Commit Graph

162 Commits

Author SHA1 Message Date
Tomáš Mráz
0730695ea0 - pam_console_apply shouldn't access /var when called with -r (#191401)
- actually apply the large-uid patch
2006-05-16 16:12:18 +00:00
Tomáš Mráz
fda1b40256 - new module pam_exec 2006-05-10 14:43:55 +00:00
Tomáš Mráz
fbfca3562b - upgrade to new upstream version
- make pam_console_apply not dependent on glib
- support large uids in pam_tally, pam_tally2
2006-05-10 14:16:34 +00:00
Tomáš Mráz
5002e23046 - add namespace.init to %files 2006-05-04 11:53:08 +00:00
Tomáš Mráz
94d78f5a6d - the namespace instance init script is now in /etc/security (#190148)
- pam_namespace: added missing braces (#190026)
- pam_tally(2): never call fclose twice on the same FILE (from upstream)
2006-05-04 11:51:03 +00:00
Tomáš Mráz
4f1df63a4d - fixed console device class for irda (#189966)
- make pam_console_apply fail gracefully when a class is missing
2006-04-26 11:56:48 +00:00
Tomáš Mráz
54e490e814 - added pam_namespace module written by Janak Desai (per-user /tmp support)
- new pam-redhat modules version
2006-04-25 14:53:39 +00:00
Tomáš Mráz
48968f9a9f - added try_first_pass option to pam_cracklib
- use try_first_pass for pam_unix and pam_cracklib in system-auth (#182350)
2006-02-24 10:46:47 +00:00
Jesse Keating
222bbd42b7 bump for bug in double-long on ppc(64) 2006-02-11 04:55:08 +00:00
Jesse Keating
65811c5fcf bump for new gcc/glibc 2006-02-07 13:23:11 +00:00
Tomáš Mráz
46d6d056ab - new upstream version
- updated db4 to 4.3.29
- added module pam_tally2 with auditing support
- added manual pages for system-auth and config-util (#179584)
2006-02-03 12:41:29 +00:00
Tomáš Mráz
05cc723970 - remove 'initscripts' dependency (#176508)
- update pam-redhat modules, merged patches
2006-01-03 16:23:10 +00:00
Tomáš Mráz
9c00b5da67 - fix dangling symlinks in -devel (#175929)
- link libaudit only where necessary
- actually compile in audit support
2005-12-16 15:20:02 +00:00
Tomáš Mráz
f06eb03db8 - support netgroup matching in pam_succeed_if
- upgrade to new release
- drop pam_pwdb as it was obsolete long ago
- we don't build static libraries anymore
2005-12-15 23:47:42 +00:00
Jesse Keating
9b4988bee0 gcc update bump 2005-12-09 22:42:36 +00:00
Tomáš Mráz
a74a5d22a6 - pam_stack is deprecated - log its usage 2005-11-15 14:07:51 +00:00
Tomáš Mráz
ea087a7d8d - forgot to update requirements on audit-libs 2005-10-26 22:49:36 +00:00
Tomáš Mráz
30c2fd8c2e - fixed CAN-2005-2977 unix_chkpwd should skip user verification only if run
as root (#168181)
- link pam_loginuid to libaudit
- support no tty in pam_access (#170467)
- updated audit patch (by Steve Grubb)
- the previous pam_selinux change was not applied properly
- pam_xauth: look for the xauth binary in multiple directories (#171164)
2005-10-26 22:27:20 +00:00
Daniel J Walsh
c678c06cf7 - Eliminate multiple in pam_selinux 2005-10-26 19:23:04 +00:00
Daniel J Walsh
dc2e11c86b - Eliminate fail over for getseuserbyname call 2005-10-18 15:41:53 +00:00
Daniel J Walsh
cf7b021d49 - Add getseuserbyname call for SELinux MCS/MLS policy 2005-10-13 21:36:33 +00:00
Daniel J Walsh
97c6e8fa55 - Add getseuserbyname call for SELinux MCS/MLS policy 2005-10-13 21:10:48 +00:00
Tomáš Mráz
9f1545ee2e - pam_console manpage fixes (#169373) 2005-10-04 13:46:58 +00:00
