2 =======================================================================
3 =======================================================================
5 This file is no longer used for tracking changes for Linux-PAM. For
6 user visible changes, please look at the NEWS file. A more verbose
7 list of changes can be found in ChangeLog.
9 =======================================================================
10 =======================================================================
12 -----------------------------
16 - sanitize use of md5 throughout distribution.. Make a static
17 library for helping to develop modules that contains it and other
18 stuff. Also add sha-1 and ripemd-160 digest algorithms.
19 - once above is done. remove hacks from the secret@here module etc..
20 - document PAM_INCOMPLETE changes
21 - verify that the PAM_INCOMPLETE interface is sensible. Can we
22 catch errors? should we permit item changing etc., between
23 pam_authenticate re-invocations?
24 - verify that the PAM_INCOMPLETE interface works (auth seems ok..)
25 - add PAM_INCOMPLETE support to modules (partially added to pam_pwdb)
27 - auth and acct support in pam_cracklib, "yes, I know the password
28 you just typed was valid, I just don't think it was very strong..."
30 ====================================================================
32 If you have found a bug in Linux-PAM (including a documentation bug,
33 or a new feature request and/or patch), please consider filing such a
34 bug report - outstanding bugs are listed here:
36 http://sourceforge.net/tracker/?atid=106663&group_id=6663&func=browse
38 (to file another bug see the 'submit bug' button on that page).
40 ====================================================================
42 0.81: please submit patches for this section with actual code/doc
44 * pam_umask: New module for setting umask from GECOS field, /etc/login.defs
45 or /etc/default/login (kukuk)
46 * configure/pam_strerror: Remove old ugly-hack option for pam_strerror
47 interface change (kukuk)
48 * configure.in: Fix AC_DEFINE usage for autoheader (kukuk)
49 * configure.in/_pam_aconf.h.in: Remove feature.h inclusion (kukuk)
50 * defs: Remove obsolete directory/content (kukuk)
51 * Rename _pam_aconf.h.in to config.h (kukuk)
52 * pam_unix: Don't ignore pam_get_item return value (kukuk)
53 * pam_userdb: Fix regression - crash when crypt param not specified (t8m)
54 * libpam: Remove pam_authenticate_secondary stub (kukuk)
55 * Use autoconf/automake/libtool (kukuk)
56 * pam_securetty: Be fail-close on user lookups, always log failures,
57 not just with "debug" (Solar Designer)
59 * Add translations for cs, de, es, fr, hu, it, ja, nb, pa, pt_BR,
61 * pam_limits: Apply ALT Linux/Owl patch
62 * pam_motd: Apply ALT Linux/Owl patch
63 * libpam: Cache pam_get_user() failures
64 * libpam: Add pam_prompt,pam_vprompt,pam_error,pam_verror,pam_info
65 and pam_vinfo functions for use by modules as extension (kukuk).
66 * pam_cracklib: Make path to cracklib dicts an option (kukuk).
67 * libpam: Add pam_syslog function for unified syslog messages from
69 * pam_tally, pam_time, pam_userdb: use pam_syslog and pam_prompt (ldv)
70 * pam_issue: major cleanup (ldv)
71 * pam_echo: New PAM module for message output (kukuk)
72 * pam_limits: Fix regression from RLIMIT_NICE support (wrong limit
73 values for other limits are applied) patch by Anton Guda
74 * pam_unix: Always honor nis flag on password change (by Aaron Hope)
75 * libpam: Moved functions from pammodutil to libpam (t8m)
76 * pam_lastlog: Cleanup, fix broken logic in pam_parse,
77 modify wtmp by default, nowtmp option switches that off (ldv)
79 0.80: Wed Jul 13 13:23:20 CEST 2005
80 * pam_tally: test for NULL data before dereferencing them (t8m)
81 * pam_unix: fix regression introduced in 0.78 - both NIS and local password
82 should be changed if possible (t8m)
83 * misc_conv: flush input first then print the prompt - fixes problem
84 with expect scripts (t8m)
85 * pam_unix: nis option shouldn't clear the shadow option (t8m)
86 * cleanups and minor bugfixes by Steve Grubb (t8m)
87 * pam_private.h: set PAM_DEFAULT_PROMPT to "login: " (kukuk)
88 * pam_mkhomedir: Create parent directories if they do not already
89 exist (Bug 600351 - kukuk)
90 * pam_mkhomedir: Set owner/permissions of home directory after we
91 created all files (Bug 1032922 - kukuk)
92 * pam_rhosts: Get rid of static buffer for path (kukuk)
93 * pam_selinux/pam_unix/pam_rootok: Add SELinux support based on
94 patch from Red Hat (kukuk)
95 * pam_limits: Correct support of unlimited limits, use correct type
96 for rlimit value (Bug 945449 - kukuk, t8m)
97 * pam_xauth: Unset the XAUTHORITY variable when requesting user is
98 root and target user is not (t8m)
99 * pam_access: Add listsep option to set list element separator by
100 Richard Shaffer (t8m)
101 * pam_limits: Don't reset process priority if none is specified in
102 the config file (Novell #81690 - kukuk)
103 * Fix all occurrence of dereferencing type-punned pointer will break
104 strict-aliasing rules warnings (kukuk)
105 * pam_limits: Support new limits in linux 2.6.12 (t8m)
106 * pam_mkhomedir: change mode datatype (toady)
107 * pam_limits: Don't lowercase login names (kukuk)
109 0.79: Thu Mar 31 16:48:45 CEST 2005
110 * pam_tally: added audit option (toady)
111 * pam_unix: don't log user unknown failure when he can be properly
112 authenticated by another module (t8m)
113 * configure: don't abort if no cracklib dictinaries were found, but
114 warn user that pam_cracklib will not be built (kukuk)
115 * modules/pam_unix/support.c: Fix return value if user aborts while
