| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: pam-devel | Distribution: SUSE Linux Framework One |
| Version: 1.6.1 | Vendor: SUSE LLC <https://www.suse.com/> |
| Release: slfo.1.1.3 | Build date: Sat Jun 22 11:08:44 2024 |
| Group: Development/Libraries/C and C++ | Build host: h01-ch3c |
| Size: 51533 | Source RPM: pam-1.6.1-slfo.1.1.3.src.rpm |
| Packager: https://www.suse.com/ | |
| Url: https://github.com/linux-pam/linux-pam | |
| Summary: Include Files and Libraries for PAM Development | |
PAM (Pluggable Authentication Modules) is a system security tool which allows system administrators to set authentication policy without having to recompile programs which do authentication. This package contains header files and static libraries used for building both PAM-aware applications and modules for use with PAM.
GPL-2.0-or-later OR BSD-3-Clause
* Wed Apr 10 2024 kukuk@suse.com
- Update to version 1.6.1
- pam_env: fixed --disable-econf --enable-vendordir support.
- pam_unix: do not warn if password aging is disabled.
- pam_unix: try to set uid to 0 before unix_chkpwd invocation.
- pam_unix: allow empty passwords with non-empty hashes.
- Multiple minor bug fixes, build fixes, portability fixes,
documentation improvements, and translation updates.
- Remove backports:
- pam_env-fix_vendordir.patch
- pam_env-fix-enable-vendordir-fallback.patch
- pam_env-remove-escaped-newlines.patch
- pam_unix-fix-password-aging-disabled.patch
* Thu Feb 22 2024 valentin.lefebvre@suse.com
- Use autosetup to prepare for RPM 4.20.
* Wed Feb 07 2024 kukuk@suse.com
- pam.tmpfiles: Make sure the content of the /run directories get
removed in case of a soft-reboot
* Tue Jan 30 2024 kukuk@suse.com
- Enable pam_canonicalize_user.so
* Fri Jan 19 2024 kukuk@suse.com
- Add post 1.6.0 release fixes for pam_env and pam_unix:
- pam_env-fix-enable-vendordir-fallback.patch
- pam_env-fix_vendordir.patch
- pam_env-remove-escaped-newlines.patch
- pam_unix-fix-password-aging-disabled.patch
- Update to version 1.6.0
- Added support of configuration files with arbitrarily long lines.
- build: fixed build outside of the source tree.
- libpam: added use of getrandom(2) as a source of randomness if available.
- libpam: fixed calculation of fail delay with very long delays.
- libpam: fixed potential infinite recursion with includes.
- libpam: implemented string to number conversions validation when parsing
controls in configuration.
- pam_access: added quiet_log option.
- pam_access: fixed truncation of very long group names.
- pam_canonicalize_user: new module to canonicalize user name.
- pam_echo: fixed file handling to prevent overflows and short reads.
- pam_env: added support of '\' character in environment variable values.
- pam_exec: allowed expose_authtok for password PAM_TYPE.
- pam_exec: fixed stack overflow with binary output of programs.
- pam_faildelay: implemented parameter ranges validation.
- pam_listfile: changed to treat \r and \n exactly the same in configuration.
- pam_mkhomedir: hardened directory creation against timing attacks.
- Please note that using *at functions leads to more open file handles
during creation.
- pam_namespace: fixed potential local DoS (CVE-2024-22365).
- pam_nologin: fixed file handling to prevent short reads.
- pam_pwhistory: helper binary is now built only if SELinux support is
enabled.
- pam_pwhistory: implemented reliable usernames handling when remembering
passwords.
- pam_shells: changed to allow shell entries with absolute paths only.
- pam_succeed_if: fixed treating empty strings as numerical value 0.
- pam_unix: added support of disabled password aging.
- pam_unix: synchronized password aging with shadow.
- pam_unix: implemented string to number conversions validation.
- pam_unix: fixed truncation of very long user names.
- pam_unix: corrected rounds retrieval for configured encryption method.
- pam_unix: implemented reliable usernames handling when remembering
passwords.
- pam_unix: changed to always run the helper to obtain shadow password
entries.
- pam_unix: unix_update helper binary is now built only if SELinux support
is enabled.
- pam_unix: added audit support to unix_update helper.
- pam_userdb: added gdbm support.
- Multiple minor bug fixes, portability fixes, documentation improvements,
and translation updates.
- The following patches are obsolete with the update:
- pam_access-doc-IPv6-link-local.patch
- pam_access-hostname-debug.patch
- pam_shells-fix-econf-memory-leak.patch
- pam_shells-fix-econf-memory-leak.patch
- disable-examples.patch
- pam-login_defs-check.sh: adjust checksum, SHA_CRYPT_MAX_ROUNDS
is no longer used.
* Wed Aug 23 2023 kukuk@suse.com
- Fix building without SELinux
* Mon Aug 07 2023 kukuk@suse.com
- pam_access backports from upstream:
- pam_access-doc-IPv6-link-local.patch:
Document only partial supported IPv6 link local addresses
- pam_access-hostname-debug.patch:
Don't print error if we cannot resolve a hostname, does not
need to be a hostname
- pam_shells-fix-econf-memory-leak.patch:
Free econf keys variable
- disable-examples.patch:
Don't build examples
* Tue May 09 2023 kukuk@suse.com
- Update to final 1.5.3 release:
- configure: added --enable-logind option to use logind instead of utmp
in pam_issue and pam_timestamp.
- pam_modutil_getlogin: changed to use getlogin() from libc instead of
parsing utmp.
- Added libeconf support to pam_env and pam_shells.
- Added vendor directory support to pam_access, pam_env, pam_group,
pam_faillock, pam_limits, pam_namespace, pam_pwhistory, pam_sepermit,
pam_shells, and pam_time.
- pam_limits: changed to not fail on missing config files.
- pam_pwhistory: added conf= option to specify config file location.
- pam_pwhistory: added file= option to specify password history file
location.
- pam_shells: added shells.d support when libeconf and vendordir are enabled.
- Deprecated pam_lastlog: this module is no longer built by default because
it uses utmp, wtmp, btmp and lastlog, but none of them are Y2038 safe,
even on 64bit architectures.
pam_lastlog will be removed in one of the next releases, consider using
pam_lastlog2 (from https://github.com/thkukuk/lastlog2) and/or
pam_wtmpdb (from https://github.com/thkukuk/wtmpdb) instead.
- Deprecated _pam_overwrite(), _pam_overwrite_n(), and _pam_drop_reply()
macros provided by _pam_macros.h; the memory override performed by these
macros can be optimized out by the compiler and therefore can no longer
be relied upon.
* Thu Apr 20 2023 kukuk@suse.com
- pam-extra: add split provide
* Wed Apr 12 2023 kukuk@suse.com
- pam-userdb: add split provide
* Tue Apr 11 2023 kukuk@suse.com
- Drop pam-xauth_ownership.patch, got fixed in sudo itself
- Drop pam-bsc1177858-dont-free-environment-string.patch, was a
fix for above patch
* Thu Apr 06 2023 kukuk@suse.com
- Use bcond selinux to disable SELinux
- Remove old pam_unix_* compat symlinks
- Move pam_userdb to own pam-userdb sub-package
- pam-extra contains now modules having extended dependencies like
libsystemd
- Update to 1.5.3.90 git snapshot
- Drop merged patches:
- pam-git.diff
- docbook5.patch
- pam_pwhistory-docu.patch
- pam_xauth_data.3.xml.patch
- Drop Linux-PAM-1.5.2.90.tar.xz as we have to rebuild all
documentation anyways and don't use the prebuild versions
- Move all devel manual pages to pam-manpages, too. Fixes the
problem that adjusted defaults not shown correct.
* Mon Mar 20 2023 kukuk@suse.com
- Add common-session-nonlogin and postlogin-* pam.d config files
for https://github.com/SUSE/pam-config/pull/16, pam_lastlog2
and upcoming pam_wtmpdb.
* Fri Mar 10 2023 giuliano.belinassi@suse.com
- Enable livepatching support on x86_64.
* Tue Jan 24 2023 valentin.lefebvre@suse.com
- Use rpm macros for pam dist conf dir (/usr/etc/security)
* Wed Jan 18 2023 schubi@suse.com
- Moved following files/dirs in /etc/security to vendor directory:
access.conf, limits.d, sepermit.conf, time.conf, namespace.conf,
namespace.d, namespace.init
* Sat Dec 24 2022 dleuenberger@suse.com
- Also obsolete pam_unix-32bit to have clean upgrade path.
