summaryrefslogtreecommitdiff
path: root/modules
Commit message (Collapse)AuthorAge
* New upstream version 1.3.1Steve Langasek2019-02-12
|\
| * pam_motd: add support for a motd.d directory (#48)Allison Karlitskaya2018-05-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add a new feature to pam_motd to allow packages to install their own message files in a "motd.d" directory, to be displayed after the primary motd. Add an option motd_d= to specify the location of this directory. Modify the defaults, in the case where no options are given, to display both /etc/motd and /etc/motd.d. Fixes #47 * modules/pam_motd/pam_motd.c: add support for motd.d * modules/pam_motd/pam_motd.8.xml: update the manpage
| * pam_umask: Fix documentation to align with order of loading umaskTomas Mraz2018-05-02
| | | | | | | | | | * modules/pam_umask/pam_umask.8.xml: Document the real order of loading umask.
| * pam_tally2 --reset: avoid creating a missing tallylog fileDmitry V. Levin2017-11-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There is no need for pam_tally2 in --reset=0 mode to create a missing tallylog file because its absence has the same meaning as its existence with the appropriate entry reset. This was not a big deal until useradd(8) from shadow suite release 4.5 started to invoke /sbin/pam_tally2 --reset routinely regardless of PAM configuration. The positive effect of this change is noticeable when using tools like cpio(1) that cannot archive huge sparse files efficiently. * modules/pam_tally2/pam_tally2.c [MAIN] (main) <cline_user>: Stat cline_filename when cline_reset == 0, exit early if the file is missing.
| * pam_mkhomedir: Allow creating parent of homedir under /Tomas Mraz2017-11-10
| | | | | | | | | | * modules/pam_mkhomedir/mkhomedir_helper.c (make_parent_dirs): Do not skip creating the directory if we are under /.
| * pam_tty_audit: Fix regression introduced by adding the uid range support.Tomas Mraz2017-10-09
| | | | | | | | | | | | | | * modules/pam_tty_audit/pam_tty_audit.c (parse_uid_range): Fix constification and remove unneeded code carried from pam_limits. (pam_sm_open_session): When multiple enable/disable options are present do not stop after first match.
| * pam_access: Add note about spaces around ':' in access.conf(5)Tomas Mraz2017-09-06
| | | | | | | | * modules/pam_access/access.conf.5.xml: Add note about spaces around ':'
| * pam_unix: Check return value of malloc used for setcred data (#24)Peter Urbanec2017-07-12
| | | | | | | | | | | | | | | | Check the return value of malloc and if it failed print debug info, send a syslog message and return an error code. The test in AUTH_RETURN for ret_data not being NULL becomes redundant. Signed-off-by: Peter Urbanec <git.user@urbanec.net>
| * pam_cracklib: Drop unused prompt macros.Tomas Mraz2017-07-10
| | | | | | | | * modules/pam_cracklib/pam_cracklib.c: Drop the unused macros.
| * pam_tty_audit: Support matching users by uid range.Tomas Mraz2017-06-28
| | | | | | | | | | | | | | * modules/pam_tty_audit/pam_tty_audit.c (parse_uid_range): New function to parse the uid range. (pam_sm_open_session): Call parse_uid_range() and behave according to its result. * modules/pam_tty_audit/pam_tty_audit.8.xml: Document the uid range matching.
| * pam_access: support parsing files in /etc/security/access.d/*.confTomas Mraz2017-05-31
| | | | | | | | | | | | | | | | | | * modules/pam_access/pam_access.c (login_access): Return NOMATCH if there was no match in the parsed file. (pam_sm_authenticate): Add glob() call to go through the ACCESS_CONF_GLOB subdirectory and call login_access() on the individual files matched. * modules/pam_access/pam_access.8.xml: Document the addition. * modules/pam_access/Makefile.am: Add ACCESS_CONF_GLOB definition.
| * pam_localuser: Correct the example in documentation.Tomas Mraz2017-04-11
| | | | | | | | | | * modules/pam_localuser/pam_localuser.8.xml: The example configuration does something different.
| * pam_localuser: Correct documentation of return value.Tomas Mraz2017-04-11
| | | | | | | | | | * modules/pam_localuser/pam_localuser.8.xml: The module returns PAM_PERM_DENIED when the user is not listed.
