auto-import changelog data from pam-0.77-15.src.rpm

Thu Oct 23 2003 Nalin Dahyabhai <nalin@redhat.com> 0.77-15
- don't install _pam_aconf.h -- apps don't use it, other PAM headers which
    are installed don't use it, and its contents may be different for
    arches on a multilib system
- check for linkage problems in modules at %install-time (kill #107093
    dead)
- add buildprereq on flex (#101563)
Wed Oct 22 2003 Nalin Dahyabhai <nalin@redhat.com>
- make pam_pwdb.so link with libnsl again so that it loads (#107093)
- remove now-bogus buildprereq on db4-devel (we use a bundled copy for
    pam_userdb to avoid symbol collisions with other db libraries in apps)
Mon Oct 20 2003 Dan Walsh <dwalsh@redhat.com> 0.77-14.sel
- Add Russell Coker patch to handle /dev/pty
Fri Oct 17 2003 Dan Walsh <dwalsh@redhat.com> 0.77-13.sel
- Turn on Selinux
Fri Oct 17 2003 Dan Walsh <dwalsh@redhat.com> 0.77-12
- Fix pam_timestamp to work when 0 seconds have elapsed
Mon Oct 06 2003 Dan Walsh <dwalsh@redhat.com> 0.77-11
- Turn off selinux
Thu Sep 25 2003 Dan Walsh <dwalsh@redhat.com> 0.77-10.sel
- Turn on Selinux and remove multiple choice of context.
Wed Sep 24 2003 Dan Walsh <dwalsh@redhat.com> 0.77-10
- Turn off selinux
Wed Sep 24 2003 Dan Walsh <dwalsh@redhat.com> 0.77-9.sel
- Add Russell's patch to check password
Wed Sep 17 2003 Dan Walsh <dwalsh@redhat.com> 0.77-8.sel
- handle ttys correctly in pam_selinux
Fri Sep 05 2003 Dan Walsh <dwalsh@redhat.com> 0.77-7.sel
- Clean up memory problems and fix tty handling.
Mon Jul 28 2003 Dan Walsh <dwalsh@redhat.com> 0.77-6
- Add manual context selection to pam_selinux
Mon Jul 28 2003 Dan Walsh <dwalsh@redhat.com> 0.77-5
- Add pam_selinux
Mon Jul 28 2003 Dan Walsh <dwalsh@redhat.com> 0.77-4
- Add SELinux support
This commit is contained in:
cvsdist 2004-09-09 09:54:36 +00:00
parent 325000d723
commit d577226563
4 changed files with 319 additions and 145 deletions

View File

@ -1,3 +1,4 @@
Linux-PAM-0.75.tar.bz2 Linux-PAM-0.77.tar.bz2
pam-redhat-0.75-52.tar.gz db-4.1.25.tar.gz
pam-redhat-0.77-4.tar.gz
pwdb-0.62.tar.gz pwdb-0.62.tar.gz

75
dlopen.sh Executable file
View File

@ -0,0 +1,75 @@
#!/bin/sh
tempdir=`mktemp -d /tmp/dlopenXXXXXX`
test -n "$tempdir" || exit 1
cat >> $tempdir/dlopen.c << _EOF
#include <dlfcn.h>
#include <stdio.h>
#include <limits.h>
#include <sys/stat.h>
/* Simple program to see if dlopen() would succeed. */
int main(int argc, char **argv)
{
int i;
struct stat st;
char buf[PATH_MAX];
for (i = 1; i < argc; i++) {
if (dlopen(argv[i], RTLD_NOW)) {
fprintf(stdout, "dlopen() of \"%s\" succeeded.\n",
argv[i]);
} else {
snprintf(buf, sizeof(buf), "./%s", argv[i]);
if ((stat(buf, &st) == 0) && dlopen(buf, RTLD_NOW)) {
fprintf(stdout, "dlopen() of \"./%s\" "
"succeeded.\n", argv[i]);
} else {
fprintf(stdout, "dlopen() of \"%s\" failed: "
"%s\n", argv[i], dlerror());
return 1;
}
}
}
return 0;
}
_EOF
for arg in $@ ; do
case "$arg" in
"")
;;
-I*|-D*|-f*|-m*|-g*|-O*|-W*)
cflags="$cflags $arg"
;;
-l*)
ldflags="$ldflags $arg"
;;
/*)
modules="$modules $arg"
;;
*)
modules="$modules $arg"
;;
esac
done
${CC:-gcc} $RPM_OPT_FLAGS $CFLAGS -o $tempdir/dlopen $cflags $tempdir/dlopen.c $ldflags -ldl
retval=0
for module in $modules ; do
case "$module" in
"")
;;
/*)
$tempdir/dlopen "$module"
retval=$?
