Name: pam
Version: 0.99.6.3
Release: alt2
%define rhver 0.80-1
%define helperdir /sbin
Summary: Pluggable Authentication Modules
License: GPL or BSD-style
Group: System/Base
Url: http://www.kernel.org/pub/linux/libs/pam/index.html
Packager: Dmitry V. Levin <ldv@altlinux.org>
%define srcname Linux-PAM-%version
%def_disable static
# Linux-PAM name suffix
%define _pam_name_suffix 0
# Used for pam module package naming.
%define make_pam_name() pam%{_pam_name_suffix}_%{1}
%define set_pam_name() %global pam_name %(n='%{1}'; s="${n#pam_}"; [ "$n" = "$s" ] && echo -n "$n" || echo -n "pam%{_pam_name_suffix}_$s")
# Linux-PAM modules directory.
%define _pam_modules_dir /%_lib/security
# Linux-PAM library soname suffix.
%define _pam_so_suffix %{nil}
# Linux-PAM library package name, used for tracking package dependencies.
%define libpam libpam%{_pam_name_suffix}
Source0: ftp://ftp.kernel.org/pub/linux/libs/pam/pre/library/%srcname.tar
Source2: pam-redhat-%rhver.tar
Source3: pam_sameuid-0.99.0.3.tar
Source4: pam_listfile.c
Source5: PAM-Policy.ALT
Source6: linux-pam.macros
Patch: Linux-PAM-%version-%release.patch
# Owl-specific patches.
Patch100: Linux-PAM-0.99.2.1-owl-const.patch
Patch101: Linux-PAM-0.99.2.1-owl-pam_limits-acct.patch
Patch102: Linux-PAM-0.99.2.1-owl-pam_mkhomedir-acct.patch
Patch103: Linux-PAM-0.99.6.2-owl-pam_wheel-use_uid.patch
# ALT-specific patches.
Patch201: Linux-PAM-0.99.0.3-alt-limits.conf.patch
Patch202: Linux-PAM-0.80-alt-pam_xauth-check_acl.patch
Patch203: Linux-PAM-0.99.6.2-alt-pam_xauth-wildcards.patch
Patch211: pam-redhat-0.99.6.3-alt-makefile.patch
Patch212: pam-redhat-0.80-alt-pam_console-config.patch
Patch213: pam-redhat-0.99.0.3-alt-pam_console-chmod.patch
Patch214: pam-redhat-0.99.0.3-alt-pam_chroot.patch
Patch215: pam-redhat-0.99.6.3-alt-log.patch
# Debian patches
Patch301: Linux-PAM-0.79-deb-pam_time.patch
Requires: %libpam = %version-%release, pam-common >= 1.1
Obsoletes: pamconfig
BuildRequires: rpm-build >= 0:4.0.4-alt55
# Required for pam_console.
BuildRequires: flex glib-devel
# Required for pam_userdb.
BuildRequires: libdb4-devel
# Required for docs.
BuildRequires: docbook-dtds docbook-style-xsl xsltproc w3m
%define _pamdir %_sysconfdir/pam.d
%define _secdir %_sysconfdir/security
%package -n %libpam
Summary: Shared libraries for running PAM-based software
Group: System/Libraries
PreReq: pam-common
Provides: libpam(include)
Provides: libpam = %version-%release
Obsoletes: libpam
%package -n %libpam-devel
Summary: Libraries and header files for developing PAM-aware software
Group: Development/C
Requires: %libpam = %version-%release
Provides: libpam-devel = %version-%release, pam-devel = %version-%release
Obsoletes: libpam-devel, pam-devel
Conflicts: libpam2-devel
%package -n %libpam-devel-static
Summary: Static libraries for developing PAM-aware software
Group: Development/C
Requires: %libpam-devel = %version-%release
Provides: libpam-devel-static = %version-%release
Obsoletes: libpam-devel-static
Conflicts: libpam2-devel-static
%package doc
Summary: Linux-PAM documentation
Group: Development/C
Requires: pam = %version-%release
%package -n %{make_pam_name console}
Summary: Controls permissions for users at the system console
Group: System/Base
Requires: pam = %version-%release
Provides: pam_console = %version-%release
Obsoletes: pam_console, pam_console0
Provides: %_secdir/console.apps
%package -n %{make_pam_name timestamp}
Summary: Authenticate using cached successful authentication attempts
Group: System/Base
Requires: pam = %version-%release
Provides: pam_timestamp = %version-%release
Obsoletes: pam_timestamp, pam_timestamp0
%description
Linux-PAM (Pluggable Authentication Modules for Linux) is a suite of
libraries that enable the local system administrator to choose how
PAM-aware applications authenticate users, without having to recompile
those applications.
%description -n %libpam
Linux-PAM (Pluggable Authentication Modules for Linux) is a suite of
libraries that enable the local system administrator to choose how
PAM-aware applications authenticate users, without having to recompile
those applications.