| * Make maxclassrepeat=1 behavior consistent with docs (#9)Saul Johnson2017-03-10
| | | | | | * modules/pam_cracklib/pam_cracklib.c (simple): Apply the maxclassrepeat when greater than 0.
| * Properly test for strtol() failure to find any digits.Josef Moellers2017-02-09
| | | | | | | | | | * modules/pam_access/pam_access.c (network_netmask_match): Test for endptr set to beginning and not NULL.
| * pam_exec: fix a potential null pointer dereferenceDaniel Abrecht2017-01-19
| | | | | | | | | | | | | | | | | | | | Fix a null pointer dereference when pam_prompt returns PAM_SUCCESS but the response is set to NULL. * modules/pam_exec/pam_exec.c (call_exec): Do not invoke strndupa with a null pointer. Closes: https://github.com/linux-pam/linux-pam/pull/2
| * Add missing comma in the limits.conf.5 manpage.Antonio Ospite2016-12-07
| | | | | | | | * modules/pam_limits/limits.conf.5.xml: add a missing comma
| * pam_access: First check for the (group) match.Tomas Mraz2016-11-01
| | | | | | | | | | | | | | The (group) match is performed first to allow for groups containing '@'. * modules/pam_access/pam_access.c (user_match): First check for the (group) match.
| * pam_ftp: Properly use the first name from the supplied listTomas Mraz2016-10-17
| | | | | | | | | | | | * modules/pam_ftp/pam_ftp.c (lookup): Return first user from the list of anonymous users if user name matches. (pam_sm_authenticate): Free the returned value allocated in lookup().
| * pam_issue: Fix no prompting in parse escape codes mode.Bartos-Elekes Zsolt2016-09-12
| | | | | | | | * modules/pam_issue/pam_issue.c (read_issue_quoted): Fix misplaced strcat().
| * Unification and cleanup of syslog log levels.Tomas Mraz2016-06-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * libpam/pam_handlers.c: Make memory allocation failures LOG_CRIT. * libpam/pam_modutil_priv.c: Make memory allocation failures LOG_CRIT. * modules/pam_echo/pam_echo.c: Make memory allocation failures LOG_CRIT. * modules/pam_env/pam_env.c: Make memory allocation failures LOG_CRIT. * modules/pam_exec/pam_exec.c: Make memory allocation failures LOG_CRIT. * modules/pam_filter/pam_filter.c: Make all non-memory call errors LOG_ERR. * modules/pam_group/pam_group.c: Make memory allocation failures LOG_CRIT. * modules/pam_issue/pam_issue.c: Make memory allocation failures LOG_CRIT. * modules/pam_lastlog/pam_lastlog.c: The lastlog file creation is syslogged with LOG_NOTICE, memory allocation errors with LOG_CRIT, other errors with LOG_ERR. * modules/pam_limits/pam_limits.c: User login limit messages are syslogged with LOG_NOTICE, stale utmp entry with LOG_INFO, non-memory errors with LOG_ERR. * modules/pam_listfile/pam_listfile.c: Rejection of user is syslogged with LOG_NOTICE. * modules/pam_namespace/pam_namespace.c: Make memory allocation failures LOG_CRIT. * modules/pam_nologin/pam_nologin.c: Make memory allocation failures LOG_CRIT, other errors LOG_ERR. * modules/pam_securetty/pam_securetty.c: Rejection of access is syslogged with LOG_NOTICE, non-memory errors with LOG_ERR. * modules/pam_selinux/pam_selinux.c: Make memory allocation failures LOG_CRIT. * modules/pam_succeed_if/pam_succeed_if.c: Make all non-memory call errors LOG_ERR. * modules/pam_time/pam_time.c: Make memory allocation failures LOG_CRIT. * modules/pam_timestamp/pam_timestamp.c: Make memory allocation failures LOG_CRIT. * modules/pam_unix/pam_unix_acct.c: Make all non-memory call errors LOG_ERR. * modules/pam_unix/pam_unix_passwd.c: Make memory allocation failures LOG_CRIT, other errors LOG_ERR. * modules/pam_unix/pam_unix_sess.c: Make all non-memory call errors LOG_ERR. * modules/pam_unix/passverify.c: Unknown user is syslogged with LOG_NOTICE. * modules/pam_unix/support.c: Unknown user is syslogged with LOG_NOTICE and max retries ignorance by application likewise. * modules/pam_unix/unix_chkpwd.c: Make all non-memory call errors LOG_ERR. * modules/pam_userdb/pam_userdb.c: Password authentication error is syslogged with LOG_NOTICE. * modules/pam_xauth/pam_xauth.c: Make memory allocation failures LOG_CRIT.
