~roguescholar/pam/+git/upstream:ldv/pam_add_handler

Branch merges

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related charm recipes

37b47c0... by Dmitry V. Levin on 2022-07-15

_pam_add_handler: make sure struct handler is properly initialized on error path

* libpam/pam_handlers.c (_pam_add_handler): Use calloc instead of malloc
for struct handler allocation to avoid returning garbage in some fields
of the structure on error path.

Resolves: https://github.com/linux-pam/linux-pam/issues/475

31645f4... by Dmitry V. Levin on 2022-07-01

.github: switch whitespace-errors job to ubuntu-latest

While ubuntu-latest in ci is not necessarily the latest version of the
OS available in ci, whitespace-errors job should be agnostic to the
version being used, so use the default one.

* .github/workflows/ci.yml (whitespace-errors) <runs-on>: Change from
ubuntu-20.04 to ubuntu-latest.

94f0f5e... by Shreenidhi Shedi on 2022-07-01

faillock: add support to print login failure info in legacy format

pam_tally2 had a simple and minimalstic output to show login failure
info, new output of faillock makes the output look a bit complex and
doesn't show failure counts in a straight manner.

This patch fixes the above issue by adding "--legacy-output" flag to
faillock which makes it possible to get output in pam_tally2 style.

Signed-off-by: Shreenidhi Shedi <email address hidden>

5d7fa71... by Shreenidhi Shedi on 2022-07-01

faillock: refactor faillock info printing code

Move the code to it's own function.

Signed-off-by: Shreenidhi Shedi <email address hidden>

df0d277... by Shreenidhi Shedi on 2022-07-01

faillock: error out if user does not exist

No need to do any further processing if a non existent username is given
to faillock.

For first time successful login, failure field should be 0 and faillock
should show something like pam_tally2 did.

Signed-off-by: Shreenidhi Shedi <email address hidden>

4240454... by Per Jessen <email address hidden> on 2022-04-22

pam_motd: do not rely on all filesystems providing a filetype

When using scandir() to look for MOTD files to display, we wrongly
relied on all filesystems providing a filetype. This is a fix to divert
to lstat() when we have no filetype. To maintain MT safety, it isn't
possible to use lstat() in the scandir() filter function, so all of the
filtering has been moved to an additional loop after scanning all the
motd dirs.
Also, remove superfluous alphasort from scandir(), we are doing
a qsort() later.

Resolves: https://github.com/linux-pam/linux-pam/issues/455

543e122... by Stefan Schubert <email address hidden> on 2022-02-16

pam_namespace: use vendor specific namespace.conf and namespace.init as fallback

Use the vendor directory as fallback for a distribution provided default
config and scripts if there is no configuration in /etc.

pam_namespace.c: Take care about the fallback configuration in vendor directory.
pam_namespace.h: Define vendor specific files and directories.
pam_namespace.8.xml: Add description for vendor directories and files.
namespace.conf.5.xml: Add description for vendor directories and files.

21affb5... by Stefan Schubert <email address hidden> on 2022-02-07

pam_limits: use vendor specific content in limits.d directory as fallback

Use the vendor directory as fallback for a distribution provided default
config if there is no configuration in /etc.

pam_limits.c: Take care about the fallback configuration in vendor directory.
pam_limits.8.xml: Add description for vendor directory.

8f9816b... by Stefan Schubert <email address hidden> on 2022-02-04

pam_access: use vendor specific access.conf as fallback

Use the vendor directory as fallback for a distribution provided default config if there is no configuration in /etc.

* pam_access.c: Take care about the fallback configuration in vendor directory.
* pam_access.8.xml: Added description for vendor directory.

eb2149d... by Dmitry V. Levin on 2022-06-19

.github: add a few vendordir enabled jobs

* .github/workflows/ci.yml (gcc11-x86_64-vendordir,
clang12-x86_64-vendordir, gcc11-x86-vendordir): New jobs.