116 changes the password (Bug 872945 - kukuk)
117 * modules/pam_unix/support.c: Fix return value for an unknown user
119 * pam_limits: support for new Linux kernel 2.6 limits (from toby cabot
121 * pam_tally: major rewrite of the module (t8m)
122 * libpam: don't return PAM_IGNORE for OK or JUMP actions if using
123 cached chain (Bug 629251 - t8m)
124 * pam_nologin: don't overwrite return value with return from
126 * libpam: Add more checks for broken PAM configuration files to
127 avoid seg.faults (kukuk)
128 * pam_shells: correct README
129 * libpam: Fix debug code (kukuk)
130 * pam_limits: Fix order of LIMITS_DEF_* priorities (kukuk)
131 * pam_xauth: preserve DISPLAY variable (Novell #66885 - kukuk)
132 * libpam: Add prelude ids (http://www.prelude-ids.org) support,
133 as experimental. (toady)
134 * configure: Add the directory where new versions of cracklib is
135 installed (from Jim Gifford - toady)
136 * libpamc: Use standard u_intX_t types instead of __uX (kukuk)
138 0.78: Do Nov 18 14:48:36 CET 2004
140 * pam_unix: change the order of trying password changes - local first,
142 * pam_wheel: add option only_root to make it affect authentication
144 * pam_unix: test return values on renaming files and report error to
146 * pam_unix: forced password change shouldn't trump account expiration
147 * pam_unix: remove the use of openlog (from debian - toady)
148 * pam_unix: NIS cleanup (patch from Philippe Troin)
149 * pam_access: you can now authenticate an explicit user on an explicit
150 tty (from debian - toady)
151 * pam_limits, pam_rhosts, pam_unix: fixed hurd portability issues
152 (patch from Igor Khavkine)
153 * pam_env: added comments in the configuration file to avoid errors
154 (from debian - toady)
155 * pam_mail: check PAM_NO_ENV to know if we can delete the environment
156 variable (from debian - toady)
157 * pam_filter: s/termio/termios/g (from debian - toady)
158 * pam_mkhomedir: no maxpathlen required (from debian - toady)
159 * pam_limits: applied patch to allow explicit limits for root
160 and remove limits on su. (from debian - toady)
161 * pam_unix: severe denial of service possible with this module since
162 it locked too aggressively. Bug report and testing help from Sascha
163 Loetz. (Bug 664290 - agmorgan)
164 * getlogin was spoofable: "/tmp/" and "/dev/" have the same number of
165 characters, so 'ln /dev/tty /tmp/tty1 ; bash < /tmp/tty1 ; logname'
166 attacks could potentially spoof pam_wheel with the 'trust' module
167 argument into granting access to a luser. Also, pam_unix gave
168 odd error messages in such a situation (logname != uid). This
169 problem was found by David Endler of iDefense.com (Bug 667584 -
171 * added my new DSA public key to the pgp.keys.asc file. Also included
172 a signed copy of my new public key (1024D/D41A6DF2) made with my old
174 * added "include" directive to config file syntax.
175 The whole idea is to create few "systemwide" pam configs and include
176 parts of them in application pam configs.
177 (patch by "Dmitry V. Levin" <ldv@altlinux.org>) (Bug 812567 - baggins).
178 * doc/modules/pam_mkhomedir.sgml: Remove wrong debug options
180 * pam_unix: Call password checking helper whenever the password field
181 contains only one character (Bug 1027903 - kukuk)
182 * libpam/pam_start.c: All service names should be files below /etc/pam.d
183 and nothing else. Forbid paths. (Bug 1027912 - kukuk)
184 * pam_cracklib: Fix error in distance algorithm in the 0.9 pam_cracklib
185 module (Bug 1010142 - toady)
186 * pam_userdb: applied patch from Paul Walmsley <paul@booyaka.com>
187 it now indicates whether encrypted or plaintext passwords are stored
188 in the database needed for pam_userdb (BerliOS - toady)
189 * pam_group: The module should also ignore PAM_REINITIALIZE_CRED to
190 avoid spurious errors (from Linux distributors - kukuk)
191 * pam_cracklib: Clear the entire options structure (from Linux
192 distributors - kukuk)
193 * pam_issue: We write a NUL to prompt_tmp[tot_size] later, so make sure
194 that the destination is part of the allocated block, make do_prompt
195 static (from Linux distributors - kukuk)
196 * ldconfig: Only run full ldconfig, if we don't install into a FAKEROOT
197 environment, else let ldconfig only create the symlinks correct
198 (from Linux distributors - kukuk)
199 * pam_unix/pam_pwdb: Use SIG_DFL instead of SIG_IGN for SIGCHLD
200 (from Linux distributors - kukuk)
201 * Add most of Steve Grubb's resource leak and other fixes (from
202 Linux distributors - kukuk)
203 * doc/Makefile: Don't include .cvsignore files in tar ball (kukuk)
204 * libpam_misc/misc_conv.c: Differentiate between Ctrl-D and
205 <Return> (Bug 1032604 - kukuk)
206 * Make.Rules.in: Add targets for installing man pages for modules
207 (from Linux distributors - kukuk)
208 * Add pam_xauth module (Bug 436440 - kukuk)
209 * Add pam_localuser module (Bug 436444 - kukuk)
210 * Add pam_succeed_if module (from Linux distributors - kukuk)
211 * configure.in: Fix check for libcrypt (Bug 417704 - kukuk)
212 * Add the "broken_shadow" argument to pam_unix, for ignoring errors
213 reading shadow information (from Linux distributors - kukuk)
214 * Add patches to make PAM modules reentrant (Bug 440107 - kukuk)
215 * Merge patches from Red Hat (Bug 477000 and other - kukuk)
216 * Fix pam_rhosts option parsing (Bug 922648 - kukuk)
217 * Add $ISA support in config files (from Red Hat - kukuk)
219 0.77: Mon Sep 23 10:25:42 PDT 2002
221 * documentation support for pdf files was not quite right -
222 installation was messed up.