Tomáš Mráz
84f70fb55d - don't include ps and pdf docs (#168823)
- new common config file for configuration utilities
- remove glib2 dependency (#166979)
2005-09-30 13:52:28 +00:00
Tomáš Mráz
5cac4c86fa - pam_unix: always honor nis flag on password change (by Aaron Hope) 2005-09-20 13:42:45 +00:00
Tomáš Mráz
6f66f1e5c6 - process limit values other than RLIMIT_NICE correctly (#168790) 2005-09-20 12:34:48 +00:00
Tomáš Mráz
efa997e610 - don't fail in audit code when audit is not compiled in on the newest
kernels (#166422)
2005-08-24 09:15:09 +00:00
Tomáš Mráz
bc4cc2dea1 - add option to pam_loginuid to require auditd 2005-08-01 09:14:07 +00:00
Tomáš Mráz
a92b0ed73f - fix NULL dereference in pam_userdb (#164418) 2005-07-28 09:40:49 +00:00
Tomáš Mráz
4c014b4ae5 - fix 64bit bug in pam_pwdb
- don't crash in pam_unix if pam_get_data fail
2005-07-26 08:36:20 +00:00
Tomáš Mráz
009a4f4368 - more pam_selinux permissive fixes (Dan Walsh)
- make binaries PIE (#158938)
2005-07-22 14:17:33 +00:00
Tomáš Mráz
21ad6a063b - fixed module tests so the pam doesn't require itself to build (#163502)
- added buildprereq for building the documentation (#163503)
- relaxed permissions of binaries (u+w)
2005-07-18 16:00:41 +00:00
Tomáš Mráz
f7c051ac6e - upgrade to new upstream sources
- removed obsolete patches
- pam_selinux module shouldn't fail on broken configs unless policy is set
    to enforcing (Dan Walsh)
2005-07-14 14:21:56 +00:00
Tomáš Mráz
24d731a55f - update pam audit patch
- add support for new limits in kernel-2.6.12 (#157050)
2005-06-21 15:03:23 +00:00
Tomáš Mráz
8e736edd31 - pam_loginuid shouldn't report error when /proc/self/loginuid is missing
(#159974)
2005-06-09 21:28:52 +00:00
Tomáš Mráz
7457524347 - add the Requires dependency on audit-libs (#159885) 2005-06-09 11:47:18 +00:00
Tomáš Mráz
4d1f895c96 Fix the build breakage - unpackaged files 2005-05-23 14:31:06 +00:00
Tomáš Mráz
e6a42109ce - don't install the .so links in /lib 2005-05-20 16:05:48 +00:00
Tomáš Mráz
eecc66af23 - update the pam audit patch to support newest audit library, audit also
pam_setcred calls (Steve Grubb)
- don't use the audit_fd as global static variable
- don't unset the XAUTHORITY when target user is root
2005-05-20 15:53:01 +00:00
Tomáš Mráz
6eb3fc0500 - update the pam audit patch to support newest audit library (Steve Grubb) 2005-05-19 18:38:45 +00:00
Tomáš Mráz
fd39e73da0 - pam_console: support loading .perms files in the console.perms.d
(#156069)
2005-05-02 09:53:46 +00:00
Tomáš Mráz
d0ec5ba6c1 - pam_xauth: unset the XAUTHORITY variable on error, fix potential memory
leaks
- modify path to IDE floppy devices in console.perms (#155560)
2005-04-26 12:00:40 +00:00
Steve Grubb
8543c3b252 - Adjusted pam audit patch to make exception for ECONNREFUSED 2005-04-16 14:20:05 +00:00
Tomáš Mráz
f1b09e9b25 - added auditing patch by Steve Grubb
- added cleanup patches for bugs found by Steve Grubb
- don't clear the shadow option of pam_unix if nis option used
2005-04-12 16:33:08 +00:00
Tomáš Mráz
2f260114b9 - #150537 - flush input first then write the prompt 2005-04-08 15:10:15 +00:00
Tomáš Mráz
2d246d8a30 - make pam_unix LSB 2.0 compliant even when SELinux enabled
- #88127 - change both local and NIS passwords to keep them in sync, also
