rpm/pam
SHA256
1
0
Fork 0
forked from pool/pam
Code Pull Requests Activity

OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/pam?expand=0&rev=17

Browse Source
This commit is contained in:
OBS User unknown 2008-09-26 13:07:06 +00:00 committed by Git OBS Bridge
parent 513de029ac
commit c6e9103e10
4 changed files with 100 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
pam.changes
View File

@ -1,3 +1,9 @@
-------------------------------------------------------------------
Fri Sep 26 13:44:21 CEST 2008 - kukuk@suse.de
- pam_tally: fix fd leak
- pam_mail: fix "quiet" option
------------------------------------------------------------------- -------------------------------------------------------------------
Fri Aug 29 15:17:50 CEST 2008 - kukuk@suse.de Fri Aug 29 15:17:50 CEST 2008 - kukuk@suse.de

9
pam.spec
View File

@ -35,7 +35,7 @@ License: BSD 3-Clause; GPL v2 or later
Group: System/Libraries Group: System/Libraries
AutoReqProv: on AutoReqProv: on
Version: 1.0.2 Version: 1.0.2
Release: 1 Release: 8
Summary: A Security Tool that Provides Authentication for Applications Summary: A Security Tool that Provides Authentication for Applications
Obsoletes: pam-laus Obsoletes: pam-laus
Source: Linux-PAM-%{version}.tar.bz2 Source: Linux-PAM-%{version}.tar.bz2
@ -55,6 +55,8 @@ Patch3: pam_sepermit.diff
Patch4: pam-1.0.1-namespace-create.patch Patch4: pam-1.0.1-namespace-create.patch
Patch5: pam-1.0.0-selinux-env-params.patch Patch5: pam-1.0.0-selinux-env-params.patch
Patch6: Linux-PAM-docu-generated.diff Patch6: Linux-PAM-docu-generated.diff
Patch7: pam_mail.diff
Patch8: pam_tally-fdleak.diff
%description %description
PAM (Pluggable Authentication Modules) is a system security tool that PAM (Pluggable Authentication Modules) is a system security tool that
@ -103,6 +105,8 @@ building both PAM-aware applications and modules for use with PAM.
%patch4 -p1 %patch4 -p1
%patch5 -p0 %patch5 -p0
%patch6 -p1 %patch6 -p1
%patch7 -p0
%patch8 -p0
%build %build
CFLAGS="$RPM_OPT_FLAGS" \ CFLAGS="$RPM_OPT_FLAGS" \
@ -304,6 +308,9 @@ rm -rf $RPM_BUILD_ROOT
%{_libdir}/libpam_misc.so %{_libdir}/libpam_misc.so
%changelog %changelog
* Fri Sep 26 2008 kukuk@suse.de
- pam_tally: fix fd leak
- pam_mail: fix "quiet" option
* Fri Aug 29 2008 kukuk@suse.de * Fri Aug 29 2008 kukuk@suse.de
- Update to version 1.0.2 (fix SELinux regression) - Update to version 1.0.2 (fix SELinux regression)
- enhance pam_tally [FATE#303753] - enhance pam_tally [FATE#303753]

49
pam_mail.diff Normal file
View File

@ -0,0 +1,49 @@
2008-09-25 Thorsten Kukuk <kukuk@thkukuk.de>
* modules/pam_mail/pam_mail.c (report_mail): Fix logic of
"quiet" option (Patch from Andreas Henriksson <andreas@fatal.se>)
* modules/pam_mail/pam_mail.8.xml: Fix typo.
diff -u -r1.5 pam_mail.8.xml
--- modules/pam_mail/pam_mail.8.xml 18 Aug 2008 13:29:24 -0000 1.5
+++ modules/pam_mail/pam_mail.8.xml 25 Sep 2008 11:51:29 -0000
@@ -40,7 +40,7 @@
nopen
</arg>
<arg choice="opt">
- quit
+ quiet
</arg>
<arg choice="opt">
standard
--- modules/pam_mail/pam_mail.c 30 Apr 2007 10:56:24 -0000 1.19
+++ modules/pam_mail/pam_mail.c 25 Sep 2008 11:51:29 -0000
@@ -303,8 +303,13 @@
{
int retval;
- if (!(ctrl & PAM_MAIL_SILENT) ||
- ((ctrl & PAM_QUIET_MAIL) && type == HAVE_NEW_MAIL))
+ if ((ctrl & PAM_MAIL_SILENT) ||
+ ((ctrl & PAM_QUIET_MAIL) && type != HAVE_NEW_MAIL))
+ {
+ D(("keeping quiet"));
+ retval = PAM_SUCCESS;
+ }
+ else
{
if (ctrl & PAM_STANDARD_MAIL)
switch (type)
@@ -345,11 +350,6 @@
break;
}
}
- else
- {
- D(("keeping quiet"));
- retval = PAM_SUCCESS;
- }
D(("returning %s", pam_strerror(pamh, retval)));
return retval;

37
pam_tally-fdleak.diff Normal file
View File

@ -0,0 +1,37 @@
2008-09-25 Tomas Mraz <t8m@centrum.cz>
* modules/pam_tally/pam_tally.c(get_tally): Fix syslog message.
(tally_check): Open faillog read only. Close file descriptor.
Fix typos in messages.
--- modules/pam_tally/pam_tally.c 9 Jul 2008 12:23:23 -0000 1.30
+++ modules/pam_tally/pam_tally.c 19 Sep 2008 12:29:21 -0000
@@ -350,7 +350,7 @@ get_tally(pam_handle_t *pamh, tally_t *t
}
if ( ! ( *TALLY = fopen(filename,(*tally!=TALLY_HI)?"r+":"r") ) ) {
- pam_syslog(pamh, LOG_ALERT, "Error opening %s for update", filename);
+ pam_syslog(pamh, LOG_ALERT, "Error opening %s for %s", filename, *tally!=TALLY_HI?"update":"read");
/* Discovering why account service fails: e/uid are target user.
*
@@ -504,7 +504,7 @@ tally_check (time_t oldtime, pam_handle_
tally_t
deny = opts->deny;
tally_t
- tally = 0; /* !TALLY_HI --> Log opened for update */
+ tally = TALLY_HI;
long
lock_time = opts->lock_time;
@@ -515,6 +515,10 @@ tally_check (time_t oldtime, pam_handle_
i=get_tally(pamh, &tally, uid, opts->filename, &TALLY, fsp);
if ( i != PAM_SUCCESS ) { RETURN_ERROR( i ); }
+ if ( TALLY != NULL ) {
+ fclose(TALLY);
+ }
+
if ( !(opts->ctrl & OPT_MAGIC_ROOT) || getuid() ) { /* magic_root skips tally check */
/* To deny or not to deny; that is the question */