223 * pam_wheel was too aggressive to grant access (in the case of the
224 'deny' option you want to pay attention to 'trust'). Fix from
225 Nalin (Bugs 476951, 476953 - agmorgan)
226 * account management support for: pam_shells, pam_listfile, pam_wheel
227 and pam_securetty (+ static module fix for pam_nologin). Patch from
228 redhat through Harald Welte (Bug 436435 - agmorgan).
229 * pam_wheel feature from Nalin - can use the module to provide wheel
230 access to non-root accounts. Also from Nalin, a bugfix related to
231 the primary group of the applicant is the 'wheel' group. (Bugs
232 476980, 476941 - agmorgan)
233 * pam_unix and pam_pwdb: by default turn off the SIGCHLD handler while
234 running the helper binary (patch from Nalin) added the "noreap"
235 module argument to both of these modules to turn off this new
236 default. Bugfix found by Silvan Minghetti for former module and
237 521314 checkin. (Bugs 476963, 521314 - agmorgan).
238 * updated CHANGELOG and configure.in for 0.77 work.
240 0.76: Mon Jul 8 21:44:59 PDT 2002
242 * pam_unix: fix for legacy crypt() support when the password entered
243 was long. (Bug 521314 - agmorgan).
244 * pam_access no longer include gethostname() prototype complaint from
245 David Lee (Bug 415423 - agmorgan).
246 * make pam_nologin more secure by default, added two new module
247 arguments etc. - acting on suggestion from Nico (Bug 419307 -
249 * link in libpam to libpam_misc - since the latter uses functions in
250 the former it makes some sort of sense to do this (although, in the
251 static library case, I remain to be convinced). (Bug 565470 -
253 * absorbed some of the proposed darwin (OS X) changes from Luke Howard
254 (of PADL software) - hopefully will get the rest (see Rob Braun's
255 534205) by 0.77 (Bug 491466 - agmorgan).
256 * README fix for pam_unix from Nalin (Bug 476971 - agmorgan).
257 * add support for building pdf files from the documentation - request
258 from 'lolive' (Bug 471377 - agmorgan).
259 * documented the equivalent '[..]' expressions for "required"
260 etc. Request from Ross Patterson (Bug 529078 - agmorgan).
261 * '[...]' parsing: document it and also fix it to support '\]' escape
262 sequence. Feature request from Russell Kliese (Bug 517064 -
264 * pam_rootok: compilation warning noted by Tony den Haan wrt no
265 prototype for strcmp() (Bug 557322 - agmorgan).
266 * documentation: (a few of mine in passing) and app documentation
267 suggestions regarding PAM environment variables and module
268 documentation changes regarding the conversation function from Jenn
269 Vesperman (Bug 527821, 527965 - agmorgan)
270 * documentation: pam_time.sgml typo fixed, pam_motd exists now,
271 correct Red Hat comment about config files (Bugs 554274, 554261,
273 * pam_limits: added '%' domain for maxlogins limiting, now '*' and @group
274 have the old meaning (every) and '%' the new one (all)
275 (Bug 533664 - baggins)
276 * pam_limits: put not so interesting log messages under debug arg
277 (Bug 533668 - baggins)
278 * pam_access: added the 'fieldsep=' argument (Bug 547051 - agmorgan),
279 made a PAM_RHOST of "" equivalent to NULL (Bug 547521 - agmorgan).
280 * pam_limits: keep well know behaviour of maxlogins default ('*') limit
281 (Bug 533664 - baggins)
282 * pam_unix: more from Nalin log password changes (Bug 517743 - agmorgan)
283 * pam_limits: make it use the priority value specified in config
284 (bug 530428 - baggins)
285 * pam_unix: removed broken code in password update code. Report from
286 Len Lattanzi (Bug 507379 - agmorgan)
287 * pam_mkhomedir: recurse directories. Patch from Nalin (Bug 476981 -
289 * pam_limits can handle negative priority limits now (which can apply
290 to the superuser too) - based on patch from Nalin. Also cleanup the
291 error handling that was very sloppy before. Also, courtesy of Berend
292 De Schouwe get the math right on login counting (Bug 476990, 476987,
294 * documentation: random typo fixes from Nalin and more stuff from me
295 (Bug 476949, Tasks 43507, 17426 - agmorgan)
296 * A Tru64 fix (given other stuff has already resolved this, it
297 actually just a comment actually) from 'Eddie'. (Bug 418450 -
299 * pam_handlers: BSD fix from Dag-Erling Smørgrav and Anton Berezin
300 (Bug 486063 - agmorgan)
301 * added the dynamic/* directory to the distribution. If you go in
302 there after building the rest of the tree, you'll make a pam.so
303 object that can be used by something like a java runtime with
304 dlopen. Its not very well tested - caveat emptor. (Bug 232194 -
306 * somehow pam_unix has started forcing the user prompt to be "login: ".
307 This is entirely inapropriate as it overrides PAM_USER_PROMPT. (Bug
309 * added a static module helper library object includes a few changes
310 to examples/xsh.c for testing purposes (added a simple shell wrapper
311 for running xsh with the sandbox libraries), and also modified the
312 pam_rhosts_auth module to use this new library. (Bug 490938, 409852
314 * pam_unix: fix 'likeauth' to kill off the memory leak once and for all.