* Fri Dec 16 2022 kukuk@suse.com
- Merge pam_unix back into pam, seperate package not needed anymore
* Thu Dec 15 2022 kukuk@suse.com
- Update pam-git.diff to current upstream
- pam_env: Use vendor specific pam_env.conf and environment as fallback
- pam_shells: Use the vendor directory
obsoletes pam_env_econf.patch
- Refresh docbook5.patch
* Tue Dec 06 2022 kukuk@suse.com
- pam_pwhistory-docu.patch, docbook5.patch: convert docu to
docbook5
* Thu Dec 01 2022 kukuk@suse.com
- pam-git.diff: update to current git
- obsoletes pam-hostnames-in-access_conf.patch
- obsoletes tst-pam_env-retval.c
- pam_env_econf.patch refresh
* Tue Nov 22 2022 kukuk@suse.com
- Move pam_env config files below /usr/etc
* Tue Oct 11 2022 schubi@suse.com
- pam_env: Using libeconf for reading configuration and environment
files. (Patch: pam_env_econf.patch; Testcase: tst-pam_env-retval.c)
* Fri Jun 17 2022 kukuk@suse.com
- Keep old directory in filelist for migration
* Wed Jun 01 2022 kukuk@suse.com
- Move PAM config files from /usr/etc/pam.d to /usr/lib/pam.d
* Fri Mar 11 2022 kukuk@suse.com
- pam-hostnames-in-access_conf.patch: update with upstream
submission. Fixes several bugs including memory leaks.
* Wed Feb 09 2022 kukuk@suse.com
- Move group.conf and faillock.conf to /usr/etc/security
* Mon Feb 07 2022 kukuk@suse.com
- Update to current git for enhanced vendordir support (pam-git.diff)
Obsoletes:
- 0001-Include-pam_xauth_data.3.xml-in-source-archive-400.patch
- 0002-Only-include-vendordir-in-manual-page-if-set-401.patch
- 0003-Use-vendor-specific-limits.conf-as-fallback-402.patch
* Mon Dec 13 2021 kukuk@suse.com
- Drop pam_umask-usergroups-login_defs.patch, does more harm
than helps. If not explizit specified as module option, we
use UMASK from login.defs unmodified.
* Thu Nov 25 2021 kukuk@suse.com
- Don't define doc/manpages packages in main build
* Wed Nov 24 2021 kukuk@suse.com
- Add missing recommends and split provides
* Wed Nov 24 2021 kukuk@suse.com
- Use multibuild to build docu with correct paths and available
features.
* Mon Nov 22 2021 kukuk@suse.com
- common-session: move pam_systemd to first position as if the
file would have been generated with pam-config
- Add vendordir fixes and enhancements from upstream:
- pam_xauth_data.3.xml.patch
- 0001-Include-pam_xauth_data.3.xml-in-source-archive-400.patch
- 0002-Only-include-vendordir-in-manual-page-if-set-401.patch
- 0003-Use-vendor-specific-limits.conf-as-fallback-402.patch
- For buggy bot: Makefile-pam_unix-nis.diff belonged to the other
spec file.
* Wed Nov 17 2021 sbrabec@suse.com
- Update pam-login_defs-check.sh regexp and
login_defs-support-for-pam symbol to version 1.5.2
(new variable HMAC_CRYPTO_ALGO).
* Tue Nov 02 2021 gmbr3@opensuse.org
- Add /run/pam_timestamp to pam.tmpfiles
* Tue Oct 12 2021 josef.moellers@suse.com
- Corrected macro definition of %_pam_moduledir:
%_pam_moduledir %{_libdir}/security
[macros.pam]
* Wed Oct 06 2021 josef.moellers@suse.com
- Prepend a slash to the expansion of %{_lib} in macros.pam as
this are defined without a leading slash!
* Wed Sep 15 2021 kukuk@suse.com
- Rename motd.tmpfiles to pam.tmpfiles
- Add /run/faillock directory
* Fri Sep 10 2021 kukuk@suse.com
- pam-login_defs-check.sh: adjust for new login.defs variable usages
* Mon Sep 06 2021 josef.moellers@suse.com
- Update to 1.5.2
Noteworthy changes in Linux-PAM 1.5.2:
* pam_exec: implemented quiet_log option.
* pam_mkhomedir: added support of HOME_MODE and UMASK from
/etc/login.defs.
* pam_timestamp: changed hmac algorithm to call openssl instead
of the bundled sha1 implementation if selected, added option
to select the hash algorithm to use with HMAC.
* Added pkgconfig files for provided libraries.
* Added --with-systemdunitdir configure option to specify systemd
unit directory.
* Added --with-misc-conv-bufsize configure option to specify the
buffer size in libpam_misc's misc_conv() function, raised the
default value for this parameter from 512 to 4096.
* Multiple minor bug fixes, portability fixes, documentation
improvements, and translation updates.
pam_tally2 has been removed upstream, remove pam_tally2-removal.patch
pam_cracklib has been removed from the upstream sources. This
obsoletes pam-pam_cracklib-add-usersubstr.patch and
pam_cracklib-removal.patch.
The following patches have been accepted upstream and, so,
are obsolete:
- pam-bsc1181443-make-nofile-unlimited-mean-nr_open.patch
- pam_securetty-don-t-complain-about-missing-config.patch
- bsc1184358-prevent-LOCAL-from-being-resolved.patch
- revert-check_shadow_expiry.diff
[Linux-PAM-1.5.2-docs.tar.xz, Linux-PAM-1.5.2-docs.tar.xz.asc,
Linux-PAM-1.5.2.tar.xz, Linux-PAM-1.5.2.tar.xz.asc,
pam-pam_cracklib-add-usersubstr.patch, pam_cracklib-removal.patch,
pam-bsc1181443-make-nofile-unlimited-mean-nr_open.patch,
pam_securetty-don-t-complain-about-missing-config.patch,
bsc1184358-prevent-LOCAL-from-being-resolved.patch,
revert-check_shadow_expiry.diff]
* Thu Aug 12 2021 kukuk@suse.com
- pam_umask-usergroups-login_defs.patch: Deprecate pam_umask
explicit "usergroups" option and instead read it from login.def's
"USERGROUP_ENAB" option if umask is only defined there.
[bsc#1189139]
* Tue Aug 03 2021 pgajdos@suse.com
- package man5/motd.5 as a man-pages link to man8/pam_motd.8
[bsc#1188724]
* Tue Jul 13 2021 kukuk@suse.com
- revert-check_shadow_expiry.diff: revert wrong
CRYPT_SALT_METHOD_LEGACY check.
* Fri Jun 25 2021 gmbr3@opensuse.org
- Create /run/motd.d
* Wed Jun 09 2021 lnussel@suse.de
- Remove legacy pre-usrmerge compat code (removed pam-usrmerge.diff)
- Backport patch to not install /usr/etc/securetty (boo#1033626) ie
no distro defaults and don't complain about it missing
(pam_securetty-don-t-complain-about-missing-config.patch)
- add debug bcond to be able to build pam with debug output easily
- add macros file to allow other packages to stop hardcoding
directory names. Compatible with Fedora.
* Mon May 10 2021 josef.moellers@suse.com
- In the 32-bit compatibility package for 64-bit architectures,
require "systemd-32bit" to be also installed as it contains
pam_systemd.so for 32 bit applications.
[bsc#1185562, baselibs.conf]
* Wed Apr 07 2021 josef.moellers@suse.com
- If "LOCAL" is configured in access.conf, and a login attempt from
a remote host is made, pam_access tries to resolve "LOCAL" as
a hostname and logs a failure.
Checking explicitly for "LOCAL" and rejecting access in this case
resolves this issue.
[bsc#1184358, bsc1184358-prevent-LOCAL-from-being-resolved.patch]
* Wed Mar 31 2021 josef.moellers@suse.com
- pam_limits: "unlimited" is not a legitimate value for "nofile"
(see setrlimit(2)). So, when "nofile" is set to one of the
"unlimited" values, it is set to the contents of
"/proc/sys/fs/nr_open" instead.
Also changed the manpage of pam_limits to express this.