;;
*)
$tempdir/dlopen ./"$module"
retval=$?
;;
esac
done
rm -f $tempdir/dlopen $tempdir/dlopen.c
rmdir $tempdir
exit $retval

375
pam.spec
View File

@ -1,93 +1,85 @@
%if %{?WITH_SELINUX:0}%{!?WITH_SELINUX:1}
%define WITH_SELINUX 0
%endif
%define build6x 0 %define build6x 0
%define _sbindir /sbin %define _sbindir /sbin
%define _sysconfdir /etc %define _sysconfdir /etc
%define pwdb_version 0.62 %define pwdb_version 0.62
%define db_version 4.1.25
Summary: A security tool which provides authentication for applications. Summary: A security tool which provides authentication for applications.
Name: pam Name: pam
Version: 0.75 Version: 0.77
Release: 50 Release: 15
License: GPL or BSD License: GPL or BSD
Group: System Environment/Base Group: System Environment/Base
Source0: ftp.us.kernel.org:/pub/linux/libs/pam/pre/library/Linux-PAM-%{version}.tar.bz2 Source0: ftp.us.kernel.org:/pub/linux/libs/pam/pre/library/Linux-PAM-%{version}.tar.bz2
Source1: ftp.us.kernel.org:/pub/linux/libs/pam/pre/library/Linux-PAM-%{version}.tar.bz2.sign Source1: ftp.us.kernel.org:/pub/linux/libs/pam/pre/library/Linux-PAM-%{version}.tar.bz2.sign
Source2: pam-redhat-%{version}-52.tar.gz Source2: pam-redhat-%{version}-4.tar.gz
Source3: pwdb-%{pwdb_version}.tar.gz Source3: pwdb-%{pwdb_version}.tar.gz
Source4: other.pamd Source4: db-%{db_version}.tar.gz
Source5: system-auth.pamd Source5: other.pamd
Source6: install-sh Source6: system-auth.pamd
Patch1: pam-0.75-headers.patch Source7: install-sh
Patch2: pam-0.75-accessdoc.patch Source8: dlopen.sh
Patch3: pam-0.75-build.patch Patch0: pam-0.77-modutil-thread.patch
Patch4: pam-0.75-cached.patch Patch1: pam-0.77-include_path.patch
Patch5: pam-0.75-const.patch Patch2: pam-0.77-build.patch
Patch6: pam-0.75-linkage.patch Patch3: pam-0.75-linkage.patch
Patch7: pam-0.75-mandir.patch Patch4: pam-0.75-prompt.patch
Patch8: pam-0.75-primary.patch Patch5: pam-0.75-return.patch
Patch9: pam-0.75-prompt.patch Patch6: pam-0.75-security.patch
Patch11: pam-0.75-return.patch Patch7: pam-0.77-string.patch
Patch12: pam-0.75-security.patch Patch8: pam-0.77-userdb.patch
Patch13: pam-0.75-string.patch Patch9: pam-0.75-group-reinit.patch
Patch14: pam-0.75-typo.patch Patch10: pam-0.77-lastlog-utmp.patch
Patch15: pam-0.75-trust.patch Patch11: pam-0.77-securetty-fail.patch
Patch16: pam-0.75-userdb.patch Patch12: pam-0.75-time.patch
Patch17: pam-0.75-wheeldoc.patch Patch13: pam-0.77-issue.patch
Patch18: pam-0.75-wrap.patch Patch14: pam-0.77-doc-rhl.patch
Patch19: pam-0.75-cracklib-distance.patch Patch15: pam-0.77-bigcrypt-main.patch
Patch20: pam-0.75-group-reinit.patch Patch16: pam-0.77-cracklib-init.patch
Patch21: pam-0.75-lastlog-utmp.patch Patch17: pam-0.77-filter-comments.patch
Patch22: pam-0.75-limits-locks.patch Patch18: pam-0.75-unix-loop.patch
