rpm/pam
SHA256
1
0
Fork 0
forked from pool/pam
Code Pull Requests Activity

OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/pam?expand=0&rev=21

Browse Source
This commit is contained in:
OBS User unknown 2008-11-20 15:45:35 +00:00 committed by Git OBS Bridge
parent 144e487040
commit 3bf1d7f7d2
4 changed files with 166 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
pam.changes
View File

@ -1,3 +1,9 @@
-------------------------------------------------------------------
Wed Nov 19 11:13:31 CET 2008 - kukuk@suse.de
- pam_xauth: update last patch
- pam_pwhistory: add missing type option
------------------------------------------------------------------- -------------------------------------------------------------------
Tue Nov 4 13:42:03 CET 2008 - mc@suse.de Tue Nov 4 13:42:03 CET 2008 - mc@suse.de

7
pam.spec
View File

@ -35,7 +35,7 @@ License: BSD 3-Clause; GPL v2 or later
Group: System/Libraries Group: System/Libraries
AutoReqProv: on AutoReqProv: on
Version: 1.0.2 Version: 1.0.2
Release: 11 Release: 12
Summary: A Security Tool that Provides Authentication for Applications Summary: A Security Tool that Provides Authentication for Applications
Source: Linux-PAM-%{version}.tar.bz2 Source: Linux-PAM-%{version}.tar.bz2
Source1: Linux-PAM-%{version}-SUSE-docs.tar.bz2 Source1: Linux-PAM-%{version}-SUSE-docs.tar.bz2
@ -61,6 +61,7 @@ Patch10: pam_lastlog.diff
Patch11: pam_tally2.diff Patch11: pam_tally2.diff
Patch12: pam_cracklib-no-pwhistory.diff Patch12: pam_cracklib-no-pwhistory.diff
Patch13: pam_xauth-XAUTHLOCALHOSTNAME.diff Patch13: pam_xauth-XAUTHLOCALHOSTNAME.diff
Patch14: pam_pwhistory-type.diff
%description %description
PAM (Pluggable Authentication Modules) is a system security tool that PAM (Pluggable Authentication Modules) is a system security tool that
@ -118,6 +119,7 @@ chmod 755 modules/pam_pwhistory/tst-pam_pwhistory
chmod 755 modules/pam_tally2/tst-pam_tally2 chmod 755 modules/pam_tally2/tst-pam_tally2
%patch12 -p0 %patch12 -p0
%patch13 -p0 %patch13 -p0
%patch14 -p0
%build %build
aclocal -I m4 --install --force aclocal -I m4 --install --force
@ -326,6 +328,9 @@ rm -rf $RPM_BUILD_ROOT
%{_libdir}/libpam_misc.so %{_libdir}/libpam_misc.so
%changelog %changelog
* Wed Nov 19 2008 kukuk@suse.de
- pam_xauth: update last patch
- pam_pwhistory: add missing type option
* Tue Nov 04 2008 mc@suse.de * Tue Nov 04 2008 mc@suse.de
- pam_xauth: put XAUTHLOCALHOSTNAME into new enviroment - pam_xauth: put XAUTHLOCALHOSTNAME into new enviroment
(bnc#441314) (bnc#441314)

102
pam_pwhistory-type.diff Normal file
View File

@ -0,0 +1,102 @@
Index: modules/pam_pwhistory/pam_pwhistory.8.xml
===================================================================
RCS file: /cvsroot/pam/Linux-PAM/modules/pam_pwhistory/pam_pwhistory.8.xml,v
retrieving revision 1.1
diff -u -r1.1 pam_pwhistory.8.xml
--- modules/pam_pwhistory/pam_pwhistory.8.xml 10 Oct 2008 06:53:45 -0000 1.1
+++ modules/pam_pwhistory/pam_pwhistory.8.xml 19 Nov 2008 14:24:00 -0000
@@ -33,6 +33,9 @@
<arg choice="opt">
retry=<replaceable>N</replaceable>
</arg>
+ <arg choice="opt">
+ type=<replaceable>STRING</replaceable>
+ </arg>
</cmdsynopsis>
</refsynopsisdiv>
@@ -119,6 +122,21 @@
</listitem>
</varlistentry>
+ <varlistentry>
+ <term>
+ <option>type=<replaceable>STRING</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ The default action is for the module to use the
+ following prompts when requesting passwords:
+ "New UNIX password: " and "Retype UNIX password: ".
+ The default word <emphasis>UNIX</emphasis> can
+ be replaced with this option.
+ </para>
+ </listitem>
+ </varlistentry>
+
</variablelist>
</refsect1>
Index: modules/pam_pwhistory/pam_pwhistory.c
===================================================================
RCS file: /cvsroot/pam/Linux-PAM/modules/pam_pwhistory/pam_pwhistory.c,v
retrieving revision 1.1
diff -u -r1.1 pam_pwhistory.c
--- modules/pam_pwhistory/pam_pwhistory.c 10 Oct 2008 06:53:45 -0000 1.1
+++ modules/pam_pwhistory/pam_pwhistory.c 19 Nov 2008 14:24:00 -0000
@@ -58,7 +58,9 @@
#include "opasswd.h"
+/* For Translators: "%s%s" could be replaced with "<service> " or "". */
#define NEW_PASSWORD_PROMPT _("New %s%spassword: ")
+/* For Translators: "%s%s" could be replaced with "<service> " or "". */
#define AGAIN_PASSWORD_PROMPT _("Retype new %s%spassword: ")
#define MISTYPED_PASSWORD _("Sorry, passwords do not match.")
@@ -70,6 +72,7 @@
int enforce_for_root;
int remember;
int tries;
+ const char *prompt_type;
};
typedef struct options_t options_t;
@@ -101,6 +104,8 @@
}
else if (strcasecmp (argv, "enforce_for_root") == 0)
options->enforce_for_root = 1;
+ else if (strncasecmp (argv, "type=", 5) == 0)
+ options->prompt_type = &argv[5];
else
pam_syslog (pamh, LOG_ERR, "pam_pwhistory: unknown option: %s", argv);
}
@@ -121,6 +126,7 @@
/* Set some default values, which could be overwritten later. */
options.remember = 10;
options.tries = 1;
+ options.prompt_type = "UNIX";
/* Parse parameters for module */
for ( ; argc-- > 0; argv++)
@@ -209,7 +215,8 @@
while ((newpass == NULL) && (tries++ < options.tries))
{
retval = pam_prompt (pamh, PAM_PROMPT_ECHO_OFF, &newpass,
- NEW_PASSWORD_PROMPT, "UNIX", " ");
+ NEW_PASSWORD_PROMPT, options.prompt_type,
+ strlen (options.prompt_type) > 0?" ":"");
if (retval != PAM_SUCCESS)
{
_pam_drop (newpass);
@@ -249,7 +256,9 @@
char *new2;
retval = pam_prompt (pamh, PAM_PROMPT_ECHO_OFF, &new2,
- AGAIN_PASSWORD_PROMPT, "UNIX", " ");
+ AGAIN_PASSWORD_PROMPT,
+ options.prompt_type,
+ strlen (options.prompt_type) > 0?" ":"");
if (retval != PAM_SUCCESS)
return retval;