[bsc#1181443, pam-bsc1181443-make-nofile-unlimited-mean-nr_open.patch]
* Thu Feb 18 2021 kukuk@suse.com
- Add missing conflicts for pam_unix-nis
* Tue Feb 16 2021 kukuk@suse.com
- Split out pam_unix module and build without NIS support
* Fri Nov 27 2020 kukuk@suse.com
- Update to 1.5.1
- pam_unix: fixed CVE-2020-27780 - authentication bypass when a user
doesn't exist and root password is blank [bsc#1179166]
- pam_faillock: added nodelay option to not set pam_fail_delay
- pam_wheel: use pam_modutil_user_in_group to check for the group membership
with getgrouplist where it is available
* Thu Nov 26 2020 lnussel@suse.de
- add macros.pam to abstract directory for pam modules
* Thu Nov 19 2020 kukuk@suse.com
- Update to 1.5.0
- obsoletes pam-bsc1178727-initialize-daysleft.patch
- Multiple minor bug fixes, portability fixes, and documentation improvements.
- Extended libpam API with pam_modutil_check_user_in_passwd function.
- pam_faillock: changed /run/faillock/$USER permissions from 0600 to 0660.
- pam_motd: read motd files with target user credentials skipping unreadable ones.
- pam_pwhistory: added a SELinux helper executable.
- pam_unix, pam_usertype: implemented avoidance of certain timing attacks.
- pam_wheel: implemented PAM_RUSER fallback for the case when getlogin fails.
- pam_env: Reading of the user environment is deprecated and will be removed
at some point in the future.
- libpam: pam_modutil_drop_priv() now correctly sets the target user's
supplementary groups, allowing pam_motd to filter messages accordingly
- Refresh pam-xauth_ownership.patch
- pam_tally2-removal.patch: Re-add pam_tally2 for deprecated sub-package
- pam_cracklib-removal.patch: Re-add pam_cracklib for deprecated sub-package
* Wed Nov 18 2020 josef.moellers@suse.com
- pam_cracklib: added code to check whether the password contains
a substring of of the user's name of at least <N> characters length
in some form.
This is enabled by the new parameter "usersubstr=<N>"
See https://github.com/libpwquality/libpwquality/commit/bfef79dbe6aa525e9557bf4b0a61e6dde12749c4
[jsc#SLE-16719, jsc#SLE-16720, pam-pam_cracklib-add-usersubstr.patch]
* Wed Nov 18 2020 josef.moellers@suse.com
- pam_xauth.c: do not free() a string which has been (successfully)
passed to putenv().
[bsc#1177858, pam-bsc1177858-dont-free-environment-string.patch]
* Fri Nov 13 2020 josef.moellers@suse.com
- Initialize pam_unix pam_sm_acct_mgmt() local variable "daysleft"
to avoid spurious (and misleading)
Warning: your password will expire in ... days.
fixed upstream with commit db6b293046a
[bsc#1178727, pam-bsc1178727-initialize-daysleft.patch]
* Tue Nov 10 2020 kukuk@suse.com
- Enable pam_faillock [bnc#1171562]
* Thu Oct 29 2020 lnussel@suse.de
- prepare usrmerge (boo#1029961, pam-usrmerge.diff)
* Thu Oct 08 2020 josef.moellers@suse.com
- /usr/bin/xauth chokes on the old user's $HOME being on an NFS
file system. Run /usr/bin/xauth using the old user's uid/gid
Patch courtesy of Dr. Werner Fink.
[bsc#1174593, pam-xauth_ownership.patch]
* Thu Oct 08 2020 sbrabec@suse.com
- pam-login_defs-check.sh: Fix the regexp to get a real variable
list (boo#1164274).
* Wed Jun 24 2020 josef.moellers@suse.com
- Revert the previous change [SR#815713].
The group is not necessary for PAM functionality but used only
during testing. The test system should therefore create this group.
[bsc#1171016, pam.spec]
* Mon Jun 15 2020 josef.moellers@suse.com
- Add requirement for group "wheel" to spec file.
[bsc#1171016, pam.spec]
* Mon Jun 08 2020 kukuk@suse.com
- Update to final 1.4.0 release
- includes pam-check-user-home-dir.patch
- obsoletes fix-man-links.dif
* Mon Jun 08 2020 kukuk@suse.com
- common-password: remove pam_cracklib, as that is deprecated.
* Thu May 28 2020 josef.moellers@suse.com
- pam_setquota.so:
When setting quota, don't apply any quota if the user's $HOME is
a mountpoint (ie the user has a partition of his/her own).
[bsc#1171721, pam-check-user-home-dir.patch]
* Wed May 27 2020 kukuk@suse.com
- Update to current Linux-PAM snapshot
- pam_tally* and pam_cracklib got deprecated
- Disable pam_faillock and pam_setquota until they are whitelisted
* Tue May 12 2020 josef.moellers@suse.com
- Adapted patch pam-hostnames-in-access_conf.patch for new version
New version obsoleted patch use-correct-IP-address.patch
[pam-hostnames-in-access_conf.patch,
use-correct-IP-address.patch]
* Tue May 12 2020 kukuk@suse.com
- Update to current Linux-PAM snapshot
- Obsoletes pam_namespace-systemd.diff
* Tue May 12 2020 kukuk@suse.com
- Update to current Linux-PAM snapshot
- Add pam_faillock
- Multiple minor bug fixes and documentation improvements
- Fixed grammar of messages printed via pam_prompt
- Added support for a vendor directory and libeconf
- configure: Allowed disabling documentation through --disable-doc
- pam_get_authtok_verify: Avoid duplicate password verification
- pam_env: Changed the default to not read the user .pam_environment file
- pam_group, pam_time: Fixed logical error with multiple ! operators
- pam_keyinit: In pam_sm_setcred do the same as in pam_sm_open_session
- pam_lastlog: Do not log info about failed login if the session was opened
with PAM_SILENT flag
- pam_lastlog: Limit lastlog file use by LASTLOG_UID_MAX option in login.defs
- pam_lastlog: With 'unlimited' option prevent SIGXFSZ due to reduced 'fsize'
limit
- pam_motd: Export MOTD_SHOWN=pam after showing MOTD
- pam_motd: Support multiple motd paths specified, with filename overrides
- pam_namespace: Added a systemd service, which creates the namespaced
instance parent directories during boot
- pam_namespace: Support for noexec, nosuid and nodev flags for tmpfs mounts
- pam_shells: Recognize /bin/sh as the default shell
- pam_succeed_if: Support lists in group membership checks
- pam_tty_audit: If kernel audit is disabled return PAM_IGNORE
- pam_umask: Added new 'nousergroups' module argument and allowed specifying
the default for usergroups at build-time
- pam_unix: Added 'nullresetok' option to allow resetting blank passwords
- pam_unix: Report unusable hashes found by checksalt to syslog
- pam_unix: Support for (gost-)yescrypt hashing methods
- pam_unix: Use bcrypt b-variant when it bcrypt is chosen
- pam_usertype: New module to tell if uid is in login.defs ranges
- Added new API call pam_start_confdir() for special applications that
cannot use the system-default PAM configuration paths and need to
explicitly specify another path
- pam_namespace-systemd.diff: fix path of pam_namespace.services
* Thu Apr 02 2020 lnussel@suse.de
- own /usr/lib/motd.d/ so other packages can add files there
* Tue Mar 24 2020 josef.moellers@suse.com
- Listed all manual pages seperately as pam_userdb.8 has been moved
to pam-extra.
Also %exclude %{_defaultdocdir}/pam as the docs are in a separate
package.
[pam.spec]
* Mon Mar 16 2020 josef.moellers@suse.com
- pam_userdb moved to a new package pam-extra as pam-modules
is obsolete and not part of SLE.
[bsc#1166510, pam.spec]
* Thu Mar 12 2020 josef.moellers@suse.com
- Removed pam_userdb from this package and moved to pam-modules.
This removed the requirement for libdb.
Also made "xz" required for all releases.
Remove limits for nproc from /etc/security/limits.conf
[bsc#1164562, bsc#1166510, bsc#1110700, pam.spec]
* Wed Feb 19 2020 kukuk@suse.de
- Recommend login.defs only (no hard requirement)
* Tue Sep 24 2019 kukuk@suse.com
- Update to version 1.3.1+git20190923.ea78d67:
* Fixed missing quotes in configure script
* Add support for a vendor directory and libeconf (#136)
* pam_lastlog: document the 'unlimited' option
* pam_lastlog: prevent crash due to reduced 'fsize' limit
* pam_unix_sess.c add uid for opening session
* Fix the man page for "pam_fail_delay()"
* Fix a typo
* Update a function comment
- drop usr-etc-support.patch (accepted upstream)
* Thu Sep 05 2019 kukuk@suse.de
- Add migration support from /etc to /usr/etc during upgrade
* Wed Sep 04 2019 kukuk@suse.com
- Update to version 1.3.1+git20190902.9de67ee:
* pwhistory: fix read of uninitialized data and memory leak when modifying opasswd
* Tue Aug 27 2019 kukuk@suse.com
- Update to version 1.3.1+git20190826.1b087ed:
* libpam/pam_modutil_sanitize.c: optimize the way to close fds
* Thu Aug 22 2019 jengelh@inai.de
- Replace old $RPM_* shell vars by macros.