This package contains shared libraries required for running both
PAM-aware applications and modules for use with Linux-PAM.
%description -n %libpam-devel
Linux-PAM (Pluggable Authentication Modules for Linux) is a suite of
libraries that enable the local system administrator to choose how
PAM-aware applications authenticate users, without having to recompile
those applications.
This package contains header files and development libraries used for
building both PAM-aware applications and modules for use with Linux-PAM.
%description -n %libpam-devel-static
Linux-PAM (Pluggable Authentication Modules for Linux) is a suite of
libraries that enable the local system administrator to choose how
PAM-aware applications authenticate users, without having to recompile
those applications.
This package contains static libraries used for building statically
linked PAM-aware applications for use with Linux-PAM.
%description doc
Linux-PAM (Pluggable Authentication Modules for Linux) is a suite of
libraries that enable the local system administrator to choose how
PAM-aware applications authenticate users, without having to recompile
those applications.
This package contains detailed Linux-PAM documentation.
%description -n %{make_pam_name console}
The pam_console module exists to change file permissions when users
log on at the console, and to change them back when they log out of
the console.
See pam_console(8) for details.
%description -n %{make_pam_name timestamp}
The pam_timestamp module implements sudo-style authentication
timestamps.
See pam_timestamp(8) for details.
%prep
%setup -q -n %srcname -a2 -a3
%patch -p1
# Replace pam_listfile.
install -pm644 %_sourcedir/pam_listfile.c modules/pam_listfile/
# Owl-specific patches.
%patch100 -p1
%patch101 -p1
%patch102 -p1
%patch103 -p1
# ALT-specific patches.
%patch201 -p1
%patch202 -p1
%patch203 -p1
%patch211 -p1
%patch212 -p1
%patch213 -p1
%patch214 -p1
%patch215 -p1
# Debian patches.
%patch301 -p1
find -type f \( -name .cvsignore -o -name \*~ -o -name \*.orig \) -delete -print
# Replace _pam_aconf.h with config.h
grep -FZl _pam_aconf.h modules/*/*.c |
xargs -r0 sed -i 's/_pam_aconf\.h/config.h/' --
# Complete pammodutil rename.
grep -FZl _pammodutil modules/pam_*/*.* |
xargs -r0 sed -i 's,_pammodutil,pam_modutil,g' --
grep -FZl /_pam_modutil modules/pam_*/*.* |
xargs -r0 sed -i 's,/_pam_modutil,/pam_modutil,g' --
# Unlink unwanted modules.
for d in pam_cracklib pam_keyinit pam_namespace pam_radius pam_selinux pam_unix; do
sed -i "s,modules/$d/Makefile,," configure.in
sed -i "s/ $d / /" modules/Makefile.am
done
find modules -type f -name Makefile -delete
# Additional console.perms tweaks are necessary because we are not ready
# for console.perms.d migration.
cat modules/pam_console/50-default.perms >>modules/pam_console/console.perms
> modules/pam_console/50-default.perms
sed -i '/console\.perms\.d/d' modules/pam_console/console.perms
%build
%define docdir %_docdir/%srcname
aclocal -I m4
libtoolize -f
autoconf
autoheader
automake -a
export ac_cv_lib_ndbm_dbm_store=no \
ac_cv_lib_db_dbm_store=no \
ac_cv_lib_selinux_getfilecon=no \
ac_cv_lib_audit_audit_log_user_message=no \
ac_cv_lib_crack_FascistCheck=no \
#
%configure \
--prefix=/ \
--exec-prefix=/ \
--libdir=/%_lib \
--sbindir=/sbin \
--includedir=%_includedir/security \
--disable-nls \
--disable-read-both-confs \
--enable-fakeroot=%buildroot \
--enable-suplementedir=%helperdir \
--enable-docdir=%_docdir/%srcname \
%{subst_enable static} \
#
# SMP-incompatible build.
%__make
%install
%make_install install DESTDIR=%buildroot
mkdir -p %buildroot{%_secdir/console.apps,/var/run/console}
# Relocate development libraries from /%_lib/ to %_libdir/.
mkdir -p %buildroot%_libdir
mv %buildroot/%_lib/*.*a %buildroot%_libdir/
/sbin/ldconfig -nv %buildroot/%_lib
for f in %buildroot/%_lib/*.so; do
t=`objdump -p "$f" |awk '/SONAME/ {print $2}'`
[ -n "$t" ]
ln -s ../../%_lib/"$t" "%buildroot%_libdir/${f##*/}"
rm -f "$f"
done
rm -f %buildroot%_pam_modules_dir/*.la
chmod go-rw %buildroot%helperdir/*
chmod 700 %buildroot/sbin/{pam_console_apply,pam_timestamp_check}
chmod 755 %buildroot/sbin/pam_tally %buildroot%_pam_modules_dir/pam_filter/upperLOWER