315 (Bug 483959 - vorlon)
316 * pam_unix: restore handling of 'likeauth' argument to a known working
317 state; prettify AUTH_RETURN macro; remove redundant argv checks in
318 pam_sm_setcred() (Bugs 483959, 113596 - vorlon)
319 * pam_cracklib: another try at implementing similar() from Harald
320 Welte and Nalin (Bugs 436053, 476957 - agmorgan)
321 * pam_access: default access.conf file contained a type (console
322 instead of LOCAL) fix from Nalin (Bug 476934 - agmorgan)
323 * pam_unix: fixed bizarre memory leak pointed out by Fernando Trias
324 (Bug 483959 - agmorgan)
325 * misc string comparison length checking changes from Nalin. Modules
326 touched, pam_cracklib, pam_listfile, pam_unix, pam_wheel (Bug 476947 -
328 * pam_userdb: require that all of typed password matches that in
329 database report and fix from Vladimir Pastukhov. (Bug 484252 - agmorgan)
330 * pam_malloc: revived malloc debugging code, now tied to
331 --enable-memory-debug and added strdup() support (Bug 485454 - agmorgan)
332 * pam_tally: Nalin's fix for lastlog corruption (Bug 476985 - agmorgan)
333 * pam_rhosts: Nalin adds support for '+hostname', and zdd fix
334 compilation warning. (Bug 476986 - agmorgan)
335 * pam_motd: Nalin fixed compiler warning. (Bug 476938 - agmorgan)
336 * pam_pwdb: Solar Designer pointed out that there was a problem with
337 the compatibility support for md5 password hashing. (Bug 460717,
339 * pam_issue: Nalin found segfaulting problems if the PAM_USER_PROMPT
340 is unset, found some similar problems with assumptions about
341 realloc. (Bug 476983 - agmorgan)
342 * pam_env: 'weichangyang of hotmail' pointed out a wild string with no
343 valid '\0' was leading to problems with sshd and suggested fix (Bug
345 * MANDIR cleanup. It defaults to /usr/share/man, but can be overridden
346 using the --enable-mandir ./configure option, similarly for DOCDIR
347 from Nalin (Bug 476940 - agmorgan)
348 * pam_filter cleanup (including moving the filter directory) Nalin
349 and Harald Welte (Bugs 436057, 476970 - agmorgan)
350 * db3 is now recognized as a libdb candidate (Bug 435764 - agmorgan)
351 * more changes (extracted from redhat version) courtesy of
352 Harald Welte (Bugs pam_limits=436061, pam_lastlog=436060,
353 pam_mkhomedir/pam_env=435991 - agmorgan)
354 * fix for legacy behavior of pam_setcred and pam_close_session in
355 the case that pam_authenticate and pam_open_session hadn't been
356 called - bug report from Seongwan Park. (Bug 468724 - agmorgan)
357 * some BSD updates and fixes from Mark Murray - including a slightly
358 more robust conversation function and some minimization of gcc
359 warnings. (Bugs 449203,463984 - agmorgan)
360 * verified that the setcred stack didn't suffer from the bug I was
361 nervous about, add a new module pam_debug to help me test this.
362 fixed a libpam/pam_dispatch.c instrumentation line that I tripped
363 over when testing. Also restructured pam_warn to help here (Bug
365 * pam_unix/support.c: sample use of reentrant NSS function. Not yet active,
366 because modules do not include _pam_aconf_h! (Bug 440107 - vorlon)
367 * doc/Makefile changes - use $(mandir) [courtesy Harald Welte] (Bug
368 435760) and add some rules to make/delete the draft rfc I've been
369 working on (Task 17426 - agmorgan)
370 * pam_modules.sgml: sourceforge has changed its CVS viewing software
371 (Bug 460491 - agmorgan)
372 * pam_unix_passwd: got rid of an annoying warning (Bug 461089 - agmorgan)
373 * configure.in, _pam_aconf.h.in: set the stage for fully reentrant PAM
374 modules, with some infrastructure to detect getxxbyxx_r() functions
375 (Bug 440107 - vorlon)
376 * pam_unix: removed superfluous use of static variables in md5 and bigcrypt
377 routines, bringing us a step closer to thread-safeness. Eliminated
378 some variable indirection along the way. (Bug 440107 - vorlon)
379 * pam_tally: remove #include of stdlib.h, which isn't needed by anything
380 found in this module. Can be readded if we find a real need for it at
381 a later date. (Bug 436432 - vorlon)
382 * pam_tally: added an #include (was it really needed?) and made the
383 pam_tally app install (with more pretty printing and a corrected
384 Makefile dependency) motivated by a (red hat diff) courtesy of Harald
385 Welte (Bug 436432 - agmorgan)
386 * configure.in changes to help support non-Linux environments courtesy
387 of Scott T. Emery (Bug 422563 - agmorgan)
388 * made a pam_cracklib enhancement to interpret -ve limits in a
389 sensible fashion contributed by Werner Puschitz (Bug 413162 -
391 * another fix for the latest number of rlimits available to pam_limits
392 (Bug 424060 - agmorgan)
393 * removed stale link from pam_pwdb documentation (Bug 433460 - agmorgan)
394 * pam_appl.sgml change - more discussion of choosing a service name
395 (Bug 417512 - agmorgan)
396 * more specific linking requirements for -lndbm for pam_userdb - from
397 David Lee (Bug 417339 - agmorgan)
398 * a large number of small changes to make AIX support better (Bug
400 * $(MAKE) instead of 'make' - from Scott T. Emery (Bug 422144 -
402 * c++ header fixes for pam_misc.h and pam_client.h - from Alexandre
403 Sagala (Bug 420270 - agmorgan)
404 * pam_access fixes - looks out for trailing '.' - from Carlo Marcelo
405 Arenas Belon (Bug 419631 - agmorgan)
406 * don't zero out password strings during pam_unix's password changing
407 function (Bug 419803 - vorlon)
408 * propagate some definitions to the _pam_aconf.h file - from David Lee
409 (Bug 415419 - agmorgan)
410 * solaris GCC OS_CFLAGS change from David Lee (Bug 415412 - agmorgan)
411 * added a comment to this CHANGELOG to explain why most of the bugids
412 used below appear not to be known to sourceforge [try adding 100000
413 to the bugid number.] (Bug 414943 - agmorgan)
414 * bumped version numbers and also added support for SONAME defines
415 that appear not to have survived the great autoconf experiment (Bug
418 0.75: Sat Apr 7 23:10:50 PDT 2001
422 This release contains backwardly incompatible changes to
423 libpam. Prior versions were buggy - see bugfix for Bug 129775.
