Commit Graph

13 Commits

Author SHA1 Message Date
Tomas Mraz
786ce63f9d Coverity fixes, pam_umask added to postlogin
add pam_umask to postlogin PAM configuration file
fix some issues found by Coverity scan
2018-09-10 14:25:15 +02:00
Tomas Mraz
6ffceb7ea0 add "local_users_only" to pam_pwquality in default configuration 2013-09-30 11:39:27 +02:00
Tomas Mraz
858c76dcd3 Multiple bug fixes and cleanups.
- do not fail if btmp file is corrupted (#906852)
- fix strict aliasing warnings in build
- UsrMove
- use authtok_type with pam_pwquality in system-auth
- remove manual_context handling from pam_selinux (#876976)
- other minor specfile cleanups
2013-03-22 17:44:40 +01:00
Tomas Mraz
882ad81ab3 add pam_systemd to session modules 2012-05-09 11:12:48 +02:00
Tomas Mraz
0e4d0dbd64 use pam_pwquality instead of pam_cracklib 2011-11-24 15:05:57 +01:00
Tomáš Mráz
e3430d85d2 - change the default password hash to sha512 2010-02-15 17:25:28 +00:00
Tomáš Mráz
355576d558 - silence pam_succeed_if in default system-auth (#205067)
- round the pam_timestamp_check sleep up to wake up at the start of the
    wallclock second (#205068)
2006-09-04 14:31:09 +00:00
Tomáš Mráz
10ddab4186 - upgrade to new upstream version, as there are mostly bugfixes except
improved documentation
- add support for session and password service for pam_access and
    pam_succeed_if
- system-auth: skip session pam_unix for crond service
2006-08-31 20:51:59 +00:00
Tomáš Mráz
fce253b7c0 - don't report error in pam_selinux for nonexistent tty (#188722)
- add pam_keyinit to the default system-auth file (#198623)
2006-07-17 11:03:29 +00:00
Tomáš Mráz
48968f9a9f - added try_first_pass option to pam_cracklib
- use try_first_pass for pam_unix and pam_cracklib in system-auth (#182350)
2006-02-24 10:46:47 +00:00
Tomáš Mráz
056a40e611 - update to Linux-PAM-0.78
- #140451 parse passwd entries correctly and test for failure
2004-11-23 15:32:59 +00:00
cvsdist
2cf2651983 auto-import pam-0.75-48 from pam-0.75-48.src.rpm 2004-09-09 09:51:54 +00:00
cvsdist
cd929cb3b7 auto-import changelog data from pam-0.75-16.src.rpm
Wed Oct 24 2001 Nalin Dahyabhai <nalin@redhat.com> 0.75-16
- pam_xauth: always return PAM_SUCCESS or PAM_SESSION_ERR instead of
    PAM_IGNORE, matching the previous behavior (libpam treats PAM_IGNORE
    from a single module in a stack as a session error, leading to false
    error messages if we just return PAM_IGNORE for all cases)
Mon Oct 22 2001 Nalin Dahyabhai <nalin@redhat.com> 0.75-15
- reorder patches so that the reentrancy patch is applied last -- we never
    came to a consensus on how to guard against the bugs in calling
    applications which this sort of change addresses, and having them last
    allows for dropping in a better strategy for addressing this later on
Mon Oct 15 2001 Nalin Dahyabhai <nalin@redhat.com>
- pam_rhosts: allow "+hostname" as a synonym for "hostname" to jive better
    with the hosts.equiv(5) man page
- use the automake install-sh instead of the autoconf install-sh, which
    disappeared somewhere between 2.50 and now
Mon Oct 08 2001 Nalin Dahyabhai <nalin@redhat.com>
- add pwdb as a buildprereq
Fri Oct 05 2001 Nalin Dahyabhai <nalin@redhat.com>
- pam_tally: don't try to read past the end of faillog -- it probably
    contains garbage, which if written into the file later on will confuse
    /usr/bin/faillog
Thu Oct 04 2001 Nalin Dahyabhai <nalin@redhat.com>
- pam_limits: don't just return if the user is root -- we'll want to set
    the priority (it could be negative to elevate root's sessions)
- pam_issue: fix off-by-one error allocating space for the prompt string
Wed Oct 03 2001 Nalin Dahyabhai <nalin@redhat.com>
- pam_mkhomedir: recurse into subdirectories properly
- pam_mkhomedir: handle symlinks
- pam_mkhomedir: skip over special items in the skeleton directory
Tue Oct 02 2001 Nalin Dahyabhai <nalin@redhat.com>
- add cracklib as a buildprereq
- pam_wheel: don't ignore out if the user is attempting to switch to a
    unprivileged user (this lets pam_wheel do its thing when users attempt
    to get to system accounts or accounts of other unprivileged users)
Fri Sep 28 2001 Nalin Dahyabhai <nalin@redhat.com>
- pam_xauth: close a possible DoS due to use of dotlock-style locking in
    world-writable directories by relocating the temporary file to the
    target user's home directory
- general: include headers local to this tree using relative paths so that
    system headers for PAM won't be pulled in, in case include paths don't
    take care of it
Thu Sep 27 2001 Nalin Dahyabhai <nalin@redhat.com>
- pam_xauth: rewrite to skip refcounting and just use a temporary file
    created using mkstemp() in /tmp
Tue Sep 25 2001 Nalin Dahyabhai <nalin@redhat.com>
- pam_userdb: fix the key_only flag so that the null-terminator of the
    user-password string isn't expected to be part of the key in the db
    file, matching the behavior of db_load 3.2.9
2004-09-09 09:48:16 +00:00