| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
2008-07-09 Thorsten Kukuk <kukuk@thkukuk.de>
* modules/pam_tally/pam_tally.c: Add support for silent and
no_log_info options.
* modules/pam_tally/pam_tally.8.xml: Document silent and
no_log_info options.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2008-07-08 Thorsten Kukuk <kukuk@thkukuk.de>
* modules/pam_unix/passverify.c (verify_pwd_hash): Adjust debug
statement.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2008-06-22 Thorsten Kukuk <kukuk@thkukuk.de>
* modules/pam_unix/unix_chkpwd.c (main): Fix compiling without
audit support.
* modules/pam_cracklib/pam_cracklib.8.xml: Fix typo in ucredit
description (reported by Wayne Pollock <pollock@acm.org>)
|
| |
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2008-06-19 Tomas Mraz <t8m@centrum.cz>
* modules/pam_succeed_if/pam_succeed_if.c (pam_sm_authenticate):
Detect configuration errors. Fail on incomplete condition.
|
| |
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2008-05-20 Tomas Mraz <t8m@centrum.cz>
* configure.in: Work correctly with autoconf-2.62.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2008-05-19 Tomas Mraz <t8m@centrum.cz>
* doc/man/pam_getenv.3.xml: Correct the pam_getenv documentation.
* doc/man/pam_prompt.3.xml: Add missing description.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: translation
Commit summary:
---------------
2008-05-14 Kjartan Maraas <kmaraas@gnome.org>
* po/nb.po: Updated translation.
2008-05-14 Sulyok Péter <peti@sulyok.hu>
* po/hu.po: Updated translation.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2008-05-14 Tomas Mraz <t8m@centrum.cz>
* modules/pam_unix/pam_unix_passwd.c(pam_sm_chauthtok): Unset authtok
item when password is not approved.
* modules/pam_unix/support.c(_unix_read_password): UNIX_USE_FIRST_PASS
is always set when UNIX_AUTHTOK is set, change order of conditions.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2008-05-14 Tomas Mraz <t8m@centrum.cz>
* libpam/pam_modutil_getgrgid.c: Replace hardcoded constant with
define PWD_LENGTH_SHIFT.
* libpam/pam_modutil_getgrnam.c: Likewise.
* libpam/pam_modutil_getpwnam.c: Likewise.
* libpam/pam_modutil_getpwuid.c: Likewise.
* libpam/pam_modutil_getspnam.c: Likewise.
* libpam/pam_modutil_private.h: Adjust values for PWD_ constants.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
2008-05-02 Tomas Mraz <t8m@centrum.cz>
* modules/pam_selinux/pam_selinux.c(query_response): Add handling
for NULL response.
(manual_context): Handle failed query_response() properly. Rename
variable responses to response which is more correct name.
(config_context): Likewise.
(pam_sm_open_session): Do not base decision on whether there is a tty.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2008-04-22 Tomas Mraz <t8m@centrum.cz>
* modules/pam_selinux/pam_selinux.c(pam_sm_close_sesion): Fix
regression from the change from 2008-03-20. setexeccon() must be
called also with NULL prev_context.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2008-04-21 Thorsten Kukuk <kukuk@thkukuk.de>
* modules/pam_access/access.conf.5.xml: Document changed behavior
of LOCAL keyword.
* modules/pam_access/pam_access.c: Add from_remote_host to
struct login_info to change behavior of LOCAL keyword: if
PAM_RHOST is not set, LOCAL will be true.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
2008-04-18 Tomas Mraz <t8m@centrum.cz>
* modules/pam_namespace/pam_namespace.c: New functions
unprotect_dirs(), cleanup_protect_data(), protect_mount(),
protect_dir() to protect directory by bind mount.
(cleanup_data): Renamed to cleanup_polydir_data().
(parse_create_params): Allow missing specification of mode
or owner.
(check_inst_parent): Call protect_dir() on the instance parent
directory. The directory is created when it doesn't exist.
(create_polydir): Protect and make the polydir by protect_dir(),
remove potential races.
(create_dirs): Renamed to create_instance(), remove call to
inst_init().
(ns_setup): Call protect_dir() on the polydir if it already exists.
Call inst_init() after the polydir is mounted.
(setup_namespace): Set the namespace protect data to be cleaned up
on pam_close_session()/pam_end().
(pam_sm_open_session): Initialize the protect_dirs.
(pam_sm_close_session): Cleanup namespace protect data.
* modules/pam_namespace/pam_namespace.h: Define struct for the
stack of protected dirs.
* modules/pam_namespace/pam_namespace.8.xml: Document when the
instance init script is called.
