From ce00661e7844be372a9b141465c5cf3ba763ab7d3d30e870ed19dcd2fabc10b6 Mon Sep 17 00:00:00 2001 From: OBS User unknown Date: Fri, 28 Nov 2008 14:44:50 +0000 Subject: [PATCH] OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/pam?expand=0&rev=22 --- pam.changes | 10 ++++++++++ pam.spec | 10 +++++++++- pam_limits-doc.diff | 23 +++++++++++++++++++++++ pam_pwhistory-0.1.diff | 2 +- pam_time.diff | 18 ++++++++++++++++++ 5 files changed, 61 insertions(+), 2 deletions(-) create mode 100644 pam_limits-doc.diff create mode 100644 pam_time.diff diff --git a/pam.changes b/pam.changes index 262e452..87ac646 100644 --- a/pam.changes +++ b/pam.changes @@ -1,3 +1,13 @@ +------------------------------------------------------------------- +Thu Nov 27 15:56:51 CET 2008 - mc@suse.de + +- enhance the man page for limits.conf (bnc#448314) + +------------------------------------------------------------------- +Mon Nov 24 17:21:19 CET 2008 - kukuk@suse.de + +- pam_time: fix parsing if '|' is used [bdo#326407] + ------------------------------------------------------------------- Wed Nov 19 11:13:31 CET 2008 - kukuk@suse.de diff --git a/pam.spec b/pam.spec index 0674874..fb4bccf 100644 --- a/pam.spec +++ b/pam.spec @@ -35,7 +35,7 @@ License: BSD 3-Clause; GPL v2 or later Group: System/Libraries AutoReqProv: on Version: 1.0.2 -Release: 12 +Release: 13 Summary: A Security Tool that Provides Authentication for Applications Source: Linux-PAM-%{version}.tar.bz2 Source1: Linux-PAM-%{version}-SUSE-docs.tar.bz2 @@ -62,6 +62,8 @@ Patch11: pam_tally2.diff Patch12: pam_cracklib-no-pwhistory.diff Patch13: pam_xauth-XAUTHLOCALHOSTNAME.diff Patch14: pam_pwhistory-type.diff +Patch15: pam_time.diff +Patch16: pam_limits-doc.diff %description PAM (Pluggable Authentication Modules) is a system security tool that @@ -120,6 +122,8 @@ chmod 755 modules/pam_tally2/tst-pam_tally2 %patch12 -p0 %patch13 -p0 %patch14 -p0 +%patch15 -p0 +%patch16 -p0 %build aclocal -I m4 --install --force @@ -328,6 +332,10 @@ rm -rf $RPM_BUILD_ROOT %{_libdir}/libpam_misc.so %changelog +* Thu Nov 27 2008 mc@suse.de +- enhance the man page for limits.conf (bnc#448314) +* Mon Nov 24 2008 kukuk@suse.de +- pam_time: fix parsing if '|' is used [bdo#326407] * Wed Nov 19 2008 kukuk@suse.de - pam_xauth: update last patch - pam_pwhistory: add missing type option diff --git a/pam_limits-doc.diff b/pam_limits-doc.diff new file mode 100644 index 0000000..de00437 --- /dev/null +++ b/pam_limits-doc.diff @@ -0,0 +1,23 @@ +--- modules/pam_limits/limits.conf.5.xml ++++ modules/pam_limits/limits.conf.5.xml 2008/11/27 14:25:16 +@@ -230,6 +230,11 @@ + + + ++ All items support the values -1, ++ unlimited or infinity indicating no limit, ++ except for priority and nice. ++ ++ + In general, individual limits have priority over group limits, so if + you impose no limits for admin group, but one of + the members in this group have a limits line, the user will have its +@@ -275,6 +280,7 @@ + pam_limits8, + pam.d5, +- pam8 ++ pam8, ++ getrlimit2 + + + diff --git a/pam_pwhistory-0.1.diff b/pam_pwhistory-0.1.diff index 692696b..db71aa6 100644 --- a/pam_pwhistory-0.1.diff +++ b/pam_pwhistory-0.1.diff @@ -635,7 +635,7 @@ diff -N modules/pam_pwhistory/opasswd.c + } + else + { -+ if (asprintf (&out, "%s:%si%d:%s,%s\n", ++ if (asprintf (&out, "%s:%s:%d:%s,%s\n", + entry.user, entry.uid, entry.count, + entry.old_passwords, oldpass) < 0) + { diff --git a/pam_time.diff b/pam_time.diff new file mode 100644 index 0000000..8e158a0 --- /dev/null +++ b/pam_time.diff @@ -0,0 +1,18 @@ +2008-11-25 Thorsten Kukuk + + * modules/pam_time/pam_time.c (is_same): Fix check + of correct string length (debian bug #326407). + +--- modules/pam_time/pam_time.c 7 Dec 2007 15:40:02 -0000 1.16 ++++ modules/pam_time/pam_time.c 25 Nov 2008 13:37:12 -0000 +@@ -358,8 +358,8 @@ + + /* Ok, we know that b is a substring from A and does not contain + wildcards, but now the length of both strings must be the same, +- too. */ +- if (strlen (a) != strlen(b)) ++ too. In this case it means, a[i] has to be the end of the string. */ ++ if (a[i] != '\0') + return FALSE; + + return ( !len );