| Commit message (Collapse) | Author | Age |
|---|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2008-03-20 Tomas Mraz <t8m@centrum.cz>
* modules/pam_namespace/pam_namespace.c(poly_name): Switch to USER
method only when appropriate.
(setup_namespace): Do not umount when not mounted with RUSER.
* modules/pam_selinux/pam_selinux.c(pam_sm_close_session): Call
freecontext() after the context is logged not before.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2008-02-13 Thorsten Kukuk <kukuk@thkukuk.de>
* modules/pam_rhosts/Makefile.am: Remove pam_rhosts_auth.
* modules/pam_rhosts/pam_rhosts_auth.c: Removed.
* modules/pam_rhosts/tst-pam_rhosts_auth: Removed.
* modules/pam_namespace/Makefile.am (noinst_HEADERS): Add
pam_namespace.h.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix, new feature
Commit summary:
---------------
2008-02-13 Tomas Mraz <t8m@centrum.cz>
* modules/pam_namespace/Makefile.am: Add argv_parse files and namespace.d
dir.
* modules/pam_namespace/argv_parse.c: New file.
* modules/pam_namespace/argv_parse.h: New file.
* modules/pam_namespace/namespace.conf.5.xml: Document new features.
* modules/pam_namespace/pam_namespace.8.xml: Likewise.
* modules/pam_namespace/pam_namespace.h: Use SECURECONF_DIR define.
Define NAMESPACE_D_DIR and NAMESPACE_D_GLOB. Define new option flags
and polydir flags.
(polydir_s): Add rdir, replace exclusive with flags, add init_script,
owner, group, and mode.
(instance_data): Add ruser, gid, and ruid.
* modules/pam_namespace/pam_namespace.c: Remove now unused copy_ent().
(add_polydir_entry): Add the entry directly, no copy.
(del_polydir): New function.
(del_polydir_list): Call del_polydir().
(expand_variables, parse_create_params, parse_iscript_params,
parse_method): New functions.
(process_line): Call expand_variables() on polydir and instance prefix.
Call argv_parse() instead of strtok_r(). Allocate struct polydir_s on heap.
(parse_config_file): Parse .conf files from namespace.d dir after
namespace.conf.
(form_context): Call getcon() or get_default_context_with_level() when
appropriate flags are set.
(poly_name): Handle shared polydir flag.
(inst_init): Execute non-default init script when specified.
(create_polydir): New function.
(create_dirs): Remove the code which checks the polydir. Do not call
inst_init() when noinit flag is set.
(ns_setup): Check the polydir and eventually create it if the create flag
is set.
(setup_namespace): Use ruser uid from idata. Set the namespace polydir
pam data only when namespace was set up correctly. Unmount polydir
based on ruser.
(get_user_data): New function.
(pam_sm_open_session): Check for use_current_context and
use_default_context options. Call get_user_data().
(pam_sm_close_session): Call get_user_data().
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
2008-02-01 Tomas Mraz <t8m@centrum.cz>
* modules/pam_namespace/namespace.conf.5.xml: Add documentation for
tmpfs and tmpdir polyinst and for ~ user list modifier.
* modules/pam_namespace/namespace.init: Add documentation for the
new init parameter. Add home directory initialization script.
* modules/pam_namespace/pam_namespace.8.xml: Document the new
init parameter of the namespace.init script.
* modules/pam_namespace/pam_namespace.c(copy_ent): Copy exclusive flag.
(cleanup_data): New function.
(process_line): Set exclusive flag. Add tmpfs and tmpdir methods.
(ns_override): Change behavior on the exclusive flag.
(poly_name): Process tmpfs and tmpdir methods.
(inst_init): Add flag for new directory initialization.
(create_dirs): Process the tmpdir method, add the new directory
flag.
(ns_setup): Remove unused code. Process the tmpfs method.
(cleanup_tmpdirs): New function.
(setup_namespace): Set data for proper cleanup. Cleanup the tmpdirs
on failures.
(pam_sm_close_session): Instead of parsing the config file again use
the previously set data for cleanup.
* modules/pam_namespace/pam_namespace.h: Add TMPFS and TMPDIR methods
and exclusive flag.