    fix a regression in passwd functionality on NIS master server
2005-04-07 18:40:36 +00:00
Tomáš Mráz
ea4ac73989 - #153711 fix wrong logging in pam_selinux when restoring tty label 2005-04-05 07:40:00 +00:00
Tomáš Mráz
a6a9f4a660 - fix NULL deref in pam_tally when it's used in account phase 2005-04-03 17:12:42 +00:00
Tomáš Mráz
f405278c4f - upgrade to the new upstream release
- moved pam_loginuid to pam-redhat repository
2005-03-31 17:15:12 +00:00
Tomáš Mráz
953e2b6048 - fix wrong logging in pam_console handlers
- add executing ainit handler for alsa sound dmix
- #147879, #112777 - change permissions for dri devices
2005-03-23 12:57:40 +00:00
Tomáš Mráz
cba291fef4 - remove ownership and permissions handling from pam_console call
pam_console_apply as a handler instead
2005-03-19 18:22:00 +00:00
Tomáš Mráz
6513c12e82 - add pam_loginuid module for setting the the login uid for auditing
purposes (by Steve Grubb)
2005-03-14 21:06:07 +00:00
Tomáš Mráz
03d329b496 - must link glib dynamically to .so 2005-03-10 11:01:23 +00:00
Tomáš Mráz
57f66ca8c9 - add functionality for running handler executables from pam_console when
console lock was obtained/lost
- removed patches merged to pam-redhat
2005-03-10 08:14:36 +00:00
Tomáš Mráz
36ee704c88 - fixed some warnings and errors in pam_console for gcc4 build
- improved parsing pam_console config file
2005-03-01 14:36:54 +00:00
Tomáš Mráz
c337b8bf0b - echo why tests failed when rebuilding 2005-03-01 09:06:36 +00:00
Tomáš Mráz
889643ba88 - don't log garbage in pam_console_apply (#147879) 2005-02-21 15:33:24 +00:00
Tomáš Mráz
6e7f9c67de - updated pam-redhat from elvis CVS 2005-01-12 11:16:28 +00:00
jbj
02ac0dcb18 - depend on db-4.3.27, not db-4.3.21. 2005-01-03 17:59:12 +00:00
Tomáš Mráz
b0baf41bab - add argument to pam_console_apply to restrict its work to specified files 2004-11-25 16:40:18 +00:00
Tomáš Mráz
36d4eeff57 - #137802 allow using pam_console for authentication 2004-11-23 15:38:57 +00:00
Tomáš Mráz
056a40e611 - update to Linux-PAM-0.78
- #140451 parse passwd entries correctly and test for failure
2004-11-23 15:32:59 +00:00
jbj
0da465a133 - rebuild against db-4.3.21. 2004-11-13 00:33:17 +00:00
Tomáš Mráz
1916d7ac37 - #77646 log failures when renaming the files when changing password
- Log failure on missing /etc/security/opasswd when remember option is
    present
2004-11-11 13:52:15 +00:00
Tomáš Mráz
91347f07d7 - #87628 pam_timestamp remembers authorization after logout
- #116956 fixed memory leaks in pam_stack
2004-11-10 17:52:27 +00:00
Tomáš Mráz
6c581a0e6d - #74062 modify the pwd-lock patch to remove NIS passwd changing deadlock 2004-10-20 14:46:49 +00:00
Tomáš Mráz
68feec353f - #134941 pam_console should check X11 socket only on login 2004-10-20 13:10:13 +00:00
Tomáš Mráz
3eef649366 - Fix checking of group in %group syntax in pam_limits
- Drop fencepost patch as it was already fixed by upstream change from 0.75
    to 0.77
- Fix brokenshadow patch
2004-10-19 14:25:05 +00:00
Tomáš Mráz
8e01e56e3b - even more console.perms entries
- drop the apply to dir patch - it won't work
2004-10-14 16:42:00 +00:00
Tomáš Mráz
b880f65bb5 forgot to remove obsolete patch 2004-10-14 16:03:31 +00:00
Tomáš Mráz
9abd7cf374 - Added bluetooth, raw1394 and flash to console.perms
- pam_console manpage fix