chmod a-x %buildroot/%_lib{,/security}/*.so*
# Make sure that all modules are built.
>check.log
for d in modules/pam_*; do
[ -d "$d" -a -s "$d/Makefile" ] || continue
m="${d##*/}"
! ls -1 "%buildroot%_pam_modules_dir/$m"*.so 2>/dev/null || continue
echo "ERROR: $m module did not build." >&2
echo "$m" >>check.log
done
! [ -s check.log ] || exit 1
# Make sure that no module exports symbols beyond standard set.
>check.log
for d in modules/pam_*; do
[ -d "$d" ] || continue
m="${d##*/}"
readelf -Ws "%buildroot%_pam_modules_dir/$m"*.so |
grep -w GLOBAL |
grep -Ewv 'UND|pam_sm_(acct_mgmt|authenticate|chauthtok|close_session|open_session|setcred)' ||
continue
echo "ERROR: $m module exports symbol(s) beyond standard set." >&2
echo "$m" >>check.log
done
! [ -s check.log ] || exit 1
# Make sure that no shared object has undefined symbols.
>check.log
for f in %buildroot/%_lib/lib*.so.0 %buildroot%_pam_modules_dir/pam*.so; do
LD_LIBRARY_PATH="%buildroot/%_lib" ldd -r "$f" 2>&1 >/dev/null |
tee -a check.log
done
! [ -s check.log ] || exit 1
# Linux-PAM-specific rpm macros.
install -pDm644 %_sourcedir/linux-pam.macros \
%buildroot%_sysconfdir/rpm/macros.d/pam
# Documentation
mkdir -p %buildroot%docdir/modules
for f in modules/pam_*/README; do
d="${f%%/*}"
[ -s "$d/Makefile" ] || continue
install -pm644 "$f" "%buildroot%docdir/modules/${d##*/}"
done
install -pm644 %_sourcedir/PAM-Policy.ALT AUTHORS NEWS ChangeLog CHANGELOG \
Copyright pgp.keys.asc %buildroot%docdir/
find %buildroot%docdir/ -type f -size +4k \( -iname changelog -or -name \*.txt -or -name \*.ps \) -print0 |
xargs -r0 bzip2 -9f --
mkdir -p %buildroot%_sysconfdir/buildreqs/packages/substitute.d
for n in libpam{,-devel%{?_enable_static:{,-static}}}; do
echo $n >"%buildroot%_sysconfdir/buildreqs/packages/substitute.d/%libpam${n#libpam}"
done
%post -n %libpam -p %post_ldconfig
%postun -n %libpam -p %postun_ldconfig
%post -n %{make_pam_name console}
%helperdir/pam_console_apply
%triggerpostun -n %{make_pam_name console} -- pam, pam_console
f=%_secdir/console.perms
if [ ! -f "$f" ]; then
if [ -f "$f.rpmsave" ]; then
%__cp -pf "$f.rpmsave" "$f"
elif [ -f "$f.rpmnew" ]; then
%__cp -pf "$f.rpmnew" "$f"
fi
fi
%helperdir/pam_console_apply
%triggerpostun -n %{make_pam_name console} -- %{make_pam_name console} < 0:0.79
if [ -f /var/run/console.lock -a ! -f /var/run/console/console.lock ]; then
%__mv /var/run/console.lock /var/run/console/ &&
%helperdir/pam_console_apply ||:
fi
%files -n %libpam
%config %_sysconfdir/buildreqs/packages/substitute.d/%libpam
/%_lib/*.so.*
%_pam_modules_dir/pam_deny.so
%_pam_modules_dir/pam_permit.so
%dir %docdir
%docdir/AUTHORS*
%docdir/Copyright*
%docdir/NEWS*
%files -n %libpam-devel
%config %_sysconfdir/buildreqs/packages/substitute.d/%libpam-devel
%config %_sysconfdir/rpm/macros.d/pam
%_libdir/*.so
%_includedir/*
%_man3dir/*
%dir %docdir
%docdir/C[hH]*
%docdir/PAM*
%if_enabled static
%files -n %libpam-devel-static
%config %_sysconfdir/buildreqs/packages/substitute.d/%libpam-devel-static
%_libdir/*.a
%endif # enabled static
%files
%helperdir/pam_tally
%config(noreplace) %_secdir/access.conf
%config(noreplace) %attr(640,root,wheel) %_secdir/chroot.conf
%config(noreplace) %_secdir/time.conf
%config(noreplace) %attr(640,root,wheel) %_secdir/group.conf
%config(noreplace) %_secdir/limits.conf
%config(noreplace) %_secdir/pam_env.conf
%config(noreplace) %_sysconfdir/environment
%_pam_modules_dir/*
%exclude %_pam_modules_dir/pam_deny.so
%exclude %_pam_modules_dir/pam_permit.so
%exclude %_pam_modules_dir/pam_console.so
%exclude %_pam_modules_dir/pam_timestamp.so
%_mandir/man[58]/*.*
%exclude %_mandir/man[58]/*console*
%exclude %_mandir/man[58]/pam_timestamp*
%files -n %{make_pam_name console}
%attr(600,root,root) %config(noreplace) %_secdir/console.perms
%attr(700,root,root) %dir %_secdir/console.perms.d
%attr(600,root,root) %config(noreplace) %_secdir/console.perms.d/*
%attr(600,root,root) %config(noreplace) %_secdir/console.handlers
%attr(711,root,root) %dir %_secdir/console.apps
%attr(700,root,root) %helperdir/pam_console_apply
%_pam_modules_dir/pam_console.so
%_mandir/man[58]/*console*
%dir %attr(711,root,root) /var/run/console
%files -n %{make_pam_name timestamp}
%attr(700,root,root) %helperdir/pam_timestamp_check
%_pam_modules_dir/pam_timestamp.so
%_mandir/man[58]/pam_timestamp*
%files doc
%dir %docdir
%docdir/[a-z]*
%changelog
* Wed Apr 11 2007 Dmitry V. Levin <ldv@altlinux.org> 0.99.6.3-alt2
- Backported several fixes from Linux-PAM 0.99.7.1.