| * pam_timestamp: fix typo in strncmp usageDmitry V. Levin2016-06-14
| | | | | | | | | | | | | | | | | | | | | | | | Before this fix, a typo in check_login_time resulted to ruser and struct utmp.ut_user being compared by the first character only, which in turn could lead to a too low timestamp value being assigned to oldest_login, effectively causing bypass of check_login_time. * modules/pam_timestamp/pam_timestamp.c (check_login_time): Fix typo in strncmp usage. Patch-by: Anton V. Boyarshinov <boyarsh@altlinux.org>
| * Remove spaces in examples for access.conf.Tomas Mraz2016-05-11
| | | | | | | | | | | | | | | | The spaces are ignored only with the default listsep. To remove confusion if non-default listsep is used they are removed from the examples. * modules/pam_access/access.conf: Remove all spaces around ':' in examples. * modules/pam_access/access.conf.5.xml: Likewise.
* | New upstream version 1.3.0Steve Langasek2019-01-22
|\ \ | |/
| * pam_wheel: Correct the documentation of the root_only option.Tomas Mraz2016-04-19
| | | | | | | | | | * modules/pam_wheel/pam_wheel.8.xml: Correct the documentation of the root_only option.
| * pam_unix: Document that MD5 password hash is used to store old passwords.Tomas Mraz2016-04-19
| | | | | | | | | | modules/pam_unix/pam_unix.8.xml: Document that the MD5 password hash is used to store the old passwords when remember option is set.
| * pam_unix: Use pam_get_authtok() instead of direct pam_prompt() calls.Tomas Mraz2016-04-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We have to drop support for not_set_pass option which is not much useful anyway. Instead we get proper support for authtok_type option. * modules/pam_unix/pam_unix.8.xml: Removed not_set_pass option, added authtok_ty pe option. * modules/pam_unix/pam_unix_auth.c (pam_sm_authenticate): Replace _unix_read_pas sword() call with equivalent pam_get_authtok() call. * modules/pam_unix/pam_unix_passwd.c (pam_sm_chauthtok): Likewise and also drop support for not_set_pass. * modules/pam_unix/support.c (_unix_read_password): Remove. * modules/pam_unix/support.h: Remove UNIX_NOT_SET_PASS add UNIX_AUTHTOK_TYPE.
| * pam_unix: Make password expiration messages more user-friendly.Tomas Mraz2016-04-04
| | | | | | | | | | * modules/pam_unix/pam_unix_acct.c (pam_sm_acct_mgmt): Make password expiration messages more user-friendly.
| * innetgr may not be there so make sure that when innetgr is not presentThorsten Kukuk2016-04-04
| | | | | | | | | | | | | | | | | | | | | | then we inform about it and not use it. [ticket#46] * modules/pam_group/pam_group.c: ditto * modules/pam_succeed_if/pam_succeed_if.c: ditto * modules/pam_time/pam_time.c: ditto Signed-off-by: Khem Raj <raj.khem at gmail.com> Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
| * Fix whitespace issuesDmitry V. Levin2016-04-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Remove blank lines at EOF introduced by commit a684595c0bbd88df71285f43fb27630e3829121e, making the project free of warnings reported by git diff --check 4b825dc642cb6eb9a060e54bf8d69288fbee4904 HEAD * libpam/pam_dynamic.c: Remove blank line at EOF. * modules/pam_echo/pam_echo.c: Likewise. * modules/pam_keyinit/pam_keyinit.c: Likewise. * modules/pam_mkhomedir/pam_mkhomedir.c: Likewise. * modules/pam_pwhistory/pam_pwhistory.c: Likewise. * modules/pam_rhosts/pam_rhosts.c: Likewise. * modules/pam_sepermit/pam_sepermit.c: Likewise. * modules/pam_stress/pam_stress.c: Likewise.