- Allow to apply console.perms to dir when
2004-10-14 16:02:39 +00:00
Tomáš Mráz
149b939c53 - #126985 pam_stack should always copy the conversation function
- #127524 add /etc/security/opasswd to files
2004-10-11 14:48:11 +00:00
Tomáš Mráz
89f73ad59c - pam_env shouldn't abort on missing /etc/environment 2004-10-11 12:09:28 +00:00
Phil Knirsch
6dc6125605 - Dropped last patch again, real fix is /etc/environment file in setup 2004-09-28 16:18:30 +00:00
Phil Knirsch
0886c1641c - Fixed bug in pam_env where wrong initializer was used 2004-09-23 16:21:40 +00:00
Daniel J Walsh
632558e3e9 use checkPasswdAccess in pam_rootok 2004-09-17 17:54:12 +00:00
Jindrich Novy
d52fe82242 - added patches from Tomas Mraz 2004-09-13 13:57:04 +00:00
cvsdist
6e7e8cb073 auto-import changelog data from pam-0.77-55.src.rpm
Mon Aug 30 2004 Warren Togami <wtogami@redhat.com> 0.77-55
- #126024 /dev/pmu console perms
2004-09-09 09:59:24 +00:00
cvsdist
89c884f64a auto-import changelog data from pam-0.77-54.src.rpm
Wed Aug 04 2004 Dan Walsh <dwalsh@redhat.com> 0.77-54
- Move pam_console.lock to /var/run/console/
2004-09-09 09:59:18 +00:00
cvsdist
0095dae916 auto-import changelog data from pam-0.77-53.src.rpm
Thu Jul 29 2004 Dan Walsh <dwalsh@redhat.com> 0.77-53
- Close fd[1] before pam_modutilread so that unix_verify will complete
2004-09-09 09:59:10 +00:00
cvsdist
a9bb82bba8 auto-import changelog data from pam-0.77-52.src.rpm
Tue Jul 27 2004 Alan Cox <alan@redhat.com> 0.77-52
- First chunk of Steve Grubb's resource leak and other fixes
Tue Jul 27 2004 Alan Cox <alan@redhat.com> 0.77-51
- Fixed build testing of modules
- Fixed dependancies
2004-09-09 09:58:59 +00:00
cvsdist
e4862f785f auto-import pam-0.77-51 from pam-0.77-51.src.rpm 2004-09-09 09:58:35 +00:00
cvsdist
c7e9550fec auto-import changelog data from pam-0.77-50.src.rpm
Tue Jul 20 2004 Dan Walsh <dwalsh@redhat.com> 0.77-50
- Change unix_chkpwd to return pam error codes
2004-09-09 09:58:20 +00:00
cvsdist
21440a7021 auto-import pam-0.77-49 from pam-0.77-49.src.rpm 2004-09-09 09:58:05 +00:00
cvsdist
21937dd94b auto-import changelog data from pam-0.77-48.src.rpm
Sat Jul 10 2004 Alan Cox <alan@redhat.com>
- Fixed the pam glib2 dependancy issue
2004-09-09 09:57:54 +00:00
cvsdist
ae27812230 auto-import changelog data from pam-0.77-47.src.rpm
Mon Jun 21 2004 Alan Cox <alan@redhat.com>
- Fixed the pam_limits fencepost error (#79989) since nobody seems to be
    doing it
Tue Jun 15 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt
Wed Jun 09 2004 Dan Walsh <dwalsh@redhat.com> 0.77-45
- Add requires libselinux > 1.8
2004-09-09 09:57:48 +00:00
cvsdist
ccf51eec26 auto-import changelog data from pam-0.77-44.src.rpm
Thu Jun 03 2004 Dan Walsh <dwalsh@redhat.com> 0.77-44
- Add MLS Support to selinux patch
Wed Jun 02 2004 Dan Walsh <dwalsh@redhat.com> 0.77-43
- Modify pam_selinux to use open and close param
2004-09-09 09:57:30 +00:00
cvsdist
4d16522876 auto-import changelog data from pam-0.77-43.src.rpm
Fri May 28 2004 Dan Walsh <dwalsh@redhat.com> 0.77-42
- Split pam module into two parts open and close
2004-09-09 09:56:34 +00:00
cvsdist
aad5335ba7 auto-import changelog data from pam-0.77-41.src.rpm
Tue May 18 2004 Phil Knirsch <pknirsch@redhat.com> 0.77-41
- Fixed 64bit segfault in pam_succeed_if module.
