PAM

~roguescholar/pam/+git/upstream:pam_unix_ref_branch

  1. Git
  2. lp:~roguescholar/pam/+git/upstream
  3. pam_unix_ref_branch
Last commit made on 2008-01-04
Get this branch:
git clone -b pam_unix_ref_branch https://git.launchpad.net/~roguescholar/pam/+git/upstream

Branch merges

Branch information

Name:
pam_unix_ref_branch
Repository:
lp:~roguescholar/pam/+git/upstream

Recent commits

c8c84e2... by Tomas Mraz <email address hidden>

Relevant BUGIDs:

Purpose of commit: new feature

Commit summary:
---------------
        * modules/pam_unix/Makefile.am: Add unix_update helper.
        * modules/pam_unix/pam_unix_passwd.c: Move functions i64c(),
        crypt_md5_wrapper(), save_old_password(), _update_passwd() and
        _update_shadow() to passverify.c file. Rename _unix_run_shadow_binary()
        to _unix_run_update_binary(), which also verifies old password and
        does all writing.
        (_do_setpass, pam_sm_chauthtok): lckpwdf()->lock_pwdf(), the same for unlock.
        Call _unix_run_update_binary() appropriately.
        _update_passwd()->unix_update_passwd(), the same for shadow.
        * modules/pam_unix/passverify.c: Add new functions moved from
        pam_unix_passwd.c and unix_chkpwd.c.
        * modules/pam_unix/passverify.h: Likewise.
        * modules/pam_unix/unix_chkpwd.c: Remove SELinux checks. Move
        su_sighandler(), setup_signals(), getuidname() to passverify.c.
        (main): Remove 'shadow' option. Refactor out read_passwords() and
        call it. More strict checking how the binary is called.
        * modules/pam_unix/unix_update.c: New helper binary - non-setuid,
        called from SELinux confined apps only.

c6912ac... by Tomas Mraz <email address hidden>

Relevant BUGIDs:

Purpose of commit: refactorization

Commit summary:
---------------
        * modules/pam_unix/pam_unix_acct.c (_unix_run_verify_binary): Return
        status and daysleft instead of fake shadow entry.
        (pam_sm_acct_mgmt): Call _unix_run_verify_binary() appropriately.
        * modules/pam_unix/pam_unix_passwd.c (_unix_verify_shadow): Call
        get_account_info() and check_shadow_expiry().
        * modules/pam_unix/support.h: Adjust _unix_run_verify_binary()
        prototype.
        * modules/pam_unix/support.c (_unix_run_helper_binary): Remove check
        on selinux enabled/disabled.
        * modules/pam_unix/unix_chkpwd.c (_verify_account): Rename to
        _check_expiry(), now checks shadow expiry info.
        (main): Remove check on selinux enabled/disabled. Check shadow
        expiry through _check_expiry().

bc86f86... by Tomas Mraz <email address hidden>

Relevant BUGIDs:

Purpose of commit: refactorization

Commit summary:
---------------
        * modules/pam_unix/pam_unix_acct.c (pam_sm_acct_mgmt): Call
        get_account_info() and check_shadow_expiry().
        * modules/pam_unix/passverify.c: Add get_account_info() to
        obtain shadow and passwd entry. Add check_shadow_expiry() to
        for shadow password expiry check.
        (get_pwd_hash): Call get_account_info().
        * modules/pam_unix/passverify.h: Add prototypes for get_account_info()
        and check_shadow_expiry().

b5250a6... by Tomas Mraz <email address hidden>

Relevant BUGIDs:

Purpose of commit: branch

Commit summary:
---------------
- pam_unix refactorization step 2

4463902... by Thorsten Kukuk <email address hidden>

Relevant BUGIDs: 1822779, 1822764

Purpose of commit: docufix

Commit summary:
---------------

2007-12-18 Thorsten Kukuk <email address hidden>

        * README: Document how to run make check with static modules
        (SF#1822779).

2007-12-18 Peter Breitenlohner <email address hidden>
        * README: Document that "make check" requires a file
        /etc/pam.d/other (SF#1822764).

