Commit message (Collapse) | Author | Age | |
---|---|---|---|
* | make /var/lib/pam part of the package | Steve Langasek | 2019-01-03 |
| | |||
* | mkdir before trying to install to /usr/share/pam-configs | Steve Langasek | 2019-01-03 |
| | |||
* | merge from trunk | Steve Langasek | 2019-01-03 |
|\ | |||
| * | deleting a file under debian/libpam-modules in the install target isn't going | Steve Langasek | 2019-01-03 |
| | | | | | | | | to do us any good... | ||
* | | install our configs into /usr/share/pam-configs/ | Steve Langasek | 2019-01-03 |
| | | |||
* | | create the new default configs with support for pam-auth-update substitution, | Steve Langasek | 2019-01-03 |
| | | | | | | | | and set up libpam-runtime.postinst to invoke pam-auth-update | ||
* | | initial support for generating the PAM config: | Steve Langasek | 2019-01-03 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - flesh out the write_profiles() function, which writes both /etc/pam.d and /var/lib/pam - handle resetting our debconf override question on successful output - /var/lib/pam defined only once as a global - fix up the regexps for filtering jumps to take into account that a jump can appear for more than one retcode - fix an off-by-one in the case that there's no saved config - fix how we shift an array reference off an array... - fix a typo in the splice() count - our 'add' list should be a hash instead of an array, just like removals - adjust the parser to trim leading whitespace and blank lines for us | ||
* | | eliminate redundancy in the configs, which happens to also provide for better | Steve Langasek | 2019-01-03 |
| | | | | | | | | | | code reuse | ||
* | | turn on for libpam-runtime, because of debconf | Steve Langasek | 2019-01-03 |
| | | |||
* | | get pam-auth-update installed in the libpam-runtime package | Steve Langasek | 2019-01-03 |
| | | |||
* | | call dh_installdebconf -i, so that debconf templates are added correctly to | Steve Langasek | 2019-01-03 |
| | | | | | | | | | | libpam-runtime | ||
* | | fix an accidental commit that broke the use of x_loadtemplatefile | Steve Langasek | 2019-01-03 |
| | | |||
* | | add some FIXMEs to document known bugs | Steve Langasek | 2019-01-03 |
| | | |||
* | | run debconf-updatepo to export the new templates for translation | Steve Langasek | 2019-01-03 |
| | | |||
* | | implement the force option and the debconf override template | Steve Langasek | 2019-01-03 |
| | | |||
* | | new diff_profiles function, which spits out information about any local mods | Steve Langasek | 2019-01-03 |
| | | | | | | | | to the autogenerated config | ||
* | | merge from trunk | Steve Langasek | 2019-01-03 |
|\| | |||
| * | mark for upload | Steve Langasek | 2019-01-03 |
| | | |||
| * | debian/patches/054_pam_security_abstract_securetty_handling: move the | Steve Langasek | 2019-01-03 |
| | | | | | | | | | | | | | | | | warning log about an insecure tty back to pam_securetty proper; we don't want to generate log messages every time pam_unix is called as non-root. Closes: #493283. As a side-effect, pam_unix no longer logs any warnings about NULL password + insecure tty, but I don't think this is critical. | ||
| * | Build-Conflict with libdb4.2-dev, which satisfies the libdb-dev | Steve Langasek | 2019-01-03 |
| | | | | | | | | | | build-dependency but causes pam_userdb to be silently omitted. Closes: #493574. | ||
* | | first attempt at handling conflicts among the selected profiles | Steve Langasek | 2019-01-03 |
| | | |||
* | | special-case the 'Conflicts' field in the parser, to get us a list instead of | Steve Langasek | 2019-01-03 |
| | | | | | | | | a string | ||
* | | first stab at a perl helper to manage common-*: parse our config files and | Steve Langasek | 2019-01-03 |