Wed Apr 14 2004 Dan Walsh <dwalsh@redhat.com> 0.77-40
- Apply changes from audit.
Mon Apr 12 2004 Dan Walsh <dwalsh@redhat.com> 0.77-39
- Change to only report failure on relabel if debug
2004-09-09 09:56:22 +00:00
cvsdist
147d85b558 auto-import changelog data from pam-0.77-38.src.rpm
Wed Mar 03 2004 Dan Walsh <dwalsh@redhat.com> 0.77-38
- Fix error handling of pam_unix
Tue Mar 02 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt
Thu Feb 26 2004 Dan Walsh <dwalsh@redhat.com> 0.77-36
- fix tty handling
Thu Feb 26 2004 Dan Walsh <dwalsh@redhat.com> 0.77-35
- remove tty closing and opening from pam_selinux, it does not work.
Fri Feb 13 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt
Thu Feb 12 2004 Nalin Dahyabhai <nalin@redhat.com>
- pam_unix: also log successful password changes when using shadowed
    passwords
Tue Feb 10 2004 Dan Walsh <dwalsh@redhat.com> 0.77-33
- close and reopen terminal after changing context.
Thu Feb 05 2004 Dan Walsh <dwalsh@redhat.com> 0.77-32
- Check for valid tty
Tue Feb 03 2004 Dan Walsh <dwalsh@redhat.com> 0.77-31
- Check for multiple > 1
2004-09-09 09:55:13 +00:00
cvsdist
05a94aa964 auto-import changelog data from pam-0.77-30.src.rpm
Mon Feb 02 2004 Dan Walsh <dwalsh@redhat.com> 0.77-30
- fix is_selinux_enabled call for pam_rootok
Wed Jan 28 2004 Dan Walsh <dwalsh@redhat.com> 0.77-29
- More fixes to pam_selinux,pam_rootok
Wed Jan 28 2004 Dan Walsh <dwalsh@redhat.com> 0.77-28
- turn on selinux
Wed Jan 28 2004 Dan Walsh <dwalsh@redhat.com> 0.77-27
- Fix rootok check.
Mon Jan 26 2004 Dan Walsh <dwalsh@redhat.com> 0.77-26
- fix is_selinux_enabled call
Sun Jan 25 2004 Dan Walsh <dwalsh@redhat.com> 0.77-25
- Check if ROOTOK for SELinux
Thu Jan 15 2004 Dan Walsh <dwalsh@redhat.com> 0.77-24
- Fix tty handling for pts in pam_selinux
Thu Jan 15 2004 Dan Walsh <dwalsh@redhat.com> 0.77-23
- Need to add qualifier context for sudo situation
Thu Jan 15 2004 Dan Walsh <dwalsh@redhat.com> 0.77-22
- Fix pam_selinux to use prevcon instead of pam_user so it will work for
    su.
Fri Dec 12 2003 Bill Nottingham <notting@redhat.com> 0.77-21.sel
- add alsa devs to console.perms
Thu Dec 11 2003 Jeff Johnson <jbj@jbj.org> 0.77-20.sel
- rebuild with db-4.2.52.
- build db4 in build_unix, not dist.
Wed Nov 26 2003 Dan Walsh <dwalsh@redhat.com> 0.77-19.sel
- Change unix_chkpwd to handle unix_passwd and unix_acct
- This eliminates the need for pam modules to have read/write access to
    /etc/shadow.