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
Remove autogenerated documentation from CVS
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2007-09-27 Tomas Mraz <t8m@centrum.cz>
* modules/pam_succeed_if/pam_succeed_if.c (evaluate_inlist): Fix in
operator rhbz #295151.
* modules/pam_namespace/pam_namespace.c (poly_name): Do not try to
get context when SELinux is disabled rhbz #306901.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2007-09-02 Thorsten Kukuk <kukuk@thkukuk.de>
* examples/Makefile.am: Fix usage of LIBADD, LDADD and LDFLAGS.
* libpam/Makefile.am: Likewise.
* modules/pam_access/Makefile.am: Likewise.
* modules/pam_cracklib/Makefile.am: Likewise.
* modules/pam_debug/Makefile.am: Likewise.
* modules/pam_deny/Makefile.am: Likewise.
* modules/pam_echo/Makefile.am: Likewise.
* modules/pam_env/Makefile.am: Likewise.
* modules/pam_exec/Makefile.am: Likewise.
* modules/pam_faildelay/Makefile.am: Likewise.
* modules/pam_filter/Makefile.am: Likewise.
* modules/pam_filter/upperLOWER/Makefile.am: Likewise.
* modules/pam_ftp/Makefile.am: Likewise.
* modules/pam_group/Makefile.am: Likewise.
* modules/pam_issue/Makefile.am: Likewise.
* modules/pam_keyinit/Makefile.am: Likewise.
* modules/pam_lastlog/Makefile.am: Likewise.
* modules/pam_limits/Makefile.am: Likewise.
* modules/pam_listfile/Makefile.am: Likewise.
* modules/pam_localuser/Makefile.am: Likewise.
* modules/pam_loginuid/Makefile.am: Likewise.
* modules/pam_mail/Makefile.am: Likewise.
* modules/pam_mkhomedir/Makefile.am: Likewise.
* modules/pam_motd/Makefile.am: Likewise.
* modules/pam_namespace/Makefile.am: Likewise.
* modules/pam_nologin/Makefile.am: Likewise.
* modules/pam_permit/Makefile.am: Likewise.
* modules/pam_rhosts/Makefile.am: Likewise.
* modules/pam_rootok/Makefile.am: Likewise.
* modules/pam_securetty/Makefile.am: Likewise.
* modules/pam_selinux/Makefile.am: Likewise.
* modules/pam_shells/Makefile.am: Likewise.
* modules/pam_stress/Makefile.am: Likewise.
* modules/pam_succeed_if/Makefile.am: Likewise.
* modules/pam_tally/Makefile.am: Likewise.
* modules/pam_time/Makefile.am: Likewise.
* modules/pam_umask/Makefile.am: Likewise.
* modules/pam_unix/Makefile.am: Likewise.
* tests/Makefile.am: Likewise.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: new features
Commit summary:
---------------
2007-06-20 Thorsten Kukuk <kukuk@thkukuk.de>
* modules/pam_cracklib/pam_cracklib.8.xml: Document new minclass
option.
* modules/pam_cracklib/pam_cracklib.c: Add support for minimum
character classes [#1688777]. Based on patch from Keith Schincke.
* xtests/tst-pam_cracklib2.c: New, test case for minclass option.
* xtests/tst-pam_cracklib2.pamd: New, PAM config file for test case.
* xtests/Makefile.am: Add new testcase.
* xtests/pam_cracklib.c: Fix comment what this application tests.
* configure.in: Use /lib64 on x86-64, ppc64, s390x, sparc64
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix, new feature
Commit summary:
---------------
2007-06-15 Tomas Mraz <t8m@centrum.cz>
* modules/pam_namespace/README.xml: Avoid duplication of
documentation.
* modules/pam_namespace/namespace.conf: More real life example
from MLS support.
* modules/pam_namespace/namespace.conf.5.xml: Likewise plus
properly describe how instance directory names are formed.
* modules/pam_namespace/namespace.init: Preserve euid when
called from setuid apps (su, newrole).
* modules/pam_namespace/pam_namespace.8.xml: Added option
no_unmount_on_close.
* modules/pam_namespace/pam_namespace.c (process_line): Polyinst
methods are now user, level and context. Fix crash on unknown
override user in config file.