Patch23: pam-0.75-null.patch Patch19: pam-0.77-unix-preserve.patch
Patch24: pam-0.75-sigchld.patch Patch20: pam-0.77-unix-brokenshadow.patch
Patch25: pam-0.75-pwdb-compare.patch Patch21: pam-0.77-unix-hpux-aging.patch
Patch26: pam-0.75-securetty-pts.patch Patch22: pam-0.77-unix-nis.patch
Patch27: pam-0.75-securetty-fail.patch Patch23: pam-0.77-unix-nullok.patch
Patch28: pam-0.75-syntax.patch Patch24: pam-0.77-issue-heap.patch
Patch29: pam-0.75-time.patch Patch25: pam-0.75-listfile-tty.patch
Patch30: pam-0.75-issue.patch Patch26: pam-0.77-misc-err.patch
Patch31: pam-0.75-doc-rhl.patch Patch27: pam-0.77-unix-aixhash.patch
Patch32: pam-0.75-bigcrypt-main.patch Patch28: pam-0.75-sgml2latex.patch
Patch33: pam-0.75-cracklib-init.patch Patch29: pam-0.77-multicrack.patch
Patch34: pam-0.75-filter-comments.patch Patch30: pam-0.75-isa.patch
Patch35: pam-0.75-unixdoc.patch Patch31: pam-0.77-utmp-dev.patch
Patch36: pam-0.75-unix-loop.patch Patch32: pam-0.77-pwdb-static.patch
Patch37: pam-0.75-unix-preserve.patch Patch33: pam-0.77-nss-reentrant.patch
Patch38: pam-0.75-unix-retval.patch Patch34: pam-0.77-dbpam.patch
Patch39: pam-0.75-unix-brokenshadow.patch Patch35: pam-0.77-sigchld.patch
Patch40: pam-0.75-unix-nis.patch Patch36: pam-0.77-skip-aconf-install.patch
Patch41: pam-0.75-unix-nullok.patch Patch60: pam-selinux.patch
Patch42: pam-0.75-wheel-usertouser.patch Patch61: pam-pwdbselinux.patch
Patch43: pam-0.75-mkhomedir-recurse.patch
Patch44: pam-0.75-limits-root.patch
Patch45: pam-0.75-issue-seg.patch
Patch46: pam-0.75-listfile-tty.patch
Patch47: pam-0.75-tally-init.patch
Patch48: pam-0.75-rhosts-plus.patch
Patch49: pam-0.75-limits-retval.patch
Patch50: pam-0.75-reentrant.patch
Patch51: pam-0.75-macros.patch
Patch52: pam-0.75-pwdb-static.patch
Patch53: pam-0.75-unix-log_success.patch
Patch54: pam-0.75-misc-err.patch
Patch55: pam-0.75-unix-aixhash.patch
Patch56: pam-0.75-sgml2latex.patch
Patch57: pam-0.75-multicrack.patch
Patch58: pam-0.75-isa.patch
Patch59: pam-0.75-utmp-dev.patch
BuildRoot: %{_tmppath}/%{name}-root BuildRoot: %{_tmppath}/%{name}-root
Requires: cracklib, cracklib-dicts, glib, initscripts >= 3.94 Requires: cracklib, cracklib-dicts, glib, initscripts >= 3.94
Obsoletes: pamconfig Obsoletes: pamconfig
Prereq: grep, mktemp, sed, fileutils, textutils, /sbin/ldconfig Prereq: grep, mktemp, sed, fileutils, textutils, /sbin/ldconfig
BuildPrereq: autoconf, bison, glib-devel, sed, fileutils, cracklib, cracklib-dicts BuildPrereq: autoconf, bison, flex, glib-devel, sed, fileutils, cracklib, cracklib-dicts
BuildPrereq: perl BuildPrereq: perl
%if ! %{build6x} %if %{WITH_SELINUX}
BuildPrereq: db4-devel BuildPrereq: libselinux-devel
%endif %endif
URL: http://www.us.kernel.org/pub/linux/libs/pam/index.html URL: http://www.us.kernel.org/pub/linux/libs/pam/index.html