427 * made 0.75 release (Bug 414665 - agmorgan)
428 * pam_pwdb has been removed from the suggested pam.conf template. I've
429 replaced it with pam_unix. (Bug 227565 - agmorgan)
430 * pam_limits - Richard M. Yumul reported that "<domain> -" didn't
431 work, first fix suggested by Werner Puschitz (Bug 404953 - agmorgan)
432 * Nicolay Pelov suggested a simple fix for freebsd support (Bug 407282
434 * Michel D'HOOGE submitted documentation fixes (Bug 408961 - agmorgan)
435 * fix for module linking directions (Bug 133545 - agmorgan)
436 * fix for glibc-2.2.2 compilation of pam_issue (Bug 133542 - agmorgan)
437 * fix pam_userdb to make and link both .o files it needs - converse()
438 wasn't being linked! (Bug 132880 - agmorgan)
439 * added some sys-admin documentation for the pam_tally module (Bug
441 * added a link to module examples from the module writers doc (Bug
443 * fixed a small security hole (more of a user confusion issue) with
444 the unix and pwdb password helper binaries. The beef is described in
445 the bug report, but no uid change was possible so no-one should
446 think they need to issue a security bulletin over this one! (Bug
448 * pam_lastlog needs to be linked with -lutil, also removed ambiguity
449 from sysadmin guide regarding this module being a 'session' module
450 (Bug 131549 - agmorgan).
451 * pam_cracklib needs to be linked with -lcrypt (old password checking)
452 (Bug 131601 - agmorgan).
453 * fixes for static library builds and also the examples when linked
454 with the debugging build of the libraries. (Bug 131783 - agmorgan)
455 * fixed URL for original RFC to a cached kernel.org file. (Bug 131503
457 * quoted the $CRACKLIB_DICTPATH test in configure.in (Bug 130130 -
459 * improved handling of the setcred/close_session and update chauthtok
460 stack. *Warning* This is a backwardly incompatable change, but 'more
461 sane' than before. (Bug 129775 - agmorgan)
462 * bumped the version number, and added some code to assist in making
463 documentation releases (Bug 129644 - agmorgan).
465 0.74: Sun Jan 21 22:36:08 PST 2001
467 * made 0.74 release (Bug 129642 - agmorgan)
468 * libpam - cleaned up a few non-static functions to be static and added
469 support for libpam to enforce things like pam_[gs]et_data() and
470 AUTHTOK rules for using the API. Also documented pam_[gs]et_item()
471 a little better including return codes (Bugs 129027, 128576 -
473 * pam_access - fixed the non-default config file option (Bug 127561 -
475 * pam.8 manual page clarified with respect to the default location for
476 finding modules, also added some text describing the [...] control
477 syntax. (Bug 127625 - agmorgan)
478 * md5.h ia64 fixes for pam_unix and pam_pwdb (Bug 127700 - agmorgan)
479 * removed requirement for c++ from the configure{.in,} files (Bug
481 * removed subdirectories from man page redirections (124396 - baggins)
482 * per David Lee, fixed non-POSIX shell command in modules/pam_filter/Makefile
483 (Bug 126440 - vorlon)
484 * modify format of pam_unix log messages to include service name
485 (Bug 126423 - vorlon)
486 * prevent pam_unix from logging unknown usernames (Bug 126431 - vorlon)
487 * changed format of pam_unix 'authentication failure' log messages to make
488 them clearer and more consistent (Bug 126036 - vorlon)
489 * improved portability of pam_unix by eliminating Linux-specific utmp
490 defines in PAM_getlogin() (Bug 125704 - vorlon)
491 * removed static variables from pam_tally (Bug 117434 - agmorgan)
492 * added copyright message to pam_access module from original logdaemon
493 sources (Bug 125022 - agmorgan)
494 * configure.in - removed the GCC -Wtraditional flag (Bug 124923 - agmorgan)
495 * pam_mail - use PAM_PATH_MAILDIR as the location of mail spool
496 (Bug 124397 - baggins)
497 * _pam_aconf.h.in, configure.in - added PAM_PATH_MAILDIR set via
498 --with-mailspool=dir option (default is _PAM_MAILDIR if defined
499 in paths.h otherwise /var/spool/mail (Bug 124397 - baggins)
500 * removed unnecessary CVS Log tags from all over the source
501 (Bug 124391 - baggins)
502 * pam_tally - check for PAM_TTY if PAM_RHOST is not set when writing
503 to faillog (Bug 124394 - baggins)
504 * use O_NOFOLLOW if available when opening debug log (Bug 124385 - baggins)
505 * pam_cracklib - removed comments about pam_unix not working with
506 pam_cracklib, added information about use_authtok parameter
507 (Bug 124388 - baggins)
508 * pam_userdb - fixed wrong definition of struct pam_module (was pam_wheel)
509 (Bug 124386 - baggins)
510 * fixed example/Makefile include path (Bug 124187, 127563(?) - agmorgan)
511 * pam_userdb compiles on RH5x. Also removed circular dependency on
512 configure.in. Also bumped revision number to 0.74. (Bug 124136 -
515 0.73: Sat Dec 2 00:04:04 PST 2000
517 * updated documentaion revisions and added 'make release' support
518 to the top level Makefile (Bug 124132 - agmorgan).
519 * documented Qmail support in pam_mail (Bug 109219 - baggins)
520 * add change_uid option to pam_limits, and set real uid only if
521 this option is present (Bug 124062 - baggins)
522 * pam_limits - set real uid to the user for who we set limits.