(ns_override): Add explicit uid parameter.
(form_context): Skip for user method. Implement level based
polyinstantiation.
(poly_name): Initialize contexts. Add level based polyinst,
remove 'both' metod. Use raw contexts for instance names,
truncate long instance names and add hash.
(ns_setup): Hashing moved to poly_name().
(setup_namespace): Handle correctly override users for
su (when unmnt_remnt is used).
(pam_sm_close_session): Added no_unmount_on_close option.
* modules/pam_namespace/pam_namespace.h: Added
no_unmount_on_close_option, level method, limit on instance
directory name length.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2006-10-24 Thorsten Kukuk <kukuk@thkukuk.de>
* modules/pam_namespace/pam_namespace.c: Reserve space for
trailing zero.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
Fix some bugs on older distributions
2006-08-31 Thorsten Kukuk <kukuk@thkukuk.de>
* modules/pam_namespace/Makefile.am: Don't install
manual page if we don't build module.
* m4/ld-as-needed.m4: Don't set LDFLAGS if check failed.
* m4/ld-O1: Likewise.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
2006-08-30 Thorsten Kukuk <kukuk@thkukuk.de>
* modules/pam_namespace/pam_namespace.c: Use pam_modutil_getpwnam()
instead of getpwnam().
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
2006-07-24 David Quigley <dpquigl@tycho.nsa.gov>
* modules/pam_namespace/Makefile.am: Add pam_namespace.h.
* modules/pam_namespace/pam_namespace.c: Move includes and
data structure definitions from here ...
* modules/pam_namespace/pam_namespace.h: ... here. New file.
* modules/pam_namespace/pam_namespace.c: Move large sections
of code into new functions.
Acked by Janak Desai <janak@us.ibm.com>
|
| |
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
* modules/pam_namespace/Makefile.am(EXTRA_DIST): Add namespace.init.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: new feature/big release cleanup
Commit summary:
---------------
Big cleanup to get 0.99.5.0 release done:
2006-06-28 Thorsten Kukuk <kukuk@thkukuk.de>
* bump version number to 0.99.5.0
* modules/pam_rhosts/pam_rhosts.c: New module, replaces
pam_rhosts_auth.so.
* modules/pam_rhosts/pam_rhosts.8.xml: New.
* modules/pam_rhosts/pam_rhosts.8: New, generated from XML source.
* modules/pam_rhosts/tst-pam_rhosts: New.
* modules/pam_rhosts/Makefile.am: Add pam_rhosts, generate
manual page and README.
* modules/pam_rhosts/README.xml: New.
* modules/pam_rhosts/reADME: Regenerated from XML source.
* doc/man/pam_sm_acct_mgmt.3.xml: Adjust syntax for module
writers guide.
* doc/man/pam_sm_authenticate.3.xml: Likewise.
* doc/man/pam_sm_chauthtok.3.xml: Likewise.
* doc/man/pam_sm_close_session.3.xml: Likewise.
* doc/man/pam_sm_open_session.3.xml: Likewise.
* doc/man/pam_sm_setcred.3.xml: Likewise.
* po/POTFILES.in: Add new source files.
* libpam/pam_static_modules.h: Add new modules.
* modules/pam_keyinit.c: Add _pam_keyinit_modstruct.
|
| |
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
* added dlopen test for pam_namespace
|
|
|
Purpose of commit: new feature
Commit summary:
---------------
* modules/pam_namespace/pam_namespace.c: New module
originally written by Janak Desai.
* modules/pam_namespace/Makefile.am: New.
* modules/pam_namespace/README: New.
* modules/pam_namespace/md5.c: New.
* modules/pam_namespace/md5.h: New.
* modules/pam_namespace/namespace.conf: New.
* modules/pam_namespace/namespace.conf.5: New.
* modules/pam_namespace/namespace.conf.5.xml: New.
* modules/pam_namespace/namespace.init: New.
* modules/pam_namespace/pam_namespace.8: New.
* modules/pam_namespace/pam_namespace.8.xml: New.
* modules/Makefile.am: Added pam_namespace.
* configure.in: Added pam_namespace, test for unshare
library call.
|
