| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
| |
Cleanup trailing whitespaces, indentation that uses spaces before tabs,
and blank lines at EOF. Make the project free of warnings reported by
git diff --check 4b825dc642cb6eb9a060e54bf8d69288fbee4904 HEAD
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2010-08-04 Thorsten Kukuk <kukuk@thkukuk.de>
* modules/pam_access/pam_access.c (user_match): Make sure
that user@host will not match @@netgroup. Bug #3035919.
* modules/pam_group/pam_group.c (check_account): Add '%' for
UNIX groups.
* modules/pam_group/group.conf: Add example for '%'.
* modules/pam_group/group.conf.5.xml: Document '%' syntax.
Bug #3002340, #3037155.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2009-11-18 Tomas Mraz <t8m@centrum.cz>
* modules/pam_access/pam_access.c(user_match): Revert the netgroup
match to the original behavior, add new syntax for adding the local
hostname.
* modules/pam_access/access.conf.5.xml: Document the new syntax
for adding the local hostname to the netgroup match.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
This makes Linux-PAM compile able with uClibc or on embedded systems
without full libc/libnsl.
2009-06-29 Thorsten Kukuk <kukuk@thkukuk.de>
* modules/pam_unix/yppasswd_xdr.c: Remove unnecessary header files.
* modules/pam_unix/support.c (_unix_getpwnam): Only compile in NIS
support if all necessary functions exist.
* modules/pam_unix/pam_unix_passwd.c (getNISserver): Add debug
option, handle correct if OS has no NIS support.
* modules/pam_access/pam_access.c (netgroup_match): Check if
yp_get_default_domain and innetgr are available at compile time.
* configure.in: Check for functions: innetgr, getdomainname
check for headers: rpcsvc/ypclnt.h, rpcsvc/yp_prot.h.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
2009-02-25 Tomas Mraz <t8m@centrum.cz>
* xtests/access.conf: Add a line for name resolution test case.
* xtests/tst-pam_access4.c (main): Set PAM_RHOST for testing the LOCAL
keyword. Add a test case for name resolution.
* modules/pam_access/pam_access.c (from_match): Move name resolution
to network_netmask_match().
(network_netmask_match): Do a name resolution of the origin only if
matching against a real network/netmask.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2008-04-21 Thorsten Kukuk <kukuk@thkukuk.de>
* modules/pam_access/access.conf.5.xml: Document changed behavior
of LOCAL keyword.
* modules/pam_access/pam_access.c: Add from_remote_host to
struct login_info to change behavior of LOCAL keyword: if
PAM_RHOST is not set, LOCAL will be true.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2008-04-17 Tomas Mraz <t8m@centrum.cz>
* modules/pam_access/pam_access.c(myhostname): Removed function.
(user_match): Supply hostname of the machine to the netgroup_match().
Use hostname from the loginfo instead of calling myhostname().
(pam_sm_authenticate): Call gethostname() to fill hostname in the
loginfo.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: new feature and cleanup
Commit summary:
---------------
2007-12-07 Tomas Mraz <t8m@centrum.cz>
* libpam/libpam.map: Add LIBPAM_MODUTIL_1.1 version.
* libpam/pam_audit.c: Add _pam_audit_open() and
pam_modutil_audit_write().
(_pam_auditlog): Call _pam_audit_open().
* libpam/include/security/pam_modutil.h: Add pam_modutil_audit_write().
* modules/pam_access/pam_access.8.xml: Add noaudit option.
Document auditing.
* modules/pam_access/pam_access.c: Move fs, sep, pam_access_debug, and
only_new_group_syntax variables to struct login_info. Add noaudit
member.
(_parse_args): Adjust for the move of variables and add support for
noaudit option.
(group_match): Add debug parameter.
(string_match): Likewise.
(network_netmask_match): Likewise.
(login_access): Adjust for the move of variables. Add nonall_match.
Add call to pam_modutil_audit_write().
(list_match): Adjust for the move of variables.
(user_match): Likewise.
(from_match): Likewise.
(pam_sm_authenticate): Call _parse_args() earlier.
