Commit message (Collapse) | Author | Age | |
---|---|---|---|
* | refresh patches for new upstream version | Steve Langasek | 2019-01-03 |
| | |||
* | Drop another patch that's integrated upstream | Steve Langasek | 2019-01-03 |
| | |||
* | Drop another patch that's integrated upstream | Steve Langasek | 2019-01-03 |
| | |||
* | patch refresh for new upstream version | Steve Langasek | 2019-01-03 |
| | |||
* | patch refresh for new upstream version | Steve Langasek | 2019-01-03 |
| | |||
* | bump the upstream version number, again | Steve Langasek | 2019-01-03 |
| | |||
* | don't use _unix_blankpasswd() when trying to decide whether to pass the | Steve Langasek | 2019-01-03 |
| | | | | | 'nullok' option to the helper, because _unix_blankpasswd() will itself call in to the helper... instead, check directly for a secure tty. | ||
* | document a bug closure (bug #382987) | Steve Langasek | 2019-01-03 |
| | |||
* | language tweak | Steve Langasek | 2019-01-03 |
| | |||
* | pam_rhosts_auth is dropped upstream; add a compat symlink to pam_rhosts | Steve Langasek | 2019-01-03 |
| | | | | to support upgrades for a release, and give a warning in NEWS.Debian. | ||
* | Fix the libpam0g-dev examples directory to not include a gratuitous | Steve Langasek | 2019-01-03 |
| | | | | .cvsignore file. | ||
* | committed to CVS | Steve Langasek | 2019-01-03 |
| | |||
* | update the unix_chkpwd override to match the current perms | Steve Langasek | 2019-01-03 |
| | |||
* | fix up the patch so that pamh isn't undefined... | Steve Langasek | 2019-01-03 |
| | |||
* | fix patch names so it's clear these are all for pam_unix | Steve Langasek | 2019-01-03 |
| | |||
* | New patch pam_unix_fix_sgid_shadow_auth.patch, fixing an upstream | Steve Langasek | 2019-01-03 |
| | | | | | | | | regression which prevents sgid shadow apps from being able to authenticate any more because the module forces use of the helper and the helper won't allow authentication of arbitrary users. This change does mean we're going to be noisier for the time being in an SELinux environment, which should be addressed but is not a regression on Debian. | ||
* | not actually done on work time; use the right email address | Steve Langasek | 2019-01-03 |
| | |||
* | new symbol in libpam.so.0, pam_modutil_audit_write; shlibs bump, and | Steve Langasek | 2019-01-03 |
| | | | | do another round of service restarts on upgrade. | ||
* | New patch no_helper_for_nis+.patch, which restores the behavior of doing | Steve Langasek | 2019-01-03 |
| | | | | | in-process NIS+ account checking instead of unconditionally passing it off to the unix_chkpwd helper; if it wasn't broke, don't fix it. | ||
* | New patch setreuid_juggling.patch: restore the 0.99.9.0 behavior wrt uid | Steve Langasek | 2019-01-03 |
| | | | | | changes for NIS+, since I know the old behavior was right and don't believe anyone has tested the new code. | ||
* | debian/watch: upstream has hit 1.0, so we're no longer in a "pre" | Steve Langasek | 2019-01-03 |
| | | | | directory. Fix up the regex for uscan. | ||
* | move the getpwnam patch to the beginning of the series, since it should be | Steve Langasek | 2019-01-03 |
| | | | | committed upstream soon | ||
* | New patch thread-safe_save_old_password.patch, to make sure all our | Steve Langasek | 2019-01-03 |
| | | | | getpwnam() use in pam_unix is thread-safe (fixes an upstream regression) | ||
* | whack-a-mole: fix a syntax error missed when hand-applying the patch | Steve Langasek | 2019-01-03 |
| | |||
* | s/name/user/, now that this code is in a different function | Steve Langasek | 2019-01-03 |
| | |||