Thu Nov 20 2003 Dan Walsh <dwalsh@redhat.com> 0.77-18.sel
- Cleanup unix_chkpwd
Mon Nov 03 2003 Dan Walsh <dwalsh@redhat.com> 0.77-17.sel
- Fix tty handling
- Add back multiple handling
Mon Oct 27 2003 Dan Walsh <dwalsh@redhat.com> 0.77-16.sel
- Remove Multiple from man page of pam_selinux
2004-09-09 09:54:59 +00:00
cvsdist
d577226563 auto-import changelog data from pam-0.77-15.src.rpm
Thu Oct 23 2003 Nalin Dahyabhai <nalin@redhat.com> 0.77-15
- don't install _pam_aconf.h -- apps don't use it, other PAM headers which
    are installed don't use it, and its contents may be different for
    arches on a multilib system
- check for linkage problems in modules at %install-time (kill #107093
    dead)
- add buildprereq on flex (#101563)
Wed Oct 22 2003 Nalin Dahyabhai <nalin@redhat.com>
- make pam_pwdb.so link with libnsl again so that it loads (#107093)
- remove now-bogus buildprereq on db4-devel (we use a bundled copy for
    pam_userdb to avoid symbol collisions with other db libraries in apps)
Mon Oct 20 2003 Dan Walsh <dwalsh@redhat.com> 0.77-14.sel
- Add Russell Coker patch to handle /dev/pty
Fri Oct 17 2003 Dan Walsh <dwalsh@redhat.com> 0.77-13.sel
- Turn on Selinux
Fri Oct 17 2003 Dan Walsh <dwalsh@redhat.com> 0.77-12
- Fix pam_timestamp to work when 0 seconds have elapsed
Mon Oct 06 2003 Dan Walsh <dwalsh@redhat.com> 0.77-11
- Turn off selinux
Thu Sep 25 2003 Dan Walsh <dwalsh@redhat.com> 0.77-10.sel
- Turn on Selinux and remove multiple choice of context.
Wed Sep 24 2003 Dan Walsh <dwalsh@redhat.com> 0.77-10
- Turn off selinux
Wed Sep 24 2003 Dan Walsh <dwalsh@redhat.com> 0.77-9.sel
- Add Russell's patch to check password
Wed Sep 17 2003 Dan Walsh <dwalsh@redhat.com> 0.77-8.sel
- handle ttys correctly in pam_selinux
Fri Sep 05 2003 Dan Walsh <dwalsh@redhat.com> 0.77-7.sel
- Clean up memory problems and fix tty handling.
Mon Jul 28 2003 Dan Walsh <dwalsh@redhat.com> 0.77-6
- Add manual context selection to pam_selinux
Mon Jul 28 2003 Dan Walsh <dwalsh@redhat.com> 0.77-5
- Add pam_selinux
Mon Jul 28 2003 Dan Walsh <dwalsh@redhat.com> 0.77-4
- Add SELinux support
2004-09-09 09:54:36 +00:00
cvsdist
325000d723 auto-import changelog data from pam-0.75-50.src.rpm
Thu Jul 24 2003 Nalin Dahyabhai <nalin@redhat.com> 0.75-50
- pam_postgresok: add
- pam_xauth: add targetuser= argument
Thu Jul 03 2003 Nalin Dahyabhai <nalin@redhat.com>
- pam_timestamp: use a message authentication code to validate timestamp
    files
Mon Jun 30 2003 Nalin Dahyabhai <nalin@redhat.com> 0.75-48.1
- rebuild
Mon Jun 09 2003 Nalin Dahyabhai <nalin@redhat.com> 0.75-49
- modify calls to getlogin() to check the directory of the current TTY
    before searching for an entry in the utmp/utmpx file
Wed Jun 04 2003 Elliot Lee <sopwith@redhat.com>
- rebuilt
2004-09-09 09:52:51 +00:00
cvsdist
2cf2651983 auto-import pam-0.75-48 from pam-0.75-48.src.rpm 2004-09-09 09:51:54 +00:00
cvsdist
cb2381bfec auto-import pam-0.75-46.8.0 from pam-0.75-46.8.0.src.rpm 2004-09-09 09:51:33 +00:00
cvsdist
7414c339bf auto-import pam-0.75-40 from pam-0.75-40.src.rpm 2004-09-09 09:50:43 +00:00
cvsdist
215cd1a5d8 auto-import pam-0.75-39 from pam-0.75-39.src.rpm 2004-09-09 09:50:31 +00:00
cvsdist
19389eb4a0 auto-import pam-0.75-32 from pam-0.75-32.src.rpm 2004-09-09 09:50:13 +00:00
cvsdist
0313d50ba5 auto-import pam-0.75-31 from pam-0.75-31.src.rpm 2004-09-09 09:49:43 +00:00
cvsdist
035542f9c8 auto-import pam-0.75-29 from pam-0.75-29.src.rpm 2004-09-09 09:49:12 +00:00