- Avoid unnecessary invocation of subshells.
- Shorten recipe for constructing securetty contents on s390.
* Mon Aug 19 2019 kukuk@suse.de
- usr-etc-support.patch: Add support for /usr/etc/pam.d
* Mon Aug 19 2019 kukuk@suse.de
- encryption_method_nis.diff: obsolete, NIS clients shouldn't
require DES anymore.
- etc.environment: removed, the sources contain the same
* Mon Aug 19 2019 kukuk@suse.com
- Update to version 1.3.1+git20190807.e31dd6c:
* pam_tty_audit: Manual page clarification about password logging
* pam_get_authtok_verify: Avoid duplicate password verification
* Mention that ./autogen.sh is needeed to be run if you check out the sources from git
* pam_unix: Correct MAXPASS define name in the previous two commits.
* Restrict password length when changing password
* Trim password at PAM_MAX_RESP_SIZE chars
* pam_succeed_if: Request user data only when needed
* pam_tally2: Remove unnecessary fsync()
* Fixed a grammer mistake
* Fix documentation for pam_wheel
* Fix a typo in the documentation
* pam_lastlog: Improve silent option documentation
* pam_lastlog: Respect PAM_SILENT flag
* Fix regressions from the last commits.
* Replace strndupa with strncpy
* build: ignore pam_lastlog when logwtmp is not available.
* build: ignore pam_rhosts if neither ruserok nor ruserok_af is available.
* pam_motd: Cleanup the code and avoid unnecessary logging
* pam_lastlog: Limit lastlog file use by LASTLOG_UID_MAX option in login.defs.
* Move the duplicated search_key function to pam_modutil.
* pam_unix: Use pam_syslog instead of helper_log_err.
* pam_unix: Report unusable hashes found by checksalt to syslog.
* Revert "pam_unix: Add crypt_default method, if supported."
* pam_unix: Add crypt_default method, if supported.
* Revert part of the commit 4da9febc
* pam_unix: Add support for (gost-)yescrypt hashing methods.
* pam_unix: Fix closing curly brace. (#77)
* pam_unix: Add support for crypt_checksalt, if libcrypt supports it.
* pam_unix: Prefer a gensalt function, that supports auto entropy.
* pam_motd: Fix segmentation fault when no motd_dir specified (#76)
* pam_motd: Support multiple motd paths specified, with filename overrides (#69)
* pam_unix: Use bcrypt b-variant for computing new hashes.
* pam_tally, pam_tally2: fix grammar and spelling (#54)
* Fix grammar of messages printed via pam_prompt
* pam_stress: do not mark messages for translation
* pam_unix: remove obsolete _UNIX_AUTHTOK, _UNIX_OLD_AUTHTOK, and _UNIX_NEW_AUTHTOK macros
* pam_unix: remove obsolete _unix_read_password prototype
* Thu May 02 2019 sbrabec@suse.com
- Add virtual symbols for login.defs compatibility (bsc#1121197).
- Add login.defs safety check pam-login_defs-check.sh
(bsc#1121197).
* Thu Nov 15 2018 josef.moellers@suse.com
- When comparing an incoming IP address with an entry in
access.conf that only specified a single host (ie no netmask),
the incoming IP address was used rather than the IP address from
access.conf, effectively comparing the incoming address with
itself. (Also fixed a small typo while I was at it)
{bsc#1115640, use-correct-IP-address.patch, CVE-2018-17953]
* Mon Oct 22 2018 josef.moellers@suse.com
- Upgrade to 1.3.1
* pam_motd: add support for a motd.d directory
* pam_umask: Fix documentation to align with order of loading umask
* pam_get_user.3: Fix missing word in documentation
* pam_tally2 --reset: avoid creating a missing tallylog file
* pam_mkhomedir: Allow creating parent of homedir under /
* access.conf.5: Add note about spaces around ':'
* pam.8: Workaround formatting problem
* pam_unix: Check return value of malloc used for setcred data
* pam_cracklib: Drop unused prompt macros
* pam_tty_audit: Support matching users by uid range
* pam_access: support parsing files in /etc/security/access.d/*.conf
* pam_localuser: Correct documentation
* pam_issue: Fix no prompting in parse escape codes mode
* Unification and cleanup of syslog log levels
Also: removed nproc limit, referred to systemd instead.
Patch5 (pam-fix-config-order-in-manpage.patch) not needed any more.
[bsc#1112508, pam-fix-config-order-in-manpage.patch]
* Fri Aug 24 2018 psimons@suse.com
- Add libdb as build-time dependency to enable pam_userdb module.
This module is useful for implementing virtual user support for
vsftpd and possibly other daemons, too. [bsc#929711, fate#322538]
* Fri Jul 13 2018 sbrabec@suse.com
- Install empty directory /etc/security/namespace.d for
pam_namespace.so iscript.
* Thu May 03 2018 josef.moellers@suse.com
- pam_umask.8 needed to be patched as well.
[bsc#1089884, pam-fix-config-order-in-manpage.patch]
* Wed May 02 2018 josef.moellers@suse.com
- Changed order of configuration files to reflect actual code.
[bsc#1089884, pam-fix-config-order-in-manpage.patch]
* Thu Feb 22 2018 fvogt@suse.com
- Use %license (boo#1082318)
* Thu Oct 12 2017 schwab@suse.de
- Prerequire group(shadow), user(root)
* Fri Jan 27 2017 josef.moellers@suse.com
- Allow symbolic hostnames in access.conf file.
[pam-hostnames-in-access_conf.patch, boo#1019866]
* Thu Dec 08 2016 josef.moellers@suse.com
- Increased nproc limits for non-privileged users to 4069/16384.
Removed limits for "root".
[pam-limit-nproc.patch, bsc#1012494, bsc#1013706]
* Sun Jul 31 2016 develop7@develop7.info
- pam-limit-nproc.patch: increased process limit to help
Chrome/Chromuim users with really lots of tabs. New limit gets
closer to UserTasksMax parameter in logind.conf
* Thu Jul 28 2016 kukuk@suse.de
- Add doc directory to filelist.
* Mon May 02 2016 kukuk@suse.de
- Remove obsolete README.pam_tally [bsc#977973]
* Thu Apr 28 2016 kukuk@suse.de
- Update Linux-PAM to version 1.3.0
- Rediff encryption_method_nis.diff
- Link pam_unix against libtirpc and external libnsl to enable
IPv6 support.
* Thu Apr 14 2016 kukuk@suse.de
- Add /sbin/unix2_chkpwd (moved from pam-modules)
* Mon Apr 11 2016 kukuk@suse.de
- Remove (since accepted upstream):
- 0001-Remove-YP-dependencies-from-pam_access-they-were-nev.patch
- 0002-Remove-enable-static-modules-option-and-support-from.patch
- 0003-fix-nis-checks.patch
- 0004-PAM_EXTERN-isn-t-needed-anymore-but-don-t-remove-it-.patch
- 0005-Use-TI-RPC-functions-if-we-compile-and-link-against-.patch
* Fri Apr 01 2016 kukuk@suse.de
- Add 0005-Use-TI-RPC-functions-if-we-compile-and-link-against-.patch
- Replace IPv4 only functions
* Fri Apr 01 2016 kukuk@suse.de
- Fix typo in common-account.pamd [bnc#959439]
* Tue Mar 29 2016 kukuk@suse.de
- Add 0004-PAM_EXTERN-isn-t-needed-anymore-but-don-t-remove-it-.patch
- readd PAM_EXTERN for external PAM modules
* Wed Mar 23 2016 kukuk@suse.de
- Add 0001-Remove-YP-dependencies-from-pam_access-they-were-nev.patch
- Add 0002-Remove-enable-static-modules-option-and-support-from.patch
- Add 0003-fix-nis-checks.patch
* Sat Jul 25 2015 joschibrauchle@gmx.de
- Add folder /etc/security/limits.d as mentioned in 'man pam_limits'
* Fri Jun 26 2015 kukuk@suse.de
- Update to version 1.2.1
- security update for CVE-2015-3238
* Mon Apr 27 2015 kukuk@suse.de
- Update to version 1.2.0
- obsoletes Linux-PAM-git-20150109.diff
* Fri Jan 09 2015 kukuk@suse.de
- Re-add lost patch encryption_method_nis.diff [bnc#906660]
* Fri Jan 09 2015 kukuk@suse.de
- Update to current git:
- Linux-PAM-git-20150109.diff replaces Linux-PAM-git-20140127.diff
- obsoletes pam_loginuid-log_write_errors.diff
- obsoletes pam_xauth-sigpipe.diff
- obsoletes bug-870433_pam_timestamp-fix-directory-traversal.patch
* Fri Jan 09 2015 bwiedemann@suse.com
- increase process limit to 1200 to help chromium users with many tabs
* Tue May 06 2014 bwiedemann@suse.com
- limit number of processes to 700 to harden against fork-bombs
Add pam-limit-nproc.patch
* Wed Apr 09 2014 ckornacker@suse.com
- Fix CVE-2014-2583: pam_timestamp path injection (bnc#870433)
bug-870433_pam_timestamp-fix-directory-traversal.patch
* Tue Apr 01 2014 ckornacker@suse.com
- adding sclp_line0/ttysclp0 to /etc/securetty on s390 (bnc#869664)
* Mon Jan 27 2014 kukuk@suse.de
- Add pam_loginuid-log_write_errors.diff: log significant loginuid
write errors
- pam_xauth-sigpipe.diff: avoid potential SIGPIPE when writing to
xauth process
* Mon Jan 27 2014 kukuk@suse.de
- Update to current git (Linux-PAM-git-20140127.diff), which
obsoletes pam_loginuid-part1.diff, pam_loginuid-part2.diff and
Linux-PAM-git-20140109.diff.