* Sun Sep 10 2006 Dmitry V. Levin <ldv@altlinux.org> 0.99.6.3-alt1
- Updated Linux-PAM to 0.99.6.3.
- Packaged %_sysconfdir/environment file.
* Sun Aug 27 2006 Dmitry V. Levin <ldv@altlinux.org> 0.99.6.2-alt1
- Updated Linux-PAM to 0.99.6.2:
- pam_umask: Enabled packaging.
- pam_rhosts: New module which replaces pam_rhosts_auth.
- Enhanced documentation for PAM functions and modules.
* Tue Jun 06 2006 Dmitry V. Levin <ldv@altlinux.org> 0.99.4.0-alt2
- Updated Linux-PAM to cvs snapshot 20060523.
* Fri May 05 2006 Dmitry V. Levin <ldv@altlinux.org> 0.99.4.0-alt1
- Updated Linux-PAM to 0.99.4.0.
* Mon Mar 20 2006 Dmitry V. Levin <ldv@altlinux.org> 0.99.3.0-alt2
- Backported a few fixes from cvs.
* Mon Jan 16 2006 Dmitry V. Levin <ldv@altlinux.org> 0.99.3.0-alt1
- Updated Linux-PAM to 0.99.3.0.
* Thu Jan 12 2006 Dmitry V. Levin <ldv@altlinux.org> 0.99.2.1-alt2
- Updated Linux-PAM to cvs snapshot 20060111.
- Rebuilt for new style PAM dependencies generated by rpm-build-4.0.4-alt55.
* Tue Dec 13 2005 Dmitry V. Levin <ldv@altlinux.org> 0.99.2.1-alt1
- Updated Linux-PAM to 0.99.2.1.
- Updated %%_pam_modules_dir (fixes #8630).
* Thu Nov 24 2005 Dmitry V. Levin <ldv@altlinux.org> 0.99.2.0-alt1
- Updated Linux-PAM to cvs snapshot 20051124.
* Fri Nov 18 2005 Dmitry V. Levin <ldv@altlinux.org> 0.99.1.0-alt4
- Updated Linux-PAM to cvs snapshot 20051118.
* Mon Oct 03 2005 Dmitry V. Levin <ldv@altlinux.org> 0.99.1.0-alt3
- Updated Linux-PAM to cvs snapshot 20051004.
- Merged upstream patches:
owl-strdup-cleanup
* Fri Sep 30 2005 Dmitry V. Levin <ldv@altlinux.org> 0.99.1.0-alt2
- Updated Linux-PAM to cvs snapshot 20050930.
- Fixed several memory leaks in few modules.
* Mon Sep 26 2005 Dmitry V. Levin <ldv@altlinux.org> 0.99.1.0-alt1
- Updated Linux-PAM to 0.99.1.0.
- Merged upstream patches:
owl-pam_mail
owl-pam_nologin
owl-pam_xauth
* Wed Sep 21 2005 Dmitry V. Levin <ldv@altlinux.org> 0.99.0.3-alt6
- Updated Linux-PAM to cvs snapshot 20050921.
- Merged upstream patches:
owl-attribute
owl-pam_issue
owl-pam_lastlog-fixes
owl-pam_limits
owl-pam_userdb
owl-sprintf
- Fixed pam_xauth.
* Mon Sep 19 2005 Dmitry V. Levin <ldv@altlinux.org> 0.99.0.3-alt5
- Updated Linux-PAM to cvs snapshot 20050918.