| * Use TI-RPC functions if we compile and link against libtirpc.Thorsten Kukuk2016-04-01
| | | | | | | | | | | | | | | | The old SunRPC functions don't work with IPv6. * configure.ac: Set and restore CPPFLAGS * modules/pam_unix/pam_unix_passwd.c: Replace getrpcport with rpcb_getaddr if available.
| * Remove "--enable-static-modules" option and support fromThorsten Kukuk2016-03-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Linux-PAM. It was never official supported and was broken since years. * configure.ac: Remove --enable-static-modules option. * doc/man/pam_sm_acct_mgmt.3.xml: Remove PAM_EXTERN. * doc/man/pam_sm_authenticate.3.xml: Likewise. * doc/man/pam_sm_chauthtok.3.xml: Likewise. * doc/man/pam_sm_close_session.3.xml: Likewise. * doc/man/pam_sm_open_session.3.xml: Likewise. * doc/man/pam_sm_setcred.3.xml: Likewise. * libpam/Makefile.am: Remove STATIC_MODULES cases. * libpam/include/security/pam_modules.h: Remove PAM_STATIC parts. * libpam/pam_dynamic.c: Likewise. * libpam/pam_handlers.c: Likewise. * libpam/pam_private.h: Likewise. * libpam/pam_static.c: Remove file. * libpam/pam_static_modules.h: Remove header file. * modules/pam_access/pam_access.c: Remove PAM_EXTERN and PAM_STATIC parts. * modules/pam_cracklib/pam_cracklib.c: Likewise. * modules/pam_debug/pam_debug.c: Likewise. * modules/pam_deny/pam_deny.c: Likewise. * modules/pam_echo/pam_echo.c: Likewise. * modules/pam_env/pam_env.c: Likewise. * modules/pam_exec/pam_exec.c: Likewise. * modules/pam_faildelay/pam_faildelay.c: Likewise. * modules/pam_filter/pam_filter.c: Likewise. * modules/pam_ftp/pam_ftp.c: Likewise. * modules/pam_group/pam_group.c: Likewise. * modules/pam_issue/pam_issue.c: Likewise. * modules/pam_keyinit/pam_keyinit.c: Likewise. * modules/pam_lastlog/pam_lastlog.c: Likewise. * modules/pam_limits/pam_limits.c: Likewise. * modules/pam_listfile/pam_listfile.c: Likewise. * modules/pam_localuser/pam_localuser.c: Likewise. * modules/pam_loginuid/pam_loginuid.c: Likewise. * modules/pam_mail/pam_mail.c: Likewise. * modules/pam_mkhomedir/pam_mkhomedir.c: Likewise. * modules/pam_motd/pam_motd.c: Likewise. * modules/pam_namespace/pam_namespace.c: Likewise. * modules/pam_nologin/pam_nologin.c: Likewise. * modules/pam_permit/pam_permit.c: Likewise. * modules/pam_pwhistory/pam_pwhistory.c: Likewise. * modules/pam_rhosts/pam_rhosts.c: Likewise. * modules/pam_rootok/pam_rootok.c: Likewise. * modules/pam_securetty/pam_securetty.c: Likewise. * modules/pam_selinux/pam_selinux.c: Likewise. * modules/pam_sepermit/pam_sepermit.c: Likewise. * modules/pam_shells/pam_shells.c: Likewise. * modules/pam_stress/pam_stress.c: Likewise. * modules/pam_succeed_if/pam_succeed_if.c: Likewise. * modules/pam_tally/pam_tally.c: Likewise. * modules/pam_tally2/pam_tally2.c: Likewise. * modules/pam_time/pam_time.c: Likewise. * modules/pam_timestamp/pam_timestamp.c: Likewise. * modules/pam_tty_audit/pam_tty_audit.c: Likewise. * modules/pam_umask/pam_umask.c: Likewise. * modules/pam_userdb/pam_userdb.c: Likewise. * modules/pam_warn/pam_warn.c: Likewise. * modules/pam_wheel/pam_wheel.c: Likewise. * modules/pam_xauth/pam_xauth.c: Likewise. * modules/pam_unix/Makefile.am: Remove STATIC_MODULES part. * modules/pam_unix/pam_unix_acct.c: Remove PAM_STATIC part. * modules/pam_unix/pam_unix_auth.c: Likewise. * modules/pam_unix/pam_unix_passwd.c: Likewise. * modules/pam_unix/pam_unix_sess.c: Likewise. * modules/pam_unix/pam_unix_static.c: Removed. * modules/pam_unix/pam_unix_static.h: Removed. * po/POTFILES.in: Remove removed files. * tests/tst-dlopen.c: Remove PAM_STATIC part.