| | | | | | | | | | | generate a debconf prompt from them, but don't yet do anything with the information | ||
* | | tweak profile priorities to reflect my best guess at how this should play out | Steve Langasek | 2019-01-03 |
| | | |||
* | | initial config snippet for cracklib | Steve Langasek | 2019-01-03 |
| | | |||
* | | drop out the 'nullok' argument in the password phase, since this happens | Steve Langasek | 2019-01-03 |
| | | | | | | | | to be meaningless | ||
* | | add in acct/session/password templates | Steve Langasek | 2019-01-03 |
| | | |||
* | | first sample config for the pam framework | Steve Langasek | 2019-01-03 |
|/ | |||
* | remove other code related to the woody->sarge upgrade | Steve Langasek | 2019-01-03 |
| | |||
* | removing more cruft | Steve Langasek | 2019-01-03 |
| | |||
* | Drop libpam-runtime.preinst, only used for upgrades from woody to sarge | Steve Langasek | 2019-01-03 |
| | | | | to deal with modified conffiles. | ||
* | Drop various bits of unused cruft from the debian/ directory. | Steve Langasek | 2019-01-03 |
| | |||
* | remove another patch which is no longer relevant (because we no longer do | Steve Langasek | 2019-01-03 |
| | | | | capabilities in pam_limits) | ||
* | drop obsolete patch that's not been applied for years and is superseded | Steve Langasek | 2019-01-03 |
| | | | | upstream | ||
* | Update the Debian PAM mini-policy to remove references to the | Steve Langasek | 2019-01-03 |
| | | | | | long-obsolete pam_pwdb, and clarify the relationship between pam_stack and @include. | ||
* | Look for cups instead of cupsys as an init script name when restarting | Steve Langasek | 2019-01-03 |
| | | | | | services; thanks to Stephen Olander-Waters for pointing this out. Closes: #492977. | ||
* | * 007_modules_pam_unix: update the documentation to correctly document | Steve Langasek | 2019-01-03 |
| | | | | the default minimum password length is 6, not 1. | ||
* | mark for upload | Steve Langasek | 2019-01-03 |
| | |||
* | document updated patch status | Steve Langasek | 2019-01-03 |
| | |||
* | drop the patch to restore the particular setreuid() handling, which was in fact | Steve Langasek | 2019-01-03 |
| | | | | buggy before and fixed now. | ||
* | Fix a bug in the uid-restoring code in the hurd_no_setfsuid patch; thanks | Steve Langasek | 2019-01-03 |
| | | | | | to Tomas Mraz <tmraz@redhat.com> for indirectly bringing this to my attention | ||
* | drop the patch to do NIS+ auth in-process, the uid changing is better handled | Steve Langasek | 2019-01-03 |
| | | | | by a subprocess. | ||
* | drop the patch to do NIS+ auth in-process, the uid changing is better handled | Steve Langasek | 2019-01-03 |
| | | | | by a subprocess. | ||
* | document another upstream bug closure | Steve Langasek | 2019-01-03 |
| | |||
* | Bump Standards-Version to 3.8.0. | Steve Langasek | 2019-01-03 |
| | |||
* | Add debian/README.source documenting that this package uses quilt. | Steve Langasek | 2019-01-03 |
| | |||
* | * New patch, pam.d-manpage-section, to fix the manpage references to | Steve Langasek | 2019-01-03 |
| | | | | | | point to section 5 instead of section 8. * Update patch PAM-manpage-section to fix the references to pam(7) from other manpages. Closes: #470137. | ||
* | New patch pam_unix_dont_trust_chkpwd_caller.patch, rolling back an | Steve Langasek | 2019-01-03 |
| | | | | | | upstream change that causes unix_chkpwd to assume that setuid(getuid()) is sufficient to drop permissions and attempt any authentication on behalf of the user. | ||
* | refresh patches for new upstream version | Steve Langasek | 2019-01-03 |
| | |||
* | Drop another patch that's integrated upstream | Steve Langasek | 2019-01-03 |
| |