523 (Bug 123972 - baggins)
524 * removed static variables from pam_limits (thread safe now). (Bug
526 * removed static variable from pam_wheel (module should be thread safe
527 now). (Bug 112906 - agmorgan)
528 * added support for '/' symbols in pam_time and pam_group config files
529 (support for modern terminal devices). Fixed infinite loop problem
530 with '\\[^\n]' in these files. (Bug 116076 - agmorgan)
531 * avoid potential SIGPIPE when writing to helper binaries with (Bug
533 * replaced bogus logic in the pam_cracklib module for determining if
534 the replacement is too similar to the old password (Bug 115055 -
536 * added accessconf=<filename> feature to pam_access - request from
537 Aldrin Martoq and Meelis Roos (Bugs 111927,117240 - agmorgan)
538 * fix for pam_limit module not dealing with all limits Adam J. Richter
539 (Bug 119554 - agmorgan)
540 * comment fix describing fail_delay callback in _pam_types.h (Bug
542 * "likeauth" fix for pam_unix and pam_pwdb which (Bug 113596 - agmorgan)
543 * fix for pam_unix (support.c) to avoid segfault with NULL password
544 (Bug 113238 - vorlon)
545 * fix to pam_unix_passwd: try repeatedly to get a lock on the password
546 file, instead of failing immediately (Bug 108845 - fix vorlon)
547 * fix to pam_shells: logged information was not formatted correctly
548 (extra comma) (Bug 111491 - fix vorlon)
549 * fix for C++ application support (Bug 111645 - fix agmorgan)
550 * fix for typo in pam_client.h (Bug 111648 - fix agmorgan)
551 * removal of -lpam from pam_mkhomedir Makefile (Bug 116380 - fix agmorgan)
552 * autoconf support [Task ID 15788, Bug ID 108297 - agmorgan with help!]
553 - bugfix for libpamc.h include file [Bug ID 117476 - agmorgan]
554 - bugfix for pam_filter.h inclusion [Bug ID 117474 - agmorgan]
556 0.72: Mon Dec 13 22:41:11 PST 1999
558 * patches from Debian (Ben Collins): pam_ftp supports event driven
559 conversations now; pwdb_chkpwd cleanup; pam_warn static compile fix;
560 user_db compiler warnings removed; debian defs file; pam_mail can
561 now be used as a session module
562 * ndbm compilation option for user_db module (fix explained by Richard Khoo)
563 * pam_cracklib bug fix
564 * packaging fixes & build from scratch stuff (Konst Bulatnikov & Frodo
566 * -ldl appended to the libpam.so compilation make rule. (Charles Seeger)
567 * Red Hat security patch for pam_pwdb forwarded by Debian! (Ben
568 Collins. Fix provided by Andrey as it caught the problem earlier in the
570 * heuristic to prevent leaking filedescriptors to an agent. [This needs
571 to be better supported perhaps by an additional libpamc API function?]
572 * pam_userdb segfault fix from (Ben Collins)
573 * PAM draft spec extras added at request of 'sen_ml'
575 0.71: Sun Nov 7 20:21:19 PST 1999
577 * added -lc to linker pass for pam_nologin module (glibc is weird).
578 * various header changes to lower the number of warnings on glibc
579 systems (Dan Yefimov)
580 * merged a bunch of Debian fixes/patches/documentation (Ben Collins)
581 things touched: libpam (minor); doc/modules/pam_unix.sgml; pam_env
582 (plus docs); pam_mkhomedir (new module for new home directories on
583 the fly...); pam_motd (new module); pam_limits (adjust to match
584 docs); pam_issue (new module + doc) [Some of these were also
585 submitted by Thorsten Kukuk]
586 * small hack to lower the number of warnings that pam_client.h was
588 * debian and SuSE apparently can use the pam_ftp module, so
589 removed the obsolete comment about this from the docs. (Thorsten
592 0.70: Fri Oct 8 22:05:30 PDT 1999
594 * bug fix for parsing of value=action tokens in libpam/pam_misc.c was
595 segfaulting (Jan Rekorajski and independently Matthew Melvin)
596 * numerous fixes from Thorsten Kukuk (icluding much needed fixes for
597 bitrot in modules and some documentation) that got included in SuSE 6.2.
598 * reentrancy issues in pam_unix and pam_cracklib resolved (Jan Rekorajski)
599 * added hosts_equiv_rootok module option to pam_rhosts module (Tim Berger)
600 * added comment about 'expose_account' module argument to admin and
601 module writers' docs (request from Michael K Johnson).
602 * myriad of bug fixes for libpamc - library now built by default and
603 works with the biomouse fingerprint scanner agent/module
604 (distributed separately).
606 0.69: Sun Aug 1 20:25:37 PDT 1999
608 * c++ header #ifdef'ing for pam_appl.h (Tuomo Pyhala)
609 * added pam_userdb module (Cristian Gafton)
610 * minor documentation changes
611 * added in revised pam_client library (libpamc). Not installed by
612 default yet, since the example agent/module combo is not very secure.
613 * glibc fixes (Thorsten Kukuk, Adam J. Richter)
615 0.68: Sun Jul 4 23:04:13 PDT 1999
617 * completely new pam_unix module from Jan Rekorajski and Stephen Langasek
618 * Jan Rekorajski pam_mail - support for Maildir format mailboxes
619 * Jan Rekorajski pam_cracklib - support for old password comparison
620 * Jan Rekorajski bug fix for pam_pwdb setcred reusing auth retval
621 * Andrey's pam_tally patch (lstat -> fstat)
622 * Robert Milkowski's additional pam_tally patches to **change format of
623 /var/log/faillog** to one from shadow-utils, add new option "per_user"
624 for pam_tally module, failure time logging, support for fail_line
625 field, and support for fail_locktime field with new option
627 * pam_tally: clean up the tally application too.
628 * Marcin Korzonek added process priority settings to pam_limits (bonus
629 points for adding to documentation!)
630 * Andrey's pam_pwdb patch (cleanup + md5 endian fubar fix)
631 * more binary prompt preparations (make misc conv more compatible with spec)
632 * modified callback hook for fail delay to be more useful with event
633 driven applications (changed function prototype - suspect no one
634 will notice). Documented this in app developer guide.
635 * documentation for pam_access from Tim Berger
636 * syntax fixes for the documentation - a long time since I've built it :*(
637 added some more names to the CREDITS file.
639 0.67: Sat Jun 19 14:01:24 PDT 1999
641 * [dropped libpam_client - libpamc will be in the next release and
642 conforms to the developing spec in doc/specs/draft-morgan-pam.raw.
643 Sorry if you are keeping a PAM tree in CVS. CVS is a pain for
644 directories, but this directory was actually not referenced by
645 anything so the disruption should be light.]