75e765b... by Tomas Mraz <email address hidden>

Relevant BUGIDs:

Purpose of commit: cleanup

Commit summary:
---------------
2007-12-12 Eamon Walsh <email address hidden>

        * doc/man/pam_item_types_ext.inc.xml: More appropriate wording
        for PAM_XDISPLAY doc.

8ae5f57... by Tomas Mraz <email address hidden>

Relevant BUGIDs:

Purpose of commit: new feature and cleanup

Commit summary:
---------------
2007-12-07 Tomas Mraz <email address hidden>

        * libpam/libpam.map: Add LIBPAM_MODUTIL_1.1 version.
        * libpam/pam_audit.c: Add _pam_audit_open() and
        pam_modutil_audit_write().
        (_pam_auditlog): Call _pam_audit_open().
        * libpam/include/security/pam_modutil.h: Add pam_modutil_audit_write().
        * modules/pam_access/pam_access.8.xml: Add noaudit option.
        Document auditing.
        * modules/pam_access/pam_access.c: Move fs, sep, pam_access_debug, and
        only_new_group_syntax variables to struct login_info. Add noaudit
        member.
        (_parse_args): Adjust for the move of variables and add support for
        noaudit option.
        (group_match): Add debug parameter.
        (string_match): Likewise.
        (network_netmask_match): Likewise.
        (login_access): Adjust for the move of variables. Add nonall_match.
        Add call to pam_modutil_audit_write().
        (list_match): Adjust for the move of variables.
        (user_match): Likewise.
        (from_match): Likewise.
        (pam_sm_authenticate): Call _parse_args() earlier.
        * modules/pam_limits/pam_limits.8.xml: Add noaudit option.
        Document auditing.
        * modules/pam_limits/pam_limits.c (_pam_parse): Add noaudit option.
        (setup_limits): Call pam_modutil_audit_write().
        * modules/pam_time/pam_time.8.xml: Add debug and noaudit options.
        Document auditing.
        * modules/pam_time/pam_time.c: Add option parsing (_pam_parse()).
        (check_account): Call _pam_parse(). Call pam_modutil_audit_write()
        and pam_syslog() on login denials.

67b5cdd... by Tomas Mraz <email address hidden>

Relevant BUGIDs:

Purpose of commit: translations

Commit summary:
---------------
2007-12-07 Tomas Mraz <email address hidden>

        * po/cs.po: Updated translations.

ad3ad5c... by Tomas Mraz <email address hidden>

Relevant BUGIDs:

Purpose of commit: translations

Commit summary:
---------------
2007-12-07 Luca Bruno <email address hidden>

        * po/it.po: Updated translations.

632dffe... by Tomas Mraz <email address hidden>

Relevant BUGIDs:

Purpose of commit: new feature

Commit summary:
---------------
2007-12-06 Eamon Walsh <email address hidden>

        * libpam/include/security/_pam_macros.h: Add _pam_overwrite_n()
        macro.
        * libpam/include/security/_pam_types.h: Add PAM_XDISPLAY,
        PAM_XAUTHDATA items, pam_xauth_data struct.
        * libpam/pam_item.c (pam_set_item, pam_get_item): Handle
        PAM_XDISPLAY and PAM_XAUTHDATA items.
        * libpam/pam_end.c (pam_end): Destroy the new items.
        * libpam/pam_private.h (pam_handle): Add data members for new
        items. Add prototype for _pam_memdup.
        * libpam/pam_misc.c: Add _pam_memdup.
        * doc/man/Makefile.am: Add pam_xauth_data.3. Replace
        pam_item_types.inc.xml with pam_item_types_std.inc.xml and
        pam_item_types_ext.inc.xml.
        * doc/man/pam_get_item.3.xml: Replace pam_item_types.inc.xml
        with pam_item_types_std.inc.xml and pam_item_types_ext.inc.xml.
        * doc/man/pam_set_item.3.xml: Likewise.
        * doc/man/pam_item_types.inc.xml: Removed file.
        * doc/man/pam_item_types_ext.inc.xml: New file.
        * doc/man/pam_item_types_std.inc.xml: New file.