Commit message (Collapse) | Author | Age | |
---|---|---|---|
* | initial config snippet for cracklib | Steve Langasek | 2019-01-03 |
| | |||
* | drop out the 'nullok' argument in the password phase, since this happens | Steve Langasek | 2019-01-03 |
| | | | | to be meaningless | ||
* | add in acct/session/password templates | Steve Langasek | 2019-01-03 |
| | |||
* | first sample config for the pam framework | Steve Langasek | 2019-01-03 |
| | |||
* | remove other code related to the woody->sarge upgrade | Steve Langasek | 2019-01-03 |
| | |||
* | removing more cruft | Steve Langasek | 2019-01-03 |
| | |||
* | Drop libpam-runtime.preinst, only used for upgrades from woody to sarge | Steve Langasek | 2019-01-03 |
| | | | | to deal with modified conffiles. | ||
* | Drop various bits of unused cruft from the debian/ directory. | Steve Langasek | 2019-01-03 |
| | |||
* | remove another patch which is no longer relevant (because we no longer do | Steve Langasek | 2019-01-03 |
| | | | | capabilities in pam_limits) | ||
* | drop obsolete patch that's not been applied for years and is superseded | Steve Langasek | 2019-01-03 |
| | | | | upstream | ||
* | Update the Debian PAM mini-policy to remove references to the | Steve Langasek | 2019-01-03 |
| | | | | | long-obsolete pam_pwdb, and clarify the relationship between pam_stack and @include. | ||
* | Look for cups instead of cupsys as an init script name when restarting | Steve Langasek | 2019-01-03 |
| | | | | | services; thanks to Stephen Olander-Waters for pointing this out. Closes: #492977. | ||
* | * 007_modules_pam_unix: update the documentation to correctly document | Steve Langasek | 2019-01-03 |
| | | | | the default minimum password length is 6, not 1. | ||
* | mark for upload | Steve Langasek | 2019-01-03 |
| | |||
* | document updated patch status | Steve Langasek | 2019-01-03 |
| | |||
* | drop the patch to restore the particular setreuid() handling, which was in fact | Steve Langasek | 2019-01-03 |
| | | | | buggy before and fixed now. | ||
* | Fix a bug in the uid-restoring code in the hurd_no_setfsuid patch; thanks | Steve Langasek | 2019-01-03 |
| | | | | | to Tomas Mraz <tmraz@redhat.com> for indirectly bringing this to my attention | ||
* | drop the patch to do NIS+ auth in-process, the uid changing is better handled | Steve Langasek | 2019-01-03 |
| | | | | by a subprocess. | ||
* | drop the patch to do NIS+ auth in-process, the uid changing is better handled | Steve Langasek | 2019-01-03 |
| | | | | by a subprocess. | ||
* | document another upstream bug closure | Steve Langasek | 2019-01-03 |
| | |||
* | Bump Standards-Version to 3.8.0. | Steve Langasek | 2019-01-03 |
| | |||
* | Add debian/README.source documenting that this package uses quilt. | Steve Langasek | 2019-01-03 |
| | |||
* | * New patch, pam.d-manpage-section, to fix the manpage references to | Steve Langasek | 2019-01-03 |
| | | | | | | point to section 5 instead of section 8. * Update patch PAM-manpage-section to fix the references to pam(7) from other manpages. Closes: #470137. | ||
* | New patch pam_unix_dont_trust_chkpwd_caller.patch, rolling back an | Steve Langasek | 2019-01-03 |
| | | | | | | upstream change that causes unix_chkpwd to assume that setuid(getuid()) is sufficient to drop permissions and attempt any authentication on behalf of the user. | ||
* | refresh patches for new upstream version | Steve Langasek | 2019-01-03 |
| | |||
* | Drop another patch that's integrated upstream | Steve Langasek | 2019-01-03 |
| | |||
* | Drop another patch that's integrated upstream | Steve Langasek | 2019-01-03 |
| | |||
* | patch refresh for new upstream version | Steve Langasek | 2019-01-03 |
| | |||
* | patch refresh for new upstream version | Steve Langasek | 2019-01-03 |
| | |||
* | bump the upstream version number, again | Steve Langasek | 2019-01-03 |
| | |||
* | don't use _unix_blankpasswd() when trying to decide whether to pass the | Steve Langasek | 2019-01-03 |
| | | | | | 'nullok' option to the helper, because _unix_blankpasswd() will itself call in to the helper... instead, check directly for a secure tty. | ||
* | document a bug closure (bug #382987) | Steve Langasek | 2019-01-03 |
| | |||
* | language tweak | Steve Langasek | 2019-01-03 |
| | |||
* | pam_rhosts_auth is dropped upstream; add a compat symlink to pam_rhosts | Steve Langasek | 2019-01-03 |
| | | | | to support upgrades for a release, and give a warning in NEWS.Debian. | ||
* | Fix the libpam0g-dev examples directory to not include a gratuitous | Steve Langasek | 2019-01-03 |
| | | | | .cvsignore file. | ||
* | committed to CVS | Steve Langasek | 2019-01-03 |
| | |||
* | update the unix_chkpwd override to match the current perms | Steve Langasek | 2019-01-03 |
| | |||
* | fix up the patch so that pamh isn't undefined... | Steve Langasek | 2019-01-03 |
| | |||
* | fix patch names so it's clear these are all for pam_unix | Steve Langasek | 2019-01-03 |
| | |||
* | New patch pam_unix_fix_sgid_shadow_auth.patch, fixing an upstream | Steve Langasek | 2019-01-03 |
| | | | | | | | | regression which prevents sgid shadow apps from being able to authenticate any more because the module forces use of the helper and the helper won't allow authentication of arbitrary users. This change does mean we're going to be noisier for the time being in an SELinux environment, which should be addressed but is not a regression on Debian. | ||
* | not actually done on work time; use the right email address | Steve Langasek | 2019-01-03 |
| | |||
* | new symbol in libpam.so.0, pam_modutil_audit_write; shlibs bump, and | Steve Langasek | 2019-01-03 |
| | | | | do another round of service restarts on upgrade. | ||
* | New patch no_helper_for_nis+.patch, which restores the behavior of doing | Steve Langasek | 2019-01-03 |
| | | | | | in-process NIS+ account checking instead of unconditionally passing it off to the unix_chkpwd helper; if it wasn't broke, don't fix it. | ||
* | New patch setreuid_juggling.patch: restore the 0.99.9.0 behavior wrt uid | Steve Langasek | 2019-01-03 |
| | | | | | changes for NIS+, since I know the old behavior was right and don't believe anyone has tested the new code. | ||
* | debian/watch: upstream has hit 1.0, so we're no longer in a "pre" | Steve Langasek | 2019-01-03 |
| | | | | directory. Fix up the regex for uscan. | ||
* | move the getpwnam patch to the beginning of the series, since it should be | Steve Langasek | 2019-01-03 |
| | | | | committed upstream soon | ||
* | New patch thread-safe_save_old_password.patch, to make sure all our | Steve Langasek | 2019-01-03 |
| | | | | getpwnam() use in pam_unix is thread-safe (fixes an upstream regression) | ||
* | whack-a-mole: fix a syntax error missed when hand-applying the patch | Steve Langasek | 2019-01-03 |
| | |||
* | s/name/user/, now that this code is in a different function | Steve Langasek | 2019-01-03 |
| | |||
* | another fix-up for a hand-merged patch | Steve Langasek | 2019-01-03 |
| |