From 6ccbfce566623497a69d226ed595c326941fa41c Mon Sep 17 00:00:00 2001 From: Tomas Mraz Date: Fri, 15 May 2015 16:39:21 +0200 Subject: [PATCH] Minor security and bugfix updates - fix CVE-2014-2583: potential path traversal issue in pam_timestamp - fix CVE-2013-7041: use case sensitive comparison in pam_userdb - be tolerant to corrupted opasswd file --- pam-1.1.6-std-noclose.patch | 146 -- pam-1.1.7-tty-audit-init.patch | 48 - pam-1.1.8-audit-grantor.patch | 435 ----- pam-1.1.8-canonicalize-username.patch | 21 - pam-1.1.8-cve-2013-7041.patch | 52 - pam-1.1.8-cve-2014-2583.patch | 56 - pam-1.1.8-lastlog-uninitialized.patch | 37 - pam-1.1.8-limits-check-process.patch | 41 - pam-1.1.8-limits-docfix.patch | 54 - pam-1.1.8-loginuid-container.patch | 151 -- pam-1.1.8-man-dbsuffix.patch | 22 - pam-1.1.8-opasswd-tolerant.patch | 50 - pam-1.1.8-translation-updates.patch | 1519 ----------------- ...faillock.patch => pam-1.2.0-faillock.patch | 74 +- ...es.patch => pam-1.2.0-redhat-modules.patch | 30 +- ....patch => pam-1.2.0-unix-no-fallback.patch | 36 +- ...e-links.patch => pam-1.2.0-use-links.patch | 8 +- pam.spec | 49 +- sources | 2 +- 19 files changed, 91 insertions(+), 2740 deletions(-) delete mode 100644 pam-1.1.6-std-noclose.patch delete mode 100644 pam-1.1.7-tty-audit-init.patch delete mode 100644 pam-1.1.8-audit-grantor.patch delete mode 100644 pam-1.1.8-canonicalize-username.patch delete mode 100644 pam-1.1.8-cve-2013-7041.patch delete mode 100644 pam-1.1.8-cve-2014-2583.patch delete mode 100644 pam-1.1.8-lastlog-uninitialized.patch delete mode 100644 pam-1.1.8-limits-check-process.patch delete mode 100644 pam-1.1.8-limits-docfix.patch delete mode 100644 pam-1.1.8-loginuid-container.patch delete mode 100644 pam-1.1.8-man-dbsuffix.patch delete mode 100644 pam-1.1.8-opasswd-tolerant.patch delete mode 100644 pam-1.1.8-translation-updates.patch rename pam-1.1.1-faillock.patch => pam-1.2.0-faillock.patch (93%) rename pam-1.0.90-redhat-modules.patch => pam-1.2.0-redhat-modules.patch (54%) rename pam-1.1.5-unix-no-fallback.patch => pam-1.2.0-unix-no-fallback.patch (67%) rename pam-1.1.6-use-links.patch => pam-1.2.0-use-links.patch (59%) diff --git a/pam-1.1.6-std-noclose.patch b/pam-1.1.6-std-noclose.patch deleted file mode 100644 index 2c1331b..0000000 --- a/pam-1.1.6-std-noclose.patch +++ /dev/null @@ -1,146 +0,0 @@ -diff -up Linux-PAM-1.1.6/modules/pam_mkhomedir/pam_mkhomedir.c.std-noclose Linux-PAM-1.1.6/modules/pam_mkhomedir/pam_mkhomedir.c ---- Linux-PAM-1.1.6/modules/pam_mkhomedir/pam_mkhomedir.c.std-noclose 2012-08-15 13:08:43.000000000 +0200 -+++ Linux-PAM-1.1.6/modules/pam_mkhomedir/pam_mkhomedir.c 2013-04-24 13:11:14.768817086 +0200 -@@ -35,6 +35,7 @@ - #include - #include - #include -+#include - #include - #include - #include -@@ -133,13 +134,21 @@ create_homedir (pam_handle_t *pamh, opti - if (child == 0) { - int i; - struct rlimit rlim; -+ int dummyfds[2]; - static char *envp[] = { NULL }; - char *args[] = { NULL, NULL, NULL, NULL, NULL }; - -+ /* replace std file descriptors with a dummy pipe */ -+ if (pipe2(dummyfds, O_NONBLOCK) == 0) { -+ dup2(dummyfds[0], STDIN_FILENO); -+ dup2(dummyfds[1], STDOUT_FILENO); -+ dup2(dummyfds[1], STDERR_FILENO); -+ } -+ - if (getrlimit(RLIMIT_NOFILE, &rlim)==0) { - if (rlim.rlim_max >= MAX_FD_NO) - rlim.rlim_max = MAX_FD_NO; -- for (i=0; i < (int)rlim.rlim_max; i++) { -+ for (i = STDERR_FILENO + 1; i < (int)rlim.rlim_max; i++) { - close(i); - } - } -diff -up Linux-PAM-1.1.6/modules/pam_unix/pam_unix_acct.c.std-noclose Linux-PAM-1.1.6/modules/pam_unix/pam_unix_acct.c ---- Linux-PAM-1.1.6/modules/pam_unix/pam_unix_acct.c.std-noclose 2012-08-15 13:08:43.000000000 +0200 -+++ Linux-PAM-1.1.6/modules/pam_unix/pam_unix_acct.c 2013-04-24 13:12:17.105990961 +0200 -@@ -39,6 +39,7 @@ - #include - #include - #include -+#include - #include - #include - #include -@@ -100,21 +101,26 @@ int _unix_run_verify_binary(pam_handle_t - if (child == 0) { - int i=0; - struct rlimit rlim; -+ int dummyfds[2]; - static char *envp[] = { NULL }; - char *args[] = { NULL, NULL, NULL, NULL }; - - /* reopen stdout as pipe */ - dup2(fds[1], STDOUT_FILENO); - -+ /* replace std file descriptors with a dummy pipe */ -+ if (pipe2(dummyfds, O_NONBLOCK) == 0) { -+ dup2(dummyfds[0], STDIN_FILENO); -+ dup2(dummyfds[1], STDERR_FILENO); -+ } -+ - /* XXX - should really tidy up PAM here too */ - - if (getrlimit(RLIMIT_NOFILE,&rlim)==0) { - if (rlim.rlim_max >= MAX_FD_NO) - rlim.rlim_max = MAX_FD_NO; -- for (i=0; i < (int)rlim.rlim_max; i++) { -- if (i != STDOUT_FILENO) { -- close(i); -- } -+ for (i = STDERR_FILENO + 1; i < (int)rlim.rlim_max; i++) { -+ close(i); - } - } - -diff -up Linux-PAM-1.1.6/modules/pam_unix/pam_unix_passwd.c.std-noclose Linux-PAM-1.1.6/modules/pam_unix/pam_unix_passwd.c ---- Linux-PAM-1.1.6/modules/pam_unix/pam_unix_passwd.c.std-noclose 2012-08-15 13:08:43.000000000 +0200 -+++ Linux-PAM-1.1.6/modules/pam_unix/pam_unix_passwd.c 2013-04-23 17:13:49.047499806 +0200 -@@ -202,6 +202,7 @@ static int _unix_run_update_binary(pam_h - if (child == 0) { - int i=0; - struct rlimit rlim; -+ int dummyfds[2]; - static char *envp[] = { NULL }; - char *args[] = { NULL, NULL, NULL, NULL, NULL, NULL }; - char buffer[16]; -@@ -211,11 +212,17 @@ static int _unix_run_update_binary(pam_h - /* reopen stdin as pipe */ - dup2(fds[0], STDIN_FILENO); - -+ /* replace std file descriptors with a dummy pipe */ -+ if (pipe2(dummyfds, O_NONBLOCK) == 0) { -+ dup2(dummyfds[1], STDOUT_FILENO); -+ dup2(dummyfds[1], STDERR_FILENO); -+ } -+ - if (getrlimit(RLIMIT_NOFILE,&rlim)==0) { - if (rlim.rlim_max >= MAX_FD_NO) - rlim.rlim_max = MAX_FD_NO; -- for (i=0; i < (int)rlim.rlim_max; i++) { -- if (i != STDIN_FILENO) -+ for (i = STDERR_FILENO + 1; i < (int)rlim.rlim_max; i++) { -+ if (i != dummyfds[0]) - close(i); - } - } -diff -up Linux-PAM-1.1.6/modules/pam_unix/support.c.std-noclose Linux-PAM-1.1.6/modules/pam_unix/support.c ---- Linux-PAM-1.1.6/modules/pam_unix/support.c.std-noclose 2012-08-15 13:08:43.000000000 +0200 -+++ Linux-PAM-1.1.6/modules/pam_unix/support.c 2013-04-24 13:12:42.893064361 +0200 -@@ -5,6 +5,7 @@ - #include "config.h" - - #include -+#include - #include - #include - #include -@@ -462,6 +463,7 @@ static int _unix_run_helper_binary(pam_h - if (child == 0) { - int i=0; - struct rlimit rlim; -+ int dummyfds[2]; - static char *envp[] = { NULL }; - char *args[] = { NULL, NULL, NULL, NULL }; - -@@ -470,11 +472,17 @@ static int _unix_run_helper_binary(pam_h - /* reopen stdin as pipe */ - dup2(fds[0], STDIN_FILENO); - -+ /* replace std file descriptors with a dummy pipe */ -+ if (pipe2(dummyfds, O_NONBLOCK) == 0) { -+ dup2(dummyfds[1], STDOUT_FILENO); -+ dup2(dummyfds[1], STDERR_FILENO); -+ } -+ - if (getrlimit(RLIMIT_NOFILE,&rlim)==0) { - if (rlim.rlim_max >= MAX_FD_NO) - rlim.rlim_max = MAX_FD_NO; -- for (i=0; i < (int)rlim.rlim_max; i++) { -- if (i != STDIN_FILENO) -+ for (i = STDERR_FILENO + 1; i < (int)rlim.rlim_max; i++) { -+ if (i != dummyfds[0]) - close(i); - } - } diff --git a/pam-1.1.7-tty-audit-init.patch b/pam-1.1.7-tty-audit-init.patch deleted file mode 100644 index 5ddaebb..0000000 --- a/pam-1.1.7-tty-audit-init.patch +++ /dev/null @@ -1,48 +0,0 @@ -diff -up Linux-PAM-1.1.7/modules/pam_tty_audit/pam_tty_audit.c.tty-audit-init Linux-PAM-1.1.7/modules/pam_tty_audit/pam_tty_audit.c ---- Linux-PAM-1.1.7/modules/pam_tty_audit/pam_tty_audit.c.tty-audit-init 2013-08-28 10:53:40.000000000 +0200 -+++ Linux-PAM-1.1.7/modules/pam_tty_audit/pam_tty_audit.c 2013-10-04 14:51:19.944994905 +0200 -@@ -36,6 +36,7 @@ - USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH - DAMAGE. */ - -+#include "config.h" - #include - #include - #include -@@ -108,7 +109,7 @@ nl_recv (int fd, unsigned type, void *bu - struct msghdr msg; - struct nlmsghdr nlm; - struct iovec iov[2]; -- ssize_t res; -+ ssize_t res, resdiff; - - again: - iov[0].iov_base = &nlm; -@@ -160,12 +161,17 @@ nl_recv (int fd, unsigned type, void *bu - res = recvmsg (fd, &msg, 0); - if (res == -1) - return -1; -- if ((size_t)res != NLMSG_LENGTH (size) -+ resdiff = NLMSG_LENGTH(size) - (size_t)res; -+ if (resdiff < 0 - || nlm.nlmsg_type != type) - { - errno = EIO; - return -1; - } -+ else if (resdiff > 0) -+ { -+ memset((char *)buf + size - resdiff, 0, resdiff); -+ } - return 0; - } - -@@ -275,6 +281,8 @@ pam_sm_open_session (pam_handle_t *pamh, - return PAM_SESSION_ERR; - } - -+ memcpy(&new_status, old_status, sizeof(new_status)); -+ - new_status.enabled = (command == CMD_ENABLE ? 1 : 0); - #ifdef HAVE_STRUCT_AUDIT_TTY_STATUS_LOG_PASSWD - new_status.log_passwd = log_passwd; diff --git a/pam-1.1.8-audit-grantor.patch b/pam-1.1.8-audit-grantor.patch deleted file mode 100644 index 451634b..0000000 --- a/pam-1.1.8-audit-grantor.patch +++ /dev/null @@ -1,435 +0,0 @@ -From 0d29e379601819c7f7ed8de18b54de803a9f4049 Mon Sep 17 00:00:00 2001 -From: Tomas Mraz -Date: Fri, 5 Sep 2014 09:09:37 +0200 -Subject: [PATCH] Add grantor field to audit records of libpam. - -The grantor field gives audit trail of PAM modules which granted access -for successful return from libpam calls. In case of failed return -the grantor field is set to '?'. -libpam/pam_account.c (pam_acct_mgmt): Remove _pam_auditlog() call. -libpam/pam_auth.c (pam_authenticate, pam_setcred): Likewise. -libpam/pam_password.c (pam_chauthtok): Likewise. -libpam/pam_session.c (pam_open_session, pam_close_session): Likewise. -libpam/pam_audit.c (_pam_audit_writelog): Add grantors parameter, -add grantor= field to the message if grantors is set. -(_pam_list_grantors): New function creating the string with grantors list. -(_pam_auditlog): Add struct handler pointer parameter, call _pam_list_grantors() -to list the grantors from the handler list. -(_pam_audit_end): Add NULL handler parameter to _pam_auditlog() call. -(pam_modutil_audit_write): Add NULL grantors parameter to _pam_audit_writelog(). -libpam/pam_dispatch.c (_pam_dispatch_aux): Set h->grantor where appropriate. -(_pam_clear_grantors): New function to clear grantor field of handler. -(_pam_dispatch): Call _pam_clear_grantors() before executing the stack. -Call _pam_auditlog() when appropriate. -libpam/pam_handlers.c (extract_modulename): Do not allow empty module name -or just "?" to avoid confusing audit trail. -(_pam_add_handler): Test for NULL return from extract_modulename(). -Clear grantor field of handler. -libpam/pam_private.h: Add grantor field to struct handler, add handler pointer -parameter to _pam_auditlog(). ---- - libpam/pam_account.c | 4 --- - libpam/pam_audit.c | 84 +++++++++++++++++++++++++++++++++++++++++++-------- - libpam/pam_auth.c | 8 ----- - libpam/pam_dispatch.c | 41 ++++++++++++++++++++----- - libpam/pam_handlers.c | 14 +++++++-- - libpam/pam_password.c | 4 --- - libpam/pam_private.h | 3 +- - libpam/pam_session.c | 7 ----- - 8 files changed, 119 insertions(+), 46 deletions(-) - -diff --git a/libpam/pam_account.c b/libpam/pam_account.c -index 572acc4..3a4fb1f 100644 ---- a/libpam/pam_account.c -+++ b/libpam/pam_account.c -@@ -19,9 +19,5 @@ int pam_acct_mgmt(pam_handle_t *pamh, int flags) - - retval = _pam_dispatch(pamh, flags, PAM_ACCOUNT); - --#ifdef HAVE_LIBAUDIT -- retval = _pam_auditlog(pamh, PAM_ACCOUNT, retval, flags); --#endif -- - return retval; - } -diff --git a/libpam/pam_audit.c b/libpam/pam_audit.c -index 531746a..24fb799 100644 ---- a/libpam/pam_audit.c -+++ b/libpam/pam_audit.c -@@ -6,12 +6,12 @@ - Authors: - Steve Grubb */ - --#include --#include - #include "pam_private.h" - #include "pam_modutil_private.h" - - #ifdef HAVE_LIBAUDIT -+#include -+#include - #include - #include - #include -@@ -25,17 +25,24 @@ - - static int - _pam_audit_writelog(pam_handle_t *pamh, int audit_fd, int type, -- const char *message, int retval) -+ const char *message, const char *grantors, int retval) - { - static int old_errno = -1; -- int rc; -- char buf[32]; -+ int rc = -ENOMEM; -+ char *buf; -+ const char *grantors_field = " grantors="; - -- snprintf(buf, sizeof(buf), "PAM:%s", message); -+ if (grantors == NULL) { -+ grantors = ""; -+ grantors_field = ""; -+ } - -- rc = audit_log_acct_message (audit_fd, type, NULL, buf, -- (retval != PAM_USER_UNKNOWN && pamh->user) ? pamh->user : "?", -- -1, pamh->rhost, NULL, pamh->tty, retval == PAM_SUCCESS ); -+ if (asprintf(&buf, "PAM:%s%s%s", message, grantors_field, grantors) >= 0) { -+ rc = audit_log_acct_message(audit_fd, type, NULL, buf, -+ (retval != PAM_USER_UNKNOWN && pamh->user) ? pamh->user : "?", -+ -1, pamh->rhost, NULL, pamh->tty, retval == PAM_SUCCESS); -+ free(buf); -+ } - - /* libaudit sets errno to his own negative error code. This can be - an official errno number, but must not. It can also be a audit -@@ -78,12 +85,54 @@ _pam_audit_open(pam_handle_t *pamh) - return audit_fd; - } - -+static int -+_pam_list_grantors(struct handler *hlist, int retval, char **list) -+{ -+ *list = NULL; -+ -+ if (retval == PAM_SUCCESS) { -+ struct handler *h; -+ char *p = NULL; -+ size_t len = 0; -+ -+ for (h = hlist; h != NULL; h = h->next) { -+ if (h->grantor) { -+ len += strlen(h->mod_name) + 1; -+ } -+ } -+ -+ if (len == 0) { -+ return 0; -+ } -+ -+ *list = malloc(len); -+ if (*list == NULL) { -+ return -1; -+ } -+ -+ for (h = hlist; h != NULL; h = h->next) { -+ if (h->grantor) { -+ if (p == NULL) { -+ p = *list; -+ } else { -+ p = stpcpy(p, ","); -+ } -+ -+ p = stpcpy(p, h->mod_name); -+ } -+ } -+ } -+ -+ return 0; -+} -+ - int --_pam_auditlog(pam_handle_t *pamh, int action, int retval, int flags) -+_pam_auditlog(pam_handle_t *pamh, int action, int retval, int flags, struct handler *h) - { - const char *message; - int type; - int audit_fd; -+ char *grantors; - - if ((audit_fd=_pam_audit_open(pamh)) == -1) { - return PAM_SYSTEM_ERR; -@@ -134,8 +183,17 @@ _pam_auditlog(pam_handle_t *pamh, int action, int retval, int flags) - retval = PAM_SYSTEM_ERR; - } - -- if (_pam_audit_writelog(pamh, audit_fd, type, message, retval) < 0) -+ if (_pam_list_grantors(h, retval, &grantors) < 0) { -+ /* allocation failure */ -+ pam_syslog(pamh, LOG_CRIT, "_pam_list_grantors() failed: %m"); - retval = PAM_SYSTEM_ERR; -+ } -+ -+ if (_pam_audit_writelog(pamh, audit_fd, type, message, -+ grantors ? grantors : "?", retval) < 0) -+ retval = PAM_SYSTEM_ERR; -+ -+ free(grantors); - - audit_close(audit_fd); - return retval; -@@ -149,7 +207,7 @@ _pam_audit_end(pam_handle_t *pamh, int status UNUSED) - * stacks having been run. Assume that this is sshd faking - * things for an unknown user. - */ -- _pam_auditlog(pamh, _PAM_ACTION_DONE, PAM_USER_UNKNOWN, 0); -+ _pam_auditlog(pamh, _PAM_ACTION_DONE, PAM_USER_UNKNOWN, 0, NULL); - } - - return 0; -@@ -168,7 +226,7 @@ pam_modutil_audit_write(pam_handle_t *pamh, int type, - return retval; - } - -- rc = _pam_audit_writelog(pamh, audit_fd, type, message, retval); -+ rc = _pam_audit_writelog(pamh, audit_fd, type, message, NULL, retval); - - audit_close(audit_fd); - -diff --git a/libpam/pam_auth.c b/libpam/pam_auth.c -index 5984fa5..1e7bc6e 100644 ---- a/libpam/pam_auth.c -+++ b/libpam/pam_auth.c -@@ -45,10 +45,6 @@ int pam_authenticate(pam_handle_t *pamh, int flags) - prelude_send_alert(pamh, retval); - #endif - --#ifdef HAVE_LIBAUDIT -- retval = _pam_auditlog(pamh, PAM_AUTHENTICATE, retval, flags); --#endif -- - return retval; - } - -@@ -71,10 +67,6 @@ int pam_setcred(pam_handle_t *pamh, int flags) - - retval = _pam_dispatch(pamh, flags, PAM_SETCRED); - --#ifdef HAVE_LIBAUDIT -- retval = _pam_auditlog(pamh, PAM_SETCRED, retval, flags); --#endif -- - D(("pam_setcred exit")); - - return retval; -diff --git a/libpam/pam_dispatch.c b/libpam/pam_dispatch.c -index eb52c82..cf632e8 100644 ---- a/libpam/pam_dispatch.c -+++ b/libpam/pam_dispatch.c -@@ -217,8 +217,14 @@ static int _pam_dispatch_aux(pam_handle_t *pamh, int flags, struct handler *h, - status = retval; - } - } -- if ( impression == _PAM_POSITIVE && action == _PAM_ACTION_DONE ) { -- goto decision_made; -+ if ( impression == _PAM_POSITIVE ) { -+ if ( retval == PAM_SUCCESS ) { -+ h->grantor = 1; -+ } -+ -+ if ( action == _PAM_ACTION_DONE ) { -+ goto decision_made; -+ } - } - break; - -@@ -262,6 +268,9 @@ static int _pam_dispatch_aux(pam_handle_t *pamh, int flags, struct handler *h, - || (impression == _PAM_POSITIVE - && status == PAM_SUCCESS) ) { - if ( retval != PAM_IGNORE || cached_retval == retval ) { -+ if ( impression == _PAM_UNDEF && retval == PAM_SUCCESS ) { -+ h->grantor = 1; -+ } - impression = _PAM_POSITIVE; - status = retval; - } -@@ -308,6 +317,13 @@ decision_made: /* by getting here we have made a decision */ - return status; - } - -+static void _pam_clear_grantors(struct handler *h) -+{ -+ for (; h != NULL; h = h->next) { -+ h->grantor = 0; -+ } -+} -+ - /* - * This function translates the module dispatch request into a pointer - * to the stack of modules that will actually be run. the -@@ -318,21 +334,21 @@ decision_made: /* by getting here we have made a decision */ - int _pam_dispatch(pam_handle_t *pamh, int flags, int choice) - { - struct handler *h = NULL; -- int retval, use_cached_chain; -+ int retval = PAM_SYSTEM_ERR, use_cached_chain; - _pam_boolean resumed; - - IF_NO_PAMH("_pam_dispatch", pamh, PAM_SYSTEM_ERR); - - if (__PAM_FROM_MODULE(pamh)) { - D(("called from a module!?")); -- return PAM_SYSTEM_ERR; -+ goto end; - } - - /* Load all modules, resolve all symbols */ - - if ((retval = _pam_init_handlers(pamh)) != PAM_SUCCESS) { - pam_syslog(pamh, LOG_ERR, "unable to dispatch function"); -- return retval; -+ goto end; - } - - use_cached_chain = _PAM_PLEASE_FREEZE; -@@ -360,7 +376,8 @@ int _pam_dispatch(pam_handle_t *pamh, int flags, int choice) - break; - default: - pam_syslog(pamh, LOG_ERR, "undefined fn choice; %d", choice); -- return PAM_ABORT; -+ retval = PAM_ABORT; -+ goto end; - } - - if (h == NULL) { /* there was no handlers.conf... entry; will use -@@ -393,11 +410,13 @@ int _pam_dispatch(pam_handle_t *pamh, int flags, int choice) - pam_syslog(pamh, LOG_ERR, - "application failed to re-exec stack [%d:%d]", - pamh->former.choice, choice); -- return PAM_ABORT; -+ retval = PAM_ABORT; -+ goto end; - } - resumed = PAM_TRUE; - } else { - resumed = PAM_FALSE; -+ _pam_clear_grantors(h); - } - - __PAM_TO_MODULE(pamh); -@@ -417,5 +436,13 @@ int _pam_dispatch(pam_handle_t *pamh, int flags, int choice) - pamh->former.choice = PAM_NOT_STACKED; - } - -+end: -+ -+#ifdef HAVE_LIBAUDIT -+ if (choice != PAM_CHAUTHTOK || flags & PAM_UPDATE_AUTHTOK || retval != PAM_SUCCESS) { -+ retval = _pam_auditlog(pamh, choice, retval, flags, h); -+ } -+#endif -+ - return retval; - } -diff --git a/libpam/pam_handlers.c b/libpam/pam_handlers.c -index 02714f7..df3a1d9 100644 ---- a/libpam/pam_handlers.c -+++ b/libpam/pam_handlers.c -@@ -611,6 +611,12 @@ extract_modulename(const char *mod_path) - if (dot) - *dot = '\0'; - -+ if (*retval == '\0' || strcmp(retval, "?") == 0) { -+ /* do not allow empty module name or "?" to avoid confusing audit trail */ -+ _pam_drop(retval); -+ return NULL; -+ } -+ - return retval; - } - -@@ -888,7 +894,9 @@ int _pam_add_handler(pam_handle_t *pamh - (*handler_p)->cached_retval_p = &((*handler_p)->cached_retval); - (*handler_p)->argc = argc; - (*handler_p)->argv = argv; /* not a copy */ -- (*handler_p)->mod_name = extract_modulename(mod_path); -+ if (((*handler_p)->mod_name = extract_modulename(mod_path)) == NULL) -+ return PAM_ABORT; -+ (*handler_p)->grantor = 0; - (*handler_p)->next = NULL; - - /* some of the modules have a second calling function */ -@@ -920,7 +928,9 @@ int _pam_add_handler(pam_handle_t *pamh - } else { - (*handler_p2)->argv = NULL; /* no arguments */ - } -- (*handler_p2)->mod_name = extract_modulename(mod_path); -+ if (((*handler_p2)->mod_name = extract_modulename(mod_path)) == NULL) -+ return PAM_ABORT; -+ (*handler_p2)->grantor = 0; - (*handler_p2)->next = NULL; - } - -diff --git a/libpam/pam_password.c b/libpam/pam_password.c -index 75db5e5..592e01f 100644 ---- a/libpam/pam_password.c -+++ b/libpam/pam_password.c -@@ -57,9 +57,5 @@ int pam_chauthtok(pam_handle_t *pamh, int flags) - D(("will resume when ready", retval)); - } - --#ifdef HAVE_LIBAUDIT -- retval = _pam_auditlog(pamh, PAM_CHAUTHTOK, retval, flags); --#endif -- - return retval; - } -diff --git a/libpam/pam_private.h b/libpam/pam_private.h -index 134dc72..d93283c 100644 ---- a/libpam/pam_private.h -+++ b/libpam/pam_private.h -@@ -55,6 +55,7 @@ struct handler { - struct handler *next; - char *mod_name; - int stack_level; -+ int grantor; - }; - - #define PAM_HT_MODULE 0 -@@ -316,7 +317,7 @@ if ((pamh) == NULL) { \ - do { (pamh)->caller_is = _PAM_CALLED_FROM_APP; } while (0) - - #ifdef HAVE_LIBAUDIT --extern int _pam_auditlog(pam_handle_t *pamh, int action, int retval, int flags); -+extern int _pam_auditlog(pam_handle_t *pamh, int action, int retval, int flags, struct handler *h); - extern int _pam_audit_end(pam_handle_t *pamh, int pam_status); - #endif - -diff --git a/libpam/pam_session.c b/libpam/pam_session.c -index 512153f..cb393c1 100644 ---- a/libpam/pam_session.c -+++ b/libpam/pam_session.c -@@ -22,9 +22,6 @@ int pam_open_session(pam_handle_t *pamh, int flags) - } - retval = _pam_dispatch(pamh, flags, PAM_OPEN_SESSION); - --#ifdef HAVE_LIBAUDIT -- retval = _pam_auditlog(pamh, PAM_OPEN_SESSION, retval, flags); --#endif - return retval; - } - -@@ -43,10 +40,6 @@ int pam_close_session(pam_handle_t *pamh, int flags) - - retval = _pam_dispatch(pamh, flags, PAM_CLOSE_SESSION); - --#ifdef HAVE_LIBAUDIT -- retval = _pam_auditlog(pamh, PAM_CLOSE_SESSION, retval, flags); --#endif -- - return retval; - - } --- -1.8.3.1 - diff --git a/pam-1.1.8-canonicalize-username.patch b/pam-1.1.8-canonicalize-username.patch deleted file mode 100644 index a3786be..0000000 --- a/pam-1.1.8-canonicalize-username.patch +++ /dev/null @@ -1,21 +0,0 @@ -diff -up Linux-PAM-1.1.8/modules/pam_selinux/pam_selinux.c.canonicalize Linux-PAM-1.1.8/modules/pam_selinux/pam_selinux.c ---- Linux-PAM-1.1.8/modules/pam_selinux/pam_selinux.c.canonicalize 2013-06-18 16:11:21.000000000 +0200 -+++ Linux-PAM-1.1.8/modules/pam_selinux/pam_selinux.c 2014-03-06 12:03:54.429639972 +0100 -@@ -491,12 +491,17 @@ compute_exec_context(pam_handle_t *pamh, - char *level = NULL; - security_context_t *contextlist = NULL; - int num_contexts = 0; -+ const struct passwd *pwd; - - if (!(username = get_item(pamh, PAM_USER))) { - pam_syslog(pamh, LOG_ERR, "Cannot obtain the user name"); - return PAM_USER_UNKNOWN; - } - -+ if ((pwd = pam_modutil_getpwnam(pamh, username)) != NULL) { -+ username = pwd->pw_name; -+ } /* ignore error and keep using original username */ -+ - /* compute execute context */ - #ifdef HAVE_GETSEUSER - if (!(service = get_item(pamh, PAM_SERVICE))) { diff --git a/pam-1.1.8-cve-2013-7041.patch b/pam-1.1.8-cve-2013-7041.patch deleted file mode 100644 index 96fa916..0000000 --- a/pam-1.1.8-cve-2013-7041.patch +++ /dev/null @@ -1,52 +0,0 @@ -From 57a1e2b274d0a6376d92ada9926e5c5741e7da20 Mon Sep 17 00:00:00 2001 -From: "Dmitry V. Levin" -Date: Fri, 24 Jan 2014 22:18:32 +0000 -Subject: [PATCH] pam_userdb: fix password hash comparison - -Starting with commit Linux-PAM-0-77-28-g0b3e583 that introduced hashed -passwords support in pam_userdb, hashes are compared case-insensitively. -This bug leads to accepting hashes for completely different passwords in -addition to those that should be accepted. - -Additionally, commit Linux-PAM-1_1_6-13-ge2a8187 that added support for -modern password hashes with different lengths and settings, did not -update the hash comparison accordingly, which leads to accepting -computed hashes longer than stored hashes when the latter is a prefix -of the former. - -* modules/pam_userdb/pam_userdb.c (user_lookup): Reject the computed -hash whose length differs from the stored hash length. -Compare computed and stored hashes case-sensitively. -Fixes CVE-2013-7041. - -Bug-Debian: http://bugs.debian.org/731368 ---- - modules/pam_userdb/pam_userdb.c | 9 ++++++--- - 1 file changed, 6 insertions(+), 3 deletions(-) - -diff --git a/modules/pam_userdb/pam_userdb.c b/modules/pam_userdb/pam_userdb.c -index de8b5b1..ff040e6 100644 ---- a/modules/pam_userdb/pam_userdb.c -+++ b/modules/pam_userdb/pam_userdb.c -@@ -222,12 +222,15 @@ user_lookup (pam_handle_t *pamh, const char *database, const char *cryptmode, - } else { - cryptpw = crypt (pass, data.dptr); - -- if (cryptpw) { -- compare = strncasecmp (data.dptr, cryptpw, data.dsize); -+ if (cryptpw && strlen(cryptpw) == (size_t)data.dsize) { -+ compare = memcmp(data.dptr, cryptpw, data.dsize); - } else { - compare = -2; - if (ctrl & PAM_DEBUG_ARG) { -- pam_syslog(pamh, LOG_INFO, "crypt() returned NULL"); -+ if (cryptpw) -+ pam_syslog(pamh, LOG_INFO, "lengths of computed and stored hashes differ"); -+ else -+ pam_syslog(pamh, LOG_INFO, "crypt() returned NULL"); - } - }; - --- -1.8.3.1 - diff --git a/pam-1.1.8-cve-2014-2583.patch b/pam-1.1.8-cve-2014-2583.patch deleted file mode 100644 index f2aa2de..0000000 --- a/pam-1.1.8-cve-2014-2583.patch +++ /dev/null @@ -1,56 +0,0 @@ -From 9dcead87e6d7f66d34e7a56d11a30daca367dffb Mon Sep 17 00:00:00 2001 -From: "Dmitry V. Levin" -Date: Wed, 26 Mar 2014 22:17:23 +0000 -Subject: [PATCH] pam_timestamp: fix potential directory traversal issue - (ticket #27) - -pam_timestamp uses values of PAM_RUSER and PAM_TTY as components of -the timestamp pathname it creates, so extra care should be taken to -avoid potential directory traversal issues. - -* modules/pam_timestamp/pam_timestamp.c (check_tty): Treat -"." and ".." tty values as invalid. -(get_ruser): Treat "." and ".." ruser values, as well as any ruser -value containing '/', as invalid. - -Fixes CVE-2014-2583. - -Reported-by: Sebastian Krahmer ---- - modules/pam_timestamp/pam_timestamp.c | 13 ++++++++++++- - 1 file changed, 12 insertions(+), 1 deletion(-) - -diff --git a/modules/pam_timestamp/pam_timestamp.c b/modules/pam_timestamp/pam_timestamp.c -index 5193733..b3f08b1 100644 ---- a/modules/pam_timestamp/pam_timestamp.c -+++ b/modules/pam_timestamp/pam_timestamp.c -@@ -158,7 +158,7 @@ check_tty(const char *tty) - tty = strrchr(tty, '/') + 1; - } - /* Make sure the tty wasn't actually a directory (no basename). */ -- if (strlen(tty) == 0) { -+ if (!strlen(tty) || !strcmp(tty, ".") || !strcmp(tty, "..")) { - return NULL; - } - return tty; -@@ -243,6 +243,17 @@ get_ruser(pam_handle_t *pamh, char *ruserbuf, size_t ruserbuflen) - if (pwd != NULL) { - ruser = pwd->pw_name; - } -+ } else { -+ /* -+ * This ruser is used by format_timestamp_name as a component -+ * of constructed timestamp pathname, so ".", "..", and '/' -+ * are disallowed to avoid potential path traversal issues. -+ */ -+ if (!strcmp(ruser, ".") || -+ !strcmp(ruser, "..") || -+ strchr(ruser, '/')) { -+ ruser = NULL; -+ } - } - if (ruser == NULL || strlen(ruser) >= ruserbuflen) { - *ruserbuf = '\0'; --- -1.8.3.1 - diff --git a/pam-1.1.8-lastlog-uninitialized.patch b/pam-1.1.8-lastlog-uninitialized.patch deleted file mode 100644 index 8c545d9..0000000 --- a/pam-1.1.8-lastlog-uninitialized.patch +++ /dev/null @@ -1,37 +0,0 @@ -diff -up Linux-PAM-1.1.8/modules/pam_lastlog/pam_lastlog.c.uninitialized Linux-PAM-1.1.8/modules/pam_lastlog/pam_lastlog.c ---- Linux-PAM-1.1.8/modules/pam_lastlog/pam_lastlog.c.uninitialized 2013-06-18 16:11:21.000000000 +0200 -+++ Linux-PAM-1.1.8/modules/pam_lastlog/pam_lastlog.c 2014-08-25 16:44:24.365174752 +0200 -@@ -350,6 +350,8 @@ last_login_write(pam_handle_t *pamh, int - return PAM_SERVICE_ERR; - } - -+ memset(&last_login, 0, sizeof(last_login)); -+ - /* set this login date */ - D(("set the most recent login time")); - (void) time(&ll_time); /* set the time */ -@@ -364,14 +366,12 @@ last_login_write(pam_handle_t *pamh, int - } - - /* copy to last_login */ -- last_login.ll_host[0] = '\0'; - strncat(last_login.ll_host, remote_host, sizeof(last_login.ll_host)-1); - - /* set the terminal line */ - terminal_line = get_tty(pamh); - - /* copy to last_login */ -- last_login.ll_line[0] = '\0'; - strncat(last_login.ll_line, terminal_line, sizeof(last_login.ll_line)-1); - terminal_line = NULL; - -@@ -628,7 +628,8 @@ pam_sm_authenticate(pam_handle_t *pamh, - lltime = (time(NULL) - lltime) / (24*60*60); - - if (lltime > inactive_days) { -- pam_syslog(pamh, LOG_INFO, "user %s inactive for %d days - denied", user, lltime); -+ pam_syslog(pamh, LOG_INFO, "user %s inactive for %ld days - denied", -+ user, (long) lltime); - return PAM_AUTH_ERR; - } - diff --git a/pam-1.1.8-limits-check-process.patch b/pam-1.1.8-limits-check-process.patch deleted file mode 100644 index f37f799..0000000 --- a/pam-1.1.8-limits-check-process.patch +++ /dev/null @@ -1,41 +0,0 @@ -diff -up Linux-PAM-1.1.8/modules/pam_limits/pam_limits.c.check-process Linux-PAM-1.1.8/modules/pam_limits/pam_limits.c ---- Linux-PAM-1.1.8/modules/pam_limits/pam_limits.c.check-process 2013-06-18 16:11:21.000000000 +0200 -+++ Linux-PAM-1.1.8/modules/pam_limits/pam_limits.c 2014-09-10 16:39:36.263256066 +0200 -@@ -27,6 +27,7 @@ - #include - #include - #include -+#include - #include - #include - #include -@@ -269,16 +270,27 @@ check_logins (pam_handle_t *pamh, const - continue; - } - if (!pl->flag_numsyslogins) { -+ char user[sizeof(ut->UT_USER) + 1]; -+ user[0] = '\0'; -+ strncat(user, ut->UT_USER, sizeof(ut->UT_USER)); -+ - if (((pl->login_limit_def == LIMITS_DEF_USER) - || (pl->login_limit_def == LIMITS_DEF_GROUP) - || (pl->login_limit_def == LIMITS_DEF_DEFAULT)) -- && strncmp(name, ut->UT_USER, sizeof(ut->UT_USER)) != 0) { -+ && strcmp(name, user) != 0) { - continue; - } - if ((pl->login_limit_def == LIMITS_DEF_ALLGROUP) -- && !pam_modutil_user_in_group_nam_nam(pamh, ut->UT_USER, pl->login_group)) { -+ && !pam_modutil_user_in_group_nam_nam(pamh, user, pl->login_group)) { - continue; - } -+ if (kill(ut->ut_pid, 0) == -1 && errno == ESRCH) { -+ /* process does not exist anymore */ -+ pam_syslog(pamh, LOG_WARNING, -+ "Stale utmp entry (pid %d) for '%s' ignored", -+ ut->ut_pid, user); -+ continue; -+ } - } - if (++count > limit) { - break; diff --git a/pam-1.1.8-limits-docfix.patch b/pam-1.1.8-limits-docfix.patch deleted file mode 100644 index 37703e3..0000000 --- a/pam-1.1.8-limits-docfix.patch +++ /dev/null @@ -1,54 +0,0 @@ -diff -up Linux-PAM-1.1.8/modules/pam_limits/limits.conf.docfix Linux-PAM-1.1.8/modules/pam_limits/limits.conf ---- Linux-PAM-1.1.8/modules/pam_limits/limits.conf.docfix 2014-07-14 14:58:05.000000000 +0200 -+++ Linux-PAM-1.1.8/modules/pam_limits/limits.conf 2014-09-10 16:42:51.254747161 +0200 -@@ -32,7 +32,7 @@ - # - data - max data size (KB) - # - fsize - maximum filesize (KB) - # - memlock - max locked-in-memory address space (KB) --# - nofile - max number of open files -+# - nofile - max number of open file descriptors - # - rss - max resident set size (KB) - # - stack - max stack size (KB) - # - cpu - max CPU time (MIN) -diff -up Linux-PAM-1.1.8/modules/pam_limits/limits.conf.5.xml.docfix Linux-PAM-1.1.8/modules/pam_limits/limits.conf.5.xml ---- Linux-PAM-1.1.8/modules/pam_limits/limits.conf.5.xml.docfix 2013-06-18 16:11:21.000000000 +0200 -+++ Linux-PAM-1.1.8/modules/pam_limits/limits.conf.5.xml 2014-09-10 16:44:01.624367933 +0200 -@@ -178,7 +178,7 @@ - - - -- maximum number of open files -+ maximum number of open file descriptors - - - -@@ -214,14 +214,17 @@ - - - -- maximum number of logins for this user except -- for this with uid=0 -+ maximum number of logins for this user (this limit does -+ not apply to user with uid=0) - - - - - -- maximum number of all logins on system -+ maximum number of all logins on system; user is not -+ allowed to log-in if total number of all users' logins is -+ greater than specified number (this limit does not apply to -+ user with uid=0) - - - -@@ -292,7 +295,7 @@ - permanent; existing only for the duration of the session. - One exception is the maxlogin option, this one - is system wide. But there is a race, concurrent logins at the same -- time will not always be detect as such but only counted as one. -+ time will not always be detected as such but only counted as one. - - - In the limits configuration file, the diff --git a/pam-1.1.8-loginuid-container.patch b/pam-1.1.8-loginuid-container.patch deleted file mode 100644 index 278829a..0000000 --- a/pam-1.1.8-loginuid-container.patch +++ /dev/null @@ -1,151 +0,0 @@ -diff -up Linux-PAM-1.1.8/modules/pam_loginuid/pam_loginuid.c.container Linux-PAM-1.1.8/modules/pam_loginuid/pam_loginuid.c ---- Linux-PAM-1.1.8/modules/pam_loginuid/pam_loginuid.c.container 2013-06-18 16:11:21.000000000 +0200 -+++ Linux-PAM-1.1.8/modules/pam_loginuid/pam_loginuid.c 2014-01-27 17:24:53.000000000 +0100 -@@ -47,25 +47,56 @@ - - /* - * This function writes the loginuid to the /proc system. It returns -- * 0 on success and 1 on failure. -+ * PAM_SUCCESS on success, -+ * PAM_IGNORE when /proc/self/loginuid does not exist, -+ * PAM_SESSION_ERR in case of any other error. - */ - static int set_loginuid(pam_handle_t *pamh, uid_t uid) - { -- int fd, count, rc = 0; -- char loginuid[24]; -+ int fd, count, rc = PAM_SESSION_ERR; -+ char loginuid[24], buf[24]; -+ static const char host_uid_map[] = " 0 0 4294967295\n"; -+ char uid_map[sizeof(host_uid_map)]; -+ -+ /* loginuid in user namespaces currently isn't writable and in some -+ case, not even readable, so consider any failure as ignorable (but try -+ anyway, in case we hit a kernel which supports it). */ -+ fd = open("/proc/self/uid_map", O_RDONLY); -+ if (fd >= 0) { -+ count = pam_modutil_read(fd, uid_map, sizeof(uid_map)); -+ if (strncmp(uid_map, host_uid_map, count) != 0) -+ rc = PAM_IGNORE; -+ close(fd); -+ } - -- count = snprintf(loginuid, sizeof(loginuid), "%lu", (unsigned long)uid); -- fd = open("/proc/self/loginuid", O_NOFOLLOW|O_WRONLY|O_TRUNC); -+ fd = open("/proc/self/loginuid", O_NOFOLLOW|O_RDWR); - if (fd < 0) { -- if (errno != ENOENT) { -- rc = 1; -- pam_syslog(pamh, LOG_ERR, -- "Cannot open /proc/self/loginuid: %m"); -+ if (errno == ENOENT) { -+ rc = PAM_IGNORE; -+ } -+ if (rc != PAM_IGNORE) { -+ pam_syslog(pamh, LOG_ERR, "Cannot open %s: %m", -+ "/proc/self/loginuid"); - } - return rc; - } -- if (pam_modutil_write(fd, loginuid, count) != count) -- rc = 1; -+ -+ count = snprintf(loginuid, sizeof(loginuid), "%lu", (unsigned long)uid); -+ if (pam_modutil_read(fd, buf, sizeof(buf)) == count && -+ memcmp(buf, loginuid, count) == 0) { -+ rc = PAM_SUCCESS; -+ goto done; /* already correct */ -+ } -+ if (lseek(fd, 0, SEEK_SET) == 0 && ftruncate(fd, 0) == 0 && -+ pam_modutil_write(fd, loginuid, count) == count) { -+ rc = PAM_SUCCESS; -+ } else { -+ if (rc != PAM_IGNORE) { -+ pam_syslog(pamh, LOG_ERR, "Error writing %s: %m", -+ "/proc/self/loginuid"); -+ } -+ } -+ done: - close(fd); - return rc; - } -@@ -165,6 +196,7 @@ _pam_loginuid(pam_handle_t *pamh, int fl - { - const char *user = NULL; - struct passwd *pwd; -+ int ret; - #ifdef HAVE_LIBAUDIT - int require_auditd = 0; - #endif -@@ -183,9 +215,14 @@ _pam_loginuid(pam_handle_t *pamh, int fl - return PAM_SESSION_ERR; - } - -- if (set_loginuid(pamh, pwd->pw_uid)) { -- pam_syslog(pamh, LOG_ERR, "set_loginuid failed\n"); -- return PAM_SESSION_ERR; -+ ret = set_loginuid(pamh, pwd->pw_uid); -+ switch (ret) { -+ case PAM_SUCCESS: -+ case PAM_IGNORE: -+ break; -+ default: -+ pam_syslog(pamh, LOG_ERR, "set_loginuid failed"); -+ return ret; - } - - #ifdef HAVE_LIBAUDIT -@@ -195,11 +232,12 @@ _pam_loginuid(pam_handle_t *pamh, int fl - argv++; - } - -- if (require_auditd) -- return check_auditd(); -- else -+ if (require_auditd) { -+ int rc = check_auditd(); -+ return rc != PAM_SUCCESS ? rc : ret; -+ } else - #endif -- return PAM_SUCCESS; -+ return ret; - } - - /* -diff -up Linux-PAM-1.1.8/modules/pam_loginuid/pam_loginuid.8.xml.container Linux-PAM-1.1.8/modules/pam_loginuid/pam_loginuid.8.xml ---- Linux-PAM-1.1.8/modules/pam_loginuid/pam_loginuid.8.xml.container 2013-06-18 16:11:21.000000000 +0200 -+++ Linux-PAM-1.1.8/modules/pam_loginuid/pam_loginuid.8.xml 2014-05-22 11:33:14.000000000 +0200 -@@ -69,14 +69,31 @@ - - - -+ PAM_SUCCESS -+ -+ -+ The loginuid value is set and auditd is running if check requested. -+ -+ -+ -+ -+ PAM_IGNORE -+ -+ -+ The /proc/self/loginuid file is not present on the system or the -+ login process runs inside uid namespace and kernel does not support -+ overwriting loginuid. -+ -+ -+ -+ - PAM_SESSION_ERR - - -- An error occurred during session management. -+ Any other error prevented setting loginuid or auditd is not running. - - - -- - - - diff --git a/pam-1.1.8-man-dbsuffix.patch b/pam-1.1.8-man-dbsuffix.patch deleted file mode 100644 index be2e231..0000000 --- a/pam-1.1.8-man-dbsuffix.patch +++ /dev/null @@ -1,22 +0,0 @@ -diff -up Linux-PAM-1.1.8/modules/pam_userdb/pam_userdb.8.xml.dbsuffix Linux-PAM-1.1.8/modules/pam_userdb/pam_userdb.8.xml ---- Linux-PAM-1.1.8/modules/pam_userdb/pam_userdb.8.xml.dbsuffix 2013-06-18 16:11:21.000000000 +0200 -+++ Linux-PAM-1.1.8/modules/pam_userdb/pam_userdb.8.xml 2014-09-10 16:28:19.916678273 +0200 -@@ -89,7 +89,8 @@ - Use the /path/database database for - performing lookup. There is no default; the module will - return PAM_IGNORE if no -- database is provided. -+ database is provided. Note that the path to the database file -+ should be specified without the .db suffix. - - - -@@ -260,7 +261,7 @@ - - EXAMPLES - --auth sufficient pam_userdb.so icase db=/etc/dbtest.db -+auth sufficient pam_userdb.so icase db=/etc/dbtest - - - diff --git a/pam-1.1.8-opasswd-tolerant.patch b/pam-1.1.8-opasswd-tolerant.patch deleted file mode 100644 index fb9b198..0000000 --- a/pam-1.1.8-opasswd-tolerant.patch +++ /dev/null @@ -1,50 +0,0 @@ -diff --git a/modules/pam_pwhistory/opasswd.c b/modules/pam_pwhistory/opasswd.c -index 836d713..c36628e 100644 ---- a/modules/pam_pwhistory/opasswd.c -+++ b/modules/pam_pwhistory/opasswd.c -@@ -82,10 +82,15 @@ parse_entry (char *line, opwd *data) - { - const char delimiters[] = ":"; - char *endptr; -+ char *count; - - data->user = strsep (&line, delimiters); - data->uid = strsep (&line, delimiters); -- data->count = strtol (strsep (&line, delimiters), &endptr, 10); -+ count = strsep (&line, delimiters); -+ if (data->user == NULL || data->uid == NULL || count == NULL) -+ return 1; -+ -+ data->count = strtol (count, &endptr, 10); - if (endptr != NULL && *endptr != '\0') - return 1; - -diff --git a/modules/pam_unix/passverify.c b/modules/pam_unix/passverify.c -index 4840bb2..7f7bc49 100644 ---- a/modules/pam_unix/passverify.c -+++ b/modules/pam_unix/passverify.c -@@ -639,11 +639,23 @@ save_old_password(pam_handle_t *pamh, const char *forwho, const char *oldpass, - continue; - buf[strlen(buf) - 1] = '\0'; - s_luser = strtok_r(buf, ":", &sptr); -+ if (s_luser == NULL) { -+ found = 0; -+ continue; -+ } - s_uid = strtok_r(NULL, ":", &sptr); -+ if (s_uid == NULL) { -+ found = 0; -+ continue; -+ } - s_npas = strtok_r(NULL, ":", &sptr); -+ if (s_npas == NULL) { -+ found = 0; -+ continue; -+ } - s_pas = strtok_r(NULL, ":", &sptr); - npas = strtol(s_npas, NULL, 10) + 1; -- while (npas > howmany) { -+ while (npas > howmany && s_pas != NULL) { - s_pas = strpbrk(s_pas, ","); - if (s_pas != NULL) - s_pas++; diff --git a/pam-1.1.8-translation-updates.patch b/pam-1.1.8-translation-updates.patch deleted file mode 100644 index 4c0c7f8..0000000 --- a/pam-1.1.8-translation-updates.patch +++ /dev/null @@ -1,1519 +0,0 @@ -diff -urN a/Linux-PAM-1.1.8/po/bn_IN.po b/Linux-PAM-1.1.8/po/bn_IN.po ---- a/Linux-PAM-1.1.8/po/bn_IN.po 2013-11-28 17:24:14.190596598 +0530 -+++ b/Linux-PAM-1.1.8/po/bn_IN.po 2013-11-28 17:27:02.136118296 +0530 -@@ -1,314 +1,335 @@ - # SOME DESCRIPTIVE TITLE. - # Copyright (C) YEAR Linux-PAM Project - # This file is distributed under the same license as the PACKAGE package. --# -+# - # Translators: - # Runa Bhattacharjee , 2009. - # Runa Bhattacharjee , 2007, 2008. - # , 2012. -+# sray , 2013. #zanata - msgid "" - msgstr "" - "Project-Id-Version: Linux-PAM\n" - "Report-Msgid-Bugs-To: http://sourceforge.net/projects/pam\n" --"POT-Creation-Date: 2013-09-19 10:02+0200\n" --"PO-Revision-Date: 2012-02-28 10:38+0000\n" --"Last-Translator: runa \n" -+"POT-Creation-Date: 2012-08-17 11:35+0200\n" -+"PO-Revision-Date: 2013-10-03 02:24-0400\n" -+"Last-Translator: sray \n" - "Language-Team: Bengali (India) \n" - "MIME-Version: 1.0\n" - "Content-Type: text/plain; charset=UTF-8\n" - "Content-Transfer-Encoding: 8bit\n" --"Language: bn_IN\n" -+"Language: bn-IN\n" - "Plural-Forms: nplurals=2; plural=(n != 1)\n" -+"X-Generator: Zanata 3.1.2\n" - --#: libpam_misc/misc_conv.c:33 -+#. * external timeout definitions - these can be overriden by the -+#. * application. -+#. time when we warn -+#. time when we timeout -+#: .././libpam_misc/misc_conv.c:33 - msgid "...Time is running out...\n" - msgstr "...সময় সমাপ্তির পথে...\n" - --#: libpam_misc/misc_conv.c:34 -+#: .././libpam_misc/misc_conv.c:34 - msgid "...Sorry, your time is up!\n" - msgstr "...দুঃখিত, সময় সমাপ্ত!