Commit message (Collapse) | Author | Age | |
---|---|---|---|
* | refresh patches for new upstream version | Steve Langasek | 2019-01-03 |
| | |||
* | Drop another patch that's integrated upstream | Steve Langasek | 2019-01-03 |
| | |||
* | Drop another patch that's integrated upstream | Steve Langasek | 2019-01-03 |
| | |||
* | patch refresh for new upstream version | Steve Langasek | 2019-01-03 |
| | |||
* | patch refresh for new upstream version | Steve Langasek | 2019-01-03 |
| | |||
* | don't use _unix_blankpasswd() when trying to decide whether to pass the | Steve Langasek | 2019-01-03 |
| | | | | | 'nullok' option to the helper, because _unix_blankpasswd() will itself call in to the helper... instead, check directly for a secure tty. | ||
* | committed to CVS | Steve Langasek | 2019-01-03 |
| | |||
* | fix up the patch so that pamh isn't undefined... | Steve Langasek | 2019-01-03 |
| | |||
* | fix patch names so it's clear these are all for pam_unix | Steve Langasek | 2019-01-03 |
| | |||
* | New patch pam_unix_fix_sgid_shadow_auth.patch, fixing an upstream | Steve Langasek | 2019-01-03 |
| | | | | | | | | regression which prevents sgid shadow apps from being able to authenticate any more because the module forces use of the helper and the helper won't allow authentication of arbitrary users. This change does mean we're going to be noisier for the time being in an SELinux environment, which should be addressed but is not a regression on Debian. | ||
* | not actually done on work time; use the right email address | Steve Langasek | 2019-01-03 |
| | |||
* | New patch no_helper_for_nis+.patch, which restores the behavior of doing | Steve Langasek | 2019-01-03 |
| | | | | | in-process NIS+ account checking instead of unconditionally passing it off to the unix_chkpwd helper; if it wasn't broke, don't fix it. | ||
* | New patch setreuid_juggling.patch: restore the 0.99.9.0 behavior wrt uid | Steve Langasek | 2019-01-03 |
| | | | | | changes for NIS+, since I know the old behavior was right and don't believe anyone has tested the new code. | ||
* | move the getpwnam patch to the beginning of the series, since it should be | Steve Langasek | 2019-01-03 |
| | | | | committed upstream soon | ||
* | New patch thread-safe_save_old_password.patch, to make sure all our | Steve Langasek | 2019-01-03 |
| | | | | getpwnam() use in pam_unix is thread-safe (fixes an upstream regression) | ||
* | whack-a-mole: fix a syntax error missed when hand-applying the patch | Steve Langasek | 2019-01-03 |
| | |||
* | s/name/user/, now that this code is in a different function | Steve Langasek | 2019-01-03 |
| | |||
* | another fix-up for a hand-merged patch | Steve Langasek | 2019-01-03 |
| | |||
* | fix up a typo when hand-applying the patch | Steve Langasek | 2019-01-03 |
| | |||
* | add a couple of new Makefiles to the autotools patch | Steve Langasek | 2019-01-03 |
| | |||
* | refresh more patches for new upstream version | Steve Langasek | 2019-01-03 |
| | |||
* | no_pthread_mutexes, limits_wrong_strncpy, misc_conv_allow_sigint.patch, | Steve Langasek | 2019-01-03 |
| | | | | and pam_tally_audit.patch, which have been merged upstream. | ||
* | refresh more patches for new upstream version | Steve Langasek | 2019-01-03 |
| | |||
* | Drop patch 049_pam_unix_sane_locking, which upon review is not needed; | Steve Langasek | 2019-01-03 |
| | | | | | it reduces the length of time we hold the lock, but at the expense of being able to enforce minimum times between password changes. | ||
* | refresh patches for new upstream version | Steve Langasek | 2019-01-03 |
| | |||
* | New patch do_not_check_nis_accidentally: respect the 'nis' option | Steve Langasek | 2019-01-03 |
| | | | | | | (set or unset) when looking up the user's password entry for password changes. Thanks to Quentin Godfroy <godfroy@clipper.ens.fr> for the patch. Closes: #469635. | ||
* | 026_pam_unix_passwd_unknown_user: drop a redundant, and broken, check for | Steve Langasek | 2019-01-03 |
| | | | | | the NSS source of our user; this was preventing password changes for NIS users, which otherwise should have worked. Closes: #203222. | ||
* | refresh patches for new upstream version | Steve Langasek | 2019-01-03 |
| | |||
* | refresh patch 007_modules_pam_unix for new upstream version; partially | Steve Langasek | 2019-01-03 |
| | | | | | superseded upstream, as stripping of hpux-style expiry information from password fields is now supported. | ||
* | revert rhosts_int32_not_bool.patch; doesn't matter now, pam_rhosts_auth has | Steve Langasek | 2019-01-03 |
| | | | | been dropped upstream | ||
* | 027_pam_limits_better_init_allow_explicit_root: RLIM_INFINITY is also | Steve Langasek | 2019-01-03 |
| | | | | | invalid for RLIMIT_NOFILE, so when resetting the limits for a new session, use the kernel default of 1024 instead. Closes: #404836. | ||
* | refresh autoconf.patch again, but with a newer automake to reduce the diff | Steve Langasek | 2019-01-03 |
| | |||
* | New patch, rhosts_int32_not_bool.patch, to fix a parentheses error in | Steve Langasek | 2019-01-03 |
| | | | | | | pam_rhosts_auth introduced upstream in 0.99.9.0: we want to cast the result of inet_addr to int32_t, not the result of a boolean *comparison* on inet_addr's result... | ||
* | further patch refreshes for the new upstream version | Steve Langasek | 2019-01-03 |
| | |||
* | drop a dozen patches that have been merged upstream \o/ | Steve Langasek | 2019-01-03 |
| | |||
* | * Patch 022_pam_unix_group_time_miscfixes: partially merged upstream; | Steve Langasek | 2019-01-03 |
| | | | | now is really just "pam_group_miscfixes". | ||
* | refresh patch for new upstream version | Steve Langasek | 2019-01-03 |
| | |||
* | refresh patches for new upstream version | Steve Langasek | 2019-01-03 |
| | |||
* | Fix up the patchlevels in the series file, now that we're not using a | Steve Langasek | 2019-01-03 |
| | | | | | separate subdir for the upstream sources | ||
* | fix-up commit for grafting svn history onto git history | Steve Langasek | 2019-01-02 |