Compare commits
12 Commits
| Author | SHA256 | Date | |
|---|---|---|---|
| 5ccfcba329 | |||
| 2d17d3abc8 | |||
| 4907fdf28e | |||
| 6801825621 | |||
| 96cfeee265 | |||
| 9545def852 | |||
| 0450972480 | |||
| ed6a7a6b67 | |||
| 7a880fc877 | |||
| c1f502e6aa | |||
| db8f76e2ad | |||
| df04febe28 |
BIN
Linux-PAM-1.7.1.tar.xz
LFS
BIN
Linux-PAM-1.7.1.tar.xz
LFS
Binary file not shown.
@@ -1,16 +0,0 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQIcBAABCgAGBQJoUTDGAAoJEKgEH6g54W42RDQQAIKq+ltEn0g/lB0g+xU9SArO
|
||||
ItMiZDp6RaLDIRgOxbl1hnQyXvXcW5LYBT36u+e5PLKrtMzc8/S3kDtn2FRsS5KW
|
||||
aZaKmZI6UlEQVErMfX2F8/uPvcMRNmqHL7h3+BW8aIWp+WTBO3TIOZxVqNoDFbxj
|
||||
L/9G3KYTgcuKjb6XoDlicS68ImcLJC2BPjcaisaoqKRyK504jgYK6Wl6AFo7Fu8r
|
||||
PS134LM6gUUxMzdYCpISmO5tZh+uOqtCfbdeOY3bwBeupe2J4D6v7uASF7RqEXPX
|
||||
/imsmUkmqLmOOolvLflGDsiz1HaY05LW7CcJngXOV6WKU+HqBg9E5Xclnr0RyvBD
|
||||
tmFPeWlgPw+zg+BVUhGAUeLoFCknbtY/7TEB4Jh0Z/Tm+pOUVoQbhrUCI0rAgapN
|
||||
dA9i5DCUuEBXRul2YvG7EZGuYs77fzpf/J++b9XKB9kH1Bc3vaaZoaO+lbN8g6Ei
|
||||
CbZCmD0ct0UhUTX+FEUG9SkMTomyd9ihz6kuHcuo4eCVbVuDJpF+vEUjVb7no9Aw
|
||||
KlZ6/I45GRRjIYYk/vxpgNX05D8xeMxDkXEMcKAHsI/q4oOe7Hsuess47WioiVXL
|
||||
xNl6AHjJ4VMcz1xLPR8COA8L3uaZNtxuIGhazZFeJbrfJct5gsf9iv04pdAA73/B
|
||||
NtgHrE6GjGSmw+/xX22z
|
||||
=RQhR
|
||||
-----END PGP SIGNATURE-----
|
||||
3
Linux-PAM-1.7.2.tar.xz
Normal file
3
Linux-PAM-1.7.2.tar.xz
Normal file
@@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:437a88182eab6168a39d00b08252741f9a5b7da9dc3fce93a6a806fbe826e5b6
|
||||
size 563824
|
||||
15
_service
Normal file
15
_service
Normal file
@@ -0,0 +1,15 @@
|
||||
<services>
|
||||
<service name="tar_scm" mode="manual">
|
||||
<param name="versionformat">@PARENT_TAG@+git@TAG_OFFSET@</param>
|
||||
<param name="versionrewrite-pattern">v(.*?)(\+git0)?$</param>
|
||||
<param name="url">https://github.com/linux-pam/linux-pam.git</param>
|
||||
<param name="scm">git</param>
|
||||
<param name="changesgenerate">enable</param>
|
||||
<param name="filename">Linux-PAM</param>
|
||||
</service>
|
||||
<service name="set_version" mode="manual"/>
|
||||
<service name="recompress" mode="manual">
|
||||
<param name="compression">xz</param>
|
||||
<param name="file">*.tar</param>
|
||||
</service>
|
||||
</services>
|
||||
5
_servicedata
Normal file
5
_servicedata
Normal file
@@ -0,0 +1,5 @@
|
||||
<servicedata>
|
||||
<service name="tar_scm">
|
||||
<param name="url">https://github.com/linux-pam/linux-pam.git</param>
|
||||
<param name="changesrevision">fe03a10115c082a8486ccbab7462139d7e4bb067</param></service>
|
||||
</servicedata>
|
||||
48
pam.changes
48
pam.changes
@@ -1,3 +1,51 @@
|
||||
-------------------------------------------------------------------
|
||||
Thu Jan 22 13:09:25 UTC 2026 - Thorsten Kukuk <kukuk@suse.com>
|
||||
|
||||
- Update to version 1.7.2:
|
||||
* build: enabled vendordir by default.
|
||||
* pam_access: fixed stack overflow with huge configuration files.
|
||||
* pam_env: enhanced error diagnostics when ignoring backslash at end of string.
|
||||
* pam_faillock: skip clearing user's failed attempt when auth stack is not run.
|
||||
* pam_mkhomedir: added support for vendordir skeleton directory.
|
||||
* pam_unix: added support for pwaccessd.