# We internalize libdb to get a non-threaded copy, but we should at least try
# to coexist with the system's copy of libdb, which will be used to make the
# files for use by pam_userdb (either by db_load or Perl's DB_File module).
Requires: db4 = %{db_version}
%description %description
PAM (Pluggable Authentication Modules) is a system security tool that PAM (Pluggable Authentication Modules) is a system security tool that
allows system administrators to set authentication policy without allows system administrators to set authentication policy without
@ -106,68 +98,57 @@ contains header files and static libraries used for building both
PAM-aware applications and modules for use with PAM. PAM-aware applications and modules for use with PAM.
%prep %prep
%setup -q -n Linux-PAM-%{version} -a 2 -a 3 %setup -q -n Linux-PAM-%{version} -a 2 -a 3 -a 4
cp $RPM_SOURCE_DIR/other.pamd . cp $RPM_SOURCE_DIR/other.pamd .
cp $RPM_SOURCE_DIR/system-auth.pamd . cp $RPM_SOURCE_DIR/system-auth.pamd .
cp $RPM_SOURCE_DIR/install-sh . cp $RPM_SOURCE_DIR/install-sh .
%patch1 -p1 -b .headers
%patch2 -p1 -b .accessdoc pushd db-%{db_version}
%patch3 -p1 -b .build cd dist
%patch4 -p1 -b .cached ./s_config
%patch5 -p1 -b .const popd
%patch6 -p1 -b .linkage
%patch7 -p1 -b .mandir %patch0 -p1 -b .modutil-thread
%patch8 -p1 -b .primary %patch1 -p1 -b .include_path
%patch9 -p1 -b .prompt %patch2 -p1 -b .build
%patch11 -p1 -b .return %patch3 -p1 -b .linkage
%patch12 -p1 -b .security %patch4 -p1 -b .prompt
%patch13 -p1 -b .string %patch5 -p1 -b .return
%patch14 -p1 -b .typo %patch6 -p1 -b .security
%patch15 -p1 -b .trust %patch7 -p1 -b .string
%patch16 -p1 -b .userdb %patch8 -p1 -b .userdb
%patch17 -p1 -b .wheeldoc %patch9 -p1 -b .group-reinit
%patch18 -p1 -b .wrap %patch10 -p1 -b .lastlog-utmp
%patch19 -p1 -b .cracklib-distance %patch11 -p1 -b .securetty-fail
%patch20 -p1 -b .group-reinit %patch12 -p1 -b .time
%patch21 -p1 -b .lastlog-utmp %patch13 -p1 -b .issue
%patch22 -p1 -b .limits-locks %patch14 -p1 -b .doc-rhl
%patch23 -p1 -b .null %patch15 -p1 -b .bigcrypt-main
%patch24 -p1 -b .sigchld %patch16 -p1 -b .cracklib-init
%patch25 -p1 -b .pwdb-compare %patch17 -p1 -b .filter-comments
%patch26 -p1 -b .securetty-pts %patch18 -p1 -b .unix-loop
%patch27 -p1 -b .securetty-fail %patch19 -p1 -b .unix-preserve
%patch28 -p1 -b .syntax %patch20 -p1 -b .unix-brokenshadow
%patch29 -p1 -b .time %patch21 -p1 -b .unix-hpux-aging
%patch30 -p1 -b .issue %patch22 -p1 -b .unix-nis
%patch31 -p1 -b .doc-rhl %patch23 -p1 -b .unix-nullok
%patch32 -p1 -b .bigcrypt-main %patch24 -p1 -b .issue-heap
%patch33 -p1 -b .cracklib-init %patch25 -p1 -b .listfile-tty
%patch34 -p1 -b .filter-comments %patch26 -p1 -b .misc-err
%patch35 -p1 -b .unix-doc %patch27 -p1 -b .unix-aixhash
%patch36 -p1 -b .unix-loop %patch28 -p1 -b .doc