* modules/pam_limits/pam_limits.8.xml: Add noaudit option.
Document auditing.
* modules/pam_limits/pam_limits.c (_pam_parse): Add noaudit option.
(setup_limits): Call pam_modutil_audit_write().
* modules/pam_time/pam_time.8.xml: Add debug and noaudit options.
Document auditing.
* modules/pam_time/pam_time.c: Add option parsing (_pam_parse()).
(check_account): Call _pam_parse(). Call pam_modutil_audit_write()
and pam_syslog() on login denials.
|
| |
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
2007-08-15 Tomas Mraz <t8m@centrum.cz>
* modules/pam_access/pam_access.c (list_match): Add explicit
sptr argument for strtok_r, otherwise the code is not portable.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2007-06-25 Thorsten Kukuk <kukuk@thkukuk.de>
* modules/pam_access/pam_access.c (list_match): Use saveptr of strtok_r
result for recursive calls.
* xtests/Makefile.am: Add new pam_access test cases.
* xtests/pam_access1.c: New test case.
* xtests/pam_access2.c: Likewise.
* xtests/pam_access3.c: Likewise.
* xtests/pam_access4.c: Likewise.
* xtests/pam_access1.sh: Wrapper to create user accounts.
* xtests/pam_access2.sh: Likewise.
* xtests/pam_access3.sh: Likewise.
* xtests/pam_access4.sh: Likewise.
* xtests/pam_access1.pamd: PAM config file for pam_access tests.
* xtests/pam_access2.pamd: Likewise.
* xtests/pam_access3.pamd: Likewise.
* xtests/pam_access4.pamd: Likewise.
* xtests/access.conf: Config file for pam_access tests.
* xtests/run-tests.sh: Install access.conf into system.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
2007-06-22 Thorsten Kukuk <kukuk@thkukuk.de>
* modules/pam_access/pam_access.c: Add new syntax for groups
in access.conf to differentiate group names from account names.
Based on patch from Julien Lecomte <julien@famille-lecomte.net>,
solves feature request [#411390].
* modules/pam_access/access.conf: Add example for new group
syntax.
* modules/pam_access/access.conf.5.xml: Document new syntax.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
2007-03-29 Tomas Mraz <t8m@centrum.cz>
* modules/pam_access/pam_access.c (login_access, list_match):
Replace strtok with strtok_r.
* modules/pam_cracklib/pam_cracklib.c (check_old_password):
Likewise.
* modules/pam_ftp/pam_ftp.c (lookup, pam_authenticate):
Likewise.
* modules/pam_unix/pam_unix_passwd.c (check_old_password,
save_old_password): Likewise.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
2006-08-30 Tomas Mraz <t8m@centrum.cz>
* modules/pam_access/pam_access.8.xml: All services supported.
* modules/pam_access/pam_access.c (pam_sm_open_session): New.
(pam_sm_close_session): New.
(pam_sm_chauthtok): New.
* modules/pam_access/pam_succeed_if.8.xml: All services supported.
* modules/pam_access/pam_succeed_if.c (pam_sm_setcred): Return
PAM_IGNORE rather than success.
(pam_sm_open_session): New.
(pam_sm_close_session): New.
(pam_sm_chauthtok): New.
|
| |
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
* configure.in: Fixed have_key_syscalls test.
* modules/pam_access/pam_access.c (from_match): Fixed IPv4 network match,
removed AI_ADDRCONFIG flag.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
2006-02-07 Thorsten Kukuk <kukuk@thkukuk.de>
* configure.in: Check for text browser.
* Make.xml.rules: Add rule to generate README from README.xml.
* modules/pam_access/Makefile.am: Include Make.xml.rules.
* modules/pam_access/README: Regenerated from README.xml.
* modules/pam_access/README.xml: New.
* modules/pam_access/access.conf: Extended by new examples.
* modules/pam_access/access.conf.5: New, generated from xml file.
* modules/pam_access/access.conf.5.xml: New.
* modules/pam_access/pam_access.8: New, generated from xml file.
* modules/pam_access/pam_access.8.xml: New.
* modules/pam_access/pam_access.c: Add rules for IPv6 and
netmasks.