646 * updates to pam_tally from Tim
647 * multiple updates from Stephen Langasek to pam_unix
648 * pam_filter had some trouble compiling (bug report from Sridhar)
649 * pam_wheel now attempts to identify the wheel group for the local
650 system instead of blindly assuming it is gid=0. In the case that
651 there is no "wheel" group, we default to assuming gid=0 is what was
652 meant - former behavior. (courtesy of Sridhar)
653 * NIS+ changes to pam_unix module from Dmitry O Panov
654 * hopefully, a fix for redefinition of LOG_AUTHPRIV (bug report Luke
655 Kenneth Casson Leighton)
656 * fix for minor typo in pam_wheel documentation (Jacek Kopecky)
657 * slightly more explanation of the [x=y] pam.conf syntax in the sys
660 0.66: Mon Dec 28 20:22:23 PST 1998 <morgan@linux.kernel.org>
662 * Started using cvs to keep track of changes to Linux-PAM. This will
663 likely break some of the automated building stuff (RPMs etc..).
664 * security bug fix to pam_unix and pam_tally from Andrey.
665 * modules make file is now more automatic. It should be possible to
666 unpack an external module in the modules directory and have it automatically
667 added to the build process. Also added a modules/download-all script
668 that will make such downloading easier. I'm happy to receive patches to
669 this file, informing the distribution of places from which to enrich itself.
670 * removed pam_system_log stuff. Thought about it long and hard: a
671 bad idea. If libc cannot guarantee a thread safe syslog, it needs
672 to be fixed and compatibility with other PAM libraries was
673 unnecessarily strained.
674 * SAG documentation changes: Seth Chaiklin
675 * rhosts: problems with NIS lookup failures with the root-uid check.
676 As a work-around, I've partially eliminated the need for the lookup
677 by supplying two new arguments: no_uid_check, superuser=<username>.
678 As a general rule this is more pluggable, since this module might be
679 used as an authentication scheme for a network service that does not
680 need root privilege...
681 * authenticate retval -> setcred for pam_pwdb (likeauth arg).
682 * pam_pwdb event driven support
683 * non openlog pam_listfile logging
684 * BUGFIX: close filedescriptor in pam_group and pam_time (Emmanuel Galanos)
685 * Chris Adams' mailhash change for pam_mail module
686 * fixed malloc failure check in pam_handlers.c (follow up to comment
688 * update to _pam_compat.h (Brad M. Garcia)
689 * support static modules in libpam again (Brad M. Garcia)
690 * libpam/pam_misc.c for egcs to grok the code (Brad M. Garcia)
691 * added a solaris-2.5.1 defs file (revived by Derrick J Brashear)
692 * pam_listfile logs failed attempts
693 * added a comment (Michael K Johnson pointed it out) about sgml2latex
694 having a new syntax. I'll make it the change real when I upgrade...
695 * a little more text to the RFC, spelling fix from William J Buffam.
696 * minor changes to pam_securetty to accommodate event driven support.
698 0.65: Sun Apr 5 22:29:09 PDT 1998 <morgan@linux.kernel.org>
700 * added event driven programming extensions to libpam
701 - added PAM_INCOMPLETE handling to libpam/pam_dispatch.c
702 - added PAM_CONV_AGAIN which is a new conversation response that
703 should be mapped to PAM_INCOMPLETE by the module.
704 - ensured that the pam_get_user() function can resume
705 - changes to pam_strerror to accommodate above return codes
706 - clean up _pam_former_state at pam_end()
707 - ensured that former state is correctly initialized
708 - added resumption tests to pam_authenticate(), pam_chauthtok()
709 - added PAM_FAIL_DELAY item for pausing on failure
711 * improved _pam_macros.h so that macros can be used as single commands
714 * reimplemented logging to avoid bad interactions with libc. Added
715 new functions, pam_[,v]system_log() to libpam's API. A programmer
716 can check for this function's availablility by checking if
717 HAVE_PAM_SYSTEM_LOG is #defined.
719 * removed the reduce conflict from pam_conv1 creation -- I can sleep
722 * made building of static and dynamic libpam separate. This is
723 towards making it possible to build both under Solaris (for Derrick)
725 * made USE_CRACKLIB a condition in unix module (Luke Kenneth Casson Leighton)
727 * automated (quiet) config installation (Andrey)
729 0.64: Thu Feb 19 23:30:24 PST 1998 Andrew Morgan <morgan@linux.kernel.org>
731 * miscellaneous patches for building under Solaris (Derrick J Brashear)
733 * removed STATIC support from a number of module Makefiles. Notably,
734 these modules are those that use libpwdb and caused difficulties
735 satisfying the build process. (Please submit patches to fix this...;)
737 * reomved the union for binary packet conversations from
738 (_pam_types.h). This is now completely implemented in libpam_client.
740 * Andrey's patch for working environment variable handling in
743 * made the libpam_misc conversation function a bit more flexible with
744 respect to binary conversations.
746 * added top level define (DEBUG_REL) for compiling in the form of
747 a debugging release. I use this on a Red Hat 4.2 system with little
748 chance of crashing the system as a whole. (Andrey has another
749 implementation of this -- with a spec file to match..)
751 0.63: Wed Jan 28 22:55:30 PST 1998 Andrew Morgan <morgan@linux.kernel.org>
753 * added libpam_client "convention" library. This makes explicit the
754 use of PAM_BINARY_PROMPT. It is a first cut, so don't take it too
755 seriously yet. Comments/suggestions for improvements are very
756 welcome. Note, this library does not compile by default. It will
757 be enabled when it is judged stable. The library comes with two
758 module/agent pairs and can be used with ssh using a patch available
759 from my pre-release directory [where you got this file.]
761 * backward compatibility patch for libpam/pam_handlers.c (PAM_IGNORE
762 was working with neither "requistie" nor "required") and a DEBUG'ing
763 compile time bug with pam_dispatch.c (Savochkin Andrey Vladimirovich)
765 * minor Makefile change from (Savochkin Andrey Vladimirovich)
767 * added pam_afsauth, pam_afspass, pam_restrict, and pam_syslog hooks
770 * pam_access use of uname(2) problematic (security problem
771 highlighted by Olaf Kirch).