- Fix gratuitous use of strdup and x_strdup
- pam_xauth: log fatal errors preventing xauth process execution
- pam_loginuid: cleanup loginuid buffer initialization
- libpam_misc: fix an inconsistency in handling memory allocation errors
- pam_limits: fix utmp->ut_user handling
- pam_mkhomedir: check and create home directory for the same user
- pam_limits: detect and ignore stale utmp entries
- Disable pam_userdb (remove db-devel from build requires)
* Fri Jan 10 2014 kukuk@suse.com
- Add pam_loginuid-part1.diff: Ignore missing /proc/self/loginuid
- Add pam_loginuid-part2.diff: Workaround to run pam_loginuid inside lxc
* Thu Jan 09 2014 kukuk@suse.de
- Update to current git (Linux-PAM-git-20140109.diff, which
replaces pam_unix.diff and encryption_method_nis.diff)
- pam_access: fix debug level logging
- pam_warn: log flags passed to the module
- pam_securetty: check return value of fgets
- pam_lastlog: fix format string
- pam_loginuid: If the correct loginuid is already set, skip writing it
* Fri Nov 29 2013 schwab@linux-m68k.org
- common-session.pamd: add missing newline
* Thu Nov 28 2013 kukuk@suse.de
- Remove libtrpc support to solve dependency/build cycles, plain
glibc is enough for now.
* Tue Nov 12 2013 kukuk@suse.de
- Add encryption_method_nis.diff:
- implement pam_unix2 functionality to use another hash for
NIS passwords.
* Fri Nov 08 2013 kukuk@suse.de
- Add pam_unix.diff:
- fix if /etc/login.defs uses DES
- ask always for old password if a NIS password will be changed
* Sat Sep 28 2013 mc@suse.com
- fix manpages links (bnc#842872) [fix-man-links.dif]
* Fri Sep 20 2013 hrvoje.senjan@gmail.com
- Explicitly add pam_systemd.so to list of modules in
common-session.pamd (bnc#812462)
* Fri Sep 20 2013 kukuk@suse.de
- Update to official release 1.1.8 (1.1.7 + git-20130916.diff)
- Remove needless pam_tally-deprecated.diff patch
* Mon Sep 16 2013 kukuk@suse.de
- Replace fix-compiler-warnings.diff with current git snapshot
(git-20130916.diff) for pam_unix.so:
- fix glibc warnings
- fix syntax error in SELinux code
- fix crash at login
* Thu Sep 12 2013 kukuk@suse.de
- Remove pam_unix-login.defs.diff, not needed anymore
* Thu Sep 12 2013 kukuk@suse.de
- Update to version 1.1.7 (bugfix release)
- Drop missing-DESTDIR.diff and pam-fix-includes.patch
- fix-compiler-warnings.diff: fix unchecked setuid return code
* Tue Aug 06 2013 mc@suse.de
- adding hvc0-hvc7 to /etc/securetty on s390 (bnc#718516)
* Mon May 27 2013 kukuk@suse.de
- Fix typo in common-password [bnc#821526]
* Fri Apr 26 2013 mmeister@suse.com
- Added libtool as BuildRequire, and autoreconf -i option to fix
build with new automake
* Tue Feb 05 2013 kukuk@suse.de
- Update pam_unix-login.defs.diff patch to the final upstream
version.
* Tue Feb 05 2013 kukuk@suse.de
- Adjust URL
- Add set_permission macro and PreReq
- Read default encryption method from /etc/login.defs
(pam_unix-login.defs.diff)
* Fri Jan 25 2013 kukuk@suse.com
- Remove deprecated pam_tally.so module, it's too buggy and can
destroy config and log files.
* Mon Nov 12 2012 kukuk@suse.de
- Sync common-*.pamd config with pam-config (use pam_unix.so as
default).
* Wed Sep 19 2012 kukuk@suse.de
- Fix building in Factory (add patch missing-DESTDIR.diff)
* Fri Sep 14 2012 kukuk@suse.de
- Update to Linux-PAM 1.1.6
- Update translations
- pam_cracklib: Add more checks for weak passwords
- pam_lastlog: Never lock out root
- Lot of bug fixes and smaller enhancements
* Thu Jun 21 2012 aj@suse.de
- Include correct headers for getrlimit (add patch pam-fix-includes.patch).
* Mon Apr 23 2012 jengelh@medozas.de
- Update homepage URL in specfile
* Sat Mar 03 2012 jengelh@medozas.de
- Update to new upstream release 1.1.5
* pam_env: Fix CVE-2011-3148: correctly count leading whitespace
when parsing environment file in pam_env
* Fix CVE-2011-3149: when overflowing, exit with PAM_BUF_ERR in
pam_env
* pam_access: Add hostname resolution cache
* Tue Oct 25 2011 mc@suse.de
- pam_tally2: remove invalid options from manpage (bnc#726071)
- fix possible overflow and DOS in pam_env (bnc#724480)
CVE-2011-3148, CVE-2011-3149
* Mon Jun 27 2011 kukuk@suse.de
- Update to version 1.1.4
* pam_securetty: Honour console= kernel option, add noconsole option
* pam_limits: Add %group syntax, drop change_uid option, add set_all option
* Lot of small bug fixes
* Add support for libtirpc
- Build against libtirpc
* Thu May 26 2011 cfarrell@novell.com
- license update: GPL-2.0+ or BSD-3-Clause
Updating to spdx.org/licenses syntax as legal-auto for some reason did
not accept the previous spec file license
* Wed May 25 2011 kukuk@suse.de
- Remove libxcrypt-devel from BuildRequires
* Wed Feb 23 2011 vcizek@novell.com
- bnc#673826 rework
* manpage is left intact, as it was
* correct parsing of "quiet" option
* Wed Feb 23 2011 vcizek@novell.com
- fix for bnc#673826 (pam_listfile)
* removed unnecessary logging when listfile is missing and quiet
option is specified
* manpage is also updated, to reflect that all option
require values
* Thu Oct 28 2010 kukuk@suse.de
- Update to Linux-PAM 1.1.3
- fixes CVE-2010-3853, CVE-2010-3431, CVE-2010-3430
- pam_unix: Add minlen option, change default from 6 to 0
* Tue Aug 31 2010 kukuk@suse.de
- Update to Linux-PAM 1.1.2
* Mon Jun 28 2010 jengelh@medozas.de
- use %_smp_mflags
* Mon May 10 2010 kukuk@suse.de
- Update to current CVS version (pam_rootok: Add support for
chauthtok and acct_mgmt, [bnc#533249])
* Thu Mar 11 2010 kukuk@suse.de
- Install correct documentation
* Wed Dec 16 2009 kukuk@suse.de
- Update to Linux-PAM 1.1.1 (bug fix release)
* Sat Dec 12 2009 jengelh@medozas.de
- add baselibs.conf as a source
* Wed Dec 09 2009 jengelh@medozas.de
- enable parallel building
* Fri Jun 26 2009 kukuk@suse.de
- Add fixes from CVS
* Wed Jun 24 2009 kukuk@suse.de
- Update to final version 1.1.0 (spelling fixes)
* Tue May 05 2009 kukuk@suse.de
- Update to version 1.0.92:
* Update translations
* pam_succeed_if: Use provided username
* pam_mkhomedir: Fix handling of options
* Fri Apr 03 2009 rguenther@suse.de
- Remove cracklib-dict-full and pwdutils BuildRequires again.