- Merged upstream patches:
owl-pam_access
owl-pammodutil-makefile
- Fixed pam_mail and pam_nologin.
* Sun Sep 18 2005 Dmitry V. Levin <ldv@altlinux.org> 0.99.0.3-alt4
- Updated Linux-PAM to cvs snapshot 20050917.
- Merged upstream patches:
owl-conv-warning
owl-pam_deny
owl-pam_env
owl-pam_motd
owl-pam_permit
owl-pam_start
owl-pam_warn
- Fixed pam_issue.
* Fri Sep 16 2005 Dmitry V. Levin <ldv@altlinux.org> 0.99.0.3-alt3
- Updated Linux-PAM to cvs snapshot 20050915.
- Merged upstream patches:
owl-pam_ext
owl-libpam_misc-makefile
owl-pam_filter-upperLOWER
owl-pam_ftp
owl-pam_lastlog
owl-pam_tally
owl-pam_time
owl-pam_userdb
- Enhanced errors diagnostics.
- Fixed compilation warnings.
* Fri Sep 10 2005 Dmitry V. Levin <ldv@altlinux.org> 0.99.0.3-alt2
- Added more const and attribute tags to function prototypes.
- Fixed pam_lastlog.
* Wed Sep 07 2005 Dmitry V. Levin <ldv@altlinux.org> 0.99.0.3-alt1
- Updated Linux-PAM to cvs snapshot 20050906.
- Merged upstream patches:
owl-tmp,
owl-pam_get_user-cache-failures,
owl-man,
owl-pam_securetty,
owl-pam_limits,
owl-pam_motd,
owl-configure,
owl-pam_filter,
owl-pammodutil-attribute.
- Updated patches.
- Disabled packaging of the static library.
- Finished Linux-PAM migration to pam_syslog/pam_prompt.
* Fri Aug 26 2005 Dmitry V. Levin <ldv@altlinux.org> 0.80-alt2
- pam0_console: fixed console.handlers (#7752).
* Wed Aug 17 2005 Dmitry V. Levin <ldv@altlinux.org> 0.80-alt1
- Restricted list of global symbols exported by libraries.
* Fri Aug 12 2005 Dmitry V. Levin <ldv@altlinux.org> 0.80-alt0.3
- Cleaned up conversation wrappers.
- Raised nprocs limits in limits.conf (#5636).
- Added pam_sm_acct_mgmt for pam_mkhomedir module (#6989).
* Thu Aug 11 2005 Dmitry V. Levin <ldv@altlinux.org> 0.80-alt0.2
- Changed modules logging to eliminate disunion in behaviour and
avoid openlog/closelog calls for each logging function invocation.
- Restricted list of global symbols exported by PAM modules to
standard set of six pam_sm_* functions.
* Mon Jul 18 2005 Dmitry V. Levin <ldv@altlinux.org> 0.80-alt0.1
- Updated Linux-PAM to 0.80.
- Updated pam-redhat to 0.80-1.
- Disabled build and packaging of the pam_stack module.
- Reviewed patches, removed obsolete ones, updated all the rest.
* Thu Feb 10 2005 Dmitry V. Levin <ldv@altlinux.org> 0.75-alt28
- Fixed multilib (closes #5091).
* Tue Aug 03 2004 Dmitry V. Levin <ldv@altlinux.org> 0.75-alt27
- pam_console: Fixed /dev/sg* permissions (#4742).
- Added multilib support (#4891).
* Wed May 05 2004 Dmitry V. Levin <ldv@altlinux.org> 0.75-alt26
- console.perms: added /dev/dri/* to <dri> (#2507).
- console.perms: fixed typo in <console> (#3343).
- pam_userdb: build with libdb4 (#4080).
* Thu Nov 06 2003 Dmitry V. Levin <ldv@altlinux.org> 0.75-alt25
- Build with %%optflags_shared.
* Sat Sep 27 2003 Dmitry V. Levin <ldv@altlinux.org> 0.75-alt24
- /etc/rpm/macros.d/pam: reverted previous change.
* Fri Sep 26 2003 Dmitry V. Levin <ldv@altlinux.org> 0.75-alt23
- pam_limits: don't invoke setrlimit(2) on limits which are not
set explicitly as simply resetting RLIMIT_FSIZE to what
appears to be its current value may decrease the actual
limit with LFS (Owl).
- Added buildreq substitution rules.
- /etc/rpm/macros.d/pam: updated (#3050).
* Wed Jul 30 2003 Dmitry V. Levin <ldv@altlinux.org> 0.75-alt22
- pam_wheel: patched to never rely on getlogin(3).
- pam_console: added "/dev/snd/*" to console.perms <sound> list.