| * Fix check for libtirpc and enhance check for libnsl to includeThorsten Kukuk2016-03-24
| | | | | | | | | | | | | | new libnsl. * configure.ac: fix setting of CFLAGS/LIBS, enhance libnsl check * modules/pam_unix/Makefile.am: replace NIS_* with TIRPC_* and NSL_*
| * Remove YP dependencies from pam_access, they were never usedThorsten Kukuk2016-03-23
| | | | | | | | | | | | | | | | and such not needed. * modules/pam_access/Makefile.am: Remove NIS_CFLAGS and NIS_LIBS * modules/pam_access/pam_access.c: Remove yp_get_default_domain case, it will never be used.
| * Add checks for localtime() returning NULL.Tomas Mraz2016-03-04
| | | | | | | | | | | | | | * modules/pam_lastlog/pam_lastlog.c (last_login_read): Check for localtime_r returning NULL. * modules/pam_tally2/pam_tally2.c (print_one): Check for localtime returning NULL.
| * pam_unix: Silence warnings and fix a minor bug.Tomas Mraz2016-03-04
| | | | | | | | | | | | | | | | | | Fixes a minor bug in behavior when is_selinux_enabled() returned negative value. * modules/pam_unix/passverify.c: Add parentheses to SELINUX_ENABLED macro. (unix_update_shadow): Safe cast forwho to non-const char *. * modules/pam_unix/support.c: Remove unused SELINUX_ENABLED macro.
| * pam_env: Document the /etc/environment file.Tomas Mraz2016-02-17
| | | | | | | | | | | | | | * modules/pam_env/Makefile.am: Add the environment.5 soelim stub. * modules/pam_env/pam_env.8.xml: Add environ(7) reference. * modules/pam_env/pam_env.conf.5.xml: Add environment alias name. Add a paragraph about /etc/environment. Add environ(7) reference.
| * pam_unix: Add no_pass_expiry option to ignore password expiration.Tomas Mraz2016-02-17
| | | | | | | | | | | | | | | | | | | | | | | | * modules/pam_unix/pam_unix.8.xml: Document the no_pass_expiry option. * modules/pam_unix/pam_unix_acct.c (pam_sm_acct_mgmt): If no_pass_expiry is on and return value data is not set to PAM_SUCCESS then ignore PAM_NEW_AUTHTOK_REQD and PAM_AUTHTOK_EXPIRED returns. * modules/pam_unix/pam_unix_auth.c (pam_sm_authenticate): Always set the return value data. (pam_sm_setcred): Test for likeauth option and use the return value data only if set. * modules/pam_unix/support.h: Add the no_pass_expiry option.
| * pam_unix: Change the salt length for new hashes to 16 charactersTomas Mraz2016-01-25
| | | | | | | | | | * modules/pam_unix/passverify.c (create_password_hash): Change the salt length for new hashes to 16 characters.
| * pam_tally2: Optionally log the tally count when checking.Tomas Mraz2015-12-16
| | | | | | | | | | * modules/pam_tally2/pam_tally2.c (tally_parse_args): Add debug option. (tally_check): Always log the tally count with debug option.
| * pam_loginuid: Add syslog message if required auditd is not detected.Tomas Mraz2015-09-24
| | | | | | | | | | * modules/pam_loginuid/pam_loginuid.c (_pam_loginuid): Add syslog message if required auditd is not detected.
| * pam_rootok: use rootok permission instead of passwd permission in SELinux check.Tomas Mraz2015-08-12
| | | | | | | | | | * modules/pam_rootok/pam_rootok.c (selinux_check_root): Use rootok instead of passwd permission.