* Fri Mar 27 2009 kukuk@suse.de
- Update to version 1.0.91 aka 1.1 Beta2:
* Changes in the behavior of the password stack. Results of
PRELIM_CHECK are not used for the final run.
* Redefine LOCAL keyword of pam_access configuration file
* Add support for try_first_pass and use_first_pass to
pam_cracklib
* New password quality tests in pam_cracklib
* Add support for passing PAM_AUTHTOK to stdin of helpers from
pam_exec
* New options for pam_lastlog to show last failed login attempt and
to disable lastlog update
* New pam_pwhistory module to store last used passwords
* New pam_tally2 module similar to pam_tally with wordsize independent
tally data format, obsoletes pam_tally
* Make libpam not log missing module if its type is prepended with '-'
* New pam_timestamp module for authentication based on recent successful
login.
* Add blowfish support to pam_unix.
* Add support for user specific environment file to pam_env.
* Add pam_get_authtok to libpam as Linux-PAM extension.
* Wed Feb 11 2009 ro@suse.de
- use sr@latin instead of sr@Latn
* Thu Feb 05 2009 kukuk@suse.de
- Log failures of setrlimit in pam_limits [bnc#448314]
- Fix using of requisite in password stack [bnc#470337]
* Tue Jan 20 2009 kukuk@suse.de
- Regenerate documentation [bnc#448314]
* Wed Dec 10 2008 olh@suse.de
- use Obsoletes: -XXbit only for ppc64 to help solver during distupgrade
(bnc#437293)
* Thu Dec 04 2008 olh@suse.de
- obsolete old -XXbit packages (bnc#437293)
* Thu Nov 27 2008 mc@suse.de
- enhance the man page for limits.conf (bnc#448314)
* Mon Nov 24 2008 kukuk@suse.de
- pam_time: fix parsing if '|' is used [bdo#326407]
* Wed Nov 19 2008 kukuk@suse.de
- pam_xauth: update last patch
- pam_pwhistory: add missing type option
* Tue Nov 04 2008 mc@suse.de
- pam_xauth: put XAUTHLOCALHOSTNAME into new enviroment
(bnc#441314)
* Fri Oct 17 2008 kukuk@suse.de
- Add pam_tally2
- Regenerate Documentation
* Sat Oct 11 2008 kukuk@suse.de
- Enhance pam_lastlog with status output
- Add pam_pwhistory as tech preview
* Fri Sep 26 2008 kukuk@suse.de
- pam_tally: fix fd leak
- pam_mail: fix "quiet" option
* Fri Aug 29 2008 kukuk@suse.de
- Update to version 1.0.2 (fix SELinux regression)
- enhance pam_tally [FATE#303753]
- Backport fixes from CVS
* Wed Aug 20 2008 prusnak@suse.cz
- enabled SELinux support [Fate#303662]
* Wed Apr 16 2008 kukuk@suse.de
- Update to version 1.0.1:
- Fixes regression in pam_set_item().
* Thu Apr 10 2008 ro@suse.de
- added baselibs.conf file to build xxbit packages
for multilib support
* Fri Apr 04 2008 kukuk@suse.de
- Remove devfs lines from securetty [bnc#372241]
* Thu Apr 03 2008 kukuk@suse.de
- Update to version 1.0.0:
- Official first "stable" release
- bug fixes
- translation updates
* Fri Feb 15 2008 kukuk@suse.de
- Update to version 0.99.10.0:
- New substack directive in config file syntax
- New module pam_tty_audit.so for enabling and disabling tty
auditing
- New PAM items PAM_XDISPLAY and PAM_XAUTHDATA
- Improved functionality of pam_namespace.so module (method flags,
namespace.d configuration directory, new options).
- Finaly removed deprecated pam_rhosts_auth module.
* Wed Oct 10 2007 kukuk@suse.de
- Update to version 0.99.9.0:
- misc_conv no longer blocks SIGINT; applications that don't want
user-interruptable prompts should block SIGINT themselves
- Merge fixes from Debian
- Fix parser for pam_group and pam_time
* Wed Jul 18 2007 kukuk@suse.de
- Update to version 0.99.8.1:
- Fix regression in pam_audit
* Fri Jul 06 2007 kukuk@suse.de
- Update to version 0.99.8.0:
- Add translations for ar, ca, da, ru, sv and zu.
- Update hungarian translation.
- Add support for limits.d directory to pam_limits.
- Add minclass option to pam_cracklib
- Add new group syntax to pam_access
* Thu Apr 19 2007 mc@suse.de
- move the documentation into a seperate package (pam-doc)
[partly fixes Bug #265733]
* Mon Mar 26 2007 rguenther@suse.de
- add flex and bison BuildRequires
* Wed Jan 24 2007 mc@suse.de
- add %verify_permissions for /sbin/unix_chkpwd
[#237625]
* Tue Jan 23 2007 kukuk@suse.de
- Update to Version 0.99.7.1 (security fix)
* Wed Jan 17 2007 kukuk@suse.de
- Update to Version 0.99.7.0
* Add manual page for pam_unix.so.
* Add pam_faildelay module to set pam_fail_delay() value.
* Fix possible seg.fault in libpam/pam_set_data().
* Cleanup of configure options.
* Update hungarian translation, fix german translation.
* Wed Jan 17 2007 lnussel@suse.de
- install unix_chkpwd setuid root instead of setgid shadow (#216816)
* Tue Oct 24 2006 kukuk@suse.de
- pam_unix.so/unix_chkpwd: teach about blowfish [#213929]
- pam_namespace.so: Fix two possible buffer overflow
- link against libxcrypt
* Sat Oct 07 2006 kukuk@suse.de
- Update hungarian translation [#210091]
* Tue Sep 19 2006 kukuk@suse.de
- Don't remove pam_unix.so
- Use cracklib again (goes lost with one of the last cleanups)
* Thu Sep 14 2006 kukuk@suse.de
- Add pam_umask.so to common-session [Fate#3621]
* Wed Sep 06 2006 kukuk@suse.de
- Update to Linux-PAM 0.99.6.3 (merges all patches)
* Wed Aug 30 2006 kukuk@suse.de
- Update to Linux-PAM 0.99.6.2 (incorporate last change)
- Add pam_loginuid and fixes from CVS [Fate#300486]
* Wed Aug 23 2006 kukuk@suse.de
- Fix seg.fault in pam_cracklib if retyped password is empty
* Tue Aug 22 2006 kukuk@suse.de
- Remove use_first_pass from pam_unix2.so in password section
* Fri Aug 11 2006 kukuk@suse.de
- Update to Linux-PAM 0.99.6.1 (big documentation update)
* Fri Jul 28 2006 kukuk@suse.de
- Add missing namespace.init script
* Thu Jul 27 2006 kukuk@suse.de
- Reenable audit subsystem [Fate#300486]
* Wed Jun 28 2006 kukuk@suse.de
- Update to Linux-PAM 0.99.5.0 (more manual pages, three new PAM
modules: pam_keyinit, pam_namespace, pam_rhosts)
* Mon Jun 12 2006 kukuk@suse.de
- Update to current CVS (lot of new manual pages and docu)
* Tue May 30 2006 kukuk@suse.de
- Update to Linux-PAM 0.99.4.0 (merge all patches and translations)
* Wed May 24 2006 kukuk@suse.de
- Fix problems found by Coverity
* Wed May 17 2006 schwab@suse.de
- Don't strip binaries.
