Commit Graph

460 Commits

Author SHA1 Message Date
Björn Esser
47165fb66c
Rebuilt against libxcrypt-4.3.3 to enable the use of crypt_gensalt_r
PAM preferes the crypt_gensalt_r function over its internal
crypt_make_salt function, when this function is provided by
the system's crypt library.

libxcrypt now ships (and used to ship it until v3.1.1) such an
alias for its crypt_gensalt_rn function, which features the
same semantics and the same prototype as the crypt_gensalt_r
function existing on some systems.
2018-11-12 11:07:09 +01:00
Tomas Mraz
fd5858157e Make it build 2018-09-10 16:24:16 +02:00
Tomas Mraz
786ce63f9d Coverity fixes, pam_umask added to postlogin
add pam_umask to postlogin PAM configuration file
fix some issues found by Coverity scan
2018-09-10 14:25:15 +02:00
Colin Walters
dc7f2be86b Convert tallylog to tmpfiles.d
This will make it compatible with the rpm-ostree model, which
has `/var` start out empty (or supports doing so).

More information in https://bugzilla.redhat.com/show_bug.cgi?id=1352154
2018-07-27 14:30:59 -04:00
Fedora Release Engineering
48595acee5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2018-07-13 15:25:36 +00:00
Jason Tibbitts
db03b40e8b Remove needless use of %defattr 2018-07-10 02:15:00 -05:00
Tomas Mraz
ae699035e9 use /run instead of /var/run in pamtmp.conf (#1588612) 2018-06-08 10:24:42 +02:00
Tomas Mraz
48538add1f new upstream release 1.3.1 with multiple improvements 2018-05-18 15:43:48 +02:00
Fedora Release Engineering
eebe54598c - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2018-02-08 18:11:21 +00:00
Tomas Mraz
8f94d6252d and the NIS support now also requires libnsl2 2018-01-30 16:55:42 +01:00
Björn Esser
95ff4ad1c4
Rebuilt for switch to libxcrypt 2018-01-20 23:07:26 +01:00
Tomas Mraz
13115d331d the NIS support now requires libtirpc 2018-01-11 14:25:59 +01:00
Serhii Turivny
4dc6ede4b5 Add CI tests using the standard test interface
Adds tests according to the CI wiki [0] specifically the standard test interface in the spec [1].

