diff --git a/pam-0.99.8.1-console-hal-handled.patch b/pam-0.99.8.1-console-hal-handled.patch new file mode 100644 index 0000000..f20cbc4 --- /dev/null +++ b/pam-0.99.8.1-console-hal-handled.patch @@ -0,0 +1,71 @@ +Written-by: David Zeuthen +Reviewed-by: Tomas Mraz +diff -up Linux-PAM-0.99.8.1/modules/pam_console/50-default.perms.hal-handled Linux-PAM-0.99.8.1/modules/pam_console/50-default.perms +--- Linux-PAM-0.99.8.1/modules/pam_console/50-default.perms.hal-handled 2007-07-23 14:48:41.000000000 +0200 ++++ Linux-PAM-0.99.8.1/modules/pam_console/50-default.perms 2007-08-22 16:25:54.000000000 +0200 +@@ -1,65 +1,32 @@ + # device classes -- these are shell-style globs +-=/dev/fd[0-1]* \ +- /dev/floppy* /mnt/floppy* +-=/dev/dsp* /dev/audio* /dev/midi* \ +- /dev/mixer* /dev/sequencer* \ +- /dev/sound/* /dev/beep \ +- /dev/snd/* /dev/adsp* +-=/dev/cdrom* /dev/cdroms/* /dev/cdwriter* /mnt/cdrom* + =/dev/pilot +-=/mnt/jaz* +-=/mnt/pocketzip* /mnt/zip* /dev/zip* +-=/dev/ls120 /mnt/ls120* + =/dev/scanner* /dev/usb/scanner* + =/dev/usb/rio500 +-=/mnt/camera* /dev/usb/dc2xx* /dev/usb/mdc800* +-=/mnt/memstick* +-=/mnt/flash* /dev/flash* +-=/mnt/diskonkey* +-=/mnt/microdrive* + =/dev/fb /dev/fb[0-9]* \ + /dev/fb/* + =/dev/kbd + =/dev/js[0-9]* +-=/dev/video* /dev/radio* /dev/winradio* /dev/vtx* /dev/vbi* \ +- /dev/video/* + =/dev/gpmctl + =/dev/nvidia* /dev/3dfx* /dev/dri/card* + =/dev/apm_bios + =/dev/pmu + =/dev/rfcomm* +-=/dev/raw1394 + =/dev/ircomm* + =/dev/dvb/adapter*/* +-=/dev/iidc* /dev/vendorfw* /dev/avc* + + # permission definitions +- 0660 0660 root.floppy +- 0600 0600 root +- 0600 0660 root.disk + 0600 0660 root.uucp +- 0600 0660 root.disk +- 0600 0660 root.disk +- 0600 0660 root.disk + 0600 0600 root +- 0600 0600 root.disk +- 0600 0600 root.disk +- 0600 0600 root.disk +- 0600 0660 root.disk +- 0600 0660 root.disk + 0600 0600 root + 0600 0600 root + 0600 0600 root +- 0600 0600 root + 0700 0700 root + 0600 0600 root + 0600 0600 root + 0600 0600 root + 0600 0600 root +- 0600 0600 root + 0600 0600 root + 0600 0600 root +- 0600 0600 root + + 0600 /dev/console 0600 root.root + 0600 0600 root diff --git a/pam.spec b/pam.spec index 88d529a..f9570bb 100644 --- a/pam.spec +++ b/pam.spec @@ -11,10 +11,11 @@ Summary: A security tool which provides authentication for applications Name: pam Version: 0.99.8.1 -Release: 4%{?dist} +Release: 5%{?dist} # The library is BSD licensed with option to relicense as GPLv2+ - this option is redundant -# as the BSD license allows that anyway. pam_timestamp and pam_console modules are GPLv2+ -License: BSD and GPLv2+ +# as the BSD license allows that anyway. pam_timestamp and pam_console modules are GPLv2+, +# pam_rhosts_auth module is BSD with advertising +License: BSD and GPLv2+ and BSD with advertising Group: System Environment/Base Source0: http://ftp.us.kernel.org/pub/linux/libs/pam/pre/library/Linux-PAM-%{version}.tar.bz2 Source1: http://ftp.us.kernel.org/pub/linux/libs/pam/pre/library/Linux-PAM-%{version}.tar.bz2.sign @@ -36,6 +37,7 @@ Patch31: pam-0.99.3.0-cracklib-try-first-pass.patch Patch32: pam-0.99.3.0-tally-fail-close.patch Patch40: pam-0.99.7.1-namespace-temp-logon.patch Patch41: pam-0.99.8.1-namespace-init.patch +Patch42: pam-0.99.8.1-console-hal-handled.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) Requires: cracklib, cracklib-dicts >= 2.8 @@ -98,6 +100,7 @@ cp %{SOURCE7} . %patch32 -p1 -b .fail-close %patch40 -p1 -b .temp-logon %patch41 -p1 -b .ns-init +%patch42 -p1 -b .hal-handled autoreconf @@ -388,6 +391,10 @@ fi %doc doc/adg/*.txt doc/adg/html %changelog +* Wed Aug 22 2007 Tomas Mraz 0.99.8.1-5 +- most devices are now handled by HAL and not pam_console (patch by davidz) +- license tag fix + * Mon Aug 13 2007 Tomas Mraz 0.99.8.1-4 - fix auth regression when uid != 0 from previous build (#251804)