* | another fix-up for a hand-merged patch | Steve Langasek | 2019-01-03 |
| | |||
* | fix up a typo when hand-applying the patch | Steve Langasek | 2019-01-03 |
| | |||
* | add a couple of new Makefiles to the autotools patch | Steve Langasek | 2019-01-03 |
| | |||
* | refresh more patches for new upstream version | Steve Langasek | 2019-01-03 |
| | |||
* | no_pthread_mutexes, limits_wrong_strncpy, misc_conv_allow_sigint.patch, | Steve Langasek | 2019-01-03 |
| | | | | and pam_tally_audit.patch, which have been merged upstream. | ||
* | refresh more patches for new upstream version | Steve Langasek | 2019-01-03 |
| | |||
* | Drop patch 049_pam_unix_sane_locking, which upon review is not needed; | Steve Langasek | 2019-01-03 |
| | | | | | it reduces the length of time we hold the lock, but at the expense of being able to enforce minimum times between password changes. | ||
* | refresh patches for new upstream version | Steve Langasek | 2019-01-03 |
| | |||
* | document another Ubuntu bg closure | Steve Langasek | 2019-01-03 |
| | |||
* | New patch do_not_check_nis_accidentally: respect the 'nis' option | Steve Langasek | 2019-01-03 |
| | | | | | | (set or unset) when looking up the user's password entry for password changes. Thanks to Quentin Godfroy <godfroy@clipper.ens.fr> for the patch. Closes: #469635. | ||
* | 026_pam_unix_passwd_unknown_user: drop a redundant, and broken, check for | Steve Langasek | 2019-01-03 |
| | | | | | the NSS source of our user; this was preventing password changes for NIS users, which otherwise should have worked. Closes: #203222. | ||
* | refresh patches for new upstream version | Steve Langasek | 2019-01-03 |
| | |||
* | refresh patch 007_modules_pam_unix for new upstream version; partially | Steve Langasek | 2019-01-03 |
| | | | | | superseded upstream, as stripping of hpux-style expiry information from password fields is now supported. | ||
* | pam_unix now supports SHA-256 and SHA-512 password hashes. | Steve Langasek | 2019-01-03 |
| | | | | Closes: #484249, LP: #245786. | ||
* | revert rhosts_int32_not_bool.patch; doesn't matter now, pam_rhosts_auth has | Steve Langasek | 2019-01-03 |
| | | | | been dropped upstream | ||
* | Install the new unix_update helper into libpam-modules. | Steve Langasek | 2019-01-03 |
| | |||
* | The password-changing helper functionality for SELinux systems has been | Steve Langasek | 2019-01-03 |
| | | | | | | split out into a separate unix_update binary, so at long last we can change unix_chkpwd to be sgid shadow instead of suid root. Closes: #155583. | ||
* | bump the upstream version number | Steve Langasek | 2019-01-03 |
| | |||
* | license updates for new upstream version | Steve Langasek | 2019-01-03 |
| | |||
* | Create /etc/environment on initial install of libpam-modules (or on | Steve Langasek | 2019-01-03 |
| | | | | | upgrade from an old version), to quell warnings in the logs about it being missing. Closes: #442049. | ||
* | doc-base section names: don't use 'Applications' in the name at all | Steve Langasek | 2019-01-03 |
| | |||
* | Also fix up whitespace issues in the doc-base abstracts | Steve Langasek | 2019-01-03 |
| | |||
* | 027_pam_limits_better_init_allow_explicit_root: RLIM_INFINITY is also | Steve Langasek | 2019-01-03 |
| | | | | | invalid for RLIMIT_NOFILE, so when resetting the limits for a new session, use the kernel default of 1024 instead. Closes: #404836. | ||
* | Fix a typo in the libpam0g-dev description. | Steve Langasek | 2019-01-03 |
| | |||
* | Fix up the doc-base sections for the libpam-doc documentation, to point | Steve Langasek | 2019-01-03 |
| | | | | to Applications instead of Apps |