Commit Graph

79 Commits

Author SHA1 Message Date
ipedrosa
6989bc7495 Added new pam-redhat tarball to lookaside cache 2020-07-02 12:46:54 +02:00
ipedrosa
aad6db4b92 Rebased to release 1.4.0
Rebased to pam-redhat-1.1.3
Removed pam_cracklib as it has been deprecated
2020-06-25 13:07:15 +02:00
Tomas Mraz
4957e6ce68 pam_faillock: Fix regression in admin_group support 2019-12-18 13:36:44 +01:00
Tomas Mraz
a9ef7f8676 Multiple fixes and enhancements
pam_namespace: Support noexec, nosuid and nodev flags for tmpfs mounts
Drop tallylog and pam_tally documentation
pam_faillock: Support local_users_only option
pam_lastlog: Do not display failed attempts with PAM_SILENT flag
pam_lastlog: Support unlimited option to override fsize limit
pam_unix: Log if user authenticated without password
pam_tty_audit: Improve manual page
Optimize closing fds when spawning helpers
Fix duplicate password verification in pam_authtok_verify()
2019-10-16 16:35:57 +02:00
Tomas Mraz
b0eec480a1 pam_faillock: Support configuration file /etc/security/faillock.conf 2019-09-09 12:39:07 +02:00
Tomas Mraz
40b927d103 Update Red Hat PAM modules to version 1.0.0 which includes pam_faillock
Drop also pam_tally2 which was obsoleted and deprecated long time ago
2018-12-04 09:15:56 +01:00
Tomas Mraz
48538add1f new upstream release 1.3.1 with multiple improvements 2018-05-18 15:43:48 +02:00
Tomas Mraz
26153ac92d new upstream release with multiple improvements 2016-05-06 15:28:27 +02:00
Tomas Mraz
aef85b12f8 new upstream release fixing security issue with unlimited password length 2015-06-26 13:56:40 +02:00
Tomas Mraz
6ccbfce566 Minor security and bugfix updates
- fix CVE-2014-2583: potential path traversal issue in pam_timestamp
- fix CVE-2013-7041: use case sensitive comparison in pam_userdb
- be tolerant to corrupted opasswd file
2015-05-15 16:39:21 +02:00
Tomas Mraz
82f97fb404 rename the 90-nproc.conf to 20-nproc.conf (#1071618)
- canonicalize user name in pam_selinux (#1071010)
- refresh the pam-redhat tarball
2014-03-10 15:36:16 +01:00
Tomas Mraz
b99d0d5268 new upstream release
- pam_tty_audit: allow the module to work with old kernels
2013-10-14 14:51:50 +02:00
Tomas Mraz
83d65b99e2 Add back incorrectly removed source. 2013-09-13 14:37:38 +02:00
Tomas Mraz
27d141fac2 new upstream release 2013-09-13 14:27:26 +02:00
Tomas Mraz
8a0ba11ae1 new upstream release 2012-08-17 15:24:18 +02:00
Tomas Mraz
0c02cd5bb7 upgrade to new upstream release 2011-11-24 14:33:55 +01:00
Tomas Mraz
412141d627 upgrade to new upstream release 2011-06-27 17:24:51 +02:00
Tomas Mraz
4baf0f6949 - upgrade to new upstream release fixing CVE-2010-3316 CVE-2010-3435
CVE-2010-3853
- try to connect to an abstract X-socket first to verify we are
  at real console (#647191)
2010-11-01 23:42:26 +01:00
Tomas Mraz
360abdf2a1 - add pam_faillock module implementing temporary account lock out based
on authentication failures during a specified interval
- upgrade to new upstream release
2010-09-17 18:01:19 +02:00
Tomas Mraz
ca3ead6784 - add pam_faillock module implementing temporary account lock out based
on authentication failures during a specified interval
- upgrade to new upstream release
2010-09-17 17:37:07 +02:00
Tomáš Mráz
1802942b8d - new upstream version with minor changes 2009-12-17 14:29:39 +00:00
Tomáš Mráz
47e2c2f3d9 - update to new upstream version 2009-06-24 07:09:21 +00:00
Tomáš Mráz
da8b25143b - update to new upstream version 2009-05-13 10:59:18 +00:00
Tomáš Mráz
86ab0d0478 - upgrade to new upstream release 2009-03-09 20:46:07 +00:00
Tomáš Mráz
5774cd5ca3 - upgrade to new upstream release 2009-03-09 20:33:11 +00:00
Tomáš Mráz
d4ff57cf6f - upgrade to new upstream release
- add --disable-prelude (#466242)
2008-12-16 15:17:16 +00:00
Tomáš Mráz
8955a466b5 - pam_loginuid: uids are unsigned (#460241)
- new minor upstream release
- use external db4