* modules/pam_namespace/namespace.conf.5.xml: Likewise.
|
| |
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2008-04-17 Tomas Mraz <t8m@centrum.cz>
* modules/pam_sepermit/pam_sepermit.c(sepermit_match): Do not try
to lock if euid != 0.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2008-04-17 Tomas Mraz <t8m@centrum.cz>
* modules/pam_access/pam_access.c(myhostname): Removed function.
(user_match): Supply hostname of the machine to the netgroup_match().
Use hostname from the loginfo instead of calling myhostname().
(pam_sm_authenticate): Call gethostname() to fill hostname in the
loginfo.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
2008-04-16 Tomas Mraz <t8m@centrum.cz>
* modules/pam_cracklib/pam_cracklib.c(_pam_parse): Recognize also
try_first_pass and use_first_pass options.
(pam_sm_chauthtok): Implement the new options.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
2008-04-16 Tomas Mraz <t8m@centrum.cz>
* modules/pam_unix/Makefile.am: Link unix_chkpwd with libaudit.
* modules/pam_unix/unix_chkpwd.c(_audit_log): New function for audit.
(main): Call _audit_log() when appropriate.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2008-04-08 Tomas Mraz <t8m@centrum.cz>
* libpam/pam_item.c (TRY_SET): Do not set when destination
is identical to source.
(pam_set_item): Do not overwrite destination when it
is identical to source.
|
| |
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
2008-04-08 Tomas Mraz <t8m@centrum.cz>
* modules/pam_xauth/pam_xauth.c(run_coprocess): Avoid multiple
calls to sysconf() (based on patch by Sami Farin).
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: translation
Commit summary:
---------------
2008-04-07 Miloš Komarčević <kmilos@gmail.com>
* po/sr.po: New file with translation.
* po/sr@latin.po: Likewise.
* po/LINGUAS: Add sr and sr@latin.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: release
Commit summary:
---------------
Release Version 1.0.0
2008-04-03 Thorsten Kukuk <kukuk@thkukuk.de>
* release version 1.0.0
* configure.in: Set version number to 1.0.0.
* libpam/Makefile.am: Bump patchlevel of libpam.
* doc/adg/Linux-PAM_ADG.xml: Update version/date.
* doc/mwg/Linux-PAM_MWG.xml: Likewise.
* doc/sag/Linux-PAM_SAG.xml: Likewise.
|
| |
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2008-03-31 Dan Walsh <dwalsh@redhat.com>
* modules/pam_sepermit/pam_sepermit.c(sepermit_lock): Mark lock fd to
be closed on exec.
|
| |
|
|
|
|
|
|
|
|
| |
Purpose of commit: translations
Commit summary:
---------------
2008-03-25 Leah Liu <lliu@redhat.com>
* po/zh_CN.po: Updated translation.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2008-03-20 Tomas Mraz <t8m@centrum.cz>
* modules/pam_namespace/pam_namespace.c(poly_name): Switch to USER
method only when appropriate.
(setup_namespace): Do not umount when not mounted with RUSER.
* modules/pam_selinux/pam_selinux.c(pam_sm_close_session): Call
freecontext() after the context is logged not before.
|
| |
|
|
|
|
|
|
|
|
| |
Purpose of commit: translation
Commit summary:
---------------
2008-03-18 Canniot Thomas <thomas.canniot@mrtomlinux.org>
* po/fr.po: Updated translation.
|
| |
|
|
|
|
|
|
|
|
| |
Purpose of commit: translation
Commit summary:
---------------
2008-03-13 Ankit Patel <ankit@redhat.com>
* po/gu.po: Updated translation.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
2008-03-05 Tomas Mraz <t8m@centrum.cz>
* modules/pam_cracklib/pam_cracklib.c(pam_sm_chauthtok): Avoid
unnecessary x_strdup() of resp.
* modules/pam_ftp/pam_ftp(pam_sm_authenticate): Call _pam_overwrite()
before dropping password resp.
|
| |
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
Just cleanup of obsolete translations.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2008-03-03 Tomas Mraz <t8m@centrum.cz>
* libpam/pam_item.c(RESET): Rename to TRY_SET, handle strdup failure.
(pam_set_item): Use TRY_SET() also for PAM_AUTHTOK and PAM_OLDAUTHTOK.
Handle allocation failure for PAM_XAUTHDATA.
(pam_get_user): Return error when conversation returns NULL user.
Call pam_set_item() instead of RESET().
|
| |
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: translations
Commit summary:
---------------
2008-03-03 Tomas Mraz <t8m@centrum.cz>
* modules/pam_selinux/pam_selinux.c: Do not translate syslog messages.