\n" - --#: libpam_misc/misc_conv.c:342 -+#: .././libpam_misc/misc_conv.c:342 - #, c-format - msgid "erroneous conversation (%d)\n" - msgstr "ত্রুটিপূর্ণ তথ্যবিনিময় (conversation) (%d)\n" - --#: libpam/pam_get_authtok.c:39 modules/pam_exec/pam_exec.c:170 --#: modules/pam_unix/pam_unix_auth.c:160 modules/pam_userdb/pam_userdb.c:64 -+#. get this user's authentication token -+#: .././libpam/pam_get_authtok.c:39 -+#: .././modules/pam_exec/pam_exec.c:142 -+#: .././modules/pam_unix/pam_unix_auth.c:160 -+#: .././modules/pam_userdb/pam_userdb.c:64 - msgid "Password: " - msgstr "পাসওয়ার্ড: " - --#: libpam/pam_get_authtok.c:41 modules/pam_cracklib/pam_cracklib.c:68 -+#. For Translators: "%s%s" could be replaced with " " or "". -+#: .././libpam/pam_get_authtok.c:41 -+#: .././modules/pam_cracklib/pam_cracklib.c:68 - #, c-format - msgid "New %s%spassword: " - msgstr "নতুন %s%s পাসওয়ার্ড: " - --#: libpam/pam_get_authtok.c:43 modules/pam_cracklib/pam_cracklib.c:70 -+#. For Translators: "%s%s" could be replaced with " " or "". -+#: .././libpam/pam_get_authtok.c:43 -+#: .././modules/pam_cracklib/pam_cracklib.c:70 - #, c-format - msgid "Retype new %s%spassword: " - msgstr "নতুন %s%s পাসওয়ার্ড পুনরায় লিখুন: " - --#: libpam/pam_get_authtok.c:44 modules/pam_cracklib/pam_cracklib.c:71 -+#: .././libpam/pam_get_authtok.c:44 -+#: .././modules/pam_cracklib/pam_cracklib.c:71 - msgid "Sorry, passwords do not match." - msgstr "দুঃখিত, পাসওয়ার্ড দুটি এক নয়।" - --#: libpam/pam_get_authtok.c:135 libpam/pam_get_authtok.c:211 -+#: .././libpam/pam_get_authtok.c:135 -+#: .././libpam/pam_get_authtok.c:211 - #, c-format - msgid "Retype %s" - msgstr "%s পুনরায় লিখুন" - --#: libpam/pam_get_authtok.c:155 libpam/pam_get_authtok.c:227 -+#. We want to abort the password change -+#: .././libpam/pam_get_authtok.c:155 -+#: .././libpam/pam_get_authtok.c:227 - msgid "Password change aborted." - msgstr "পাসওয়ার্ড পরিবর্তনের কর্ম পরিত্যাগ করা হয়েছে।" - --#: libpam/pam_item.c:311 -+#: .././libpam/pam_item.c:311 - msgid "login:" - msgstr "লগ-ইন:" - --#: libpam/pam_strerror.c:40 -+#: .././libpam/pam_strerror.c:40 - msgid "Success" - msgstr "সফল" - --#: libpam/pam_strerror.c:42 -+#: .././libpam/pam_strerror.c:42 - msgid "Critical error - immediate abort" - msgstr "গুরুতব সমস্যা - এই মুহূর্তে পরিত্যাগ করা হবে" - --#: libpam/pam_strerror.c:44 -+#: .././libpam/pam_strerror.c:44 - msgid "Failed to load module" - msgstr "মডিউল লোড করতে ব্যর্থ" - --#: libpam/pam_strerror.c:46 -+#: .././libpam/pam_strerror.c:46 - msgid "Symbol not found" - msgstr "চিহ্ন পাওয়া যায়নি" - --#: libpam/pam_strerror.c:48 -+#: .././libpam/pam_strerror.c:48 - msgid "Error in service module" - msgstr "পরিসেবা মডিউলে সমস্যা" - --#: libpam/pam_strerror.c:50 -+#: .././libpam/pam_strerror.c:50 - msgid "System error" - msgstr "সিস্টেম সংক্রান্ত সমস্যা" - --#: libpam/pam_strerror.c:52 -+#: .././libpam/pam_strerror.c:52 - msgid "Memory buffer error" - msgstr "মেমরি বাফার সংক্রান্ত সমস্যা" - --#: libpam/pam_strerror.c:54 -+#: .././libpam/pam_strerror.c:54 - msgid "Permission denied" - msgstr "অনুমতি প্রদান করা হয়নি" - --#: libpam/pam_strerror.c:56 -+#: .././libpam/pam_strerror.c:56 - msgid "Authentication failure" - msgstr "অনুমোদন ব্যর্থ" - --#: libpam/pam_strerror.c:58 -+#: .././libpam/pam_strerror.c:58 - msgid "Insufficient credentials to access authentication data" - msgstr "অনুমোদন সংক্রান্ত তথ্য প্রাপ্ত করার জন্য পর্যাপ্ত প্রমাণ উপলব্ধ নেই" - --#: libpam/pam_strerror.c:60 -+#: .././libpam/pam_strerror.c:60 - msgid "Authentication service cannot retrieve authentication info" - msgstr "অনুমোদন পরিসেবা দ্বারা অনুমোদন সংক্রান্ত তথ্য উদ্ধার করা সম্ভব হয়নি" - --#: libpam/pam_strerror.c:62 -+#: .././libpam/pam_strerror.c:62 - msgid "User not known to the underlying authentication module" - msgstr "পটভূমিতে চলমান অনুমোদন ব্যবস্থায় ব্যবহারকারী পরিচিত নন।" - --#: libpam/pam_strerror.c:64 -+#: .././libpam/pam_strerror.c:64 - msgid "Have exhausted maximum number of retries for service" - msgstr "পরিসেবায় উপলব্ধ সর্বাধিক প্রচেষ্টার সুযোগ সংখ্যা সমাপ্ত" - --#: libpam/pam_strerror.c:66 -+#: .././libpam/pam_strerror.c:66 - msgid "Authentication token is no longer valid; new one required" - msgstr "অনুমোদনের টোকেন বৈধ নয়; নতুন টোকেন ব্যবহার করা আবশ্যক" - --#: libpam/pam_strerror.c:68 -+#: .././libpam/pam_strerror.c:68 - msgid "User account has expired" - msgstr "ব্যবহারকারী অ্যাকাউন্টের মেয়াদ পূর্ণ হয়েছে" - --#: libpam/pam_strerror.c:70 -+#: .././libpam/pam_strerror.c:70 - msgid "Cannot make/remove an entry for the specified session" - msgstr "সুনির্দিষ্ট সেশানের জন্য কোনো এন্ট্রি নির্মাণ/অপসারণ করা সম্ভব নয়" - --#: libpam/pam_strerror.c:72 -+#: .././libpam/pam_strerror.c:72 - msgid "Authentication service cannot retrieve user credentials" - msgstr "অনুমোদন পরিসেবা দ্বারা প্রয়োজনীয় প্রমাণ উদ্ধার করা সম্ভব হয়নি" - --#: libpam/pam_strerror.c:74 -+#: .././libpam/pam_strerror.c:74 - msgid "User credentials expired" - msgstr "ব্যবহারকারীর পরিচয়প্রমাণের তথ্যের মেয়াদ পূর্ণ হয়েছে" - --#: libpam/pam_strerror.c:76 -+#: .././libpam/pam_strerror.c:76 - msgid "Failure setting user credentials" - msgstr "ব্যবহারকারীর পরিচয়প্রমাণের তথ্য নির্ধারণ করতে ব্যর্থ" - --#: libpam/pam_strerror.c:78 -+#: .././libpam/pam_strerror.c:78 - msgid "No module specific data is present" - msgstr "মডিউল সংক্রান্ত কোনো তথ্য উপস্থিত নেই" - --#: libpam/pam_strerror.c:80 -+#: .././libpam/pam_strerror.c:80 - msgid "Bad item passed to pam_*_item()" - msgstr "pam_*_item()-এ সঠিক মান প্রেরিত হয়নি" - --#: libpam/pam_strerror.c:82 -+#: .././libpam/pam_strerror.c:82 - msgid "Conversation error" - msgstr "Conversation অর্থাৎ তথ্য বিনিময়কালীন সমস্যা" - --#: libpam/pam_strerror.c:84 -+#: .././libpam/pam_strerror.c:84 - msgid "Authentication token manipulation error" - msgstr "অনুমোদন টোকেন ব্যবস্থাপনা করতে সমস্যা" - --#: libpam/pam_strerror.c:86 -+#: .././libpam/pam_strerror.c:86 - msgid "Authentication information cannot be recovered" - msgstr "অনুমোদন সংক্রান্ত তথ্য পুনরুদ্ধার করতে ব্যর্থ" - --#: libpam/pam_strerror.c:88 -+#: .././libpam/pam_strerror.c:88 - msgid "Authentication token lock busy" - msgstr "অনুমোদন টোকেনের লক ব্যস্ত" - --#: libpam/pam_strerror.c:90 -+#: .././libpam/pam_strerror.c:90 - msgid "Authentication token aging disabled" - msgstr "অনুমোদন টোকেনের মেয়াদ পূর্তী ব্যবস্থা নিষ্ক্রিয়" - --#: libpam/pam_strerror.c:92 -+#: .././libpam/pam_strerror.c:92 - msgid "Failed preliminary check by password service" - msgstr "পাসওয়ার্ড পরিসেবা দ্বারা প্রারম্ভিক পরীক্ষা ব্যর্থ" - --#: libpam/pam_strerror.c:94 -+#: .././libpam/pam_strerror.c:94 - msgid "The return value should be ignored by PAM dispatch" - msgstr "উৎপন্ন মান PAM dispatch দ্বারা অগ্রাহ্য করা হবে" - --#: libpam/pam_strerror.c:96 -+#: .././libpam/pam_strerror.c:96 - msgid "Module is unknown" - msgstr "মডিউল অজানা" - --#: libpam/pam_strerror.c:98 -+#: .././libpam/pam_strerror.c:98 - msgid "Authentication token expired" - msgstr "অনুমোদন টোকেনের মেয়াদ পূর্ণ হয়েছে" - --#: libpam/pam_strerror.c:100 -+#: .././libpam/pam_strerror.c:100 - msgid "Conversation is waiting for event" --msgstr "Conversation অর্থাৎ তথ্য বিনিময় প্রক্রিয়া একটি ইভেন্টের অপেক্ষায় রয়েছে" -+msgstr "" -+"Conversation অর্থাৎ তথ্য বিনিময় প্রক্রিয়া একটি ইভেন্টের অপেক্ষায় রয়েছে" - --#: libpam/pam_strerror.c:102 -+#: .././libpam/pam_strerror.c:102 - msgid "Application needs to call libpam again" - msgstr "অ্যাপ্লিকেশন দ্বারা পুনরায় libpam আরম্ভ করা আবশ্যক" - --#: libpam/pam_strerror.c:105 -+#: .././libpam/pam_strerror.c:105 - msgid "Unknown PAM error" - msgstr "PAM সংক্রান্ত অজানা ত্রুটি" - --#: modules/pam_cracklib/pam_cracklib.c:618 -+#: .././modules/pam_cracklib/pam_cracklib.c:618 - msgid "is the same as the old one" - msgstr "পুরোনোটির অনুরূপ" - --#: modules/pam_cracklib/pam_cracklib.c:624 --#: modules/pam_cracklib/pam_cracklib.c:628 --#: modules/pam_cracklib/pam_cracklib.c:638 -+#: .././modules/pam_cracklib/pam_cracklib.c:624 -+#: .././modules/pam_cracklib/pam_cracklib.c:628 -+#: .././modules/pam_cracklib/pam_cracklib.c:638 - msgid "memory allocation error" - msgstr "মেমরি বরাদ্দ করতে সমস্যা" - --#: modules/pam_cracklib/pam_cracklib.c:643 -+#: .././modules/pam_cracklib/pam_cracklib.c:643 - msgid "is a palindrome" - msgstr "উভমুখী শব্দ" - --#: modules/pam_cracklib/pam_cracklib.c:646 -+#: .././modules/pam_cracklib/pam_cracklib.c:646 - msgid "case changes only" - msgstr "শুধুমাত্র হরফের ছাঁদ পরিবর্তন করা হয়েছে" - --#: modules/pam_cracklib/pam_cracklib.c:649 -+#: .././modules/pam_cracklib/pam_cracklib.c:649 - msgid "is too similar to the old one" - msgstr "পুরোনো পাসওয়ার্ডের সমতূল্য" - --#: modules/pam_cracklib/pam_cracklib.c:652 -+#: .././modules/pam_cracklib/pam_cracklib.c:652 - msgid "is too simple" - msgstr "জটিল নয়" - --#: modules/pam_cracklib/pam_cracklib.c:655 -+#: .././modules/pam_cracklib/pam_cracklib.c:655 - msgid "is rotated" - msgstr "ঘোরানো হয়েছে" - --#: modules/pam_cracklib/pam_cracklib.c:658 -+#: .././modules/pam_cracklib/pam_cracklib.c:658 - msgid "not enough character classes" - msgstr "পর্যাপ্ত অক্ষর শ্রেণী উপস্থিত নেই" - --#: modules/pam_cracklib/pam_cracklib.c:661 -+#: .././modules/pam_cracklib/pam_cracklib.c:661 - msgid "contains too many same characters consecutively" - msgstr "একই অক্ষর অত্যাধিক বার ক্রমাগত ব্যবহার করা হয়েছে" - --#: modules/pam_cracklib/pam_cracklib.c:664 --#, fuzzy -+#: .././modules/pam_cracklib/pam_cracklib.c:664 - msgid "contains too long of a monotonic character sequence" - msgstr "একই অক্ষর অত্যাধিক বার ক্রমাগত ব্যবহার করা হয়েছে" - --#: modules/pam_cracklib/pam_cracklib.c:667 -+#: .././modules/pam_cracklib/pam_cracklib.c:667 - msgid "contains the user name in some form" - msgstr "কোনো রূপে ব্যবহারকারী নাম অন্তর্ভুক্ত হয়েছে" - --#: modules/pam_cracklib/pam_cracklib.c:701 --#: modules/pam_unix/pam_unix_passwd.c:496 -+#: .././modules/pam_cracklib/pam_cracklib.c:701 -+#: .././modules/pam_unix/pam_unix_passwd.c:502 - msgid "No password supplied" - msgstr "কোনো পাসওয়ার্ড উল্লিখিত হয়নি" - --#: modules/pam_cracklib/pam_cracklib.c:701 --#: modules/pam_unix/pam_unix_passwd.c:496 -+#: .././modules/pam_cracklib/pam_cracklib.c:701 -+#: .././modules/pam_unix/pam_unix_passwd.c:502 - msgid "Password unchanged" - msgstr "পাসওয়ার্ড পরিবর্তন করা হয়নি" - --#: modules/pam_cracklib/pam_cracklib.c:721 --#: modules/pam_cracklib/pam_cracklib.c:803 -+#: .././modules/pam_cracklib/pam_cracklib.c:721 -+#: .././modules/pam_cracklib/pam_cracklib.c:803 - #, c-format - msgid "BAD PASSWORD: %s" - msgstr "পাসওয়ার্ড ভাল নয়: %s" - --#: modules/pam_exec/pam_exec.c:273 -+#: .././modules/pam_exec/pam_exec.c:215 - #, c-format - msgid "%s failed: exit code %d" - msgstr "%s বিফল: প্রস্থানকালীন কোড %d" - --#: modules/pam_exec/pam_exec.c:282 -+#: .././modules/pam_exec/pam_exec.c:224 - #, c-format - msgid "%s failed: caught signal %d%s" - msgstr "%s বিফল: %d%s সিগনাল প্রাপ্ত" - --#: modules/pam_exec/pam_exec.c:291 -+#: .././modules/pam_exec/pam_exec.c:233 - #, c-format - msgid "%s failed: unknown status 0x%x" - msgstr "%s বিফল: অজানা অবস্থা 0x%x" - - #. TRANSLATORS: "strftime options for date of last login" --#: modules/pam_lastlog/pam_lastlog.c:282 modules/pam_lastlog/pam_lastlog.c:496 -+#: .././modules/pam_lastlog/pam_lastlog.c:282 -+#: .././modules/pam_lastlog/pam_lastlog.c:496 - msgid " %a %b %e %H:%M:%S %Z %Y" - msgstr " %a %b %e %H:%M:%S %Z %Y" - - #. TRANSLATORS: " from " --#: modules/pam_lastlog/pam_lastlog.c:291 modules/pam_lastlog/pam_lastlog.c:505 -+#: .././modules/pam_lastlog/pam_lastlog.c:291 -+#: .././modules/pam_lastlog/pam_lastlog.c:505 - #, c-format - msgid " from %.*s" - msgstr " %.*s থেকে" - - #. TRANSLATORS: " on " --#: modules/pam_lastlog/pam_lastlog.c:303 modules/pam_lastlog/pam_lastlog.c:517 -+#: .././modules/pam_lastlog/pam_lastlog.c:303 -+#: .././modules/pam_lastlog/pam_lastlog.c:517 - #, c-format - msgid " on %.*s" - msgstr " %.*s -র উপর" - - #. TRANSLATORS: "Last login: from on " --#: modules/pam_lastlog/pam_lastlog.c:313 -+#: .././modules/pam_lastlog/pam_lastlog.c:313 - #, c-format - msgid "Last login:%s%s%s" - msgstr "সর্বশেষ লগ-ইন:%s%s%s" - --#: modules/pam_lastlog/pam_lastlog.c:319 -+#: .././modules/pam_lastlog/pam_lastlog.c:319 - msgid "Welcome to your new account!" - msgstr "নতুন অ্যাকাউন্টে স্বাগতম!" - - #. TRANSLATORS: "Last failed login: from on " --#: modules/pam_lastlog/pam_lastlog.c:527 -+#: .././modules/pam_lastlog/pam_lastlog.c:527 - #, c-format - msgid "Last failed login:%s%s%s" - msgstr "সর্বশেষ বিফল লগ-ইন:%s%s%s" - --#: modules/pam_lastlog/pam_lastlog.c:536 modules/pam_lastlog/pam_lastlog.c:543 -+#: .././modules/pam_lastlog/pam_lastlog.c:536 -+#: .././modules/pam_lastlog/pam_lastlog.c:543 - #, c-format - msgid "There was %d failed login attempt since the last successful login." - msgid_plural "" -@@ -317,199 +338,209 @@ - msgstr[1] "সর্বশেষ সফল লগ-ইনের পরে %d-টি ব্যর্থ লগ-ইনের প্রচেষ্টা করা হয়েছে।" - - #. TRANSLATORS: only used if dngettext is not supported --#: modules/pam_lastlog/pam_lastlog.c:548 -+#: .././modules/pam_lastlog/pam_lastlog.c:548 - #, c-format - msgid "There were %d failed login attempts since the last successful login." - msgstr "সর্বশেষ সফল লগ-ইনের পরে %d-টি ব্যর্থ লগ-ইনের প্রচেষ্টা করা হয়েছে।" - --#: modules/pam_limits/pam_limits.c:1079 -+#: .././modules/pam_limits/pam_limits.c:1079 - #, c-format - msgid "Too many logins for '%s'." - msgstr "'%s'-র ক্ষেত্রে অত্যাধিক লগ-ইন" - --#: modules/pam_mail/pam_mail.c:297 -+#: .././modules/pam_mail/pam_mail.c:297 - msgid "No mail." - msgstr "কোনো মেইল নেই।" - --#: modules/pam_mail/pam_mail.c:300 -+#: .././modules/pam_mail/pam_mail.c:300 - msgid "You have new mail." - msgstr "নতুন মেইল প্রাপ্ত।" - --#: modules/pam_mail/pam_mail.c:303 -+#: .././modules/pam_mail/pam_mail.c:303 - msgid "You have old mail." - msgstr "পুরোনো মেইল রয়েছে।" - --#: modules/pam_mail/pam_mail.c:307 -+#: .././modules/pam_mail/pam_mail.c:307 - msgid "You have mail." - msgstr "মেইল রয়েছে।" - --#: modules/pam_mail/pam_mail.c:314 -+#: .././modules/pam_mail/pam_mail.c:314 - #, c-format - msgid "You have no mail in folder %s." - msgstr "%s ফোল্ডারে কোনো মেইল উপস্থিত নেই।" - --#: modules/pam_mail/pam_mail.c:318 -+#: .././modules/pam_mail/pam_mail.c:318 - #, c-format - msgid "You have new mail in folder %s." - msgstr "%s ফোল্ডারে নতুন মেইল উপস্থিত।" - --#: modules/pam_mail/pam_mail.c:322 -+#: .././modules/pam_mail/pam_mail.c:322 - #, c-format - msgid "You have old mail in folder %s." - msgstr "%s ফোল্ডারে পুরোনো মেইল উপস্থিত রয়েছে।" - --#: modules/pam_mail/pam_mail.c:327 -+#: .././modules/pam_mail/pam_mail.c:327 - #, c-format - msgid "You have mail in folder %s." - msgstr "%s ফোল্ডারে মেইল উপস্থিত রয়েছে।" - --#: modules/pam_mkhomedir/pam_mkhomedir.c:113 -+#: .././modules/pam_mkhomedir/pam_mkhomedir.c:114 - #, c-format - msgid "Creating directory '%s'." - msgstr "'%s' ডিরেক্টরি নির্মাণ করা হচ্ছে।" - --#: modules/pam_mkhomedir/pam_mkhomedir.c:183 -+#: .././modules/pam_mkhomedir/pam_mkhomedir.c:192 - #, c-format - msgid "Unable to create and initialize directory '%s'." - msgstr "ডিরেক্টরি '%s' নির্মাণ ও আরম্ভ করতে ব্যর্থ।" - --#: modules/pam_pwhistory/pam_pwhistory.c:217 --#: modules/pam_unix/pam_unix_passwd.c:517 -+#: .././modules/pam_pwhistory/pam_pwhistory.c:384 -+#: .././modules/pam_unix/pam_unix_passwd.c:523 - msgid "Password has been already used. Choose another." - msgstr "পাসওয়ার্ড পূর্বে ব্যবহৃত হয়েছে। একটি পৃথক পাসওয়ার্ড নির্বাচন করুন।" - --#: modules/pam_pwhistory/pam_pwhistory.c:224 --#, fuzzy -+#: .././modules/pam_pwhistory/pam_pwhistory.c:391 - msgid "Password has been already used." --msgstr "পাসওয়ার্ড পূর্বে ব্যবহৃত হয়েছে। একটি পৃথক পাসওয়ার্ড নির্বাচন করুন।" -+msgstr "পাসওয়ার্ড পূর্বে ব্যবহৃত হয়েছে।" - --#: modules/pam_selinux/pam_selinux.c:210 -+#: .././modules/pam_selinux/pam_selinux.c:210 - #, c-format - msgid "Default Security Context %s\n" - msgstr "ডিফল্ট Security Context %s\n" - --#: modules/pam_selinux/pam_selinux.c:214 -+#: .././modules/pam_selinux/pam_selinux.c:214 - msgid "Would you like to enter a different role or level?" - msgstr "ভিন্ন role অথবা level লিখতে ইচ্ছুক কি?" - --#: modules/pam_selinux/pam_selinux.c:227 -+#. Allow the user to enter role and level individually -+#: .././modules/pam_selinux/pam_selinux.c:227 - msgid "role:" - msgstr "role: " - --#: modules/pam_selinux/pam_selinux.c:230 -+#: .././modules/pam_selinux/pam_selinux.c:230 - #, c-format - msgid "No default type for role %s\n" - msgstr "role %s-র জন্য কোনো ডিফল্ট type উপস্থিত নেই\n" - --#: modules/pam_selinux/pam_selinux.c:262 -+#: .././modules/pam_selinux/pam_selinux.c:262 - msgid "level:" - msgstr "level: " - --#: modules/pam_selinux/pam_selinux.c:295 -+#: .././modules/pam_selinux/pam_selinux.c:295 - msgid "Not a valid security context" - msgstr "বৈধ নিরাপত্তা সংক্রান্ত context নয়" - --#: modules/pam_selinux/pam_selinux.c:539 -+#: .././modules/pam_selinux/pam_selinux.c:539 - #, c-format - msgid "Unable to get valid context for %s" - msgstr "%s-র বৈধ context প্রাপ্ত করতে ব্যর্থ" - --#: modules/pam_selinux/pam_selinux.c:658 -+#: .././modules/pam_selinux/pam_selinux.c:658 - #, c-format - msgid "Security Context %s Assigned" - msgstr "Security Context %s ধার্য করা হয়েছে" - --#: modules/pam_selinux/pam_selinux.c:674 -+#: .././modules/pam_selinux/pam_selinux.c:674 - #, c-format - msgid "Key Creation Context %s Assigned" - msgstr "কি নির্মাণের Context %s ধার্য করা হয়েছে" - --#: modules/pam_selinux/pam_selinux_check.c:99 -+#: .././modules/pam_selinux/pam_selinux_check.c:99 - #, c-format - msgid "failed to initialize PAM\n" - msgstr "PAM আরম্ভ করতে ব্যর্থ\n" - --#: modules/pam_selinux/pam_selinux_check.c:105 -+#: .././modules/pam_selinux/pam_selinux_check.c:105 - #, c-format - msgid "failed to pam_set_item()\n" - msgstr "pam_set_item() করতে ব্যর্থ\n" - --#: modules/pam_selinux/pam_selinux_check.c:133 -+#. error in fork() -+#: .././modules/pam_selinux/pam_selinux_check.c:133 - #, c-format - msgid "login: failure forking: %m" - msgstr "লগ-ইন: fork করতে ব্যর্থ: %m" - --#: modules/pam_stress/pam_stress.c:476 -+#: .././modules/pam_stress/pam_stress.c:476 - #, c-format - msgid "Changing STRESS password for %s." - msgstr "%s-র STRESS পাসওয়ার্ড পরিবর্তন করা হচ্ছে।" - --#: modules/pam_stress/pam_stress.c:490 -+#: .././modules/pam_stress/pam_stress.c:490 - msgid "Enter new STRESS password: " - msgstr "নতুন STRESS পাসওয়ার্ড লিখুন: " - --#: modules/pam_stress/pam_stress.c:493 -+#: .././modules/pam_stress/pam_stress.c:493 - msgid "Retype new STRESS password: " - msgstr "নতুন STRESS পাসওয়ার্ড পুনরায় লিখুন: " - --#: modules/pam_stress/pam_stress.c:522 -+#: .././modules/pam_stress/pam_stress.c:522 - msgid "Verification mis-typed; password unchanged" - msgstr "নিশ্চায়ন কাল ভুল টাইপ করা হয়েছে; পাসওয়ার্ড পরিবর্তন করা হয়নি" - --#: modules/pam_tally/pam_tally.c:541 modules/pam_tally2/pam_tally2.c:599 -+#: .././modules/pam_tally/pam_tally.c:541 -+#: .././modules/pam_tally2/pam_tally2.c:599 - #, c-format - msgid "Account temporary locked (%ld seconds left)" - msgstr "সাময়িকরূপে অ্যাকাউন্ট লক করা হয়েছে (%ld সেকেন্ড অবশিষ্ট)" - --#: modules/pam_tally/pam_tally.c:566 modules/pam_tally2/pam_tally2.c:578 -+#: .././modules/pam_tally/pam_tally.c:566 -+#: .././modules/pam_tally2/pam_tally2.c:578 - #, c-format - msgid "Account locked due to %u failed logins" - msgstr "%u ব্যর্থ লগ-ইনের ফলে অ্যাকাউন্ট লক করা হয়েছে" - --#: modules/pam_tally/pam_tally.c:777 modules/pam_tally2/pam_tally2.c:887 -+#: .././modules/pam_tally/pam_tally.c:777 -+#: .././modules/pam_tally2/pam_tally2.c:887 - msgid "Authentication error" - msgstr "অনুমোদন সংক্রান্ত সমস্যা" - --#: modules/pam_tally/pam_tally.c:778 modules/pam_tally2/pam_tally2.c:888 -+#: .././modules/pam_tally/pam_tally.c:778 -+#: .././modules/pam_tally2/pam_tally2.c:888 - msgid "Service error" - msgstr "পরিসেবা সংক্রান্ত সমস্যা" - --#: modules/pam_tally/pam_tally.c:779 modules/pam_tally2/pam_tally2.c:889 -+#: .././modules/pam_tally/pam_tally.c:779 -+#: .././modules/pam_tally2/pam_tally2.c:889 - msgid "Unknown user" - msgstr "অজানা ব্যবহারকারী" - --#: modules/pam_tally/pam_tally.c:780 modules/pam_tally2/pam_tally2.c:890 -+#: .././modules/pam_tally/pam_tally.c:780 -+#: .././modules/pam_tally2/pam_tally2.c:890 - msgid "Unknown error" - msgstr "অজানা সমস্যা" - --#: modules/pam_tally/pam_tally.c:796 modules/pam_tally2/pam_tally2.c:909 -+#: .././modules/pam_tally/pam_tally.c:796 -+#: .././modules/pam_tally2/pam_tally2.c:909 - #, c-format - msgid "%s: Bad number given to --reset=\n" - msgstr "%s: --reset= এর জন্য ভুল সংখ্যা উল্লিখিত\n" - --#: modules/pam_tally/pam_tally.c:800 modules/pam_tally2/pam_tally2.c:913 -+#: .././modules/pam_tally/pam_tally.c:800 -+#: .././modules/pam_tally2/pam_tally2.c:913 - #, c-format - msgid "%s: Unrecognised option %s\n" - msgstr "%s: অজানা বিকল্প %s\n" - --#: modules/pam_tally/pam_tally.c:812 -+#: .././modules/pam_tally/pam_tally.c:812 - #, c-format - msgid "" - "%s: [--file rooted-filename] [--user username] [--reset[=n]] [--quiet]\n" - msgstr "" - "%s: [--file rooted-filename] [--user username] [--reset[=n]] [--quiet]\n" - --#: modules/pam_tally/pam_tally.c:886 modules/pam_tally2/pam_tally2.c:1039 -+#: .././modules/pam_tally/pam_tally.c:886 -+#: .././modules/pam_tally2/pam_tally2.c:1039 - #, c-format - msgid "%s: Can't reset all users to non-zero\n" - msgstr "%s: সব ব্যবহারকারীর জন্য শূণ্য-ভিন্ন মান ধার্য করতে ব্যর্থ\n" - --#: modules/pam_tally2/pam_tally2.c:940 -+#: .././modules/pam_tally2/pam_tally2.c:940 - #, c-format - msgid "Login Failures Latest failure From\n" - msgstr "লগ-ইন বিফলতা সর্বশেষ বিফলতা চিহ্নিত স্থান থেকে\n" - --#: modules/pam_tally2/pam_tally2.c:956 -+#: .././modules/pam_tally2/pam_tally2.c:956 - #, c-format - msgid "" - "%s: [-f rooted-filename] [--file rooted-filename]\n" -@@ -520,26 +551,31 @@ - " [-u username] [--user username]\n" - " [-r] [--reset[=n]] [--quiet]\n" - --#: modules/pam_timestamp/pam_timestamp.c:345 -+#: .././modules/pam_timestamp/pam_timestamp.c:345 - #, c-format - msgid "Access granted (last access was %ld seconds ago)." - msgstr "প্রবেশাধিকার প্রদান করা হয়েছে (%ld পূর্বে সর্বশেষ লগ-ইন করা হয়েছে)।" - --#: modules/pam_unix/pam_unix_acct.c:247 modules/pam_unix/pam_unix_acct.c:269 -+#: .././modules/pam_unix/pam_unix_acct.c:249 -+#: .././modules/pam_unix/pam_unix_acct.c:271 - msgid "Your account has expired; please contact your system administrator" - msgstr "" --"আপনার অ্যাকাউন্টের মেয়াদপূর্ণ হয়েছে; অনুগ্রহ করে সিস্টেম অ্যাডমিনিস্ট্রেটরের সাথে " --"যোগাযোগ করুন।" -+"আপনার অ্যাকাউন্টের মেয়াদপূর্ণ হয়েছে; অনুগ্রহ করে সিস্টেম অ্যাডমিনিস্ট্রেটরের " -+"সাথে যোগাযোগ করুন।" - --#: modules/pam_unix/pam_unix_acct.c:255 -+#: .././modules/pam_unix/pam_unix_acct.c:257 - msgid "You are required to change your password immediately (root enforced)" --msgstr "আপনার পাসওয়ার্ড এই মুহূর্তে পরিবর্তন করা আবশ্যক (root দ্বারা কার্যকরী)" -+msgstr "" -+"আপনার পাসওয়ার্ড এই মুহূর্তে পরিবর্তন করা আবশ্যক (root দ্বারা কার্যকরী)" - --#: modules/pam_unix/pam_unix_acct.c:261 -+#: .././modules/pam_unix/pam_unix_acct.c:263 - msgid "You are required to change your password immediately (password aged)" --msgstr "আপনার পাসওয়ার্ড এই মুহূর্তে পরিবর্তন করা আবশ্যক (password-র মেয়াদ পূর্ণ হয়েছে)" -+msgstr "" -+"আপনার পাসওয়ার্ড এই মুহূর্তে পরিবর্তন করা আবশ্যক (password-র মেয়াদ পূর্ণ " -+"হয়েছে)" - --#: modules/pam_unix/pam_unix_acct.c:282 modules/pam_unix/pam_unix_acct.c:289 -+#: .././modules/pam_unix/pam_unix_acct.c:284 -+#: .././modules/pam_unix/pam_unix_acct.c:291 - #, c-format - msgid "Warning: your password will expire in %d day" - msgid_plural "Warning: your password will expire in %d days" -@@ -547,39 +583,37 @@ - msgstr[1] "সতর্কবাণী: %d দিন পরে পাসওয়ার্ডের মেয়াদপূর্ণ হবে" - - #. TRANSLATORS: only used if dngettext is not supported --#: modules/pam_unix/pam_unix_acct.c:294 -+#: .././modules/pam_unix/pam_unix_acct.c:296 - #, c-format - msgid "Warning: your password will expire in %d days" - msgstr "সতর্কবাণী: %d দিন পরে পাসওয়ার্ডের মেয়াদপূর্ণ হবে" - --#: modules/pam_unix/pam_unix_passwd.c:398 -+#: .././modules/pam_unix/pam_unix_passwd.c:404 - msgid "NIS password could not be changed." - msgstr "NIS পাসওয়ার্ড পরিবর্তন করা সম্ভব হয়নি।" - --#: modules/pam_unix/pam_unix_passwd.c:513 -+#: .././modules/pam_unix/pam_unix_passwd.c:519 - msgid "You must choose a longer password" - msgstr "চিহ্নিত পাসওয়ার্ডের থেকে লম্বা পাসওয়ার্ড উল্লেখ করা আবশ্যক" - --#: modules/pam_unix/pam_unix_passwd.c:619 -+#. instruct user what is happening -+#: .././modules/pam_unix/pam_unix_passwd.c:625 - #, c-format - msgid "Changing password for %s." - msgstr "%s-র পাসওয়ার্ড পরিবর্তন করা হচ্ছে।" - --#: modules/pam_unix/pam_unix_passwd.c:630 -+#: .././modules/pam_unix/pam_unix_passwd.c:636 - msgid "(current) UNIX password: " - msgstr "(বর্তমান) UNIX পাসওয়ার্ড: " - --#: modules/pam_unix/pam_unix_passwd.c:665 -+#: .././modules/pam_unix/pam_unix_passwd.c:671 - msgid "You must wait longer to change your password" - msgstr "কিছু কাল পরে পাসওয়ার্ড পরিবর্তন করা সম্ভব হবে" - --#: modules/pam_unix/pam_unix_passwd.c:725 -+#: .././modules/pam_unix/pam_unix_passwd.c:731 - msgid "Enter new UNIX password: " - msgstr "নতুন UNIX পাসওয়ার্ড উল্লেখ করুন: " - --#: modules/pam_unix/pam_unix_passwd.c:726 -+#: .././modules/pam_unix/pam_unix_passwd.c:732 - msgid "Retype new UNIX password: " - msgstr "নতুন UNIX পাসওয়ার্ড পুনরায় লিখুন: " -- --#~ msgid "Would you like to enter a security context? [N] " --#~ msgstr "নিরাপত্তা সংক্রান্ত context উল্লেখ করতে ইচ্ছুক কি? [N] " -diff -urN a/Linux-PAM-1.1.8/po/pt_BR.po b/Linux-PAM-1.1.8/po/pt_BR.po ---- a/Linux-PAM-1.1.8/po/pt_BR.po 2013-11-28 17:24:14.193596625 +0530 -+++ b/Linux-PAM-1.1.8/po/pt_BR.po 2013-11-28 17:27:02.137118305 +0530 -@@ -1,315 +1,335 @@ - # SOME DESCRIPTIVE TITLE. - # Copyright (C) YEAR Linux-PAM Project - # This file is distributed under the same license as the PACKAGE package. --# -+# - # Translators: - # Diego Búrigo Zacarão , 2008. - # Elder Marco , 2012. - # Glaucia Cintra , 2007. - # Taylon Silmer , 2008, 2009. -+# gcintra , 2013. #zanata - msgid "" - msgstr "" - "Project-Id-Version: Linux-PAM\n" - "Report-Msgid-Bugs-To: http://sourceforge.net/projects/pam\n" --"POT-Creation-Date: 2013-09-19 10:02+0200\n" --"PO-Revision-Date: 2012-02-21 12:49+0000\n" --"Last-Translator: Elder Marco \n" -+"POT-Creation-Date: 2012-08-17 11:35+0200\n" -+"PO-Revision-Date: 2013-09-30 08:32-0400\n" -+"Last-Translator: gcintra \n" - "Language-Team: Portuguese (Brazil) \n" - "MIME-Version: 1.0\n" - "Content-Type: text/plain; charset=UTF-8\n" - "Content-Transfer-Encoding: 8bit\n" --"Language: pt_BR\n" -+"Language: pt-BR\n" - "Plural-Forms: nplurals=2; plural=(n > 1)\n" -+"X-Generator: Zanata 3.1.2\n" - --#: libpam_misc/misc_conv.c:33 -+#. * external timeout definitions - these can be overriden by the -+#. * application. -+#. time when we warn -+#. time when we timeout -+#: .././libpam_misc/misc_conv.c:33 - msgid "...Time is running out...\n" - msgstr "...O tempo está acabando...\n" - --#: libpam_misc/misc_conv.c:34 -+#: .././libpam_misc/misc_conv.c:34 - msgid "...Sorry, your time is up!\n" - msgstr "...Desculpe, seu tempo está aumentando!\n" - --#: libpam_misc/misc_conv.c:342 -+#: .././libpam_misc/misc_conv.c:342 - #, c-format - msgid "erroneous conversation (%d)\n" - msgstr "conversação errônea (%d)\n" - --#: libpam/pam_get_authtok.c:39 modules/pam_exec/pam_exec.c:170 --#: modules/pam_unix/pam_unix_auth.c:160 modules/pam_userdb/pam_userdb.c:64 -+#. get this user's authentication token -+#: .././libpam/pam_get_authtok.c:39 -+#: .././modules/pam_exec/pam_exec.c:142 -+#: .././modules/pam_unix/pam_unix_auth.c:160 -+#: .././modules/pam_userdb/pam_userdb.c:64 - msgid "Password: " - msgstr "Senha:" - --#: libpam/pam_get_authtok.c:41 modules/pam_cracklib/pam_cracklib.c:68 -+#. For Translators: "%s%s" could be replaced with " " or "". -+#: .././libpam/pam_get_authtok.c:41 -+#: .././modules/pam_cracklib/pam_cracklib.c:68 - #, c-format - msgid "New %s%spassword: " - msgstr "Nova %s%ssenha:" - --#: libpam/pam_get_authtok.c:43 modules/pam_cracklib/pam_cracklib.c:70 -+#. For Translators: "%s%s" could be replaced with " " or "". -+#: .././libpam/pam_get_authtok.c:43 -+#: .././modules/pam_cracklib/pam_cracklib.c:70 - #, c-format - msgid "Retype new %s%spassword: " - msgstr "Redigite a nova %s%ssenha:" - --#: libpam/pam_get_authtok.c:44 modules/pam_cracklib/pam_cracklib.c:71 -+#: .././libpam/pam_get_authtok.c:44 -+#: .././modules/pam_cracklib/pam_cracklib.c:71 - msgid "Sorry, passwords do not match." - msgstr "As senhas não são iguais." - --#: libpam/pam_get_authtok.c:135 libpam/pam_get_authtok.c:211 -+#: .././libpam/pam_get_authtok.c:135 -+#: .././libpam/pam_get_authtok.c:211 - #, c-format - msgid "Retype %s" - msgstr "Redigite %s" - --#: libpam/pam_get_authtok.c:155 libpam/pam_get_authtok.c:227 -+#. We want to abort the password change -+#: .././libpam/pam_get_authtok.c:155 -+#: .././libpam/pam_get_authtok.c:227 - msgid "Password change aborted." - msgstr "A alteração de senha foi abortada." - --#: libpam/pam_item.c:311 -+#: .././libpam/pam_item.c:311 - msgid "login:" - msgstr "login:" - --#: libpam/pam_strerror.c:40 -+#: .././libpam/pam_strerror.c:40 - msgid "Success" - msgstr "Sucesso" - --#: libpam/pam_strerror.c:42 -+#: .././libpam/pam_strerror.c:42 - msgid "Critical error - immediate abort" - msgstr "Erro crítico - abortar imediatamente" - --#: libpam/pam_strerror.c:44 -+#: .././libpam/pam_strerror.c:44 - msgid "Failed to load module" - msgstr "Falha ao carregar módulo" - --#: libpam/pam_strerror.c:46 -+#: .././libpam/pam_strerror.c:46 - msgid "Symbol not found" - msgstr "Símbolo não encontrado" - --#: libpam/pam_strerror.c:48 -+#: .././libpam/pam_strerror.c:48 - msgid "Error in service module" - msgstr "Erro no módulo de serviço" - --#: libpam/pam_strerror.c:50 -+#: .././libpam/pam_strerror.c:50 - msgid "System error" - msgstr "Erro do sistema" - --#: libpam/pam_strerror.c:52 -+#: .././libpam/pam_strerror.c:52 - msgid "Memory buffer error" - msgstr "Erro do buffer de memória" - --#: libpam/pam_strerror.c:54 -+#: .././libpam/pam_strerror.c:54 - msgid "Permission denied" - msgstr "Permissão negada" - --#: libpam/pam_strerror.c:56 -+#: .././libpam/pam_strerror.c:56 - msgid "Authentication failure" - msgstr "Falha de autenticação" - --#: libpam/pam_strerror.c:58 -+#: .././libpam/pam_strerror.c:58 - msgid "Insufficient credentials to access authentication data" - msgstr "Credenciais insuficientes para acessar dados de autenticação" - --#: libpam/pam_strerror.c:60 -+#: .././libpam/pam_strerror.c:60 - msgid "Authentication service cannot retrieve authentication info" - msgstr "O serviço de autenticação não recuperou informações de autenticação" - --#: libpam/pam_strerror.c:62 -+#: .././libpam/pam_strerror.c:62 - msgid "User not known to the underlying authentication module" - msgstr "Usuário desconhecido para o módulo de autenticação subjacente" - --#: libpam/pam_strerror.c:64 -+#: .././libpam/pam_strerror.c:64 - msgid "Have exhausted maximum number of retries for service" - msgstr "Esgotado o número máximo de tentativas para serviço" - --#: libpam/pam_strerror.c:66 -+#: .././libpam/pam_strerror.c:66 - msgid "Authentication token is no longer valid; new one required" - msgstr "O token de autenticação não é mais válido; é necessario um novo token" - --#: libpam/pam_strerror.c:68 -+#: .././libpam/pam_strerror.c:68 - msgid "User account has expired" - msgstr "A conta do usuário expirou" - --#: libpam/pam_strerror.c:70 -+#: .././libpam/pam_strerror.c:70 - msgid "Cannot make/remove an entry for the specified session" - msgstr "Impossível fazer/remover uma entrada para a sessão específica" - --#: libpam/pam_strerror.c:72 -+#: .././libpam/pam_strerror.c:72 - msgid "Authentication service cannot retrieve user credentials" - msgstr "O serviço de autenticação não recuperou as credenciais do usuário" - --#: libpam/pam_strerror.c:74 -+#: .././libpam/pam_strerror.c:74 - msgid "User credentials expired" - msgstr "Credenciais do usuário expiradas" - --#: libpam/pam_strerror.c:76 -+#: .././libpam/pam_strerror.c:76 - msgid "Failure setting user credentials" - msgstr "Falha ao definir credenciais do usuário" - --#: libpam/pam_strerror.c:78 -+#: .././libpam/pam_strerror.c:78 - msgid "No module specific data is present" - msgstr "Não há nenhum dado específico para o módulo " - --#: libpam/pam_strerror.c:80 -+#: .././libpam/pam_strerror.c:80 - msgid "Bad item passed to pam_*_item()" - msgstr "Ítem incorreto passado para pam_*_item()" - --#: libpam/pam_strerror.c:82 -+#: .././libpam/pam_strerror.c:82 - msgid "Conversation error" - msgstr "Erro de conversação" - --#: libpam/pam_strerror.c:84 -+#: .././libpam/pam_strerror.c:84 - msgid "Authentication token manipulation error" - msgstr "Erro de manipulação de token de autenticação" - --#: libpam/pam_strerror.c:86 -+#: .././libpam/pam_strerror.c:86 - msgid "Authentication information cannot be recovered" - msgstr "Impossível recuperar informações de autenticação" - --#: libpam/pam_strerror.c:88 -+#: .././libpam/pam_strerror.c:88 - msgid "Authentication token lock busy" - msgstr "Bloqueio de token de autenticação ocupado" - --#: libpam/pam_strerror.c:90 -+#: .././libpam/pam_strerror.c:90 - msgid "Authentication token aging disabled" - msgstr "Validade do token de autenticação desabilitado" - --#: libpam/pam_strerror.c:92 -+#: .././libpam/pam_strerror.c:92 - msgid "Failed preliminary check by password service" - msgstr "Falha na verificação preliminar por serviço de senha" - --#: libpam/pam_strerror.c:94 -+#: .././libpam/pam_strerror.c:94 - msgid "The return value should be ignored by PAM dispatch" - msgstr "O valor de retorno deve ser ignorado pelo despacho PAM" - --#: libpam/pam_strerror.c:96 -+#: .././libpam/pam_strerror.c:96 - msgid "Module is unknown" - msgstr "Módulo desconhecido" - --#: libpam/pam_strerror.c:98 -+#: .././libpam/pam_strerror.c:98 - msgid "Authentication token expired" - msgstr "Token de autenticação expirado" - --#: libpam/pam_strerror.c:100 -+#: .././libpam/pam_strerror.c:100 - msgid "Conversation is waiting for event" - msgstr "Conversação aguardando por evento" - --#: libpam/pam_strerror.c:102 -+#: .././libpam/pam_strerror.c:102 - msgid "Application needs to call libpam again" - msgstr "O aplicativo precisa chamar libpam novamente" - --#: libpam/pam_strerror.c:105 -+#: .././libpam/pam_strerror.c:105 - msgid "Unknown PAM error" - msgstr "Erro desconhecido no PAM" - --#: modules/pam_cracklib/pam_cracklib.c:618 -+#: .././modules/pam_cracklib/pam_cracklib.c:618 - msgid "is the same as the old one" - msgstr "é igual à antiga senha" - --#: modules/pam_cracklib/pam_cracklib.c:624 --#: modules/pam_cracklib/pam_cracklib.c:628 --#: modules/pam_cracklib/pam_cracklib.c:638 -+#: .././modules/pam_cracklib/pam_cracklib.c:624 -+#: .././modules/pam_cracklib/pam_cracklib.c:628 -+#: .././modules/pam_cracklib/pam_cracklib.c:638 - msgid "memory allocation error" - msgstr "Erro de alocação de memória" - --#: modules/pam_cracklib/pam_cracklib.c:643 -+#: .././modules/pam_cracklib/pam_cracklib.c:643 - msgid "is a palindrome" - msgstr "é um palíndromo" - --#: modules/pam_cracklib/pam_cracklib.c:646 -+#: .././modules/pam_cracklib/pam_cracklib.c:646 - msgid "case changes only" - msgstr "mudou apenas maiúsculas/minúsculas" - --#: modules/pam_cracklib/pam_cracklib.c:649 -+#: .././modules/pam_cracklib/pam_cracklib.c:649 - msgid "is too similar to the old one" - msgstr "é muito semelhante à antiga" - --#: modules/pam_cracklib/pam_cracklib.c:652 -+#: .././modules/pam_cracklib/pam_cracklib.c:652 - msgid "is too simple" - msgstr "é simples demais" - --#: modules/pam_cracklib/pam_cracklib.c:655 -+#: .././modules/pam_cracklib/pam_cracklib.c:655 - msgid "is rotated" - msgstr "foi invertida" - --#: modules/pam_cracklib/pam_cracklib.c:658 -+#: .././modules/pam_cracklib/pam_cracklib.c:658 - msgid "not enough character classes" - msgstr "classes de caractere insuficientes" - --#: modules/pam_cracklib/pam_cracklib.c:661 -+#: .././modules/pam_cracklib/pam_cracklib.c:661 - msgid "contains too many same characters consecutively" - msgstr "contém muitos caracteres igual consecutivamente" - --#: modules/pam_cracklib/pam_cracklib.c:664 --#, fuzzy -+#: .././modules/pam_cracklib/pam_cracklib.c:664 - msgid "contains too long of a monotonic character sequence" --msgstr "contém muitos caracteres igual consecutivamente" -+msgstr "contém uma sequência de caracteres monotônica muito longa" - --#: modules/pam_cracklib/pam_cracklib.c:667 -+#: .././modules/pam_cracklib/pam_cracklib.c:667 - msgid "contains the user name in some form" - msgstr "contém o nome de usuário em algum formulário" - --#: modules/pam_cracklib/pam_cracklib.c:701 --#: modules/pam_unix/pam_unix_passwd.c:496 -+#: .././modules/pam_cracklib/pam_cracklib.c:701 -+#: .././modules/pam_unix/pam_unix_passwd.c:502 - msgid "No password supplied" - msgstr "Nenhuma senha informada" - --#: modules/pam_cracklib/pam_cracklib.c:701 --#: modules/pam_unix/pam_unix_passwd.c:496 -+#: .././modules/pam_cracklib/pam_cracklib.c:701 -+#: .././modules/pam_unix/pam_unix_passwd.c:502 - msgid "Password unchanged" - msgstr "Senha inalterada" - --#: modules/pam_cracklib/pam_cracklib.c:721 --#: modules/pam_cracklib/pam_cracklib.c:803 -+#: .././modules/pam_cracklib/pam_cracklib.c:721 -+#: .././modules/pam_cracklib/pam_cracklib.c:803 - #, c-format - msgid "BAD PASSWORD: %s" - msgstr "SENHA INCORRETA: %s" - --#: modules/pam_exec/pam_exec.c:273 -+#: .././modules/pam_exec/pam_exec.c:215 - #, c-format - msgid "%s failed: exit code %d" - msgstr "%s falhou: código de saída %d" - --#: modules/pam_exec/pam_exec.c:282 -+#: .././modules/pam_exec/pam_exec.c:224 - #, c-format - msgid "%s failed: caught signal %d%s" - msgstr "%s falhou: detectou sinal %d%s" - --#: modules/pam_exec/pam_exec.c:291 -+#: .././modules/pam_exec/pam_exec.c:233 - #, c-format - msgid "%s failed: unknown status 0x%x" - msgstr "%s falhou: status desconhecido 0x%x" - - #. TRANSLATORS: "strftime options for date of last login" --#: modules/pam_lastlog/pam_lastlog.c:282 modules/pam_lastlog/pam_lastlog.c:496 -+#: .././modules/pam_lastlog/pam_lastlog.c:282 -+#: .././modules/pam_lastlog/pam_lastlog.c:496 - msgid " %a %b %e %H:%M:%S %Z %Y" - msgstr "%a %b %e %H:%M:%S %Z %Y" - - #. TRANSLATORS: " from " --#: modules/pam_lastlog/pam_lastlog.c:291 modules/pam_lastlog/pam_lastlog.c:505 -+#: .././modules/pam_lastlog/pam_lastlog.c:291 -+#: .././modules/pam_lastlog/pam_lastlog.c:505 - #, c-format - msgid " from %.*s" - msgstr "de %.*s" - - #. TRANSLATORS: " on " --#: modules/pam_lastlog/pam_lastlog.c:303 modules/pam_lastlog/pam_lastlog.c:517 -+#: .././modules/pam_lastlog/pam_lastlog.c:303 -+#: .././modules/pam_lastlog/pam_lastlog.c:517 - #, c-format - msgid " on %.*s" - msgstr "em %.*s" - - #. TRANSLATORS: "Last login: from on " --#: modules/pam_lastlog/pam_lastlog.c:313 -+#: .././modules/pam_lastlog/pam_lastlog.c:313 - #, c-format - msgid "Last login:%s%s%s" - msgstr "Último login:%s%s%s" - --#: modules/pam_lastlog/pam_lastlog.c:319 -+#: .././modules/pam_lastlog/pam_lastlog.c:319 - msgid "Welcome to your new account!" - msgstr "Bem-vindo à sua nova conta!" - - #. TRANSLATORS: "Last failed login: from on " --#: modules/pam_lastlog/pam_lastlog.c:527 -+#: .././modules/pam_lastlog/pam_lastlog.c:527 - #, c-format - msgid "Last failed login:%s%s%s" - msgstr "Falha no último login:%s%s%s" - --#: modules/pam_lastlog/pam_lastlog.c:536 modules/pam_lastlog/pam_lastlog.c:543 -+#: .././modules/pam_lastlog/pam_lastlog.c:536 -+#: .././modules/pam_lastlog/pam_lastlog.c:543 - #, c-format - msgid "There was %d failed login attempt since the last successful login." - msgid_plural "" -@@ -318,199 +338,209 @@ - msgstr[1] "Houveram %d falhas de login desde o último login bem sucedido." - - #. TRANSLATORS: only used if dngettext is not supported --#: modules/pam_lastlog/pam_lastlog.c:548 -+#: .././modules/pam_lastlog/pam_lastlog.c:548 - #, c-format - msgid "There were %d failed login attempts since the last successful login." - msgstr "Houveram %d falhas de login desde o último login bem sucedido." - --#: modules/pam_limits/pam_limits.c:1079 -+#: .././modules/pam_limits/pam_limits.c:1079 - #, c-format - msgid "Too many logins for '%s'." - msgstr "Há logins demais para '%s'." - --#: modules/pam_mail/pam_mail.c:297 -+#: .././modules/pam_mail/pam_mail.c:297 - msgid "No mail." - msgstr "Não há mensagens." - --#: modules/pam_mail/pam_mail.c:300 -+#: .././modules/pam_mail/pam_mail.c:300 - msgid "You have new mail." - msgstr "Há novas mensagens." - --#: modules/pam_mail/pam_mail.c:303 -+#: .././modules/pam_mail/pam_mail.c:303 - msgid "You have old mail." - msgstr "Há mensagens antigas." - --#: modules/pam_mail/pam_mail.c:307 -+#: .././modules/pam_mail/pam_mail.c:307 - msgid "You have mail." - msgstr "Há mensagens." - --#: modules/pam_mail/pam_mail.c:314 -+#: .././modules/pam_mail/pam_mail.c:314 - #, c-format - msgid "You have no mail in folder %s." - msgstr "Não há mensagens na pasta %s." - --#: modules/pam_mail/pam_mail.c:318 -+#: .././modules/pam_mail/pam_mail.c:318 - #, c-format - msgid "You have new mail in folder %s." - msgstr "Há novas mensagens na pasta %s." - --#: modules/pam_mail/pam_mail.c:322 -+#: .././modules/pam_mail/pam_mail.c:322 - #, c-format - msgid "You have old mail in folder %s." - msgstr "Há mensagens antigas na pasta %s." - --#: modules/pam_mail/pam_mail.c:327 -+#: .././modules/pam_mail/pam_mail.c:327 - #, c-format - msgid "You have mail in folder %s." - msgstr "Há mensagens na pasta %s." - --#: modules/pam_mkhomedir/pam_mkhomedir.c:113 -+#: .././modules/pam_mkhomedir/pam_mkhomedir.c:114 - #, c-format - msgid "Creating directory '%s'." - msgstr "Criando o diretório '%s'." - --#: modules/pam_mkhomedir/pam_mkhomedir.c:183 -+#: .././modules/pam_mkhomedir/pam_mkhomedir.c:192 - #, c-format - msgid "Unable to create and initialize directory '%s'." - msgstr "Impossível criar e inicializar o diretório \"%s\"." - --#: modules/pam_pwhistory/pam_pwhistory.c:217 --#: modules/pam_unix/pam_unix_passwd.c:517 -+#: .././modules/pam_pwhistory/pam_pwhistory.c:384 -+#: .././modules/pam_unix/pam_unix_passwd.c:523 - msgid "Password has been already used. Choose another." - msgstr "A senha já foi usada. Escolha outra." - --#: modules/pam_pwhistory/pam_pwhistory.c:224 --#, fuzzy -+#: .././modules/pam_pwhistory/pam_pwhistory.c:391 - msgid "Password has been already used." --msgstr "A senha já foi usada. Escolha outra." -+msgstr "A senha já foi usada." - --#: modules/pam_selinux/pam_selinux.c:210 -+#: .././modules/pam_selinux/pam_selinux.c:210 - #, c-format - msgid "Default Security Context %s\n" - msgstr "Contexto de Segurança Padrão %s\n" - --#: modules/pam_selinux/pam_selinux.c:214 -+#: .././modules/pam_selinux/pam_selinux.c:214 - msgid "Would you like to enter a different role or level?" - msgstr "Deseja digitar uma função ou nível diferente?" - --#: modules/pam_selinux/pam_selinux.c:227 -+#. Allow the user to enter role and level individually -+#: .././modules/pam_selinux/pam_selinux.c:227 - msgid "role:" - msgstr "função:" - --#: modules/pam_selinux/pam_selinux.c:230 -+#: .././modules/pam_selinux/pam_selinux.c:230 - #, c-format - msgid "No default type for role %s\n" - msgstr "Não existe tipo padrão para a função %s\n" - --#: modules/pam_selinux/pam_selinux.c:262 -+#: .././modules/pam_selinux/pam_selinux.c:262 - msgid "level:" - msgstr "nível:" - --#: modules/pam_selinux/pam_selinux.c:295 -+#: .././modules/pam_selinux/pam_selinux.c:295 - msgid "Not a valid security context" - msgstr "Não é um contexto de segurança válido" - --#: modules/pam_selinux/pam_selinux.c:539 -+#: .././modules/pam_selinux/pam_selinux.c:539 - #, c-format - msgid "Unable to get valid context for %s" - msgstr "Impossível obter um contexto válido para %s" - --#: modules/pam_selinux/pam_selinux.c:658 -+#: .././modules/pam_selinux/pam_selinux.c:658 - #, c-format - msgid "Security Context %s Assigned" - msgstr "Contexto de segurança %s atribuído" - --#: modules/pam_selinux/pam_selinux.c:674 -+#: .././modules/pam_selinux/pam_selinux.c:674 - #, c-format - msgid "Key Creation Context %s Assigned" - msgstr "Contexto de criação de chave %s atribuído" - --#: modules/pam_selinux/pam_selinux_check.c:99 -+#: .././modules/pam_selinux/pam_selinux_check.c:99 - #, c-format - msgid "failed to initialize PAM\n" - msgstr "falha ao inicializar PAM\n" - --#: modules/pam_selinux/pam_selinux_check.c:105 -+#: .././modules/pam_selinux/pam_selinux_check.c:105 - #, c-format - msgid "failed to pam_set_item()\n" - msgstr "falha em pam_set_item()\n" - --#: modules/pam_selinux/pam_selinux_check.c:133 -+#. error in fork() -+#: .././modules/pam_selinux/pam_selinux_check.c:133 - #, c-format - msgid "login: failure forking: %m" - msgstr "login: falha na bifurcação: %m" - --#: modules/pam_stress/pam_stress.c:476 -+#: .././modules/pam_stress/pam_stress.c:476 - #, c-format - msgid "Changing STRESS password for %s." - msgstr "Mudando senha STRESS para %s." - --#: modules/pam_stress/pam_stress.c:490 -+#: .././modules/pam_stress/pam_stress.c:490 - msgid "Enter new STRESS password: " - msgstr "Digite a nova senha STRESS:" - --#: modules/pam_stress/pam_stress.c:493 -+#: .././modules/pam_stress/pam_stress.c:493 - msgid "Retype new STRESS password: " - msgstr "Digite novamente a nova senha STRESS:" - --#: modules/pam_stress/pam_stress.c:522 -+#: .././modules/pam_stress/pam_stress.c:522 - msgid "Verification mis-typed; password unchanged" - msgstr "Verificação digitada incorretamente; senha inalterada" - --#: modules/pam_tally/pam_tally.c:541 modules/pam_tally2/pam_tally2.c:599 -+#: .././modules/pam_tally/pam_tally.c:541 -+#: .././modules/pam_tally2/pam_tally2.c:599 - #, c-format - msgid "Account temporary locked (%ld seconds left)" - msgstr "Conta temporariamente bloqueada (restam %ld segundos)" - --#: modules/pam_tally/pam_tally.c:566 modules/pam_tally2/pam_tally2.c:578 -+#: .././modules/pam_tally/pam_tally.c:566 -+#: .././modules/pam_tally2/pam_tally2.c:578 - #, c-format - msgid "Account locked due to %u failed logins" - msgstr "Conta bloqueada devido a %u falhas de login" - --#: modules/pam_tally/pam_tally.c:777 modules/pam_tally2/pam_tally2.c:887 -+#: .././modules/pam_tally/pam_tally.c:777 -+#: .././modules/pam_tally2/pam_tally2.c:887 - msgid "Authentication error" - msgstr "Erro de autenticação" - --#: modules/pam_tally/pam_tally.c:778 modules/pam_tally2/pam_tally2.c:888 -+#: .././modules/pam_tally/pam_tally.c:778 -+#: .././modules/pam_tally2/pam_tally2.c:888 - msgid "Service error" - msgstr "Erro de serviço" - --#: modules/pam_tally/pam_tally.c:779 modules/pam_tally2/pam_tally2.c:889 -+#: .././modules/pam_tally/pam_tally.c:779 -+#: .././modules/pam_tally2/pam_tally2.c:889 - msgid "Unknown user" - msgstr "Usuário desconhecido" - --#: modules/pam_tally/pam_tally.c:780 modules/pam_tally2/pam_tally2.c:890 -+#: .././modules/pam_tally/pam_tally.c:780 -+#: .././modules/pam_tally2/pam_tally2.c:890 - msgid "Unknown error" - msgstr "Erro desconhecido" - --#: modules/pam_tally/pam_tally.c:796 modules/pam_tally2/pam_tally2.c:909 -+#: .././modules/pam_tally/pam_tally.c:796 -+#: .././modules/pam_tally2/pam_tally2.c:909 - #, c-format - msgid "%s: Bad number given to --reset=\n" - msgstr "%s: Número insuficiente fornecido para --reset=\n" - --#: modules/pam_tally/pam_tally.c:800 modules/pam_tally2/pam_tally2.c:913 -+#: .././modules/pam_tally/pam_tally.c:800 -+#: .././modules/pam_tally2/pam_tally2.c:913 - #, c-format - msgid "%s: Unrecognised option %s\n" - msgstr "%s: Opção não reconhecida %s\n" - --#: modules/pam_tally/pam_tally.c:812 -+#: .././modules/pam_tally/pam_tally.c:812 - #, c-format - msgid "" - "%s: [--file rooted-filename] [--user username] [--reset[=n]] [--quiet]\n" - msgstr "" - "%s: [--file rooted-filename] [--user username] [--reset[=n]] [--quiet]\n" - --#: modules/pam_tally/pam_tally.c:886 modules/pam_tally2/pam_tally2.c:1039 -+#: .././modules/pam_tally/pam_tally.c:886 -+#: .././modules/pam_tally2/pam_tally2.c:1039 - #, c-format - msgid "%s: Can't reset all users to non-zero\n" - msgstr "%s: Impossível redefinir todos os usuários para não-zero\n" - --#: modules/pam_tally2/pam_tally2.c:940 -+#: .././modules/pam_tally2/pam_tally2.c:940 - #, c-format - msgid "Login Failures Latest failure From\n" - msgstr "Login Falhas Último falha De\n" - --#: modules/pam_tally2/pam_tally2.c:956 -+#: .././modules/pam_tally2/pam_tally2.c:956 - #, c-format - msgid "" - "%s: [-f rooted-filename] [--file rooted-filename]\n" -@@ -521,24 +551,26 @@ - " [-u username] [--user username]\n" - " [-r] [--reset[=n]] [--quiet]\n" - --#: modules/pam_timestamp/pam_timestamp.c:345 -+#: .././modules/pam_timestamp/pam_timestamp.c:345 - #, c-format - msgid "Access granted (last access was %ld seconds ago)." - msgstr "Acesso concedido (o último acesso foi a %ld segundos atrás)." - --#: modules/pam_unix/pam_unix_acct.c:247 modules/pam_unix/pam_unix_acct.c:269 -+#: .././modules/pam_unix/pam_unix_acct.c:249 -+#: .././modules/pam_unix/pam_unix_acct.c:271 - msgid "Your account has expired; please contact your system administrator" - msgstr "Sua conta expirou; entre em contato com o administrador do sistema" - --#: modules/pam_unix/pam_unix_acct.c:255 -+#: .././modules/pam_unix/pam_unix_acct.c:257 - msgid "You are required to change your password immediately (root enforced)" - msgstr "Mude sua senha imediatamente (aplicado pela raiz)" - --#: modules/pam_unix/pam_unix_acct.c:261 -+#: .././modules/pam_unix/pam_unix_acct.c:263 - msgid "You are required to change your password immediately (password aged)" - msgstr "Mude sua senha imediatamente (senha expirada)" - --#: modules/pam_unix/pam_unix_acct.c:282 modules/pam_unix/pam_unix_acct.c:289 -+#: .././modules/pam_unix/pam_unix_acct.c:284 -+#: .././modules/pam_unix/pam_unix_acct.c:291 - #, c-format - msgid "Warning: your password will expire in %d day" - msgid_plural "Warning: your password will expire in %d days" -@@ -546,39 +578,37 @@ - msgstr[1] "Aviso: sua senha irá expirar em %d dias" - - #. TRANSLATORS: only used if dngettext is not supported --#: modules/pam_unix/pam_unix_acct.c:294 -+#: .././modules/pam_unix/pam_unix_acct.c:296 - #, c-format - msgid "Warning: your password will expire in %d days" - msgstr "Aviso: sua senha irá expirar em %d dias" - --#: modules/pam_unix/pam_unix_passwd.c:398 -+#: .././modules/pam_unix/pam_unix_passwd.c:404 - msgid "NIS password could not be changed." - msgstr "A senha NIS não pôde ser mudada." - --#: modules/pam_unix/pam_unix_passwd.c:513 -+#: .././modules/pam_unix/pam_unix_passwd.c:519 - msgid "You must choose a longer password" - msgstr "Escolha uma senha mais longa" - --#: modules/pam_unix/pam_unix_passwd.c:619 -+#. instruct user what is happening -+#: .././modules/pam_unix/pam_unix_passwd.c:625 - #, c-format - msgid "Changing password for %s." - msgstr "Mudando senha para %s." - --#: modules/pam_unix/pam_unix_passwd.c:630 -+#: .././modules/pam_unix/pam_unix_passwd.c:636 - msgid "(current) UNIX password: " - msgstr "Senha UNIX (atual):" - --#: modules/pam_unix/pam_unix_passwd.c:665 -+#: .././modules/pam_unix/pam_unix_passwd.c:671 - msgid "You must wait longer to change your password" - msgstr "Aguarde mais tempo para mudar a senha" - --#: modules/pam_unix/pam_unix_passwd.c:725 -+#: .././modules/pam_unix/pam_unix_passwd.c:731 - msgid "Enter new UNIX password: " - msgstr "Digite a nova senha UNIX:" - --#: modules/pam_unix/pam_unix_passwd.c:726 -+#: .././modules/pam_unix/pam_unix_passwd.c:732 - msgid "Retype new UNIX password: " - msgstr "Redigite a nova senha UNIX:" -- --#~ msgid "Would you like to enter a security context? [N] " --#~ msgstr "Deseja digitar um contexto de segurança? [N]" diff --git a/pam-1.1.1-faillock.patch b/pam-1.2.0-faillock.patch similarity index 93% rename from pam-1.1.1-faillock.patch rename to pam-1.2.0-faillock.patch index 5f4bfc6..bb48eef 100644 --- a/pam-1.1.1-faillock.patch +++ b/pam-1.2.0-faillock.patch @@ -1,7 +1,7 @@ -diff -up Linux-PAM-1.1.1/configure.in.faillock Linux-PAM-1.1.1/configure.in ---- Linux-PAM-1.1.1/configure.in.faillock 2010-10-20 15:46:34.000000000 +0200 -+++ Linux-PAM-1.1.1/configure.in 2011-01-25 18:24:43.000000000 +0100 -@@ -539,7 +539,7 @@ AC_CONFIG_FILES([Makefile libpam/Makefil +diff -up Linux-PAM-1.2.0/configure.ac.faillock Linux-PAM-1.2.0/configure.ac +--- Linux-PAM-1.2.0/configure.ac.faillock 2015-05-15 15:52:13.794506394 +0200 ++++ Linux-PAM-1.2.0/configure.ac 2015-05-15 15:52:13.798506486 +0200 +@@ -621,7 +621,7 @@ AC_CONFIG_FILES([Makefile libpam/Makefil modules/pam_access/Makefile modules/pam_cracklib/Makefile \ modules/pam_debug/Makefile modules/pam_deny/Makefile \ modules/pam_echo/Makefile modules/pam_env/Makefile \ @@ -10,9 +10,9 @@ diff -up Linux-PAM-1.1.1/configure.in.faillock Linux-PAM-1.1.1/configure.in modules/pam_filter/Makefile modules/pam_filter/upperLOWER/Makefile \ modules/pam_ftp/Makefile modules/pam_group/Makefile \ modules/pam_issue/Makefile modules/pam_keyinit/Makefile \ -diff -up Linux-PAM-1.1.1/doc/sag/pam_faillock.xml.faillock Linux-PAM-1.1.1/doc/sag/pam_faillock.xml ---- Linux-PAM-1.1.1/doc/sag/pam_faillock.xml.faillock 2011-01-25 18:24:43.000000000 +0100 -+++ Linux-PAM-1.1.1/doc/sag/pam_faillock.xml 2011-01-25 18:24:43.000000000 +0100 +diff -up Linux-PAM-1.2.0/doc/sag/pam_faillock.xml.faillock Linux-PAM-1.2.0/doc/sag/pam_faillock.xml +--- Linux-PAM-1.2.0/doc/sag/pam_faillock.xml.faillock 2015-05-15 15:52:13.799506509 +0200 ++++ Linux-PAM-1.2.0/doc/sag/pam_faillock.xml 2015-05-15 15:52:13.799506509 +0200 @@ -0,0 +1,38 @@ + + + + -diff -up Linux-PAM-1.1.1/modules/Makefile.am.faillock Linux-PAM-1.1.1/modules/Makefile.am ---- Linux-PAM-1.1.1/modules/Makefile.am.faillock 2010-10-20 15:46:34.000000000 +0200 -+++ Linux-PAM-1.1.1/modules/Makefile.am 2011-01-25 18:24:43.000000000 +0100 +diff -up Linux-PAM-1.2.0/modules/Makefile.am.faillock Linux-PAM-1.2.0/modules/Makefile.am +--- Linux-PAM-1.2.0/modules/Makefile.am.faillock 2015-05-15 15:52:13.797506463 +0200 ++++ Linux-PAM-1.2.0/modules/Makefile.am 2015-05-15 15:52:13.799506509 +0200 @@ -3,7 +3,7 @@ # @@ -64,9 +64,9 @@ diff -up Linux-PAM-1.1.1/modules/Makefile.am.faillock Linux-PAM-1.1.1/modules/Ma pam_env pam_exec pam_faildelay pam_filter pam_ftp \ pam_group pam_issue pam_keyinit pam_lastlog pam_limits \ pam_listfile pam_localuser pam_loginuid pam_mail \ -diff -up Linux-PAM-1.1.1/modules/pam_faillock/faillock.c.faillock Linux-PAM-1.1.1/modules/pam_faillock/faillock.c ---- Linux-PAM-1.1.1/modules/pam_faillock/faillock.c.faillock 2011-01-25 18:24:43.000000000 +0100 -+++ Linux-PAM-1.1.1/modules/pam_faillock/faillock.c 2011-01-25 18:24:56.000000000 +0100 +diff -up Linux-PAM-1.2.0/modules/pam_faillock/faillock.c.faillock Linux-PAM-1.2.0/modules/pam_faillock/faillock.c +--- Linux-PAM-1.2.0/modules/pam_faillock/faillock.c.faillock 2015-05-15 15:52:13.799506509 +0200 ++++ Linux-PAM-1.2.0/modules/pam_faillock/faillock.c 2015-05-15 15:52:13.799506509 +0200 @@ -0,0 +1,158 @@ +/* + * Copyright (c) 2010 Tomas Mraz @@ -226,9 +226,9 @@ diff -up Linux-PAM-1.1.1/modules/pam_faillock/faillock.c.faillock Linux-PAM-1.1. + + return 0; +} -diff -up Linux-PAM-1.1.1/modules/pam_faillock/faillock.h.faillock Linux-PAM-1.1.1/modules/pam_faillock/faillock.h ---- Linux-PAM-1.1.1/modules/pam_faillock/faillock.h.faillock 2011-01-25 18:24:43.000000000 +0100 -+++ Linux-PAM-1.1.1/modules/pam_faillock/faillock.h 2011-01-25 18:24:56.000000000 +0100 +diff -up Linux-PAM-1.2.0/modules/pam_faillock/faillock.h.faillock Linux-PAM-1.2.0/modules/pam_faillock/faillock.h +--- Linux-PAM-1.2.0/modules/pam_faillock/faillock.h.faillock 2015-05-15 15:52:13.799506509 +0200 ++++ Linux-PAM-1.2.0/modules/pam_faillock/faillock.h 2015-05-15 15:52:13.799506509 +0200 @@ -0,0 +1,73 @@ +/* + * Copyright (c) 2010 Tomas Mraz @@ -303,9 +303,9 @@ diff -up Linux-PAM-1.1.1/modules/pam_faillock/faillock.h.faillock Linux-PAM-1.1. +int update_tally(int fd, struct tally_data *tallies); +#endif + -diff -up Linux-PAM-1.1.1/modules/pam_faillock/faillock.8.xml.faillock Linux-PAM-1.1.1/modules/pam_faillock/faillock.8.xml ---- Linux-PAM-1.1.1/modules/pam_faillock/faillock.8.xml.faillock 2011-01-25 18:24:43.000000000 +0100 -+++ Linux-PAM-1.1.1/modules/pam_faillock/faillock.8.xml 2011-01-25 18:24:43.000000000 +0100 +diff -up Linux-PAM-1.2.0/modules/pam_faillock/faillock.8.xml.faillock Linux-PAM-1.2.0/modules/pam_faillock/faillock.8.xml +--- Linux-PAM-1.2.0/modules/pam_faillock/faillock.8.xml.faillock 2015-05-15 15:52:13.799506509 +0200 ++++ Linux-PAM-1.2.0/modules/pam_faillock/faillock.8.xml 2015-05-15 15:52:13.799506509 +0200 @@ -0,0 +1,123 @@ + + + + -diff -up Linux-PAM-1.1.1/modules/pam_faillock/main.c.faillock Linux-PAM-1.1.1/modules/pam_faillock/main.c ---- Linux-PAM-1.1.1/modules/pam_faillock/main.c.faillock 2011-01-25 18:24:43.000000000 +0100 -+++ Linux-PAM-1.1.1/modules/pam_faillock/main.c 2011-01-25 18:24:56.000000000 +0100 +diff -up Linux-PAM-1.2.0/modules/pam_faillock/main.c.faillock Linux-PAM-1.2.0/modules/pam_faillock/main.c +--- Linux-PAM-1.2.0/modules/pam_faillock/main.c.faillock 2015-05-15 15:52:13.799506509 +0200 ++++ Linux-PAM-1.2.0/modules/pam_faillock/main.c 2015-05-15 15:52:13.799506509 +0200 @@ -0,0 +1,235 @@ +/* + * Copyright (c) 2010 Tomas Mraz @@ -669,9 +669,9 @@ diff -up Linux-PAM-1.1.1/modules/pam_faillock/main.c.faillock Linux-PAM-1.1.1/mo + return do_user(&opts, opts.user); +} + -diff -up Linux-PAM-1.1.1/modules/pam_faillock/Makefile.am.faillock