%patch37 -p1 -b .unix-preserve %patch29 -p1 -b .multicrack
%patch38 -p1 -b .unix-retval %patch30 -p1 -b .isa
%patch39 -p1 -b .unix-brokenshadow %patch31 -p1 -b .utmp-dev
%patch40 -p1 -b .unix-nis %patch32 -p1 -b .pwdb-static
%patch41 -p1 -b .unix-nullok %patch33 -p1 -b .nss-reentrant
%patch42 -p1 -b .wheel-usertouser %patch34 -p1 -b .dbpam
%patch43 -p1 -b .mkhomedir-recurse %patch35 -p1 -b .sigchld
%patch44 -p1 -b .limits-root %patch36 -p1 -b .skip-aconf-install
%patch45 -p1 -b .issue-seg %if %{WITH_SELINUX}
%patch46 -p1 -b .listfile-tty %patch60 -p1 -b .selinux
%patch47 -p1 -b .tally-init %patch61 -p1 -b .pwdbselinux
%patch48 -p1 -b .rhosts-plus %endif
%patch49 -p1 -b .limits-retval
%patch50 -p1 -b .reentrant
%patch51 -p1 -b .macros
%patch52 -p1 -b .pwdb-static
%patch53 -p1 -b .unix-log_success
%patch54 -p1 -b .misc-err
%patch55 -p1 -b .unix-aixhash
%patch56 -p1 -b .doc
%patch57 -p1 -b .multicrack
%patch58 -p1 -b .isa
%patch59 -p1 -b .utmp-dev
for readme in modules/pam_*/README ; do for readme in modules/pam_*/README ; do
cp -f ${readme} doc/txts/README.`dirname ${readme} | sed -e 's|^modules/||'` cp -f ${readme} doc/txts/README.`dirname ${readme} | sed -e 's|^modules/||'`
@ -177,11 +158,33 @@ autoconf
%build %build
CFLAGS="-fPIC $RPM_OPT_FLAGS" ; export CFLAGS CFLAGS="-fPIC $RPM_OPT_FLAGS" ; export CFLAGS
topdir=`pwd`/pwdb-instroot topdir=`pwd`/pam-instroot
test -d ${topdir} || mkdir ${topdir} test -d ${topdir} || mkdir ${topdir}
test -d ${topdir}/include || mkdir ${topdir}/include test -d ${topdir}/include || mkdir ${topdir}/include
test -d ${topdir}/%{_lib} || mkdir ${topdir}/%{_lib} test -d ${topdir}/%{_lib} || mkdir ${topdir}/%{_lib}
pushd db-%{db_version}/dist
echo db_cv_mutex=UNIX/fcntl > config.cache
./configure -C \
--disable-compat185 \
--disable-cxx \
--disable-diagnostic \
--disable-dump185 \
--disable-java \
--disable-rpc \
--disable-tcl \
--disable-shared \
--with-pic \
--with-uniquename=_pam \
--prefix=${topdir} \
--includedir=${topdir}/include \
--libdir=${topdir}/%{_lib}
# XXX hack out O_DIRECT support in db4 for now.
perl -pi -e 's/#define HAVE_O_DIRECT 1/#undef HAVE_O_DIRECT/' db_config.h
make
make install
popd
pushd pwdb-%{pwdb_version} pushd pwdb-%{pwdb_version}
make make
make install INCLUDED=${topdir}/include/pwdb LIBDIR=${topdir}/%{_lib} LDCONFIG=: make install INCLUDED=${topdir}/include/pwdb LIBDIR=${topdir}/%{_lib} LDCONFIG=:
@ -191,13 +194,17 @@ popd
CPPFLAGS=-I${topdir}/include ; export CPPFLAGS CPPFLAGS=-I${topdir}/include ; export CPPFLAGS
export LIBNAME="%{_lib}" export LIBNAME="%{_lib}"
LDFLAGS=-L${topdir}/%{_lib} ; export LDFLAGS LDFLAGS=-L${topdir}/%{_lib} ; export LDFLAGS
%configure --libdir=/%{_lib} --enable-static-libpam --enable-fakeroot=$RPM_BUILD_ROOT --enable-isadir=../../%{_lib}/security %configure \