68
pam_xauth-XAUTHLOCALHOSTNAME.diff
View File

@ -1,32 +1,54 @@
--- modules/pam_xauth/pam_xauth.c --- modules/pam_xauth/pam_xauth.c 8 Apr 2008 07:01:41 -0000 1.16
+++ modules/pam_xauth/pam_xauth.c 2008/11/04 10:59:23 +++ modules/pam_xauth/pam_xauth.c 18 Nov 2008 12:30:58 -0000
@@ -600,6 +600,29 @@ @@ -280,7 +280,7 @@
free (d); return noent_code;
default:
if (debug) {
- pam_syslog(pamh, LOG_ERR,
+ pam_syslog(pamh, LOG_DEBUG,
"error opening %s: %m", path);
}
return PAM_PERM_DENIED;
@@ -293,7 +293,8 @@
int argc, const char **argv)
{
char *cookiefile = NULL, *xauthority = NULL,
- *cookie = NULL, *display = NULL, *tmp = NULL;
+ *cookie = NULL, *display = NULL, *tmp = NULL,
+ *xauthlocalhostname = NULL;
const char *user, *xauth = NULL;
struct passwd *tpwd, *rpwd;
int fd, i, debug = 0;
@@ -588,14 +589,30 @@
if (asprintf(&d, "DISPLAY=%s", display) < 0)
{
- pam_syslog(pamh, LOG_DEBUG, "out of memory");
+ pam_syslog(pamh, LOG_ERR, "out of memory");
cookiefile = NULL;
retval = PAM_SESSION_ERR;
goto cleanup;
} }
if (pam_putenv (pamh, d) != PAM_SUCCESS)
- pam_syslog (pamh, LOG_DEBUG,
+ pam_syslog (pamh, LOG_ERR,
+ "can't set environment variable '%s'", d);
+ free (d);
+ }
+
+ /* set XAUTHLOCALHOSTNAME to make sure that su - work under gnome */ + /* set XAUTHLOCALHOSTNAME to make sure that su - work under gnome */
+ if (getenv("XAUTHLOCALHOSTNAME") != NULL) { + if ((xauthlocalhostname = getenv("XAUTHLOCALHOSTNAME")) != NULL) {
+ char *d, *xauthlocalhostname; + char *d;
+ +
+ xauthlocalhostname = strdup(getenv("XAUTHLOCALHOSTNAME")); + if (asprintf(&d, "XAUTHLOCALHOSTNAME=%s", xauthlocalhostname) < 0) {
+ + pam_syslog(pamh, LOG_ERR, "out of memory");
+ if (asprintf(&d, "XAUTHLOCALHOSTNAME=%s", xauthlocalhostname) < 0)
+ {
+ pam_syslog(pamh, LOG_DEBUG, "out of memory");
+ free(xauthlocalhostname);
+ xauthlocalhostname = NULL;
+ retval = PAM_SESSION_ERR; + retval = PAM_SESSION_ERR;
+ goto cleanup; + goto cleanup;
+ } + }
+ +
+ if (pam_putenv (pamh, d) != PAM_SUCCESS) + if (pam_putenv (pamh, d) != PAM_SUCCESS)
+ pam_syslog (pamh, LOG_DEBUG, + pam_syslog (pamh, LOG_ERR,
+ "can't set environment variable '%s'", d); "can't set environment variable '%s'", d);
+ free (d); free (d);
+ free(xauthlocalhostname); }
+ xauthlocalhostname = NULL;
+ }
+
/* Merge the cookie we read before into the new file. */
if (debug) {
pam_syslog(pamh, LOG_DEBUG,