Linux-PAM-1.1.1/modules/pam_faillock/Makefile.am ---- Linux-PAM-1.1.1/modules/pam_faillock/Makefile.am.faillock 2011-01-25 18:24:43.000000000 +0100 -+++ Linux-PAM-1.1.1/modules/pam_faillock/Makefile.am 2011-01-25 18:24:43.000000000 +0100 +diff -up Linux-PAM-1.2.0/modules/pam_faillock/Makefile.am.faillock Linux-PAM-1.2.0/modules/pam_faillock/Makefile.am +--- Linux-PAM-1.2.0/modules/pam_faillock/Makefile.am.faillock 2015-05-15 15:52:13.799506509 +0200 ++++ Linux-PAM-1.2.0/modules/pam_faillock/Makefile.am 2015-05-15 15:52:13.799506509 +0200 @@ -0,0 +1,43 @@ +# +# Copyright (c) 2005, 2006, 2007, 2009 Thorsten Kukuk @@ -716,9 +716,9 @@ diff -up Linux-PAM-1.1.1/modules/pam_faillock/Makefile.am.faillock Linux-PAM-1.1 +README: pam_faillock.8.xml +-include $(top_srcdir)/Make.xml.rules +endif -diff -up Linux-PAM-1.1.1/modules/pam_faillock/pam_faillock.c.faillock Linux-PAM-1.1.1/modules/pam_faillock/pam_faillock.c ---- Linux-PAM-1.1.1/modules/pam_faillock/pam_faillock.c.faillock 2011-01-25 18:24:43.000000000 +0100 -+++ Linux-PAM-1.1.1/modules/pam_faillock/pam_faillock.c 2011-01-25 18:24:56.000000000 +0100 +diff -up Linux-PAM-1.2.0/modules/pam_faillock/pam_faillock.c.faillock Linux-PAM-1.2.0/modules/pam_faillock/pam_faillock.c +--- Linux-PAM-1.2.0/modules/pam_faillock/pam_faillock.c.faillock 2015-05-15 15:52:13.800506532 +0200 ++++ Linux-PAM-1.2.0/modules/pam_faillock/pam_faillock.c 2015-05-15 15:52:13.800506532 +0200 @@ -0,0 +1,556 @@ +/* + * Copyright (c) 2010 Tomas Mraz @@ -1276,9 +1276,9 @@ diff -up Linux-PAM-1.1.1/modules/pam_faillock/pam_faillock.c.faillock Linux-PAM- + +#endif /* #ifdef PAM_STATIC */ + -diff -up Linux-PAM-1.1.1/modules/pam_faillock/pam_faillock.8.xml.faillock Linux-PAM-1.1.1/modules/pam_faillock/pam_faillock.8.xml ---- Linux-PAM-1.1.1/modules/pam_faillock/pam_faillock.8.xml.faillock 2011-01-25 18:24:43.000000000 +0100 -+++ Linux-PAM-1.1.1/modules/pam_faillock/pam_faillock.8.xml 2011-01-25 18:24:56.000000000 +0100 +diff -up Linux-PAM-1.2.0/modules/pam_faillock/pam_faillock.8.xml.faillock Linux-PAM-1.2.0/modules/pam_faillock/pam_faillock.8.xml +--- Linux-PAM-1.2.0/modules/pam_faillock/pam_faillock.8.xml.faillock 2015-05-15 15:52:13.800506532 +0200 ++++ Linux-PAM-1.2.0/modules/pam_faillock/pam_faillock.8.xml 2015-05-15 15:52:13.800506532 +0200 @@ -0,0 +1,392 @@ + + + + -diff -up Linux-PAM-1.1.1/modules/pam_faillock/README.xml.faillock Linux-PAM-1.1.1/modules/pam_faillock/README.xml ---- Linux-PAM-1.1.1/modules/pam_faillock/README.xml.faillock 2011-01-25 18:24:43.000000000 +0100 -+++ Linux-PAM-1.1.1/modules/pam_faillock/README.xml 2011-01-25 18:24:43.000000000 +0100 +diff -up Linux-PAM-1.2.0/modules/pam_faillock/README.xml.faillock Linux-PAM-1.2.0/modules/pam_faillock/README.xml +--- Linux-PAM-1.2.0/modules/pam_faillock/README.xml.faillock 2015-05-15 15:52:13.800506532 +0200 ++++ Linux-PAM-1.2.0/modules/pam_faillock/README.xml 2015-05-15 15:52:13.800506532 +0200 @@ -0,0 +1,46 @@ + + + + -diff -up Linux-PAM-1.1.1/modules/pam_faillock/tst-pam_faillock.faillock Linux-PAM-1.1.1/modules/pam_faillock/tst-pam_faillock ---- Linux-PAM-1.1.1/modules/pam_faillock/tst-pam_faillock.faillock 2011-01-25 18:24:43.000000000 +0100 -+++ Linux-PAM-1.1.1/modules/pam_faillock/tst-pam_faillock 2011-01-25 18:24:43.000000000 +0100 +diff -up Linux-PAM-1.2.0/modules/pam_faillock/tst-pam_faillock.faillock Linux-PAM-1.2.0/modules/pam_faillock/tst-pam_faillock +--- Linux-PAM-1.2.0/modules/pam_faillock/tst-pam_faillock.faillock 2015-05-15 15:52:13.800506532 +0200 ++++ Linux-PAM-1.2.0/modules/pam_faillock/tst-pam_faillock 2015-05-15 15:52:13.800506532 +0200 @@ -0,0 +1,2 @@ +#!/bin/sh +../../tests/tst-dlopen .libs/pam_faillock.so diff --git a/pam-1.0.90-redhat-modules.patch b/pam-1.2.0-redhat-modules.patch similarity index 54% rename from pam-1.0.90-redhat-modules.patch rename to pam-1.2.0-redhat-modules.patch index 3ad41cc..8a66134 100644 --- a/pam-1.0.90-redhat-modules.patch +++ b/pam-1.2.0-redhat-modules.patch @@ -1,18 +1,7 @@ -diff -up Linux-PAM-1.0.90/modules/Makefile.am.redhat-modules Linux-PAM-1.0.90/modules/Makefile.am ---- Linux-PAM-1.0.90/modules/Makefile.am.redhat-modules 2008-11-29 08:27:35.000000000 +0100 -+++ Linux-PAM-1.0.90/modules/Makefile.am 2008-12-16 13:40:16.000000000 +0100 -@@ -3,6 +3,7 @@ - # - - SUBDIRS = pam_access pam_cracklib pam_debug pam_deny pam_echo \ -+ pam_chroot pam_console pam_postgresok \ - pam_env pam_exec pam_faildelay pam_filter pam_ftp \ - pam_group pam_issue pam_keyinit pam_lastlog pam_limits \ - pam_listfile pam_localuser pam_loginuid pam_mail \ -diff -up Linux-PAM-1.0.90/configure.in.redhat-modules Linux-PAM-1.0.90/configure.in ---- Linux-PAM-1.0.90/configure.in.redhat-modules 2008-12-02 16:25:01.000000000 +0100 -+++ Linux-PAM-1.0.90/configure.in 2008-12-16 13:39:11.000000000 +0100 -@@ -531,6 +531,8 @@ AC_CONFIG_FILES([Makefile libpam/Makefil +diff -up Linux-PAM-1.2.0/configure.ac.redhat-modules Linux-PAM-1.2.0/configure.ac +--- Linux-PAM-1.2.0/configure.ac.redhat-modules 2015-03-25 16:50:10.000000000 +0100 ++++ Linux-PAM-1.2.0/configure.ac 2015-05-15 15:46:50.996074677 +0200 +@@ -616,6 +616,8 @@ AC_CONFIG_FILES([Makefile libpam/Makefil libpam_misc/Makefile conf/Makefile conf/pam_conv1/Makefile \ po/Makefile.in \ modules/Makefile \ @@ -21,3 +10,14 @@ diff -up Linux-PAM-1.0.90/configure.in.redhat-modules Linux-PAM-1.0.90/configure modules/pam_access/Makefile modules/pam_cracklib/Makefile \ modules/pam_debug/Makefile modules/pam_deny/Makefile \ modules/pam_echo/Makefile modules/pam_env/Makefile \ +diff -up Linux-PAM-1.2.0/modules/Makefile.am.redhat-modules Linux-PAM-1.2.0/modules/Makefile.am +--- Linux-PAM-1.2.0/modules/Makefile.am.redhat-modules 2015-03-24 13:02:32.000000000 +0100 ++++ Linux-PAM-1.2.0/modules/Makefile.am 2015-05-15 15:46:50.995074654 +0200 +@@ -3,6 +3,7 @@ + # + + SUBDIRS = pam_access pam_cracklib pam_debug pam_deny pam_echo \ ++ pam_chroot pam_console pam_postgresok \ + pam_env pam_exec pam_faildelay pam_filter pam_ftp \ + pam_group pam_issue pam_keyinit pam_lastlog pam_limits \ + pam_listfile pam_localuser pam_loginuid pam_mail \ diff --git a/pam-1.1.5-unix-no-fallback.patch b/pam-1.2.0-unix-no-fallback.patch similarity index 67% rename from pam-1.1.5-unix-no-fallback.patch rename to pam-1.2.0-unix-no-fallback.patch index 7857196..6295da7 100644 --- a/pam-1.1.5-unix-no-fallback.patch +++ b/pam-1.2.0-unix-no-fallback.patch @@ -1,7 +1,7 @@ -diff -up Linux-PAM-1.1.5/modules/pam_unix/pam_unix.8.xml.no-fallback Linux-PAM-1.1.5/modules/pam_unix/pam_unix.8.xml ---- Linux-PAM-1.1.5/modules/pam_unix/pam_unix.8.xml.no-fallback 2011-06-21 11:04:56.000000000 +0200 -+++ Linux-PAM-1.1.5/modules/pam_unix/pam_unix.8.xml 2012-05-09 11:54:34.442036404 +0200 -@@ -265,11 +265,10 @@ +diff -up Linux-PAM-1.2.0/modules/pam_unix/pam_unix.8.xml.no-fallback Linux-PAM-1.2.0/modules/pam_unix/pam_unix.8.xml +--- Linux-PAM-1.2.0/modules/pam_unix/pam_unix.8.xml.no-fallback 2015-04-27 16:38:03.000000000 +0200 ++++ Linux-PAM-1.2.0/modules/pam_unix/pam_unix.8.xml 2015-05-15 15:54:21.524440864 +0200 +@@ -284,11 +284,10 @@ When a user changes their password next, @@ -16,7 +16,7 @@ diff -up Linux-PAM-1.1.5/modules/pam_unix/pam_unix.8.xml.no-fallback Linux-PAM-1 -@@ -280,11 +279,10 @@ +@@ -299,11 +298,10 @@ When a user changes their password next, @@ -31,7 +31,7 @@ diff -up Linux-PAM-1.1.5/modules/pam_unix/pam_unix.8.xml.no-fallback Linux-PAM-1 -@@ -295,11 +293,10 @@ +@@ -314,11 +312,10 @@ When a user changes their password next, @@ -46,12 +46,15 @@ diff -up Linux-PAM-1.1.5/modules/pam_unix/pam_unix.8.xml.no-fallback Linux-PAM-1 -diff -up Linux-PAM-1.1.5/modules/pam_unix/passverify.c.no-fallback Linux-PAM-1.1.5/modules/pam_unix/passverify.c ---- Linux-PAM-1.1.5/modules/pam_unix/passverify.c.no-fallback 2012-05-09 11:48:12.409632377 +0200 -+++ Linux-PAM-1.1.5/modules/pam_unix/passverify.c 2012-05-09 11:48:36.953172291 +0200 -@@ -427,15 +427,14 @@ PAMH_ARG_DECL(char * create_password_has +diff -up Linux-PAM-1.2.0/modules/pam_unix/passverify.c.no-fallback Linux-PAM-1.2.0/modules/pam_unix/passverify.c +--- Linux-PAM-1.2.0/modules/pam_unix/passverify.c.no-fallback 2015-05-15 15:54:21.525440887 +0200 ++++ Linux-PAM-1.2.0/modules/pam_unix/passverify.c 2015-05-15 15:57:23.138613273 +0200 +@@ -437,10 +437,9 @@ PAMH_ARG_DECL(char * create_password_has + sp = crypt(password, salt); + #endif if (!sp || strncmp(algoid, sp, strlen(algoid)) != 0) { - /* libxcrypt/libc doesn't know the algorithm, use MD5 */ +- /* libxcrypt/libc doesn't know the algorithm, use MD5 */ ++ /* libxcrypt/libc doesn't know the algorithm, error out */ pam_syslog(pamh, LOG_ERR, - "Algo %s not supported by the crypto backend, " - "falling back to MD5\n", @@ -59,11 +62,12 @@ diff -up Linux-PAM-1.1.5/modules/pam_unix/passverify.c.no-fallback Linux-PAM-1.1 on(UNIX_BLOWFISH_PASS, ctrl) ? "blowfish" : on(UNIX_SHA256_PASS, ctrl) ? "sha256" : on(UNIX_SHA512_PASS, ctrl) ? "sha512" : algoid); - if(sp) { - memset(sp, '\0', strlen(sp)); - } +@@ -450,7 +449,7 @@ PAMH_ARG_DECL(char * create_password_has + #ifdef HAVE_CRYPT_R + free(cdata); + #endif - return crypt_md5_wrapper(password); + return NULL; } - - return x_strdup(sp); + sp = x_strdup(sp); + #ifdef HAVE_CRYPT_R diff --git a/pam-1.1.6-use-links.patch b/pam-1.2.0-use-links.patch similarity index 59% rename from pam-1.1.6-use-links.patch rename to pam-1.2.0-use-links.patch index 2c56c6f..e2c8875 100644 --- a/pam-1.1.6-use-links.patch +++ b/pam-1.2.0-use-links.patch @@ -1,7 +1,7 @@ -diff -up Linux-PAM-1.1.6/configure.in.links Linux-PAM-1.1.6/configure.in ---- Linux-PAM-1.1.6/configure.in.links 2013-04-24 13:13:36.000000000 +0200 -+++ Linux-PAM-1.1.6/configure.in 2013-08-07 14:08:03.818055990 +0200 -@@ -548,9 +548,9 @@ JH_CHECK_XML_CATALOG([-//OASIS//DTD DocB +diff -up Linux-PAM-1.2.0/configure.ac.links Linux-PAM-1.2.0/configure.ac +--- Linux-PAM-1.2.0/configure.ac.links 2015-05-15 16:00:03.406295266 +0200 ++++ Linux-PAM-1.2.0/configure.ac 2015-05-15 16:00:03.425295702 +0200 +@@ -564,9 +564,9 @@ JH_CHECK_XML_CATALOG([-//OASIS//DTD DocB JH_CHECK_XML_CATALOG([http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl], [DocBook XSL Stylesheets], [], enable_docu=no) diff --git a/pam.spec b/pam.spec index 8410309..00da878 100644 --- a/pam.spec +++ b/pam.spec @@ -2,8 +2,8 @@ Summary: An extensible library which provides authentication for applications Name: pam -Version: 1.1.8 -Release: 18%{?dist} +Version: 1.2.0 +Release: 1%{?dist} # The library is BSD licensed with option to relicense as GPLv2+ # - this option is redundant as the BSD license allows that anyway. # pam_timestamp, pam_loginuid, and pam_console modules are GPLv2+. @@ -28,34 +28,21 @@ Source15: pamtmp.conf Source16: postlogin.pamd Source17: postlogin.5 Source18: https://www.gnu.org/licenses/old-licenses/gpl-2.0.txt -Patch1: pam-1.0.90-redhat-modules.patch -Patch2: pam-1.1.6-std-noclose.patch +Patch1: pam-1.2.0-redhat-modules.patch Patch4: pam-1.1.0-console-nochmod.patch Patch5: pam-1.1.0-notally.patch -Patch8: pam-1.1.1-faillock.patch +Patch8: pam-1.2.0-faillock.patch Patch9: pam-1.1.6-noflex.patch Patch10: pam-1.1.3-nouserenv.patch Patch13: pam-1.1.6-limits-user.patch Patch15: pam-1.1.8-full-relro.patch # FIPS related - non upstreamable -Patch20: pam-1.1.5-unix-no-fallback.patch -Patch27: pam-1.1.8-lastlog-uninitialized.patch +Patch20: pam-1.2.0-unix-no-fallback.patch Patch28: pam-1.1.1-console-errmsg.patch # Upstreamed partially Patch29: pam-1.1.8-pwhistory-helper.patch -Patch31: pam-1.1.6-use-links.patch -Patch32: pam-1.1.7-tty-audit-init.patch -Patch33: pam-1.1.8-translation-updates.patch -Patch34: pam-1.1.8-canonicalize-username.patch -Patch35: pam-1.1.8-cve-2013-7041.patch -Patch36: pam-1.1.8-cve-2014-2583.patch -Patch37: pam-1.1.8-loginuid-container.patch -Patch38: pam-1.1.8-opasswd-tolerant.patch -Patch39: pam-1.1.8-audit-grantor.patch -Patch40: pam-1.1.8-man-dbsuffix.patch -Patch41: pam-1.1.8-limits-check-process.patch -Patch42: pam-1.1.8-limits-docfix.patch -Patch43: pam-1.1.8-audit-user-mgmt.patch +Patch30: pam-1.2.0-use-links.patch +Patch31: pam-1.1.8-audit-user-mgmt.patch %define _pamlibdir %{_libdir} %define _moduledir %{_libdir}/security @@ -114,6 +101,7 @@ and modules for use with the PAM system. %prep %setup -q -n Linux-PAM-%{version} -a 2 perl -pi -e "s/ppc64-\*/ppc64-\* \| ppc64p7-\*/" build-aux/config.sub +perl -pi -e "s/\/lib \/usr\/lib/\/lib \/usr\/lib \/lib64 \/usr\/lib64/" m4/libtool.m4 # Add custom modules. mv pam-redhat-%{pam_redhat_version}/* modules @@ -121,7 +109,6 @@ mv pam-redhat-%{pam_redhat_version}/* modules cp %{SOURCE18} . %patch1 -p1 -b .redhat-modules -%patch2 -p1 -b .std-noclose %patch4 -p1 -b .nochmod %patch5 -p1 -b .notally %patch8 -p1 -b .faillock @@ -130,26 +117,15 @@ cp %{SOURCE18} . %patch13 -p1 -b .limits %patch15 -p1 -b .relro %patch20 -p1 -b .no-fallback -%patch27 -p1 -b .uninitialized %patch28 -p1 -b .errmsg %patch29 -p1 -b .pwhhelper -%patch31 -p1 -b .links -%patch32 -p1 -b .tty-audit-init -%patch33 -p2 -b .translations -%patch34 -p1 -b .canonicalize -%patch35 -p1 -b .case -%patch36 -p1 -b .timestamp-ruser -%patch37 -p1 -b .container -%patch38 -p1 -b .opasswd-tolerant -%patch39 -p1 -b .grantor -%patch40 -p1 -b .dbsuffix -%patch41 -p1 -b .check-process -%patch42 -p1 -b .docfix -%patch43 -p1 -b .audit-user-mgmt +%patch30 -p1 -b .links +%patch31 -p1 -b .audit-user-mgmt %build autoreconf -i %configure \ + --disable-rpath \ --libdir=%{_pamlibdir} \ --includedir=%{_includedir}/security \ %if ! %{WITH_SELINUX} @@ -396,6 +372,9 @@ fi %doc doc/adg/*.txt doc/adg/html %changelog +* Fri May 15 2015 Tomáš Mráz 1.2.0-1 +- new upstream release with multiple minor improvements + * Fri Oct 17 2014 Tomáš Mráz 1.1.8-18 - use USER_MGMT type for auditing in the pam_tally2 and faillock apps (#1151576) diff --git a/sources b/sources index 44739bf..4582a02 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -35b6091af95981b1b2cd60d813b5e4ee Linux-PAM-1.1.8.tar.bz2 29eab110f57e8d60471081a6278a5a92 pam-redhat-0.99.11.tar.bz2 +ee4a480d77b341c99e8b1375f8f180c0 Linux-PAM-1.2.0.tar.bz2