--libdir=/%{_lib} \
--enable-static-libpam \
--enable-fakeroot=$RPM_BUILD_ROOT \
--enable-isadir=../../%{_lib}/security
make make
%install %install
[ "$RPM_BUILD_ROOT" != "/" ] && rm -rf $RPM_BUILD_ROOT [ "$RPM_BUILD_ROOT" != "/" ] && rm -rf $RPM_BUILD_ROOT
# Install the binaries, libraries, and modules. # Install the binaries, libraries, and modules.
make install FAKEROOT=$RPM_BUILD_ROOT make install FAKEROOT=$RPM_BUILD_ROOT LDCONFIG=:
# Install default configuration files. # Install default configuration files.
install -d -m 755 $RPM_BUILD_ROOT%{_sysconfdir}/pam.d install -d -m 755 $RPM_BUILD_ROOT%{_sysconfdir}/pam.d
@ -242,11 +249,25 @@ rm $RPM_BUILD_ROOT/%{_lib}/security/pam_radius.so
rm -f doc/txts/README.pam_radius rm -f doc/txts/README.pam_radius
# Duplicate doc file sets. # Duplicate doc file sets.
rm -fr $RPM_BUILD_ROOT/usr/doc/Linux-PAM rm -fr $RPM_BUILD_ROOT/usr/doc/Linux-PAM $RPM_BUILD_ROOT/usr/share/doc/pam
# Create /lib/security in case it isn't the same as /%{_lib}/security. # Create /lib/security in case it isn't the same as /%{_lib}/security.
install -m755 -d $RPM_BUILD_ROOT/lib/security install -m755 -d $RPM_BUILD_ROOT/lib/security
# Check for module problems. Specifically, check that every module we just
# installed can actually be loaded by a minimal PAM-aware application.
for module in $RPM_BUILD_ROOT/%{_lib}/security/pam*.so ; do
if ! $RPM_SOURCE_DIR/dlopen.sh -lpam -ldl ${module} ; then
exit 1
fi
# And for good measure, make sure that none of the modules pull in threading
# libraries, which if loaded in a non-threaded application, can cause Very
# Bad Things to happen.
if env LD_PRELOAD=$RPM_BUILD_ROOT/%{_lib}/libpam.so ldd -r ${module} | fgrep -q libpthread ; then
exit 1
fi
done
%clean %clean
[ "$RPM_BUILD_ROOT" != "/" ] && rm -rf $RPM_BUILD_ROOT [ "$RPM_BUILD_ROOT" != "/" ] && rm -rf $RPM_BUILD_ROOT
@ -311,13 +332,16 @@ fi
%config(noreplace) /etc/pam.d/other %config(noreplace) /etc/pam.d/other
%config(noreplace) /etc/pam.d/system-auth %config(noreplace) /etc/pam.d/system-auth
%doc Copyright %doc Copyright
%doc doc/html doc/ps doc/txts %doc doc/html doc/ps doc/txts doc/pdf
%doc doc/specs/rfc86.0.txt %doc doc/specs/rfc86.0.txt
/%{_lib}/libpam.so.* /%{_lib}/libpam.so.*
/%{_lib}/libpamc.so.* /%{_lib}/libpamc.so.*
/%{_lib}/libpam_misc.so.* /%{_lib}/libpam_misc.so.*
%{_sbindir}/pam_console_apply %{_sbindir}/pam_console_apply
%{_sbindir}/pam_tally %{_sbindir}/pam_tally
%if %{WITH_SELINUX}
%{_sbindir}/pam_selinux_check
%endif
%{_sbindir}/pam_timestamp_check %{_sbindir}/pam_timestamp_check
%{_sbindir}/pwdb_chkpwd %{_sbindir}/pwdb_chkpwd
%{_sbindir}/unix_chkpwd %{_sbindir}/unix_chkpwd
@ -329,6 +353,7 @@ fi
/%{_lib}/security/pam_chroot.so /%{_lib}/security/pam_chroot.so
/%{_lib}/security/pam_console.so /%{_lib}/security/pam_console.so
/%{_lib}/security/pam_cracklib.so /%{_lib}/security/pam_cracklib.so
/%{_lib}/security/pam_debug.so
/%{_lib}/security/pam_deny.so /%{_lib}/security/pam_deny.so
/%{_lib}/security/pam_env.so /%{_lib}/security/pam_env.so
/%{_lib}/security/pam_filter.so /%{_lib}/security/pam_filter.so
@ -348,10 +373,15 @@ fi
/%{_lib}/security/pam_pwdb.so /%{_lib}/security/pam_pwdb.so
