0200 -+++ Linux-PAM-1.5.2/modules/pam_pwhistory/pwhistory.conf.5.xml 2022-07-18 11:31:50.774295494 +0200 -@@ -0,0 +1,155 @@ -+ -+ -+ -+ -+ -+ -+ pwhistory.conf -+ 5 -+ Linux-PAM Manual -+ -+ -+ -+ pwhistory.conf -+ pam_pwhistory configuration file -+ -+ -+ -+ -+ DESCRIPTION -+ -+ pwhistory.conf provides a way to configure the -+ default settings for saving the last passwords for each user. -+ This file is read by the pam_pwhistory module and is the -+ preferred method over configuring pam_pwhistory directly. -+ -+ -+ The file has a very simple name = value format with possible comments -+ starting with # character. The whitespace at the beginning of line, end -+ of line, and around the = sign is ignored. -+ -+ -+ -+ -+ -+ OPTIONS -+ -+ -+ -+ -+ -+ -+ -+ Turns on debugging via -+ -+ syslog3 -+ . -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ If this option is set, the check is enforced for root, too. -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ The last N passwords for each -+ user are saved. -+ The default is 10. Value of -+ 0 makes the module to keep the existing -+ contents of the opasswd file unchanged. -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ Prompt user at most N times -+ before returning with error. The default is 1. -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ Store password history in file -+ /path/filename rather than the default -+ location. The default location is -+ /etc/security/opasswd. -+ -+ -+ -+ -+ -+ -+ -+ EXAMPLES -+ -+ /etc/security/pwhistory.conf file example: -+ -+ -+debug -+remember=5 -+file=/tmp/opasswd -+ -+ -+ -+ -+ FILES -+ -+ -+ /etc/security/pwhistory.conf -+ -+ the config file for custom options -+ -+ -+ -+ -+ -+ -+ SEE ALSO -+ -+ -+ pwhistory8 -+ , -+ -+ pam_pwhistory8 -+ , -+ -+ pam.conf5 -+ , -+ -+ pam.d5 -+ , -+ -+ pam8 -+ -+ -+ -+ -+ -+ AUTHOR -+ -+ pam_pwhistory was written by Thorsten Kukuk. The support for -+ pwhistory.conf was written by Iker Pedrosa. -+ -+ -+ -+ -diff -up Linux-PAM-1.5.2/modules/pam_pwhistory/pwhistory_config.c.pwhistory-config Linux-PAM-1.5.2/modules/pam_pwhistory/pwhistory_config.c ---- Linux-PAM-1.5.2/modules/pam_pwhistory/pwhistory_config.c.pwhistory-config 2022-07-18 11:31:50.774295494 +0200 -+++ Linux-PAM-1.5.2/modules/pam_pwhistory/pwhistory_config.c 2022-07-18 11:31:50.774295494 +0200 -@@ -0,0 +1,115 @@ -+/* -+ * Copyright (c) 2022 Iker Pedrosa -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, and the entire permission notice in its entirety, -+ * including the disclaimer of warranties. -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in the -+ * documentation and/or other materials provided with the distribution. -+ * 3. The name of the author may not be used to endorse or promote -+ * products derived from this software without specific prior -+ * written permission. -+ * -+ * ALTERNATIVELY, this product may be distributed under the terms of -+ * the GNU Public License, in which case the provisions of the GPL are -+ * required INSTEAD OF the above restrictions. (This clause is -+ * necessary due to a potential bad interaction between the GPL and -+ * the restrictions contained in a BSD-style copyright.) -+ * -+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED -+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, -+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR -+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -+ * OF THE POSSIBILITY OF SUCH DAMAGE. -+ */ -+ -+#include "config.h" -+ -+#include -+#include -+#include -+#include -+ -+#include -+ -+#include "pam_inline.h" -+#include "pwhistory_config.h" -+ -+#define PWHISTORY_DEFAULT_CONF "/etc/security/pwhistory.conf" -+ -+void -+parse_config_file(pam_handle_t *pamh, int argc, const char **argv, -+ struct options_t *options) -+{ -+ const char *fname = NULL; -+ int i; -+ char *val; -+ -+ for (i = 0; i < argc; ++i) { -+ const char *str = pam_str_skip_prefix(argv[i], "conf="); -+ -+ if (str != NULL) { -+ fname = str; -+ } -+ } -+ -+ if (fname == NULL) { -+ fname = PWHISTORY_DEFAULT_CONF; -+ } -+ -+ val = pam_modutil_search_key (pamh, fname, "debug"); -+ if (val != NULL) { -+ options->debug = 1; -+ free(val); -+ } -+ -+ val = pam_modutil_search_key (pamh, fname, "enforce_for_root"); -+ if (val != NULL) { -+ options->enforce_for_root = 1; -+ free(val); -+ } -+ -+ val = pam_modutil_search_key (pamh, fname, "remember"); -+ if (val != NULL) { -+ unsigned int temp; -+ if (sscanf(val, "%u", &temp) != 1) { -+ pam_syslog(pamh, LOG_ERR, -+ "Bad number supplied for remember argument"); -+ } else { -+ options->remember = temp; -+ } -+ free(val); -+ } -+ -+ val = pam_modutil_search_key (pamh, fname, "retry"); -+ if (val != NULL) { -+ unsigned int temp; -+ if (sscanf(val, "%u", &temp) != 1) { -+ pam_syslog(pamh, LOG_ERR, -+ "Bad number supplied for retry argument"); -+ } else { -+ options->tries = temp; -+ } -+ free(val); -+ } -+ -+ val = pam_modutil_search_key (pamh, fname, "file"); -+ if (val != NULL) { -+ if (*val != '/') { -+ pam_syslog (pamh, LOG_ERR, -+ "File path should be absolute: %s", val); -+ } else { -+ options->filename = val; -+ } -+ } -+} -diff -up Linux-PAM-1.5.2/modules/pam_pwhistory/pwhistory_config.h.pwhistory-config Linux-PAM-1.5.2/modules/pam_pwhistory/pwhistory_config.h ---- Linux-PAM-1.5.2/modules/pam_pwhistory/pwhistory_config.h.pwhistory-config 2022-07-18 11:31:50.774295494 +0200 -+++ Linux-PAM-1.5.2/modules/pam_pwhistory/pwhistory_config.h 2022-07-18 11:31:50.774295494 +0200 -@@ -0,0 +1,54 @@ -+/* -+ * Copyright (c) 2022 Iker Pedrosa -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, and the entire permission notice in its entirety, -+ * including the disclaimer of warranties. -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in the -+ * documentation and/or other materials provided with the distribution. -+ * 3. The name of the author may not be used to endorse or promote -+ * products derived from this software without specific prior -+ * written permission. -+ * -+ * ALTERNATIVELY, this product may be distributed under the terms of -+ * the GNU Public License, in which case the provisions of the GPL are -+ * required INSTEAD OF the above restrictions. (This clause is -+ * necessary due to a potential bad interaction between the GPL and -+ * the restrictions contained in a BSD-style copyright.) -+ * -+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED -+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, -+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR -+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -+ * OF THE POSSIBILITY OF SUCH DAMAGE. -+ */ -+ -+#ifndef _PWHISTORY_CONFIG_H -+#define _PWHISTORY_CONFIG_H -+ -+#include -+ -+struct options_t { -+ int debug; -+ int enforce_for_root; -+ int remember; -+ int tries; -+ const char *filename; -+}; -+typedef struct options_t options_t; -+ -+void -+parse_config_file(pam_handle_t *pamh, int argc, const char **argv, -+ struct options_t *options); -+ -+#endif /* _PWHISTORY_CONFIG_H */ -diff -up Linux-PAM-1.5.2/modules/pam_pwhistory/pwhistory.conf.pwhistory-config Linux-PAM-1.5.2/modules/pam_pwhistory/pwhistory.conf ---- Linux-PAM-1.5.2/modules/pam_pwhistory/pwhistory.conf.pwhistory-config 2022-07-18 11:31:50.774295494 +0200 -+++ Linux-PAM-1.5.2/modules/pam_pwhistory/pwhistory.conf 2022-07-18 11:31:50.774295494 +0200 -@@ -0,0 +1,21 @@ -+# Configuration for remembering the last passwords used by a user. -+# -+# Enable the debugging logs. -+# Enabled if option is present. -+# debug -+# -+# root account's passwords are also remembered. -+# Enabled if option is present. -+# enforce_for_root -+# -+# Number of passwords to remember. -+# The default is 10. -+# remember = 10 -+# -+# Number of times to prompt for the password. -+# The default is 1. -+# retry = 1 -+# -+# The directory where the last passwords are kept. -+# The default is /etc/security/opasswd. -+# file = /etc/security/opasswd diff --git a/pam.spec b/pam.spec index 00dba7e..3526b2f 100644 --- a/pam.spec +++ b/pam.spec @@ -25,8 +25,6 @@ Source18: https://www.gnu.org/licenses/old-licenses/gpl-2.0.txt Patch1: pam-1.5.2-redhat-modules.patch Patch2: pam-1.5.0-noflex.patch Patch3: pam-1.3.0-unix-nomsg.patch -Patch4: pam-1.5.2-pwhistory-config.patch -Patch5: pam-1.5.2-configure-c99.patch %{load:%{SOURCE3}} @@ -120,8 +118,6 @@ cp %{SOURCE18} . %patch -P 1 -p1 -b .redhat-modules %patch -P 2 -p1 -b .noflex %patch -P 3 -p1 -b .nomsg -%patch -P 4 -p1 -b .pwhistory-config -%patch -P 5 -p1 -b .configure-c99 autoreconf -i @@ -360,6 +356,8 @@ done * Fri May 19 2023 Björn Esser - 1.5.3-1 - Rebase to release 1.5.3 Resolves: #2196709 +- Drop pam-1.5.2-pwhistory-config.patch and pam-1.5.2-configure-c99.patch, + as those patches are implemented upstream * Tue Apr 25 2023 Björn Esser - 1.5.2-19 - Replace deprecated '%%patchN' with '%%patch -P N'