Based on patch from Mike Becher <Mike.Becher@lrz-muenchen.de>.
* modules/pam_deny/Makefile.am: Include Make.xml.rules.
* modules/pam_deny/pam_deny.8.xml: New.
* modules/pam_deny/pam_deny.8: New, generated from xml file.
* modules/pam_deny/README.xml: New.
* modules/pam_deny/README: Regenerated from xml file.
* modules/pam_cracklib/Makefile.am: Include Make.xml.rules.
* modules/pam_cracklib/pam_cracklib.8.xml: New.
* modules/pam_cracklib/pam_cracklib.8: New, generated from xml file.
* modules/pam_cracklib/README.xml: New.
* modules/pam_cracklib/README: Regenerated from xml file.
* modules/pam_exec/Makefile.am: Add rule to generate README.
* modules/pam_exec/README: Regenerated from xml file.
* modules/pam_exec/pam_exec.8: Regenerated from xml file.
* modules/pam_exec/pam_exec.8.xml: Syntax files.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
* modules/pam_access/pam_access.c (pam_sm_acct_mgmt): Parse correctly
full path tty name.
* modules/pam_time/pam_time.c (pam_sm_acct_mgmt): Parse correctly
full path tty name. Allow unset tty.
(logic_member): Allow matching ':' in tty name.
* modules/pam_group/pam_group.c (pam_sm_acct_mgmt): Parse correctly
full path tty name. Allow unset tty.
(logic_member): Allow matching ':' in tty name.
* libpam_misc/misc_conv.c (read_string): Read only up to EOL if stdin
is not terminal.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
Support for NULL tty for pam_access.
2005-09-23 Tomas Mraz <t8m@centrum.cz>
* modules/pam_access/pam_access.c (from_match): Support NULL from.
(string_match): Support NULL string, add NONE keyword matching it.
(pam_sm_acct_mgmt): Don't fail when ttyname returns NULL.
* modules/pam_access/access.conf: NONE keyword description
* modules/pam_access/README: NONE keyword description
|
| |
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
Moved functions from pammodutil to libpam.
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
Code cleanup (pam_syslog, compiler warnings)
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
Replace _log_err with pam_syslog
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
Big "automake/autoconf/libtool" commit
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
Rename _pam_aconf.h to config.h.
|
| |
|
|
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
Fix all occurrence of dereferencing type-punned pointer will break
strict-aliasing rules warnings
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
* pam_access: Add listsep option to set list element separator by
Richard Shaffer
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
Purpose of commit:
Commit summary:
---------------
bugfix: 440107: Add various patches from Linux Distibutors to make
PAM modules reentrant.
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit:
Commit summary:
---------------
bugfix: Add parts of Steve Grubb's resource leak and other fixes
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit:
Commit summary:
---------------
bugfix: merge with BerliOS
|
| |
|
|
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
Shouldn't explicitly include prototype in the file - it conflicts with
common defaults and thus should not be there. (Request for removal from
David Lee.)
|
| |
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfixes
Commit summary:
---------------
Both of these fixes inspired by use with X based services.
The first makes a TTY of the form hostname:0 work (if you specify a different
separator with the module argument "fieldsep=".
The second treats "" for a RHOST the same way it would treat a NULL value.
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
Bring the module in to line with its documentation. The README refers
to a trailing '.' on IP addresses.
|
| |
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
non-default config file option fixes (module and in documentation).
|
| |
|
|
|
|
|
|
| |
Purpose of commit: copyright notice
Commit summary:
---------------
Added an original sources copyright notice to pam_access (from logdaemon).
|
| |
|
|
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
Added accessconf= option to the module to override the
default access.conf file.
Feature request from Aldrin Martoq and Meelis Roos.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: autoconf support for Linux-PAM
Commit summary:
---------------
This is a merge of the autoconf support that was developed against
a 0-72 branch.
[Note, because CVS has some issues, this is actually only 95% of
the actual commit. The other files were actually committed when
the preparation branch Linux-PAM-0-73pre-autoconf was updated.
Hopefully, this will complete the merge.]
|
| |
|