/%{_lib}/security/pam_rhosts_auth.so /%{_lib}/security/pam_rhosts_auth.so
/%{_lib}/security/pam_rootok.so /%{_lib}/security/pam_rootok.so
/%{_lib}/security/pam_rps.so
%if %{WITH_SELINUX}
/%{_lib}/security/pam_selinux.so
%endif
/%{_lib}/security/pam_securetty.so /%{_lib}/security/pam_securetty.so
/%{_lib}/security/pam_shells.so /%{_lib}/security/pam_shells.so
/%{_lib}/security/pam_stack.so /%{_lib}/security/pam_stack.so
/%{_lib}/security/pam_stress.so /%{_lib}/security/pam_stress.so
/%{_lib}/security/pam_succeed_if.so
/%{_lib}/security/pam_tally.so /%{_lib}/security/pam_tally.so
/%{_lib}/security/pam_time.so /%{_lib}/security/pam_time.so
/%{_lib}/security/pam_timestamp.so /%{_lib}/security/pam_timestamp.so
@ -368,11 +398,11 @@ fi
%dir %{_sysconfdir}/security %dir %{_sysconfdir}/security
%config(noreplace) %{_sysconfdir}/security/access.conf %config(noreplace) %{_sysconfdir}/security/access.conf
%config(noreplace) %{_sysconfdir}/security/chroot.conf %config(noreplace) %{_sysconfdir}/security/chroot.conf
%config(noreplace) %{_sysconfdir}/security/time.conf %config(noreplace) %{_sysconfdir}/security/console.perms
%config(noreplace) %{_sysconfdir}/security/group.conf %config(noreplace) %{_sysconfdir}/security/group.conf
%config(noreplace) %{_sysconfdir}/security/limits.conf %config(noreplace) %{_sysconfdir}/security/limits.conf
%config(noreplace) %{_sysconfdir}/security/pam_env.conf %config(noreplace) %{_sysconfdir}/security/pam_env.conf
%config(noreplace) %{_sysconfdir}/security/console.perms %config(noreplace) %{_sysconfdir}/security/time.conf
%dir %{_sysconfdir}/security/console.apps %dir %{_sysconfdir}/security/console.apps
%dir /var/run/console %dir /var/run/console
%{_mandir}/man5/* %{_mandir}/man5/*
@ -388,15 +418,82 @@ fi
%{_libdir}/libpamc.so %{_libdir}/libpamc.so
%{_libdir}/libpam_misc.a %{_libdir}/libpam_misc.a
%{_libdir}/libpam_misc.so %{_libdir}/libpam_misc.so
# At some point these will (and should) go away.
#%{_libdir}/libpam.so
#%{_libdir}/libpamc.so
#%{_libdir}/libpam_misc.so
%changelog %changelog
* Thu Jul 24 2003 Nalin Dahyabhai <nalin@redhat.com> 0.75-50 * Thu Oct 23 2003 Nalin Dahyabhai <nalin@redhat.com> 0.77-15
- don't install _pam_aconf.h -- apps don't use it, other PAM headers which
are installed don't use it, and its contents may be different for arches
on a multilib system
- check for linkage problems in modules at %%install-time (kill #107093 dead)
- add buildprereq on flex (#101563)
* Wed Oct 22 2003 Nalin Dahyabhai <nalin@redhat.com>
- make pam_pwdb.so link with libnsl again so that it loads (#107093)
- remove now-bogus buildprereq on db4-devel (we use a bundled copy for
pam_userdb to avoid symbol collisions with other db libraries in apps)
* Mon Oct 20 2003 Dan Walsh <dwalsh@redhat.com> 0.77-14.sel
- Add Russell Coker patch to handle /dev/pty
* Fri Oct 17 2003 Dan Walsh <dwalsh@redhat.com> 0.77-13.sel
- Turn on Selinux
* Fri Oct 17 2003 Dan Walsh <dwalsh@redhat.com> 0.77-12
- Fix pam_timestamp to work when 0 seconds have elapsed
* Mon Oct 6 2003 Dan Walsh <dwalsh@redhat.com> 0.77-11
- Turn off selinux
* Thu Sep 25 2003 Dan Walsh <dwalsh@redhat.com> 0.77-10.sel
- Turn on Selinux and remove multiple choice of context.