* po/Linux-PAM.pot: Update.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
2008-02-26 Tomas Mraz <t8m@centrum.cz>
* modules/pam_unix/Makefile.am: Do not link to cracklib.
* modules/pam_unix/pam_unix_passwd.c(_pam_unix_approve_pass):
Do not call FascistCheck() from cracklib.
|
| |
|
|
|
|
|
|
| |
Purpose of commit: translations
Commit summary:
---------------
Updated de translation.
|
| |
|
|
|
|
|
|
| |
Purpose of commit: translations
Commit summary:
---------------
po/pl.po: Updated translation.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: translations
Commit summary:
---------------
2008-02-26 Tomas Mraz <t8m@centrum.cz>
* po/LINUGAS: New languages added.
* po/es.po: Updated translations.
* po/fr.po: Likewise.
* po/it.po: Likewise.
* po/ja.po: Likewise.
* po/nl.po: Likewise.
* po/pl.po: Likewise.
* po/pt_BR.po: Likewise.
* po/ru.po: Likewise.
* po/zh_CN.po: Likewise.
* po/as.po: New file.
* po/gu.po: Likewise.
* po/hi.po: Likewise.
* po/kn.po: Likewise.
* po/ko.po: Likewise.
* po/ml.po: Likewise.
* po/or.po: Likewise.
* po/si.po: Likewise.
* po/ta.po: Likewise.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2008-02-21 Tomas Mraz <t8m@centrum.cz>
* libpam/pam_audit.c (_pam_audit_writelog): Silence syslog
message on non-error return.
* modules/pam_unix/unix_chkpwd.c (main): Proceed as unprivileged
user when checking password of another user.
* modules/pam_unix/unix_update.c: Fix comment.
|
| |
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
Rename tst-pam_assemble_line to tst-pam_assemble_line1
|
| |
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2008-02-18 Dmitry V. Levin <ldv@altlinux.org>
* xtests/Makefile.am (EXTRA_DIST): Add tst-pam_assemble_line.pamd
and tst-pam_assemble_line.sh
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2008-02-18 Dmitry V. Levin <ldv@altlinux.org>
* libpam/pam_handlers.c (_pam_assemble_line): Fix potential
buffer overflow.
* xtests/tst-pam_assemble_line.pamd: New test for
_pam_assemble_line.
* xtests/tst-pam_assemble_line.sh: New script for
tst-pam_assemble_line.
* xtests/Makefile.am (NOSRCTESTS): Add tst-pam_assemble_line.
|
| |
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2008-02-18 Dmitry V. Levin <ldv@altlinux.org>
* modules/pam_exec/pam_exec.c (call_exec): Fix asprintf return
code check.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: prepare release
Commit summary:
---------------
Missing pieces for a 0.99.10.0 release
2008-02-13 Thorsten Kukuk <kukuk@thkukuk.de>
* release version 0.99.10.0
* configure.in: set version number.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2008-02-13 Thorsten Kukuk <kukuk@thkukuk.de>
* modules/pam_rhosts/Makefile.am: Remove pam_rhosts_auth.
* modules/pam_rhosts/pam_rhosts_auth.c: Removed.
* modules/pam_rhosts/tst-pam_rhosts_auth: Removed.
* modules/pam_namespace/Makefile.am (noinst_HEADERS): Add
pam_namespace.h.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix, new feature
Commit summary:
---------------
2008-02-13 Tomas Mraz <t8m@centrum.cz>
* modules/pam_namespace/Makefile.am: Add argv_parse files and namespace.d
dir.
* modules/pam_namespace/argv_parse.c: New file.
* modules/pam_namespace/argv_parse.h: New file.
* modules/pam_namespace/namespace.conf.5.xml: Document new features.
* modules/pam_namespace/pam_namespace.8.xml: Likewise.
* modules/pam_namespace/pam_namespace.h: Use SECURECONF_DIR define.
Define NAMESPACE_D_DIR and NAMESPACE_D_GLOB. Define new option flags
and polydir flags.
(polydir_s): Add rdir, replace exclusive with flags, add init_script,
owner, group, and mode.
(instance_data): Add ruser, gid, and ruid.
* modules/pam_namespace/pam_namespace.c: Remove now unused copy_ent().
(add_polydir_entry): Add the entry directly, no copy.
(del_polydir): New function.
(del_polydir_list): Call del_polydir().
(expand_variables, parse_create_params, parse_iscript_params,
parse_method): New functions.
(process_line): Call expand_variables() on polydir and instance prefix.
Call argv_parse() instead of strtok_r(). Allocate struct polydir_s on heap.
(parse_config_file): Parse .conf files from namespace.d dir after
namespace.conf.
(form_context): Call getcon() or get_default_context_with_level() when
appropriate flags are set.
