3aaba5773b
- pam-login_defs-check.sh: adjust for new login.defs variable usages pam_tally2 has been removed upstream, remove pam_tally2-removal.patch
Thorsten Kukuk2021-09-10 10:28:05 +00:00
dc65a6a40a
Accepting request 917897 from home:jmoellers:branches:Linux-PAM
Thorsten Kukuk2021-09-10 09:48:01 +00:00
ab4c48fada
Accepting request 911843 from Linux-PAM
Richard Brown
2021-08-18 06:55:09 +00:00
c6cae773e2
- pam_umask-usergroups-login_defs.patch: Deprecate pam_umask explicit "usergroups" option and instead read it from login.def's "USERGROUP_ENAB" option if umask is only defined there. [bsc#1189139]
Thorsten Kukuk2021-08-12 14:45:10 +00:00
070ad9f4c2
Accepting request 851800 from home:lnussel:usrmove
Thorsten Kukuk2020-12-03 13:58:29 +00:00
34431add7d
- Update to 1.5.1 - pam_unix: fixed CVE-2020-27780 - authentication bypass when a user doesn't exist and root password is blank [bsc#1179166] - pam_faillock: added nodelay option to not set pam_fail_delay - pam_wheel: use pam_modutil_user_in_group to check for the group membership with getgrouplist where it is available
Thorsten Kukuk2020-11-27 09:37:31 +00:00
c4daf63ae5
- Update to 1.5.0 - obsoletes pam-bsc1178727-initialize-daysleft.patch - Multiple minor bug fixes, portability fixes, and documentation improvements. - Extended libpam API with pam_modutil_check_user_in_passwd function. - pam_faillock: changed /run/faillock/$USER permissions from 0600 to 0660. - pam_motd: read motd files with target user credentials skipping unreadable ones. - pam_pwhistory: added a SELinux helper executable. - pam_unix, pam_usertype: implemented avoidance of certain timing attacks. - pam_wheel: implemented PAM_RUSER fallback for the case when getlogin fails. - pam_env: Reading of the user environment is deprecated and will be removed at some point in the future. - libpam: pam_modutil_drop_priv() now correctly sets the target user's supplementary groups, allowing pam_motd to filter messages accordingly - Refresh pam-xauth_ownership.patch - pam_tally2-removal.patch: Re-add pam_tally2 for deprecated sub-package - pam_cracklib-removal.patch: Re-add pam_cracklib for deprecated sub-package
Thorsten Kukuk2020-11-19 15:52:27 +00:00
6c61940629
Accepting request 849441 from home:jmoellers:branches:Linux-PAM
Josef Möllers
2020-11-19 13:56:42 +00:00
94ef2ca6a9
Accepting request 849367 from home:jmoellers:branches:Linux-PAM
Josef Möllers
2020-11-19 11:13:17 +00:00
8c2c162984
- Update to final 1.4.0 release - includes pam-check-user-home-dir.patch - obsoletes fix-man-links.dif
Thorsten Kukuk2020-06-08 13:50:31 +00:00
5a8acbff55
- common-password: remove pam_cracklib, as that is deprecated.
Thorsten Kukuk2020-06-08 08:00:42 +00:00
3c370e0e45
Accepting request 811145 from home:jmoellers:branches:Linux-PAM
Josef Möllers
2020-06-08 06:48:10 +00:00
00f1294879
- Update to current Linux-PAM snapshot - pam_tally* and pam_cracklib got deprecated - Disable pam_faillock and pam_setquota until they are whitelisted
Thorsten Kukuk2020-05-27 09:48:06 +00:00
868d149bc4
- Update to current Linux-PAM snapshot - Obsoletes pam_namespace-systemd.diff
Thorsten Kukuk2020-05-12 11:32:07 +00:00
db3a5fbd69
- Update to current Linux-PAM snapshot - Multiple minor bug fixes and documentation improvements - Fixed grammar of messages printed via pam_prompt - Added support for a vendor directory and libeconf - configure: Allowed disabling documentation through --disable-doc - pam_get_authtok_verify: Avoid duplicate password verification - pam_env: Changed the default to not read the user .pam_environment file - pam_group, pam_time: Fixed logical error with multiple ! operators - pam_keyinit: In pam_sm_setcred do the same as in pam_sm_open_session - pam_lastlog: Do not log info about failed login if the session was opened with PAM_SILENT flag - pam_lastlog: Limit lastlog file use by LASTLOG_UID_MAX option in login.defs - pam_lastlog: With 'unlimited' option prevent SIGXFSZ due to reduced 'fsize' limit - pam_motd: Export MOTD_SHOWN=pam after showing MOTD - pam_motd: Support multiple motd paths specified, with filename overrides - pam_namespace: Added a systemd service, which creates the namespaced instance parent directories during boot - pam_namespace: Support for noexec, nosuid and nodev flags for tmpfs mounts - pam_shells: Recognize /bin/sh as the default shell - pam_succeed_if: Support lists in group membership checks - pam_tty_audit: If kernel audit is disabled return PAM_IGNORE - pam_umask: Added new 'nousergroups' module argument and allowed specifying the default for usergroups at build-time - pam_unix: Added 'nullresetok' option to allow resetting blank passwords - pam_unix: Report unusable hashes found by checksalt to syslog - pam_unix: Support for (gost-)yescrypt hashing methods - pam_unix: Use bcrypt b-variant when it bcrypt is chosen - pam_usertype: New module to tell if uid is in login.defs ranges - Added new API call pam_start_confdir() for special applications that
Thorsten Kukuk2020-05-12 09:30:59 +00:00
Josef Möllers
Dominique Leuenberger
Thorsten Kukuk
Richard Brown
Ludwig Nussel
Wolfgang Engel