- Renamed:
pam_console0 -> pam0_console
pam_stack0 -> pam0_stack
pam_timestamp0 -> pam0_timestamp
- Updated PAM Policy file.
- Updated rpm macros file.
* Thu May 29 2003 Dmitry V. Levin <ldv@altlinux.org> 0.75-alt21
- Renamed:
libpam -> libpam0
libpam-devel -> libpam0-devel
libpam-devel-static -> libpam0-devel-static
pam_console -> pam_console0
pam_stack -> pam_stack0
pam_timestamp -> pam_timestamp0
- Relocated /etc/pam.d/other from this package to pam-common.
- Relocated pam_{deny,permit}.so modules to libpam0 subpackage.
- Added Linux-PAM-specific rpm macros file.
- Updated PAM Policy file.
* Fri May 23 2003 Dmitry V. Levin <ldv@altlinux.org> 0.75-alt20
- Implemented pam include config support.
- Moved pam_stack to separate subpackage.
* Fri May 23 2003 Dmitry V. Levin <ldv@altlinux.org> 0.75-alt19
- Cleaned up build a bit.
- Build with --disable-read-both-confs
(when /etc/pam.d/ exists, don't look at /etc/pam.conf).
- Moved pam_timestamp to separate subpackage.
- Relocated Linux-PAM documentation to %docdir.
* Thu Feb 13 2003 Dmitry V. Levin <ldv@altlinux.org> 0.75-alt18
- Updated pam_xauth to pam-redhat-0.75-48.
- pam_xauth: removed wildcards support introduced in pam-redhat-0.75-48.
* Sun Sep 01 2002 Dmitry V. Levin <ldv@altlinux.org> 0.75-alt17
- Patched pam_motd to behave on errors (Owl).
- Updated pam_timestamp* to pam-redhat-0.75-40.
- Fixed library symlinks generation.
- Use subst instead of perl for build.
- Updated devel-static requirements.
* Wed Jul 31 2002 Dmitry V. Levin <ldv@altlinux.org> 0.75-alt16
- Simplified read_string patch.
- Readded documentation in PostScript format.
- Dropped buildrequires on libcrypt.so.1(GLIBC_2.2.2), no longer needed
since we don't build pam_unix/pam_pwdb.
- Added patches from Owl:
+ Moved pam.d and pam.conf man pages to section 5 where they belong.
+ pam_limits: support stacking for account management (as well as for
session setup), be fail-close on configuration file reads, report the
"too many logins" via PAM conversation rather than direct printf(3).
- Updated pam-redhat to -38:
+ pam_xauth: fix cases where DISPLAY is "localhost:screen" and
the xauth key is actually stored using the system's hostname;
+ pam_timestamp fixes;
+ added pam_timestamp_check.
* Thu Mar 21 2002 Dmitry V. Levin <ldv@alt-linux.org> 0.75-alt15
- Updated console.perms <dri> rules.
- Relaxed %_secdir/console.apps permissions a bit.
* Wed Mar 20 2002 Dmitry V. Levin <ldv@alt-linux.org> 0.75-alt14
- Fixed pam_console %%triggerpostun script.
- Fixed %_secdir/console.* permissions.
* Fri Mar 15 2002 Dmitry V. Levin <ldv@alt-linux.org> 0.75-alt13
- Updated pam-redhat to -27 (added pam_timestamp).
- Relocated helpers back to /sbin/.
- Updated console.perms to new scheme.
- Moved pam_console stuff to separate subpackage.
- Run %helperdir/pam_console_apply in pam_console %%post.
* Thu Dec 13 2001 Dmitry V. Levin <ldv@alt-linux.org> 0.75-alt12
- Merged RH patches (rh release 20).
- Merged Owl patches (owl release 14).
- Dropped: pam_unix, pam_pwdb, pam_cracklib.
* Wed Sep 26 2001 Dmitry V. Levin <ldv@altlinux.ru> 0.75-alt11
- Merged RH patches (rh release 12, pam_stack still from 5).
- console.perms: corrected console class description.
- Moved cracklib module to separate subpackage.
- fixed and relocated docs.
* Thu Sep 13 2001 Dmitry V. Levin <ldv@altlinux.ru> 0.75-alt10
- pam_stack: revert to old version (from rh release 5) for now.
* Mon Sep 10 2001 Dmitry V. Levin <ldv@altlinux.ru> 0.75-alt9
- Moved changable system-auth config to pam-config package.
* Fri Sep 07 2001 Dmitry V. Levin <ldv@altlinux.ru> 0.75-alt8
- Relocated helper programs to %helperdir.
- Rebuilt to get more dependencies.
* Wed Aug 22 2001 Dmitry V. Levin <ldv@altlinux.ru> 0.75-alt7
- Moved %_lockdir/console /var/run/console.
- Merged RH patches (rh release 10).
- Removed versioned dependence on glibc package.