(poly_name): Handle shared polydir flag.
(inst_init): Execute non-default init script when specified.
(create_polydir): New function.
(create_dirs): Remove the code which checks the polydir. Do not call
inst_init() when noinit flag is set.
(ns_setup): Check the polydir and eventually create it if the create flag
is set.
(setup_namespace): Use ruser uid from idata. Set the namespace polydir
pam data only when namespace was set up correctly. Unmount polydir
based on ruser.
(get_user_data): New function.
(pam_sm_open_session): Check for use_current_context and
use_default_context options. Call get_user_data().
(pam_sm_close_session): Call get_user_data().
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
2008-02-04 Thorsten Kukuk <kukuk@thkukuk.de>
* modules/pam_exec/pam_exec.c: Set PAM environment variables and
add 'quiet' option.
* modules/pam_exec/pam_exec.8.xml: Document new behavior.
Patch from Julien Lecomte <julien@lecomte.at>.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfixes
Commit summary:
---------------
2008-02-04 Thorsten Kukuk <kukuk@thkukuk.de>
* modules/pam_sepermit/Makefile.am: Install config file only
if we build the module.
* doc/Makefile.am: Fix build out of source directory.
* po/POTFILES.in: Add pam_sepermit.c.
|
| |
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2008-02-04 Thorsten Kukuk <kukuk@thkukuk.de>
* modules/Makefile.am: Add pam_sepermit.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfixes
Commit summary:
---------------
2008-02-04 Thorsten Kukuk <kukuk@thkukuk.de>
* libpam/pam_static_modules.h: Add _pam_sepermit_modstruct.
* modules/pam_sepermit/pam_sepermit.c: Fix typo.
* README: Add --disable-pie to configure options for static library.
* doc/man/Makefile.am: Fix building outside of src directory.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
2008-02-01 Tomas Mraz <t8m@centrum.cz>
* modules/pam_namespace/namespace.conf.5.xml: Add documentation for
tmpfs and tmpdir polyinst and for ~ user list modifier.
* modules/pam_namespace/namespace.init: Add documentation for the
new init parameter. Add home directory initialization script.
* modules/pam_namespace/pam_namespace.8.xml: Document the new
init parameter of the namespace.init script.
* modules/pam_namespace/pam_namespace.c(copy_ent): Copy exclusive flag.
(cleanup_data): New function.
(process_line): Set exclusive flag. Add tmpfs and tmpdir methods.
(ns_override): Change behavior on the exclusive flag.
(poly_name): Process tmpfs and tmpdir methods.
(inst_init): Add flag for new directory initialization.
(create_dirs): Process the tmpdir method, add the new directory
flag.
(ns_setup): Remove unused code. Process the tmpfs method.
(cleanup_tmpdirs): New function.
(setup_namespace): Set data for proper cleanup. Cleanup the tmpdirs
on failures.
(pam_sm_close_session): Instead of parsing the config file again use
the previously set data for cleanup.
* modules/pam_namespace/pam_namespace.h: Add TMPFS and TMPDIR methods
and exclusive flag.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
2008-01-29 Tomas Mraz <t8m@centrum.cz>
* configure.in: Test for setkeycreatecon needs libselinux.
Add new module pam_sepermit.
* modules/Makefile.am: Add new module pam_sepermit.
* modules/pam_sepermit/.cvsignore: New file.
* modules/pam_sepermit/Makefile.am: Likewise.
* modules/pam_sepermit/README.xml: Likewise.
* modules/pam_sepermit/pam_sepermit.8.xml: Likewise.
* modules/pam_sepermit/pam_sepermit.c: Likewise.
* modules/pam_sepermit/sepermit.conf: Likewise.
* modules/pam_sepermit/tst-pam_sepermit: Likewise.
* doc/sag/pam_sepermit.xml: Likewise.
* doc/sag/pam_tty_audit.xml: Add pam_tty_audit to SAG.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
2008-01-29 Miloslav Trmac <mitr@redhat.com>
* modules/pam_tty_audit/README.xml: Add notes section.
* modules/pam_tty_audit/pam_tty_audit.8.xml: Describe patterns
support and open_only option. Add notes.
* modules/pam_tty_audit/pam_tty_audit.c(pam_sm_open_session): Add
support for pattern matching and the open_only option.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
2008-01-28 Thorsten Kukuk <kukuk@thkukuk.de>
* libpam/pam_audit.c: Include pam_modutil_private.h.
* libpam/pam_item.c (pam_set_item): Fix compiler warning.
* libpam/pam_end.c (pam_end): Cast to correct pointer type.
* libpam/include/security/_pam_macros.h (_pam_overwrite_n): Use
unsigned int.
|
