new upstream release
- pam_tty_audit: allow the module to work with old kernels
This commit is contained in:
parent
b5054fab06
commit
b99d0d5268
@ -32,7 +32,7 @@ diff -up Linux-PAM-1.1.7/modules/pam_tty_audit/pam_tty_audit.c.tty-audit-init Li
|
|||||||
}
|
}
|
||||||
+ else if (resdiff > 0)
|
+ else if (resdiff > 0)
|
||||||
+ {
|
+ {
|
||||||
+ memset((char *)buf + res, 0, resdiff);
|
+ memset((char *)buf + size - resdiff, 0, resdiff);
|
||||||
+ }
|
+ }
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -1,52 +0,0 @@
|
|||||||
diff -up Linux-PAM-1.1.7/modules/pam_unix/pam_unix_acct.c.build Linux-PAM-1.1.7/modules/pam_unix/pam_unix_acct.c
|
|
||||||
--- Linux-PAM-1.1.7/modules/pam_unix/pam_unix_acct.c.build 2013-09-13 13:22:12.715064174 +0200
|
|
||||||
+++ Linux-PAM-1.1.7/modules/pam_unix/pam_unix_acct.c 2013-09-13 13:22:12.754065021 +0200
|
|
||||||
@@ -49,6 +49,8 @@
|
|
||||||
#include <time.h> /* for time() */
|
|
||||||
#include <errno.h>
|
|
||||||
#include <sys/wait.h>
|
|
||||||
+#include <sys/time.h>
|
|
||||||
+#include <sys/resource.h>
|
|
||||||
|
|
||||||
#include <security/_pam_macros.h>
|
|
||||||
|
|
||||||
diff -up Linux-PAM-1.1.7/modules/pam_unix/pam_unix_passwd.c.build Linux-PAM-1.1.7/modules/pam_unix/pam_unix_passwd.c
|
|
||||||
--- Linux-PAM-1.1.7/modules/pam_unix/pam_unix_passwd.c.build 2013-09-13 13:22:12.716064196 +0200
|
|
||||||
+++ Linux-PAM-1.1.7/modules/pam_unix/pam_unix_passwd.c 2013-09-13 14:06:01.581056247 +0200
|
|
||||||
@@ -53,6 +53,7 @@
|
|
||||||
#include <fcntl.h>
|
|
||||||
#include <ctype.h>
|
|
||||||
#include <sys/time.h>
|
|
||||||
+#include <sys/resource.h>
|
|
||||||
#include <sys/stat.h>
|
|
||||||
|
|
||||||
#include <signal.h>
|
|
||||||
@@ -262,7 +263,7 @@ static int _unix_run_update_binary(pam_h
|
|
||||||
close(fds[0]); /* close here to avoid possible SIGPIPE above */
|
|
||||||
close(fds[1]);
|
|
||||||
/* wait for helper to complete: */
|
|
||||||
- while ((rc=waitpid(child, &retval, 0) < 0 && errno == EINTR);
|
|
||||||
+ while ((rc=waitpid(child, &retval, 0)) < 0 && errno == EINTR);
|
|
||||||
if (rc<0) {
|
|
||||||
pam_syslog(pamh, LOG_ERR, "unix_update waitpid failed: %m");
|
|
||||||
retval = PAM_AUTHTOK_ERR;
|
|
||||||
diff -up Linux-PAM-1.1.7/modules/pam_unix/support.c.build Linux-PAM-1.1.7/modules/pam_unix/support.c
|
|
||||||
--- Linux-PAM-1.1.7/modules/pam_unix/support.c.build 2013-09-13 13:22:12.716064196 +0200
|
|
||||||
+++ Linux-PAM-1.1.7/modules/pam_unix/support.c 2013-09-13 14:44:02.452924470 +0200
|
|
||||||
@@ -19,6 +19,7 @@
|
|
||||||
#include <signal.h>
|
|
||||||
#include <ctype.h>
|
|
||||||
#include <syslog.h>
|
|
||||||
+#include <sys/time.h>
|
|
||||||
#include <sys/resource.h>
|
|
||||||
#ifdef HAVE_RPCSVC_YPCLNT_H
|
|
||||||
#include <rpcsvc/ypclnt.h>
|
|
||||||
@@ -177,7 +178,7 @@ int _set_ctrl(pam_handle_t *pamh, int fl
|
|
||||||
