| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* libpam/pam_handlers.c: Make memory allocation failures LOG_CRIT.
* libpam/pam_modutil_priv.c: Make memory allocation failures LOG_CRIT.
* modules/pam_echo/pam_echo.c: Make memory allocation failures LOG_CRIT.
* modules/pam_env/pam_env.c: Make memory allocation failures LOG_CRIT.
* modules/pam_exec/pam_exec.c: Make memory allocation failures LOG_CRIT.
* modules/pam_filter/pam_filter.c: Make all non-memory call errors LOG_ERR.
* modules/pam_group/pam_group.c: Make memory allocation failures LOG_CRIT.
* modules/pam_issue/pam_issue.c: Make memory allocation failures LOG_CRIT.
* modules/pam_lastlog/pam_lastlog.c: The lastlog file creation is syslogged
with LOG_NOTICE, memory allocation errors with LOG_CRIT, other errors
with LOG_ERR.
* modules/pam_limits/pam_limits.c: User login limit messages are syslogged
with LOG_NOTICE, stale utmp entry with LOG_INFO, non-memory errors with
LOG_ERR.
* modules/pam_listfile/pam_listfile.c: Rejection of user is syslogged
with LOG_NOTICE.
* modules/pam_namespace/pam_namespace.c: Make memory allocation failures
LOG_CRIT.
* modules/pam_nologin/pam_nologin.c: Make memory allocation failures
LOG_CRIT, other errors LOG_ERR.
* modules/pam_securetty/pam_securetty.c: Rejection of access is syslogged
with LOG_NOTICE, non-memory errors with LOG_ERR.
* modules/pam_selinux/pam_selinux.c: Make memory allocation failures LOG_CRIT.
* modules/pam_succeed_if/pam_succeed_if.c: Make all non-memory call errors
LOG_ERR.
* modules/pam_time/pam_time.c: Make memory allocation failures LOG_CRIT.
* modules/pam_timestamp/pam_timestamp.c: Make memory allocation failures
LOG_CRIT.
* modules/pam_unix/pam_unix_acct.c: Make all non-memory call errors LOG_ERR.
* modules/pam_unix/pam_unix_passwd.c: Make memory allocation failures LOG_CRIT,
other errors LOG_ERR.
* modules/pam_unix/pam_unix_sess.c: Make all non-memory call errors LOG_ERR.
* modules/pam_unix/passverify.c: Unknown user is syslogged with LOG_NOTICE.
* modules/pam_unix/support.c: Unknown user is syslogged with LOG_NOTICE and
max retries ignorance by application likewise.
* modules/pam_unix/unix_chkpwd.c: Make all non-memory call errors LOG_ERR.
* modules/pam_userdb/pam_userdb.c: Password authentication error is syslogged
with LOG_NOTICE.
* modules/pam_xauth/pam_xauth.c: Make memory allocation failures LOG_CRIT.
|
|
|
|
|
|
|
|
|
|
|
| |
then we inform about it and not use it. [ticket#46]
* modules/pam_group/pam_group.c: ditto
* modules/pam_succeed_if/pam_succeed_if.c: ditto
* modules/pam_time/pam_time.c: ditto
Signed-off-by: Khem Raj <raj.khem at gmail.com>
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Linux-PAM. It was never official supported and was broken since years.
* configure.ac: Remove --enable-static-modules option.
* doc/man/pam_sm_acct_mgmt.3.xml: Remove PAM_EXTERN.
* doc/man/pam_sm_authenticate.3.xml: Likewise.
* doc/man/pam_sm_chauthtok.3.xml: Likewise.
* doc/man/pam_sm_close_session.3.xml: Likewise.
* doc/man/pam_sm_open_session.3.xml: Likewise.
* doc/man/pam_sm_setcred.3.xml: Likewise.
* libpam/Makefile.am: Remove STATIC_MODULES cases.
* libpam/include/security/pam_modules.h: Remove PAM_STATIC parts.
* libpam/pam_dynamic.c: Likewise.
* libpam/pam_handlers.c: Likewise.
* libpam/pam_private.h: Likewise.
* libpam/pam_static.c: Remove file.
* libpam/pam_static_modules.h: Remove header file.
* modules/pam_access/pam_access.c: Remove PAM_EXTERN and PAM_STATIC parts.
* modules/pam_cracklib/pam_cracklib.c: Likewise.
* modules/pam_debug/pam_debug.c: Likewise.
* modules/pam_deny/pam_deny.c: Likewise.
* modules/pam_echo/pam_echo.c: Likewise.
* modules/pam_env/pam_env.c: Likewise.
* modules/pam_exec/pam_exec.c: Likewise.
* modules/pam_faildelay/pam_faildelay.c: Likewise.
* modules/pam_filter/pam_filter.c: Likewise.