| * pam_timestamp: Avoid leaking file descriptor.Amarnath Valluri2015-08-05
| | | | | | | | | | | | | | * modules/pam_timestamp/hmacsha1.c(hmac_key_create): close 'keyfd' when failed to own it. Signed-off-by: Amarnath Valluri <amarnath.valluri@intel.com>
| * Release version 1.2.1Thorsten Kukuk2015-06-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Security fix: CVE-2015-3238 If the process executing pam_sm_authenticate or pam_sm_chauthtok method of pam_unix is not privileged enough to check the password, e.g. if selinux is enabled, the _unix_run_helper_binary function is called. When a long enough password is supplied (16 pages or more, i.e. 65536+ bytes on a system with 4K pages), this helper function hangs indefinitely, blocked in the write(2) call while writing to a blocking pipe that has a limited capacity. With this fix, the verifiable password length will be limited to PAM_MAX_RESP_SIZE bytes (i.e. 512 bytes) for pam_exec and pam_unix. * NEWS: Update * configure.ac: Bump version * modules/pam_exec/pam_exec.8.xml: document limitation of password length * modules/pam_exec/pam_exec.c: limit password length to PAM_MAX_RESP_SIZE * modules/pam_unix/pam_unix.8.xml: document limitation of password length * modules/pam_unix/pam_unix_passwd.c: limit password length * modules/pam_unix/passverify.c: Likewise * modules/pam_unix/passverify.h: Likewise * modules/pam_unix/support.c: Likewise
| * Fix some grammatical errors in documentation.Thorsten Kukuk2015-04-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Patch by Louis Sautier * doc/adg/Linux-PAM_ADG.xml: Fix gramatical errors. * doc/man/pam.3.xml: Likewise. * doc/man/pam_acct_mgmt.3.xml: Likewise. * doc/man/pam_chauthtok.3.xml: Likewise. * doc/man/pam_sm_chauthtok.3.xml: Likewise. * modules/pam_limits/limits.conf.5.xml: Likewise. * modules/pam_mail/pam_mail.8.xml: Likewise. * modules/pam_rhosts/pam_rhosts.c: Likewise. * modules/pam_shells/pam_shells.8.xml: Likewise. * modules/pam_tally/pam_tally.8.xml: Likewise. * modules/pam_tally2/pam_tally2.8.xml: Likewise. * modules/pam_unix/pam_unix.8.xml: Likewise.
| * Add "quiet" option to pam_unix to suppress informential infoThorsten Kukuk2015-04-23
| | | | | | | | | | | | | | | | | | messages from session. * modules/pam_unix/pam_unix.8.xml: Document new option. * modules/pam_unix/support.h: Add quiet option. * modules/pam_unix/pam_unix_sess.c: Don't print LOG_INFO messages if 'quiet' option is set.
| * Use crypt_r if available in pam_userdb and in pam_unix.Tomas Mraz2015-04-07
| | | | | | | | | | | | | | * modules/pam_unix/passverify.c (create_password_hash): Call crypt_r() instead of crypt() if available. * modules/pam_userdb/pam_userdb.c (user_lookup): Call crypt_r() instead of crypt() if available.
| * pam_env: expand @{HOME} and @{SHELL} and enhance documentationThorsten Kukuk2015-03-25
| | | | | | | | | | | | | | | | (Ticket#24 and #29) * modules/pam_env/pam_env.c: Replace @{HOME} and @{SHELL} with passwd entries * modules/pam_env/pam_env.conf.5.xml: Document @{HOME} and @{SHELL} * modules/pam_env/pam_env.8.xml: Enhance documentation
| * Clarify pam_access docs re PAM service names and X $DISPLAY value testing.Thorsten Kukuk2015-03-24
| | | | | | | | | | | | | | | | | | (Ticket #39) * modules/pam_access/access.conf.5.xml * modules/pam_access/pam_access.8.xml Signed-off-by: Karl O. Pinc <kop at meme.com>
| * Don't use sudo directory, the timestamp format is different (Ticket#32)Thorsten Kukuk2015-03-24
| | | | | | | | * modules/pam_timestamp/pam_timestamp.c: Change default timestamp directory.