|
||||
* pam_unix: added support for PAM_CHANGE_EXPIRED_AUTHTOK.
|
||||
* pam_unix: fixed password expiration warnings for large day values.
|
||||
* pam_unix: hardened temporary file handling.
|
||||
* Multiple minor bug fixes, build fixes, portability fixes,
|
||||
documentation improvements, and translation updates.
|
||||
- Drop post-v1.7.1.patch
|
||||
- Drop pam_mkhomedir-Use-vendordir-when-defined.patch
|
||||
- Build source archive directly from git
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Dec 11 14:03:11 UTC 2025 - Valentin Lefebvre <valentin.lefebvre@suse.com>
|
||||
|
||||
- Add pam_env.conf.d directory for configuration snippets, to support drop-in
|
||||
configuration files for pam_env, following the modular configuration pattern
|
||||
used in modern Linux distributions.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Sep 15 07:53:29 UTC 2025 - Valentin Lefebvre <valentin.lefebvre@suse.com>
|
||||
|
||||
- pam_mkhomedir: building with vendordir option allows fetching skeleton
|
||||
directory from the vendor directory when creating the user home directory.
|
||||
[+ pam_mkhomedir-Use-vendordir-when-defined.patch, bsc#1245524]
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Aug 27 14:20:14 UTC 2025 - Thorsten Kukuk <kukuk@suse.com>
|
||||
|
||||
- Update to 1.7.1+git (post-v1.7.1.patch)
|
||||
- disable unix_chkpwd by default, only used as fallback again
|
||||
- pam_modutil_get-overwrite-password-at-free.patch is included
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Aug 19 10:12:13 UTC 2025 - Valentin Lefebvre <valentin.lefebvre@suse.com>
|
||||
|
||||
- Make sure that the buffer containing encrypted passwords get's erased,
|
||||
before free.
|
||||
[pam_modutil_get-overwrite-password-at-free.patch, bsc#1232234,
|
||||
CVE-2024-10041]
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jun 18 12:01:57 UTC 2025 - Thorsten Kukuk <kukuk@suse.com>
|
||||
|
||||
|
||||
8
pam.spec
8
pam.spec
@@ -70,14 +70,13 @@
|
||||
#
|
||||
Name: pam%{name_suffix}
|
||||
#
|
||||
Version: 1.7.1
|
||||
Version: 1.7.2
|
||||
Release: 0
|
||||
Summary: A Security Tool that Provides Authentication for Applications
|
||||
License: GPL-2.0-or-later OR BSD-3-Clause
|
||||
Group: System/Libraries
|
||||
URL: https://github.com/linux-pam/linux-pam
|
||||
Source: Linux-PAM-%{version}.tar.xz
|
||||
Source1: Linux-PAM-%{version}.tar.xz.asc
|
||||
Source2: macros.pam
|
||||
Source3: other.pamd
|
||||
Source4: common-auth.pamd
|
||||
@@ -215,6 +214,7 @@ CFLAGS="$CFLAGS -fpatchable-function-entry=16,14 -fdump-ipa-clones"
|
||||
-Dhtmldir=%{_docdir}/pam/html \
|
||||
-Dpdfdir=%{_docdir}/pam/pdf \
|
||||
-Dsecuredir=%{_pam_moduledir} \
|
||||
-Dpam_unix-try-getspnam=true \
|
||||
%if "%{flavor}" != "full"
|
||||
-Dlogind=disabled \
|
||||
-Dpam_userdb=disabled \
|
||||
@@ -222,6 +222,7 @@ CFLAGS="$CFLAGS -fpatchable-function-entry=16,14 -fdump-ipa-clones"
|
||||
%else
|
||||
-Dlogind=enabled \
|
||||
%endif
|
||||
-Dpwaccess=disabled \
|
||||
-Delogind=disabled \
|
||||
-Dexamples=false \
|
||||
-Dnis=disabled
|
||||
@@ -289,7 +290,7 @@ install -D -m 644 %{SOURCE2} %{buildroot}%{_rpmmacrodir}/macros.pam
|
||||
# /run/motd.d
|
||||
install -Dm0644 %{SOURCE13} %{buildroot}%{_tmpfilesdir}/pam.conf
|
||||
|
||||
mkdir -p %{buildroot}%{_pam_secdistconfdir}/{limits.d,namespace.d}
|
||||
mkdir -p %{buildroot}%{_pam_secdistconfdir}/{limits.d,namespace.d,pam_env.conf.d}
|
||||
|
||||
# Remove manual pages for main package
|
||||
%if !%{build_doc}
|
||||
@@ -350,6 +351,7 @@ done
|
||||
%{_pam_secdistconfdir}/group.conf
|
||||
%{_pam_secdistconfdir}/faillock.conf
|
||||
%{_pam_secdistconfdir}/pam_env.conf
|
||||
%dir %{_pam_secdistconfdir}/pam_env.conf.d
|
||||
%if %{with selinux}
|
||||
%{_pam_secdistconfdir}/sepermit.conf
|
||||
%endif
|
||||
|
||||
Reference in New Issue
Block a user