[0] https://fedoraproject.org/wiki/CI
[1] https://fedoraproject.org/wiki/Changes/InvokingTests
2017-10-04 17:57:38 +03:00
Tomas Mraz
64bde25a45 add admin_group option to pam_faillock (#1285550) 2017-08-21 16:47:47 +02:00
Fedora Release Engineering
a6e4462d0d - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild 2017-08-03 04:46:07 +00:00
Fedora Release Engineering
8f2c8f16a3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild 2017-07-27 02:06:32 +00:00
Petr Písař
cc34b72802 perl dependency renamed to perl-interpreter <https://fedoraproject.org/wiki/Changes/perl_Package_to_Install_Core_Modules> 2017-07-12 14:35:54 +02:00
Tomas Mraz
629a67bec4 drop superfluous 'Changing password' message from pam_unix (#658289) 2017-04-20 16:55:25 +02:00
Fedora Release Engineering
d6023f89c8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild 2017-02-11 01:11:40 +00:00
Tomas Mraz
96b935efa5 Make install of tallylog non-fatal. 2017-01-03 10:17:58 +01:00
Tomas Mraz
26153ac92d new upstream release with multiple improvements 2016-05-06 15:28:27 +02:00
Tomas Mraz
be55e6d98b pam_faillock: Add more documentation about unlock_time=never option. 2016-04-28 17:10:18 +02:00
Tomas Mraz
e1caf9a021 make cracklib-dicts dependency weak (#1323172) 2016-04-11 13:27:13 +02:00
Tomas Mraz
492bcabc07 do not drop PAM_OLDAUTHTOK if mismatched - can be used by further modules 2016-04-06 14:37:35 +02:00
Tomas Mraz
ef5646f9ed pam_unix: use pam_get_authtok() and improve prompting 2016-04-04 18:54:12 +02:00
Tomas Mraz
89812cadd9 fix console device name in console.handlers (#1270224) 2016-02-05 17:50:26 +01:00
Fedora Release Engineering
6aff3ecdef - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild 2016-02-04 11:51:15 +00:00
Tomas Mraz
d55e35278c pam_faillock: add possibility to set unlock_time to never 2015-10-16 15:31:12 +02:00
Tomas Mraz
6818550d2a drop the nproc limit setting, it is causing more harm than it solves 2015-08-12 17:27:54 +02:00
Tomas Mraz
364259c23f Move autoreconf call to %prep 2015-07-15 12:03:10 +02:00
Tomas Mraz
230a2ffa1f Fix changelog date. 2015-06-26 13:57:56 +02:00
Tomas Mraz
aef85b12f8 new upstream release fixing security issue with unlimited password length 2015-06-26 13:56:40 +02:00
Dennis Gilmore
a12c25884e - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild 2015-06-18 00:38:08 +00:00
Tomas Mraz
6ccbfce566 Minor security and bugfix updates
- fix CVE-2014-2583: potential path traversal issue in pam_timestamp
- fix CVE-2013-7041: use case sensitive comparison in pam_userdb
- be tolerant to corrupted opasswd file
2015-05-15 16:39:21 +02:00
Tomas Mraz
1634393187 use USER_MGMT type for auditing in the pam_tally2 and faillock apps
(#1151576)
2014-10-17 12:10:57 +02:00
Tomas Mraz
757d3aed85 Multiple fixes.
- update the audit-grantor patch with the upstream changes
- pam_userdb: correct the example in man page (#1078784)
- pam_limits: check whether the utmp login entry is valid (#1080023)
- pam_console_apply: do not print error if console.perms.d is empty
- pam_limits: nofile refers to open file descriptors (#1111220)
- apply PIE and full RELRO to all binaries built
2014-09-11 09:28:59 +02:00
Peter Robinson
5c62799319 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild 2014-08-17 14:36:02 +00:00
Tomas Mraz
b378efa913 Merge branch 'master' into f21
Conflicts:
	pam.spec
2014-08-13 17:39:27 +02:00
Tomas Mraz
140efce0ea More pam_faillock updates. 2014-08-13 16:03:00 +02:00
Tomas Mraz
b582f50a36 audit the module names that granted access
- pam_faillock: update to latest version
2014-08-13 15:35:49 +02:00
Tom Callaway
92b5ac2869 fix license handling 2014-07-30 10:54:36 -04:00
Tom Callaway
e3a692cb19 fix license handling 2014-07-30 10:54:10 -04:00
Tomas Mraz
e157a48461 be tolerant to corrupted opasswd file 2014-07-17 16:52:34 +02:00
Dennis Gilmore
c0eb6fdc51 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild 2014-06-06 18:29:57 -05:00
Tomas Mraz
1368ecb1ca pam_loginuid: make it return PAM_IGNORE in containers 2014-05-22 11:49:12 +02:00
Tomas Mraz
9b30e30268 fix CVE-2014-2583: potential path traversal issue in pam_timestamp 2014-03-31 16:22:42 +02:00
Tomas Mraz
0cfc638648 pam_pwhistory: call the helper if SELinux enabled 2014-03-26 18:28:16 +01:00
Tomas Mraz
8f1046a25f fix CVE-2013-7041: use case sensitive comparison in pam_userdb 2014-03-11 10:16:58 +01:00
Tomas Mraz
ad164ea74b fix CVE-2013-7041: use case sensitive comparison in pam_userdb 2014-03-11 10:09:42 +01:00
Tomas Mraz
753a37644c Correct release number in changelog. 2014-03-11 09:22:14 +01:00