* modules/pam_ftp/pam_ftp.c: Likewise.
* modules/pam_group/pam_group.c: Likewise.
* modules/pam_issue/pam_issue.c: Likewise.
* modules/pam_keyinit/pam_keyinit.c: Likewise.
* modules/pam_lastlog/pam_lastlog.c: Likewise.
* modules/pam_limits/pam_limits.c: Likewise.
* modules/pam_listfile/pam_listfile.c: Likewise.
* modules/pam_localuser/pam_localuser.c: Likewise.
* modules/pam_loginuid/pam_loginuid.c: Likewise.
* modules/pam_mail/pam_mail.c: Likewise.
* modules/pam_mkhomedir/pam_mkhomedir.c: Likewise.
* modules/pam_motd/pam_motd.c: Likewise.
* modules/pam_namespace/pam_namespace.c: Likewise.
* modules/pam_nologin/pam_nologin.c: Likewise.
* modules/pam_permit/pam_permit.c: Likewise.
* modules/pam_pwhistory/pam_pwhistory.c: Likewise.
* modules/pam_rhosts/pam_rhosts.c: Likewise.
* modules/pam_rootok/pam_rootok.c: Likewise.
* modules/pam_securetty/pam_securetty.c: Likewise.
* modules/pam_selinux/pam_selinux.c: Likewise.
* modules/pam_sepermit/pam_sepermit.c: Likewise.
* modules/pam_shells/pam_shells.c: Likewise.
* modules/pam_stress/pam_stress.c: Likewise.
* modules/pam_succeed_if/pam_succeed_if.c: Likewise.
* modules/pam_tally/pam_tally.c: Likewise.
* modules/pam_tally2/pam_tally2.c: Likewise.
* modules/pam_time/pam_time.c: Likewise.
* modules/pam_timestamp/pam_timestamp.c: Likewise.
* modules/pam_tty_audit/pam_tty_audit.c: Likewise.
* modules/pam_umask/pam_umask.c: Likewise.
* modules/pam_userdb/pam_userdb.c: Likewise.
* modules/pam_warn/pam_warn.c: Likewise.
* modules/pam_wheel/pam_wheel.c: Likewise.
* modules/pam_xauth/pam_xauth.c: Likewise.
* modules/pam_unix/Makefile.am: Remove STATIC_MODULES part.
* modules/pam_unix/pam_unix_acct.c: Remove PAM_STATIC part.
* modules/pam_unix/pam_unix_auth.c: Likewise.
* modules/pam_unix/pam_unix_passwd.c: Likewise.
* modules/pam_unix/pam_unix_sess.c: Likewise.
* modules/pam_unix/pam_unix_static.c: Removed.
* modules/pam_unix/pam_unix_static.h: Removed.
* po/POTFILES.in: Remove removed files.
* tests/tst-dlopen.c: Remove PAM_STATIC part.
|
|
|
|
|
| |
modules/pam_succeed_if/pam_succeed_if.c (evaluate): Use PAM_RHOST
and PAM_TTY properly for the rhost and tty values.
|
|
|
|
|
|
|
|
|
| |
The currently used long with additional conversion to int is
too small for uids and gids.
modules/pam_succeed_if/pam_succeed_if.c (evaluate_num): Replace
strtol() with strtoll() and int with long long in the parameters
of comparison functions.
|
|
|
|
|
|
|
| |
* modules/pam_succeed_if/pam_succeed_if.c (evaluate): Match ruser,
rhost, and tty as left operand.
* modules/pam_succeed_if/pam_succeed_if.8.xml: Document the new
possible left operands.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: enhancement
Commit summary:
---------------
2010-07-12 Thorsten Kukuk <kukuk@thkukuk.de>
* modules/pam_succeed_if/pam_succeed_if.c (pam_sm_authenticate): Add
audit flag to enable logging about unknown user (#2917257).
* modules/pam_succeed_if/pam_succeed_if.8.xml: Document audit.
* modules/pam_succeed_if/pam_succeed_if.8: Regenerated from xml.
* modules/pam_succeed_if/README: Regenerated from xml.
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2009-04-16 Tomáš Mráz <t8m@centrum.cz>
* modules/pam_succeed_if/pam_succeed_if.c (evaluate): Add user
parameter. Use user instead of pwd->pw_name in comparsions.
(pam_sm_authenticate): Pass the original user to evaluate().
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2008-06-19 Tomas Mraz <t8m@centrum.cz>
* modules/pam_succeed_if/pam_succeed_if.c (pam_sm_authenticate):
Detect configuration errors. Fail on incomplete condition.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: testcase
Commit summary:
---------------
2007-09-27 Thorsten Kukuk <kukuk@thkukuk.de>
* xtests/tst-pam_succeed_if1.c: New test case for
https://bugzilla.redhat.com/show_bug.cgi?id=295151
* xtests/tst-pam_succeed_if1.sh: Script to run test case.