free (val);
|
|
||||||
|
|
||||||
/* read number of rounds for crypt algo */
|
|
||||||
- if (on(UNIX_SHA256_PASS, ctrl) || on(UNIX_SHA512_PASS, ctrl)) {
|
|
||||||
+ if (rounds && (on(UNIX_SHA256_PASS, ctrl) || on(UNIX_SHA512_PASS, ctrl))) {
|
|
||||||
val=search_key ("SHA_CRYPT_MAX_ROUNDS", LOGIN_DEFS);
|
|
||||||
|
|
||||||
if (val) {
|
|
10
pam.spec
10
pam.spec
@ -2,8 +2,8 @@
|
|||||||
|
|
||||||
Summary: An extensible library which provides authentication for applications
|
Summary: An extensible library which provides authentication for applications
|
||||||
Name: pam
|
Name: pam
|
||||||
Version: 1.1.7
|
Version: 1.1.8
|
||||||
Release: 3%{?dist}
|
Release: 1%{?dist}
|
||||||
# The library is BSD licensed with option to relicense as GPLv2+
|
# The library is BSD licensed with option to relicense as GPLv2+
|
||||||
# - this option is redundant as the BSD license allows that anyway.
|
# - this option is redundant as the BSD license allows that anyway.
|
||||||
# pam_timestamp, pam_loginuid, and pam_console modules are GPLv2+.
|
# pam_timestamp, pam_loginuid, and pam_console modules are GPLv2+.
|
||||||
@ -42,7 +42,6 @@ Patch15: pam-1.1.6-full-relro.patch
|
|||||||
# FIPS related - non upstreamable
|
# FIPS related - non upstreamable
|
||||||
Patch20: pam-1.1.5-unix-no-fallback.patch
|
Patch20: pam-1.1.5-unix-no-fallback.patch
|
||||||
# Upstreamed partially
|
# Upstreamed partially
|
||||||
Patch22: pam-1.1.7-unix-build.patch
|
|
||||||
Patch29: pam-1.1.6-pwhistory-helper.patch
|
Patch29: pam-1.1.6-pwhistory-helper.patch
|
||||||
Patch31: pam-1.1.6-use-links.patch
|
Patch31: pam-1.1.6-use-links.patch
|
||||||
Patch32: pam-1.1.7-tty-audit-init.patch
|
Patch32: pam-1.1.7-tty-audit-init.patch
|
||||||
@ -120,7 +119,6 @@ mv pam-redhat-%{pam_redhat_version}/* modules
|
|||||||
%patch13 -p1 -b .limits
|
%patch13 -p1 -b .limits
|
||||||
%patch15 -p1 -b .relro
|
%patch15 -p1 -b .relro
|
||||||
%patch20 -p1 -b .no-fallback
|
%patch20 -p1 -b .no-fallback
|
||||||
%patch22 -p1 -b .build
|
|
||||||
%patch29 -p1 -b .pwhhelper
|
%patch29 -p1 -b .pwhhelper
|
||||||
%patch31 -p1 -b .links
|
%patch31 -p1 -b .links
|
||||||
%patch32 -p1 -b .tty-audit-init
|
%patch32 -p1 -b .tty-audit-init
|
||||||
@ -371,6 +369,10 @@ fi
|
|||||||
%doc doc/adg/*.txt doc/adg/html
|
%doc doc/adg/*.txt doc/adg/html
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Oct 14 2013 Tomáš Mráz <tmraz@redhat.com> 1.1.8-1
|
||||||
|
- new upstream release
|
||||||
|
- pam_tty_audit: allow the module to work with old kernels
|
||||||
|
|
||||||
* Fri Oct 4 2013 Tomáš Mráz <tmraz@redhat.com> 1.1.7-3
|
* Fri Oct 4 2013 Tomáš Mráz <tmraz@redhat.com> 1.1.7-3
|
||||||
- pam_tty_audit: proper initialization of the tty_audit_status struct
|
- pam_tty_audit: proper initialization of the tty_audit_status struct
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user