rpms/pam
6
0
Fork 0
Code Issues Pull Requests Releases Activity

pam_faillock: create tallydir before creating tallyfile

Browse Source 
Resolves: RHEL-19810

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
This commit is contained in:
Iker Pedrosa 2024-01-08 11:22:04 +01:00
parent 95587a8173
commit e552669fef
2 changed files with 20 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
pam-1.3.1-faillock-create-tallydir.patch Normal file
View File

@ -0,0 +1,13 @@
diff -up Linux-PAM-1.3.1/modules/pam_faillock/faillock.c.faillock-create-tallydir Linux-PAM-1.3.1/modules/pam_faillock/faillock.c
--- Linux-PAM-1.3.1/modules/pam_faillock/faillock.c.faillock-create-tallydir 2024-01-08 11:32:02.122392119 +0100
+++ Linux-PAM-1.3.1/modules/pam_faillock/faillock.c 2024-01-08 11:33:10.916515943 +0100
@@ -74,6 +74,9 @@ open_tally (const char *dir, const char
if (create) {
flags |= O_CREAT;
+ if (access(dir, F_OK) != 0) {
+ mkdir(dir, 0755);
+ }
}
fd = open(path, flags, 0600);

8
pam.spec
View File

@ -3,7 +3,7 @@
Summary: An extensible library which provides authentication for applications
Name: pam
Version: 1.3.1
Release: 30%{?dist}
Release: 31%{?dist}
# The library is BSD licensed with option to relicense as GPLv2+
# - this option is redundant as the BSD license allows that anyway.
# pam_timestamp, pam_loginuid, and pam_console modules are GPLv2+.
@ -104,6 +104,8 @@ Patch65: pam-1.3.1-pam-misc-configurable.patch
# https://github.com/linux-pam/linux-pam/commit/f7abb8c1ef3aa31e6c2564a8aaf69683a77c2016
Patch66: pam-1.3.1-unix-enable-bcrypt.patch
Patch67: pam-1.3.1-unix-default-rounds.patch
# https://github.com/linux-pam/linux-pam/commit/d54870f993e97fe75e2cd0470a3701d5af22877c
Patch68: pam-1.3.1-faillock-create-tallydir.patch
%define _pamlibdir %{_libdir}
%define _moduledir %{_libdir}/security
@ -219,6 +221,7 @@ cp %{SOURCE18} .
%patch65 -p1 -b .pam-misc-configurable
%patch66 -p1 -b .unix-enable-bcrypt
%patch67 -p1 -b .unix-default-rounds
%patch68 -p1 -b .faillock-create-tallydir
autoreconf -i
@ -472,6 +475,9 @@ done
%doc doc/specs/rfc86.0.txt
%changelog
* Mon Jan 8 2024 Iker Pedrosa <ipedrosa@redhat.com> - 1.3.1-31
- pam_faillock: create tallydir before creating tallyfile. Resolves: RHEL-19810
* Thu Nov 2 2023 Iker Pedrosa <ipedrosa@redhat.com> - 1.3.1-30
- pam_unix: enable bcrypt. Resolves: RHEL-5057