- Added requires on libcrypt.so.1(GLIBC_2.2.1).
* Mon Jun 04 2001 Dmitry V. Levin <ldv@altlinux.ru> 0.75-alt6
- More sanity checks in pam_unix_passwd.c
* Tue May 29 2001 Dmitry V. Levin <ldv@altlinux.ru> 0.75-alt5
- Fixed more errors in pam_console/chmod.c
* Tue May 29 2001 Dmitry V. Levin <ldv@altlinux.ru> 0.75-alt4
- Fixed recent typo in pam_unix/support.h
* Tue May 22 2001 Dmitry V. Levin <ldv@altlinux.ru> 0.75-alt3
- 0.75 (rh release 2).
- Attempt to fix loop in pam_console.
* Thu May 17 2001 Dmitry V. Levin <ldv@altlinux.ru> 0.75-alt2
- Fixed pam_unix-chkpwd helper.
* Tue May 15 2001 Dmitry V. Levin <ldv@altlinux.ru> 0.75-alt1
- 0.75 (rh release 1).
- Moved static libraries to devel-static subpackage.
* Thu Mar 01 2001 Dmitry V. Levin <ldv@fandra.org> 0.74-ipl5mdk
- Merged RH patches (rh release 12).
- Libification.
* Sat Feb 24 2001 Dmitry V. Levin <ldv@fandra.org> 0.74-ipl4mdk
- Merged RH patches (rh release 10).
* Fri Feb 23 2001 Dmitry V. Levin <ldv@fandra.org> 0.74-ipl3mdk
- changed console.perms:
<console> 0600 <burner> 0600 root.cdwriter
* Sun Feb 11 2001 Dmitry V. Levin <ldv@fandra.org> 0.74-ipl2mdk
- Enhanced unix_chkpwd to support LOGNAME environment variable.
- Merged RH patches (rh release 5).
* Wed Jan 31 2001 Dmitry V. Levin <ldv@fandra.org> 0.74-ipl1mdk
- 0.74 (sync with Linux-PAM and pam-redhat).
- Moved development libraries from /lib to %_libdir.
* Fri Jan 12 2001 Dmitry V. Levin <ldv@fandra.org> 0.72-ipl16mdk
- Use libc_crypt as crypt function (glibc >= 2.2.1-ipl0.3mdk).
* Wed Jan 10 2001 Dmitry V. Levin <ldv@fandra.org> 0.72-ipl15mdk
- Integrated new feaures of glibc >= 2.2.1-ipl0.2mdk:
+ added blowfish crypt support for pam_unix (libcrypt);
+ dropped BSDIcrypt support for pam_unix (it was never used);
+ set default crypt to blowfish in system-auth.
* Fri Jan 05 2001 Dmitry V. Levin <ldv@fandra.org> 0.72-ipl14mdk
- Updated console.perms patch.
- Built with db2.
* Wed Dec 06 2000 Dmitry V. Levin <ldv@fandra.org> 0.72-ipl13mdk
- Merge RH changes (26-->37).
* Tue Oct 17 2000 Dmitry V. Levin <ldv@fandra.org> 0.72-ipl12mdk
- Added pam_sameuid module.
* Fri Oct 06 2000 Dmitry V. Levin <ldv@fandra.org> 0.72-ipl11mdk
- Merge last RH changes (by Nalin Dahyabhai <nalin@redhat.com>):
+ clean up logging in pam_xauth;
+ mova README.* files in txt subdirectory;
+ add pam_tally's application to allow counts to be reset;
+ move pam_filter modules to /lib/security/pam_filter;
+ add DRI and nvidia devices to console.perms.
- Fixed:
+ pam_stack now passes delay back.
* Wed Sep 27 2000 Dmitry V. Levin <ldv@fandra.org> 0.72-ipl10mdk
- Added:
+ BSDIcrypt support for pam_unix;
+ pam_limits in system-auth.
* Tue Sep 26 2000 Dmitry V. Levin <ldv@fandra.org> 0.72-ipl9mdk
- Merge last RH changes (by Nalin Dahyabhai <nalin@redhat.com>):
+ add a broken_shadow option to pam_unix;
+ add all module README files to the documentation list;
+ fix pam_stack debug and losing-track-of-the-result bug;
+ rework pam_console's usage of syslog to actually be sane (#14646);
+ take the LOG_ERR flag off of some of pam_console's new messages.
- Merge last MDK changes:
+ set all sound stuff to audio group;
+ add cdburner permissions;
+ add %_pamdir/system-auth;
+ noreplace configs.
* Mon Sep 04 2000 Dmitry V. Levin <ldv@fandra.org> 0.72-ipl8mdk
- Merge with last MDK changes.
* Fri Jul 21 2000 Dmitry V. Levin <ldv@fandra.org> 0.72-ipl7mdk
- Merge with last RH changes.