* xtests/tst-pam_succeed_if1.pamd: Config for test case.
* xtests/Makefile.am: Add tst-pam_succeed_if1 test case.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
2006-08-30 Tomas Mraz <t8m@centrum.cz>
* modules/pam_access/pam_access.8.xml: All services supported.
* modules/pam_access/pam_access.c (pam_sm_open_session): New.
(pam_sm_close_session): New.
(pam_sm_chauthtok): New.
* modules/pam_access/pam_succeed_if.8.xml: All services supported.
* modules/pam_access/pam_succeed_if.c (pam_sm_setcred): Return
PAM_IGNORE rather than success.
(pam_sm_open_session): New.
(pam_sm_close_session): New.
(pam_sm_chauthtok): New.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
Fix compiler warning:
2006-08-05 Thorsten Kukuk <kukuk@thkukuk.de>
* modules/pam_succeed_if/pam_succeed_if.c (evaluate): Cast
svc variable to char pointer for snprintf.
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
2006-08-04 Ray Strode <rstrode@redhat.com>
* modules/pam_succeed_if/pam_succeed_if.c (pam_sm_authenticate):
Return PAM_USER_UNKNOWN instead of PAM_SERVICE_ERR where appropriate.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
* modules/pam_succeed_if/pam_succeed_if.c (evaluate_inlist):
New function for list matching.
(evaluate_notinlist): Likewise.
(evaluate): Add service value match, list matching.
* modules/pam_succeed_if/pam_succeed_if.8.xml: Document the
features.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
Cleanup of manual page and README:
2006-02-24 Thorsten Kukuk <kukuk@thkukuk.de>
* modules/pam_succeed_if/pam_succeed_if.8.xml: New, based on
version from #1425487.
* modules/pam_succeed_if/pam_succeed_if.8: Regenerated from xml.
* modules/pam_succeed_if/Makefile.am: Include XML rules.
* modules/pam_succeed_if/README.xml: New.
* modules/pam_succeed_if/README: Regenerated from xml.
* modules/pam_succeed_if/pam_succeed_if.c: Fix comment about
return values.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
Fix infrastructure and compile errors for PAM_STATIC (static modules):
2006-01-22 Thorsten Kukuk <kukuk@thkukuk.de>
* modules/pam_succeed_if/pam_succeed_if.c (pam_sm_acct_mgmt):
Add support for static modules.
* modules/pam_xauth/pam_xauth.c: Likewise.
* libpam/pam_handlers.c (_pam_add_handler): Add pamh to
_pam_open_static_handler call.
* libpam/pam_static.c (_pam_open_static_handler): Add pamh
as argument.
* libpam/pam_private.h: Adjust prototype.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
* modules/pam_succeed_if/pam_succeed_if.c (evaluate_ingroup),
(evaluate_notingroup): Simplified.
(evaluate_innetgr), (evaluate_notinnetgr): New functions.
(evaluate): Added calls to evaluate_(not)innetgr().
* modules/pam_succeed_if/README: Documented netgroup matching.
* NEWS: Mentioned the added netgroup matching support.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
2005-12-12 Dmitry V. Levin <ldv@altlinux.org>
Cleanup pam_syslog messages.
* modules/pam_env/pam_env.c (_expand_arg): Fix compiler warning.
* modules/pam_filter/pam_filter.c (set_filter): Append %m
specifier to pam_syslog messages where appropriate.
* modules/pam_group/pam_group.c (read_field): Likewise.
* modules/pam_mkhomedir/pam_mkhomedir.c (make_remark): Remove.
(create_homedir): Do not use make_remark() wrapper, call
pam_info() directly. Call pam_syslog() right after failed
operation and append %m specifier to pam_syslog messages where
appropriate.
* modules/pam_rhosts/pam_rhosts_auth.c (pam_iruserok): Replace
sequence of malloc(), strcpy() and strcat() calls with asprintf().
Append %m specifier to pam_syslog messages where appropriate.
* modules/pam_securetty/pam_securetty.c (securetty_perform_check):
Append %m specifier to pam_syslog messages where appropriate.
* modules/pam_shells/pam_shells.c (perform_check): Likewise.
|
|
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
Moved functions from pammodutil to libpam.
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
Use pam_syslog
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
configure should set _GNU_SOURCE/_BSD_SOURCE
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
Fix all occurrence of dereferencing type-punned pointer will break
strict-aliasing rules warnings
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
Various cleanups and minor bugfixes by Steve Grubb.
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit:
Commit summary:
---------------
bugfix: 440107: Add various patches from Linux Distibutors to make
PAM modules reentrant.
|
|
Purpose of commit:
Commit summary:
---------------
new feature: Add pam_succeed_if Module
|