| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
Patch from Sam Hartman to fix handling of module linking on Linux:
modules should be linked against libpam if they call any functions from
the library, since not all platforms will correctly resolve symbol
references otherwise. Also, make sure we use gcc, not ld, when linking,
since there's additional linker glue that gcc will pull in for us.
|
| |
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
Patch from Nalin Dahyabhai: always compare tty names without the "/dev",
working around inconsistent handling among apps.
Also, make minor adjustments for robustness (handle DOS EOL chars, and
don't hardcode array sizes).
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
Patch from Nalin Dahyabhai: when updating /etc/{passwd,shadow}, always
respect any admin-specified permissions on the existing files.
|
| |
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
Patch from Nalin Dahyabhai to prevent a buffer overflow in pam_issue
(rare, but could be triggered by a race condition when the admin updates
/etc/issue).
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
Patch from Nalin Dahyabhai: an empty tty value is not fatal when the
user isn't root.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
Variant on Nalin's patch: 'unsigned int' is /usually/ 32 bits, but
uint32_t is /always/ 32 bits -- where present. Since C99 is fairly
recent, we may need some autoconf support for older platforms, but
should at least be covered for Linux & Solaris. (Still a better choice
than the non-standard sys/types.h, though.)
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
Two bug fixes in one: don't trust getlogin() and sanely lower the
time the password databases are locked in pam_unix.
|
| |
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
This code is needed to complete this bugfix.
|
| |
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
Be more careful when using the deny option - pay attention to the trust
option before you grant access.
Fix from Nalin.
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
add account management to a bunch of modules.
Submitted by Harald Welte.
|
| |
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix and new feature
Commit summary:
---------------
fix case that wheel is the primary group of the user
add support for passwordless transitions from a trusted user to another
non-root user.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
some applications are not prepared to get a SIGCHLD from a child
process they didn't think they launched, so we now suppress
this signal for the duration of use of the helper binary.
The 'noreap' module argument is provided to override this new
default.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
bigcrypt does not match crypt when password length is too long.
This led to a pam_unix problem when the module had not set the
password in bigcrypt mode, but was trying to compare with bigcrypt
output. The fix is to use the stored password as a guide to how much
of the encrypted password to compare against.
|
| |
|
|
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
Shouldn't explicitly include prototype in the file - it conflicts with
common defaults and thus should not be there. (Request for removal from
David Lee.)
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: new feature/cleanup
Commit summary:
---------------
made pam_nologin more secure by changing the default behavior and
adding some more features. General code clean up in the process.
|
| |
|
|
|
|
|
|
| |
Purpose of commit: documentation
Commit summary:
---------------
typo/correctness fixes from Nalin.
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
This was a reimplementation of pam_warn to be more useful. I did it in
conjuction with testing the new setcred behavior.
|
| |
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
add a cvsignore file
|
| |
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
clean up a compilation warning about strcmp() not being defined.
|
| |
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
documented % domain
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
added '%' domain for maxlogins limiting, now '*' and @group have
the old meaning (every) and '%' the new one (all)
|
| |
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
put not so interesting log messages under debug arg
|
| |
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfixes
Commit summary:
---------------
Both of these fixes inspired by use with X based services.
The first makes a TTY of the form hostname:0 work (if you specify a different
separator with the module argument "fieldsep=".
The second treats "" for a RHOST the same way it would treat a NULL value.
|
| |
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
keep well know behaviour of maxlogins default ('*') limit
|
| |
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
pam_pwdb did it, so make pam_unix log when a passowrd is changed.
|
| |
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
pam_limits didn't the priority value specified in config.
|
| |
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
there were some dangling file descriptors and unclear pass/fail
properties of some of the password updating code in pam_unix.
Bug report from Len Lattanzi.
|
| |
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
properly recurse directories (fix from Nalin).
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix and document
Commit summary:
---------------
The login limit counting seemed to have its math incorrect.
The default has been changed to the sane one, and a new module argument
has been added "utmp_early" that returns the module to its old behavior.
Thanks to Berend De Schouwe for getting to the bottom of this issue.
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
pam_unix is too generic a module to override the PAM_USER_PROMPT item.
(More modifications to xsh to help me test this change.)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
Added libpammodutil and link it with every module as its built.
The issue here is that there is a lot of code that the various modules
use in common, and this staic library can be used to help make this code
more maintainable. I do not intend to make this library dynamic. Especially
right now, as I want to be free to chop and change the API and don't want
to deal with revision control and third party modules.
This checkin makes the pam_rhost_auth module make some use of this new
library. I don't intend to add support for any other module prior to
releasing 0.76.
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
The malloc debugging stuff appears to have had a few residual issues
that I've fixed (trying to resolve another checkin!).
|
| |
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
pam_unix: fix 'likeauth' to kill off the memory leak once and for all.
|
| |
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
* Restore pam_unix's handling of 'likeauth' argument to a known working
state
* prettify AUTH_RETURN macro
* remove redundant argv checks in pam_sm_setcred()
|
| |
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: improved feature
Commit summary:
---------------
Replace the 'similar' function with a real distance algorithm. (From Harald
Welte and Nalin).
Also fix a typo that somehow slipped through an earlier checkin. [Bug 476947].
|
| |
|
|
|
|
|
|
| |
Purpose of commit: documentation fixes
Commit summary:
---------------
Fix some typos noted by Nalin.
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: documentation fix
Commit summary:
---------------
Module doesn't understand 'console' but does understand 'LOCAL'. Fix
from Nalin.
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: fix memory leak
Commit summary:
---------------
Fernando Trias pointed out a silly memory leak in pam_unix.so. It looks
like some allocated memory that is simply not needed for anything.
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
be more confident that strings are being initialized correctly
from Nalin.
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
pam_userdb was not paying close enough attention to password comparisons.
Bug report and fix from Vladimir Pastukhov.
|
| |
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
Nalin's fix to do a better job of not corrupting the lastlog file.
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: new feature, cleanup
Commit summary:
---------------
patch from Nalin to support '+hostname' as equivalent to 'hostname'.
fixed compiler warning by working out when to include header file.
|
| |
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
removed a compiler warning (courtesy Nalin) and added a memory leak comment.
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: comments
Commit summary:
---------------
Added some clarification comments to help explain why I'm rejecting
bug 476961.
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
it seems there was a slight problem with md5 compatibility with
respect to bigendian non-md5 hash support.
|
| |
|
|
|
|
|
|
| |
Purpose of commit: bugfixes
Commit summary:
---------------
lots of segfault potential removed. Nalin found the biggies.
|
| |
|
|
|
|
|
|
|
| |
Purpose of commit: bugfix
Commit summary:
---------------
pam_env was only coincidentally parsing environment variables correctly.
Bug report from weichangyang of hotmail com.
|
| |
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
general comment, make and include cleanup.
|
| |
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
support -ve process priorities (and include superuser in this feature)
|
| |
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
keep cvs update's clean
|