- Added: BSDIcrypt support.
* Wed May 31 2000 Dmitry V. Levin <ldv@fandra.org> 0.72-ipl6mdk
- Package split into pam, pam-devel and pam-doc packages
- RE adaptions.
* Tue Feb 22 2000 Dmitry V. Levin <ldv@fandra.org>
- Fixes:
+ read_string bugfix
+ real buildroot packaging
- more documentation included
- Fandra adaptions.
* Sat Feb 05 2000 Nalin Dahyabhai <nalin@redhat.com>
- Fix pam_xauth bug #6191.
* Thu Feb 03 2000 Elliot Lee <sopwith@redhat.com>
- Add a patch to accept 'pts/N' in /etc/securetty as a match for tty '5'
(which is what other pieces of the system think it is). Fixes bug #7641.
* Mon Jan 31 2000 Nalin Dahyabhai <nalin@redhat.com>
- argh, turn off gratuitous debugging
* Wed Jan 19 2000 Nalin Dahyabhai <nalin@redhat.com>
- update to 0.72
- fix pam_unix password-changing bug
- fix pam_unix's cracklib support
- change package URL
* Mon Jan 03 2000 Cristian Gafton <gafton@redhat.com>
- don't allow '/' on service_name
* Thu Oct 21 1999 Cristian Gafton <gafton@redhat.com>
- enhance the pam_userdb module some more
* Fri Sep 24 1999 Cristian Gafton <gafton@redhat.com>
- add documenatation
* Tue Sep 21 1999 Michael K. Johnson <johnsonm@redhat.com>
- a tiny change to pam_console to make it not loose track of console users
* Mon Sep 20 1999 Michael K. Johnson <johnsonm@redhat.com>
- a few fixes to pam_xauth to make it more robust
* Wed Jul 14 1999 Michael K. Johnson <johnsonm@redhat.com>
- pam_console: added <xconsole> to manage /dev/console
* Thu Jul 01 1999 Michael K. Johnson <johnsonm@redhat.com>
- pam_xauth: New refcounting implementation based on idea from Stephen Tweedie
* Sat Apr 17 1999 Michael K. Johnson <johnsonm@redhat.com>
- added video4linux devices to /etc/security/console.perms
* Fri Apr 16 1999 Michael K. Johnson <johnsonm@redhat.com>
- added joystick lines to /etc/security/console.perms
* Thu Apr 15 1999 Michael K. Johnson <johnsonm@redhat.com>
- fixed a couple segfaults in pam_xauth uncovered by yesterday's fix...
* Wed Apr 14 1999 Cristian Gafton <gafton@redhat.com>
- use gcc -shared to link the shared libs
* Wed Apr 14 1999 Michael K. Johnson <johnsonm@redhat.com>
- many bug fixes in pam_xauth
- pam_console can now handle broken applications that do not set
the PAM_TTY item.
* Tue Apr 13 1999 Michael K. Johnson <johnsonm@redhat.com>
- fixed glob/regexp confusion in pam_console, added kbd and fixed fb devices
- added pam_xauth module
* Sat Apr 10 1999 Cristian Gafton <gafton@redhat.com>
- pam_lastlog does wtmp handling now
* Thu Apr 08 1999 Michael K. Johnson <johnsonm@redhat.com>
- added option parsing to pam_console
- added framebuffer devices to default console.perms settings
* Wed Apr 07 1999 Cristian Gafton <gafton@redhat.com>
- fixed empty passwd handling in pam_pwdb
* Mon Mar 29 1999 Michael K. Johnson <johnsonm@redhat.com>
- changed /dev/cdrom default user permissions back to 0600 in console.perms
because some cdrom players open O_RDWR.
* Fri Mar 26 1999 Michael K. Johnson <johnsonm@redhat.com>
- added /dev/jaz and /dev/zip to console.perms
* Thu Mar 25 1999 Michael K. Johnson <johnsonm@redhat.com>
- changed the default user permissions for /dev/cdrom to 0400 in console.perms
* Fri Mar 19 1999 Michael K. Johnson <johnsonm@redhat.com>
- fixed a few bugs in pam_console
* Thu Mar 18 1999 Michael K. Johnson <johnsonm@redhat.com>
- pam_console authentication working
- added /etc/security/console.apps directory
* Mon Mar 15 1999 Michael K. Johnson <johnsonm@redhat.com>
- added pam_console files to filelist
* Fri Feb 12 1999 Cristian Gafton <gafton@redhat.com>
- upgraded to 0.66, some source cleanups
* Mon Dec 28 1998 Cristian Gafton <gafton@redhat.com>
- add patch from Savochkin Andrey Vladimirovich <saw@msu.ru> for umask
security risk
* Fri Dec 18 1998 Cristian Gafton <gafton@redhat.com>
- upgrade to ver 0.65
- build the package out of internal CVS server