diff options
| author | Dmitry V. Levin <ldv@altlinux.org> | 2020-05-13 08:00:00 +0000 |
|---|---|---|
| committer | Dmitry V. Levin <ldv@altlinux.org> | 2020-05-13 08:00:00 +0000 |
| commit | be2c75e7a01b270e6a1e97c7371a89483906f606 (patch) | |
| tree | 2511d74169ee25b82f7c54239d67096d4e8fc7fc /NEWS | |
| parent | 126ea83853ff1fcad8e5271bb2dbb335a26cb0bd (diff) | |
NEWS: update
Diffstat (limited to 'NEWS')
| -rw-r--r-- | NEWS | 12 |
1 files changed, 12 insertions, 0 deletions
@@ -4,9 +4,13 @@ Release 1.4.0 * Multiple minor bug fixes and documentation improvements * Fixed grammar of messages printed via pam_prompt * Added support for a vendor directory and libeconf +* configure: Added --enable-Werror option to enable -Werror build * configure: Allowed disabling documentation through --disable-doc * pam_get_authtok_verify: Avoid duplicate password verification +* pam_cracklib: Fixed parsing of options without arguments * pam_env: Changed the default to not read the user .pam_environment file +* pam_exec: Require a user name to be specified before the command is executed +* pam_faillock: New module for locking after multiple auth failures * pam_group, pam_time: Fixed logical error with multiple ! operators * pam_keyinit: In pam_sm_setcred do the same as in pam_sm_open_session * pam_lastlog: Do not log info about failed login if the session was opened @@ -14,21 +18,29 @@ Release 1.4.0 * pam_lastlog: Limit lastlog file use by LASTLOG_UID_MAX option in login.defs * pam_lastlog: With 'unlimited' option prevent SIGXFSZ due to reduced 'fsize' limit +* pam_mkhomedir: Fixed return value when the user is unknown * pam_motd: Export MOTD_SHOWN=pam after showing MOTD * pam_motd: Support multiple motd paths specified, with filename overrides * pam_namespace: Added a systemd service, which creates the namespaced instance parent directories during boot * pam_namespace: Support for noexec, nosuid and nodev flags for tmpfs mounts +* pam_selinux: Check unknown object classes or permissions in current policy +* pam_selinux: Fall back to log to syslog if audit logging fails +* pam_setquota: New module to set or modify disk quotas on session start * pam_shells: Recognize /bin/sh as the default shell +* pam_succeed_if: Fixed potential override of the default prompt * pam_succeed_if: Support lists in group membership checks +* pam_time: Added conffile= option to specify an alternative configuration file * pam_tty_audit: If kernel audit is disabled return PAM_IGNORE * pam_umask: Added new 'nousergroups' module argument and allowed specifying the default for usergroups at build-time * pam_unix: Added 'nullresetok' option to allow resetting blank passwords * pam_unix: Report unusable hashes found by checksalt to syslog +* pam_unix: Return PAM_AUTHINFO_UNAVAIL when shadow entry is unavailable * pam_unix: Support for (gost-)yescrypt hashing methods * pam_unix: Use bcrypt b-variant when it bcrypt is chosen * pam_usertype: New module to tell if uid is in login.defs ranges +* Fixed and documented possible values returned by pam_get_user() * Added new API call pam_start_confdir() for special applications that cannot use the system-default PAM configuration paths and need to explicitly specify another path |