* Fri May 05 2006 kukuk@suse.de
- Fix pam_tally LFS support [#172492]
* Fri Apr 21 2006 kukuk@suse.de
- Update fr.po and pl.po
* Tue Apr 11 2006 kukuk@suse.de
- Update km.po
* Tue Apr 04 2006 kukuk@suse.de
- Remove obsolete pam-laus from the system
* Mon Mar 27 2006 kukuk@suse.de
- Update translations for pt, pl, fr, fi and cs
- Add translation for uk
* Tue Mar 21 2006 kukuk@suse.de
- Update hu.po
* Tue Mar 21 2006 kukuk@suse.de
- Add translation for tr
* Mon Mar 13 2006 kukuk@suse.de
- Fix order of NULL checks in pam_get_user
- Fix comment in pam_lastlog for translators to be visible in
pot file
- Docu update, remove pam_selinux docu
* Thu Mar 02 2006 kukuk@suse.de
- Update km translation
* Thu Feb 23 2006 kukuk@suse.de
- pam_lastlog:
- Initialize correct struct member [SF#1427401]
- Mark strftime fmt string for translation [SF#1428269]
* Sun Feb 19 2006 kukuk@suse.de
- Update more manual pages
* Sat Feb 18 2006 ro@suse.de
- really disable audit if header file not present
* Tue Feb 14 2006 kukuk@suse.de
- Update fi.po
- Add km.po
- Update pl.po
* Mon Feb 13 2006 kukuk@suse.de
- Update with better manual pages
* Thu Feb 09 2006 kukuk@suse.de
- Add translation for nl, update pt translation
* Fri Jan 27 2006 kukuk@suse.de
- Move devel manual pages to -devel package
- Mark PAM config files as noreplace
- Mark /etc/securetty as noreplace
- Run ldconfig
- Fix libdb/ndbm compat detection with gdbm
- Adjust german translation
- Add all services to pam_listfile
* Wed Jan 25 2006 mls@suse.de
- converted neededforbuild to BuildRequires
* Fri Jan 13 2006 kukuk@suse.de
- Update to Linux-PAM 0.99.3.0 release candiate tar balls
(new translations)
* Mon Jan 09 2006 kukuk@suse.de
- Fix NULL handling for LSB-pam test suite [#141240]
* Sun Jan 08 2006 kukuk@suse.de
- Fix usage of PAM_AUTHTOK_RECOVER_ERR vs. PAM_AUTHTOK_RECOVERY_ERR
* Fri Jan 06 2006 kukuk@suse.de
- NULL is allowed as thirs argument for pam_get_item [#141240]
* Wed Dec 21 2005 kukuk@suse.de
- Add fixes from CVS
* Thu Dec 15 2005 kukuk@suse.de
- Fix pam_lastlog: don't report error on first login
* Tue Dec 13 2005 kukuk@suse.de
- Update to 0.99.2.1
* Fri Dec 09 2005 kukuk@suse.de
- Add /etc/environment to avoid warnings in syslog
* Mon Dec 05 2005 kukuk@suse.de
- disable SELinux
* Wed Nov 23 2005 kukuk@suse.de
- Update getlogin() fix to final one
* Mon Nov 21 2005 kukuk@suse.de
- Fix PAM getlogin() implementation
* Mon Nov 21 2005 kukuk@suse.de
- Update to official 0.99.2.0 release
* Tue Nov 08 2005 kukuk@suse.de
- Update to new snapshot
* Mon Oct 10 2005 kukuk@suse.de
- Enable original pam_wheel module
* Tue Sep 27 2005 kukuk@suse.de
- Update to current CVS
- Compile libpam_misc with -fno-strict-aliasing
* Mon Sep 19 2005 kukuk@suse.de
- Update to current CVS
- Fix compiling of pammodutil with -fPIC
* Sun Sep 18 2005 kukuk@suse.de
- Update to current CVS
* Tue Aug 23 2005 kukuk@suse.de
- Update to new snapshot (Major version is back to 0)
* Fri Aug 19 2005 kukuk@suse.de
- Update to Linux-PAM 0.99.0.3 snapshot
* Mon Jul 11 2005 kukuk@suse.de
- Add pam_umask
* Mon Jul 04 2005 kukuk@suse.de
- Update to current CVS snapshot
* Thu Jun 23 2005 kukuk@suse.de
- Update to current CVS snapshot
- Add pam_loginuid
* Thu Jun 09 2005 kukuk@suse.de
- Update to current CVS snapshot
* Mon Jun 06 2005 kukuk@suse.de
- Don't reset priority [#81690]
- Fix creating of symlinks
* Fri May 20 2005 kukuk@suse.de
- Update to current CVS snapshot
- Real fix for [#82687] (don't include kernel header files)
* Thu May 12 2005 schubi@suse.de
- Bug 82687 - pam_client.h redefines __u8 and __u32
* Fri Apr 29 2005 kukuk@suse.de
- Apply lot of fixes from CVS (including SELinux support)
* Fri Apr 01 2005 kukuk@suse.de
- Update to final 0.79 release
* Mon Mar 14 2005 kukuk@suse.de
- Apply patch for pam_xauth to preserve DISPLAY variable [#66885]
* Mon Jan 24 2005 kukuk@suse.de
- Compile with large file support
* Mon Jan 24 2005 schubi@suse.de
- Made patch of latest CVS tree
- Removed patch pam_handler.diff ( included in CVS now )
- moved Linux-PAM-0.78.dif to pam_group_time.diff
* Wed Jan 05 2005 kukuk@suse.de
- Fix seg.fault, if a PAM config line is incomplete
* Thu Nov 18 2004 kukuk@suse.de
- Update to final 0.78
* Mon Nov 08 2004 kukuk@suse.de
- Add pam_env.so to common-auth
- Add pam_limit.so to common-session
* Wed Oct 13 2004 kukuk@suse.de
- Update to 0.78-Beta1
* Wed Sep 22 2004 kukuk@suse.de
- Create pam.d/common-{auth,account,password,session} and include
them in pam.d/other
- Update to current CVS version of upcoming 0.78 release
* Mon Aug 23 2004 kukuk@suse.de
- Update "code cleanup" patch
- Disable reading of /etc/environment in pam_env.so per default
* Thu Aug 19 2004 kukuk@suse.de
- Reenable a "fixed" version of "code cleanup" patch
- Use pam_wheel from pam-modules package
* Wed Aug 18 2004 kukuk@suse.de
- Disable "code cleanup" patch (no more comments about security
fixes)
* Fri Aug 13 2004 kukuk@suse.de
- Apply big "code cleanup" patch [Bug #39673]
* Fri Mar 12 2004 kukuk@suse.de
- pam_wheel: Use original getlogin again, PAM internal does not
work without application help [Bug #35682]
* Sun Jan 18 2004 meissner@suse.de
- We no longer have pam in the buildsystem, so we
need some buildroot magic flags for the dlopen tests.
* Thu Jan 15 2004 kukuk@suse.de
- Cleanup neededforbuild
* Fri Dec 05 2003 kukuk@suse.de
- Add manual pages from SLES8
* Fri Nov 28 2003 kukuk@suse.de
- Fix installing manual pages of modules
- Remove pthread check (db is now linked against pthread)
* Thu Nov 27 2003 kukuk@suse.de
- Merge with current CVS
- Apply bug fixes from bugtracking system
- Build as normal user
* Fri Nov 21 2003 kukuk@suse.de
- Compile with noexecstack
* Thu Nov 06 2003 kukuk@suse.de
- Fix pam_securetty CVS patch
* Wed Oct 29 2003 kukuk@suse.de
- Sync with current CVS version
* Thu Oct 02 2003 kukuk@suse.de
- Add patch to implement "include" statement in pamd files
* Wed Sep 10 2003 uli@suse.de
- added ttyS1 (VT220) to securetty on s390* (bug #29239)
* Mon Jul 28 2003 kukuk@suse.de
- Apply lot of fixes for various problems
* Tue Jun 10 2003 kukuk@suse.de
- Fix getlogin handling in pam_wheel.so
* Tue May 27 2003 ro@suse.de
- added cracklib-devel to neededforbuild
* Thu Feb 13 2003 kukuk@suse.de
- Update pam_localuser and pam_xauth.
* Wed Nov 13 2002 kukuk@suse.de
- Update to Linux-PAM 0.77 (minor bug fixes and enhancemants)
* Mon Nov 11 2002 ro@suse.de
- changed neededforbuild <sp> to <opensp>
* Sat Sep 14 2002 ro@suse.de
- changed securetty / use extra file
* Fri Sep 13 2002 bk@suse.de
- 390: standard console (4,64)/ttyS0 ->only ttyS0 in /etc/securetty
* Tue Aug 27 2002 kukuk@suse.de
- Call password checking helper from pam_unix.so whenever the
passwd field is invalid.