- drop tests for not pulling in libpthread (as NPTL should be safe)
2008-09-08 11:01:44 +00:00
Tomáš Mráz
7d29dd0246 - update internal db4 2008-07-09 12:27:35 +00:00
Tomáš Mráz
65a47ccbca - upgrade to new upstream release (one bugfix only)
- fix pam_sepermit use in screensavers
2008-04-18 08:43:42 +00:00
Tomáš Mráz
1fa0a9e893 - upgrade to new upstream release (bugfix only) 2008-04-04 16:00:50 +00:00
Tomáš Mráz
1ba40631bf - update pam-redhat module tarball
- update internal db4
2008-02-28 22:44:06 +00:00
Tomáš Mráz
0533865ad8 - new upstream release
- add default soft limit for nproc of 1024 to prevent accidental fork bombs
    (#432903)
2008-02-15 17:27:28 +00:00
Tomáš Mráz
00939f1c06 - update db4 to 4.6.19 (#274661) 2007-09-25 20:15:45 +00:00
Tomáš Mráz
8fa0463a67 - updated db4 to 4.6.18 (#249740)
- added user and new instance parameters to namespace init
- document the new features of pam_namespace
- do not log an audit error when uid != 0 (#249870)
2007-08-06 12:31:50 +00:00
Tomáš Mráz
6c6453458a - upgrade to latest upstream version
- add some firewire devices to default console perms (#240770)
2007-07-23 18:46:31 +00:00
Tomáš Mráz
bbd6bf031f - upgrade to new upstream version resolving CVE-2007-0003
- pam_namespace: unmount poly dir for override users
2007-01-24 12:14:29 +00:00
Tomáš Mráz
0b9c1bae67 - upgrade to new upstream version
- drop pam_stack module as it is obsolete
- some changes to silence rpmlint
2007-01-19 17:42:21 +00:00
Tomáš Mráz
4f2fe36b29 - update internal db4 to 4.5.20 version
- move setgid before setuid in pam_keyinit (#212329)
- make username check in pam_unix consistent with useradd (#212153)
2006-11-13 21:05:40 +00:00
Tomáš Mráz
355576d558 - silence pam_succeed_if in default system-auth (#205067)
- round the pam_timestamp_check sleep up to wake up at the start of the
    wallclock second (#205068)
2006-09-04 14:31:09 +00:00
Tomáš Mráz
10ddab4186 - upgrade to new upstream version, as there are mostly bugfixes except
improved documentation
- add support for session and password service for pam_access and
    pam_succeed_if
- system-auth: skip session pam_unix for crond service
2006-08-31 20:51:59 +00:00
Tomáš Mráz
00eddc0974 - updated to a new upstream release
- added service as value to be matched and list matching to pam_succeed_if
2006-06-30 09:20:33 +00:00
Tomáš Mráz
fbfca3562b - upgrade to new upstream version
- make pam_console_apply not dependent on glib
- support large uids in pam_tally, pam_tally2
2006-05-10 14:16:34 +00:00
Tomáš Mráz
4f1df63a4d - fixed console device class for irda (#189966)
- make pam_console_apply fail gracefully when a class is missing
2006-04-26 11:56:48 +00:00
Tomáš Mráz
54e490e814 - added pam_namespace module written by Janak Desai (per-user /tmp support)
- new pam-redhat modules version
2006-04-25 14:53:39 +00:00
Tomáš Mráz
46d6d056ab - new upstream version
- updated db4 to 4.3.29
- added module pam_tally2 with auditing support
- added manual pages for system-auth and config-util (#179584)
2006-02-03 12:41:29 +00:00
Tomáš Mráz
05cc723970 - remove 'initscripts' dependency (#176508)
- update pam-redhat modules, merged patches
2006-01-03 16:23:10 +00:00
Tomáš Mráz
f06eb03db8 - support netgroup matching in pam_succeed_if
- upgrade to new release
- drop pam_pwdb as it was obsolete long ago
- we don't build static libraries anymore
2005-12-15 23:47:42 +00:00
Tomáš Mráz
f7c051ac6e - upgrade to new upstream sources
- removed obsolete patches
- pam_selinux module shouldn't fail on broken configs unless policy is set
    to enforcing (Dan Walsh)
2005-07-14 14:21:56 +00:00
Tomáš Mráz
f405278c4f - upgrade to the new upstream release
- moved pam_loginuid to pam-redhat repository
2005-03-31 17:15:12 +00:00
Tomáš Mráz
cba291fef4 - remove ownership and permissions handling from pam_console call
pam_console_apply as a handler instead
2005-03-19 18:22:00 +00:00