* Wed Sep 24 2003 Dan Walsh <dwalsh@redhat.com> 0.77-10
- Turn off selinux
* Wed Sep 24 2003 Dan Walsh <dwalsh@redhat.com> 0.77-9.sel
- Add Russell's patch to check password
* Wed Sep 17 2003 Dan Walsh <dwalsh@redhat.com> 0.77-8.sel
- handle ttys correctly in pam_selinux
* Fri Sep 05 2003 Dan Walsh <dwalsh@redhat.com> 0.77-7.sel
- Clean up memory problems and fix tty handling.
* Mon Jul 28 2003 Dan Walsh <dwalsh@redhat.com> 0.77-6
- Add manual context selection to pam_selinux
* Mon Jul 28 2003 Dan Walsh <dwalsh@redhat.com> 0.77-5
- Add pam_selinux
* Mon Jul 28 2003 Dan Walsh <dwalsh@redhat.com> 0.77-4
- Add SELinux support
* Thu Jul 24 2003 Nalin Dahyabhai <nalin@redhat.com> 0.77-3
- pam_postgresok: add - pam_postgresok: add
- pam_xauth: add targetuser= argument - pam_xauth: add "targetuser" argument
* Tue Jul 22 2003 Nalin Dahyabhai <nalin@redhat.com>
- pam_succeed_if: fix thinko in argument parsing which would walk past the
end of the argument list
* Wed Jul 9 2003 Nalin Dahyabhai <nalin@redhat.com> 0.77-2
- reapply:
- set handler for SIGCHLD to SIG_DFL around *_chkpwd, not SIG_IGN
* Mon Jul 7 2003 Nalin Dahyabhai <nalin@redhat.com> 0.77-1
- pam_timestamp: fail if the key file doesn't contain enough data
* Thu Jul 3 2003 Nalin Dahyabhai <nalin@redhat.com> 0.77-0
- update to 0.77 upstream release
- pam_limits: limits now affect root as well
- pam_nologin: returns PAM_IGNORE instead of PAM_SUCCESS unless "successok"
is given as an argument
- pam_userdb: correctly return PAM_AUTH_ERR instead of PAM_USER_UNKNOWN when
invoked with the "key_only" argument and the database has an entry of the
form "user-<wrongpassword>"
- use a bundled libdb for pam_userdb.so because the system copy uses threads,
and demand-loading a shared library which uses threads into an application
which doesn't is a Very Bad Idea
* Thu Jul 3 2003 Nalin Dahyabhai <nalin@redhat.com> * Thu Jul 3 2003 Nalin Dahyabhai <nalin@redhat.com>
- pam_timestamp: use a message authentication code to validate timestamp files - pam_timestamp: use a message authentication code to validate timestamp files

View File

@ -1,3 +1,4 @@
2f19d6f6908e46d8b4d115e9f842d147 Linux-PAM-0.75.tar.bz2 1163834de9a0eebaca5d074dcc83b6a9 Linux-PAM-0.77.tar.bz2
6cba7b3b09a0b6cbe9c8dcc9799c92b3 pam-redhat-0.75-52.tar.gz df71961002b552c0e72c6e4e358f27e1 db-4.1.25.tar.gz
d46324a47cd3303fa16ba3fdbb923c7f pam-redhat-0.77-4.tar.gz
1a1fd0312040ef37aa741d09465774b4 pwdb-0.62.tar.gz 1a1fd0312040ef37aa741d09465774b4 pwdb-0.62.tar.gz