* Sat Aug 24 2002 kukuk@suse.de
- Don't build ps and pdf documentation
* Fri Aug 09 2002 kukuk@suse.de
- pam-devel requires pam [Bug #17543]
* Wed Jul 17 2002 kukuk@suse.de
- Remove explicit requires
* Wed Jul 10 2002 kukuk@suse.de
- Update to Linux-PAM 0.76
- Remove reentrant patch for original PAM modules (needs to be
rewritten for new PAM version)
- Add docu in PDF format
* Thu Jul 04 2002 kukuk@suse.de
- Fix build on different partitions
* Tue Apr 16 2002 mmj@suse.de
- Fix to not own /usr/shar/man/man3
* Wed Mar 13 2002 kukuk@suse.de
- Add /usr/include/security to pam-devel filelist
* Mon Feb 11 2002 ro@suse.de
- tar option for bz2 is "j"
* Fri Jan 25 2002 kukuk@suse.de
- Fix last pam_securetty patch
* Thu Jan 24 2002 kukuk@suse.de
- Use reentrant getpwnam functions for most modules
- Fix unresolved symbols in pam_access and pam_userdb
* Sun Jan 20 2002 kukuk@suse.de
- libpam_misc: Don't handle Ctrl-D as error.
* Wed Jan 16 2002 kukuk@suse.de
- Remove SuSEconfig.pam
- Update pam_localuser and pam_xauth
- Add new READMEs about blowfish and cracklib
* Mon Nov 12 2001 kukuk@suse.de
- Remove pam_unix.so (is part of pam-modules)
* Fri Nov 09 2001 kukuk@suse.de
- Move extra PAM modules to separate package
- Require pam-modules package
* Fri Aug 24 2001 kukuk@suse.de
- Move susehelp config file to susehelp package
* Mon Aug 13 2001 ro@suse.de
- changed neededforbuild <sp_libs> to <sp-devel>
* Tue Aug 07 2001 kukuk@suse.de
- Fixes wrong symlink handling of pam_homecheck [Bug #3905]
* Wed Jul 11 2001 kukuk@suse.de
- Sync pam_homecheck and pam_unix2 fixes from 7.2
- Always ask for the old password if it is expired
* Sat May 05 2001 kukuk@suse.de
- Cleanup Patches, make tar archive from extra pam modules
* Fri May 04 2001 kukuk@suse.de
- Use LOG_NOTICE for trace option [Bug #7673]
* Thu Apr 12 2001 kukuk@suse.de
- Linux-PAM: link pam_access against libnsl
- Add pam.conf for susehelp/pam html docu
* Tue Apr 10 2001 kukuk@suse.de
- Linux-PAM: Update to version 0.75
* Tue Apr 03 2001 kukuk@suse.de
- Linux-PAM: link libpam_misc against libpam [Bug #6890]
* Thu Mar 08 2001 kukuk@suse.de
- Linux-PAM: Fix manual pages (.so reference)
- pam_pwcheck: fix Makefile
* Tue Mar 06 2001 kukuk@suse.de
- Update for Linux-PAM 0.74
- Drop pwdb subpackage
* Tue Feb 13 2001 kukuk@suse.de
- pam_unix2: Create temp files with permission 0600
* Tue Feb 06 2001 ro@suse.de
- pam_issue.c: include time.h to make it compile
* Fri Jan 05 2001 kukuk@suse.de
- Don't print error message about failed initialization from
pam_limits with kernel 2.2 [Bug #5198]
* Thu Jan 04 2001 kukuk@suse.de
- Adjust docu for pam_limits
* Sun Dec 17 2000 kukuk@suse.de
- Adjust docu for pam_pwcheck
* Thu Dec 07 2000 kukuk@suse.de
- Add fix for pam_limits from 0.73
* Thu Oct 26 2000 kukuk@suse.de
- Add db-devel to need for build
* Fri Oct 20 2000 kukuk@suse.de
- Don't link PAM modules against old libpam library
* Wed Oct 18 2000 kukuk@suse.de
- Create new "devel" subpackage
* Thu Oct 12 2000 kukuk@suse.de
- Add SuSEconfig.pam
* Tue Oct 03 2000 kukuk@suse.de
- Fix problems with new gcc and glibc 2.2 header files
* Wed Sep 13 2000 kukuk@suse.de
- Fix problem with passwords longer then PASS_MAX_LEN
* Wed Sep 06 2000 kukuk@suse.de
- Add missing PAM modules to filelist
- Fix seg.fault in pam_pwcheck [BUG #3894]
- Clean spec file
* Fri Jun 23 2000 kukuk@suse.de
- Lot of bug fixes in pam_unix2 and pam_pwcheck
- compress postscript docu
* Mon May 15 2000 kukuk@suse.de
- Move docu to /usr/share/doc/pam
- Fix some bugs in pam_unix2 and pam_pwcheck
* Tue Apr 25 2000 kukuk@suse.de
- Add pam_homecheck Module
* Tue Apr 25 2000 kukuk@suse.de
- Add devfs devices to /etc/securetty
* Wed Mar 01 2000 kukuk@suse.de
- Fix handling of changing passwords to empty one
* Tue Feb 22 2000 kukuk@suse.de
- Set correct attr for unix_chkpwd and pwdb_chkpwd
* Tue Feb 15 2000 kukuk@suse.de
- Update pam_pwcheck
- Update pam_unix2
* Mon Feb 07 2000 kukuk@suse.de
- pwdb: Update to 0.61
* Thu Jan 27 2000 kukuk@suse.de
- Add config files and README for md5 passwords
- Update pam_pwcheck
- Update pam_unix2
* Thu Jan 13 2000 kukuk@suse.de
- Update pam_unix2
- New: pam_pwcheck
- Update to Linux-PAM 0.72
* Wed Oct 13 1999 kukuk@suse.de
- pam_pwdb: Add security fixes from RedHat
* Mon Oct 11 1999 kukuk@suse.de
- Update to Linux-PAM 0.70
- Update to pwdb-0.60
- Fix more pam_unix2 shadow bugs
* Fri Oct 08 1999 kukuk@suse.de
- Add more PAM fixes
- Implement Password changing request (sp_lstchg == 0)
* Mon Sep 13 1999 bs@suse.de
- ran old prepare_spec on spec file to switch to new prepare_spec.
* Sat Sep 11 1999 kukuk@suse.de
- Add pam_wheel to file list
- pam_wheel: Minor fixes
- pam_unix2: root is allowed to change passwords with wrong
password aging information
* Mon Aug 30 1999 kukuk@suse.de
- pam_unix2: Fix typo
* Thu Aug 19 1999 kukuk@suse.de
- Linux-PAM: Update to version 0.69
* Fri Jul 16 1999 kukuk@suse.de
- pam_unix2: Root is allowed to use the old password again.
* Tue Jul 13 1999 kukuk@suse.de
- pam_unix2: Allow root to set an empty password.
* Sat Jul 10 1999 kukuk@suse.de
- Add HP-UX password aging to pam_unix2.
* Wed Jul 07 1999 kukuk@suse.de
- Don't install .cvsignore files
- Make sure, /etc/shadow has the correct rights
* Tue Jul 06 1999 kukuk@suse.de
- Update to Linux-PAM 0.68
* Wed Jun 30 1999 kukuk@suse.de
- pam_unix2: more bug fixes
* Tue Jun 29 1999 kukuk@suse.de
- pam_unix2: Fix "inactive" password
* Mon Jun 28 1999 kukuk@suse.de
- pam_warn: Add missing functions
- other.pamd: Update
- Add more doku
* Thu Jun 24 1999 kukuk@suse.de
- Add securetty config file
- Fix Debian pam_env patch
* Mon Jun 21 1999 kukuk@suse.de
- Update to Linux-PAM 0.67
- Add Debian pam_env patch
* Thu Jun 17 1999 kukuk@suse.de
- pam_ftp malloc (core dump) fix
* Tue Jun 15 1999 kukuk@suse.de
- pam_unix2 fixes
* Mon Jun 07 1999 kukuk@suse.de
- First PAM package: pam 0.66, pwdb 0.57 and pam_unix2
/usr/include/security /usr/include/security/_pam_compat.h /usr/include/security/_pam_macros.h /usr/include/security/_pam_types.h /usr/include/security/pam_appl.h /usr/include/security/pam_client.h /usr/include/security/pam_ext.h /usr/include/security/pam_filter.h /usr/include/security/pam_misc.h /usr/include/security/pam_modules.h /usr/include/security/pam_modutil.h /usr/lib/rpm/macros.d/macros.pam /usr/lib64/libpam.so /usr/lib64/libpam_misc.so /usr/lib64/libpamc.so /usr/lib64/pkgconfig/pam.pc /usr/lib64/pkgconfig/pam_misc.pc /usr/lib64/pkgconfig/pamc.pc
Generated by rpm2html 1.8.1
Fabrice Bellet, Thu Jul 18 00:05:10 2024