773 * pam_listfile went a bit crazy reading group membersips (problem
774 highlighted by Olaf Kirch and patched independently by Cristian
775 Gafton and Savochkin Andrey Vladimirovich)
777 * compatibility hooks for solaris and hpux (Derrick J Brashear)
779 * 64 bit Linux/alpha bug fixed in pam_rhosts (Andrew D. Isaacson)
781 0.62: Wed Jan 14 14:10:55 PST 1998 Andrew Morgan <morgan@linux.kernel.org>
783 * Derrick J Brashear's patches: adds the HP stuff missed in the first
784 patch; adds SunOS support; adds support for the Solaris native ld
785 instead of requiring gnu ld.
787 * last line of .rhosts file need not contain a newline. (Bug reported by
790 0.61: Thu Jan 8 22:57:44 PST 1998 Andrew Morgan <morgan@linux.kernel.org>
792 * complete rewrite of the "control flag" logic. Formerly, we were
793 limited to four flags: requisite, required, sufficient, optional.
794 We can now use these keywords _and_ a great deal more besides.
795 The extra logic was inspired by Vipin Samar, a preliminary patch was
796 written by Andy Berkheimer, but I "had some ideas of my own" and
797 that's what I've actually included. The basic idea is to allow the
798 admin to custom build a control flag with a series of token=value
799 pairs inside square brackets. Eg., '[default=die success=ok]' which
800 is pretty close to a synonym for 'requisite'. I'll try to document it
801 better in the sys-admin guide but I'm pretty sure it is a change for
802 the better.... If what is in the sys-admin guide is not good enough
803 for you, just take a look at the source for libpam ;^)
805 0.59: Thu Jan 8 22:27:22 PST 1998 Andrew Morgan <morgan@linux.kernel.org>
807 * better handling of empty lines in .rhosts file. (Formerly, we asked
808 the nameserver about them!) Fix from Hugh Daschbach.
810 * _broke_some_binary_compatibility_ with previous versions to become
811 compliant with X/Open's XSSO spec. Specifically, this has been
812 by changing the prototype for pam_strerror().
814 * altered the convention for the conversation mechanism to agree
815 with that of Sun. (number of responses 'now=' number of messages
816 with help from Cristian for finding a bug.. Cristian also found a
817 nasty speradic segfault bug -- Thanks!)
819 * added NIS+ support to pam_unix_*
821 * fixed a "regular file checking" problem with the ~/.rhosts sanity
822 check. Added "privategroup" option to permit group write permission
823 on the ~/.rhosts file in the case that the group owner has the same
824 name as the authenticating user. :*) "promiscuous" and "suppress"
827 * added glibc compatibility to pam_rhosts_auth (protected __USE_MISC
828 with #ifndef since my libc already defines it!).
830 * Security fix from Savochkin Andrey Vladimirovich with suggested
831 modification from Olaf Seibert.
833 * preC contains mostly code clean-ups and a number of changes to
838 * pam_getenvlist() has a more robust definition (XSSO) than was previously
839 thought. It would seem that we no longer need pam_misc_copy_env()
840 which was there to provide the robustness that pam_getenvlist()
843 Accordingly, I have REMOVED the prototype from libpam_misc. (The
844 function, however, will remain in the library as a wrapper for
845 legacy apps, but will likely be removed from libpam_misc-1.0.) PLEASE
846 FIX YOUR APPS *BEFORE* WE GET THERE!
848 * Alexy Nogin reported garbage output from pam_env in the case of
849 a non-existent environment variable.
851 * 'fixed' pwdb compilation for pam_wheel. Not very cleanly
852 done.. Mmmm. Should really clean up the entire source tree...
854 * added prototypes for mapping functions
858 various constants have had there names changed. Numerical values have
859 been retained but be aware some source old modules/applications will
860 need to be fixed before recompilation.
864 * appended documentation to README for pam_rhosts module (Nicolai
867 * verified X/Open compatibility of header files - note, where we differ
868 it is at the level of compilation warnings and the use of 'const char *'
869 instead of 'char *'. Previously, Sun(X/open) have revised their spec
870 to be more 'const'-ervative in the light of comments from Linux-PAM
873 * Ooops! PAM_AUTHTOKEN_REQD should have been PAM_NEW_AUTHTOK_REQD.
875 changed: pam_pwdb(pam_unix_acct) (also bug fix for
876 _shadow_acct_mgmt_exp() return value), pam_stress,
877 libpam/pam_dispatch, blank, xsh.
879 * New: PAM_AUTHTOK_EXPIRED - password has expired.
881 * Ooops! PAM_CRED_ESTABLISH (etc.) should have been PAM_ESTABLISH_CRED
882 etc... (changed - this may break some people's modules - PLEASE TAKE
884 changed: pam_group, pam_mail, blank, xsh; module and appl
885 docs, pam_setcred manual page.
887 * renamed internal _pam_handle structure to be pam_handle as per XSSO.
889 * added PAM_RADIO_TYPE (for multiple choice input method). Also
890 added PAM_BINARY_{MSG,PROMPT} (for interaction out of sight of user
891 - this could be used for RSA type authentication but is currently
892 just there for experimental purposes). The _BINARY_ types are now
893 usable with hooks in the libpam_misc conversation function. Still
894 have to add PAM_RADIO_TYPE.
896 * added pam_access module (Alexei Nogin)
898 * added documentation for pam_lastlog. Also modified the module to
899 not (by default) print "welcome to your new account" when it cannot
900 find a utmp entry for the user (you can turn this on with the
903 * small correction to the pam_fail_delay manual page. Either the appl or
904 the modules header file will prototype this function.
906 * added "bigcrypt" (DEC's C2) algorithm(0) to pam_pwdb. (Andy Phillips)
908 * *BSD tweaking for various #include's etc. (pam_lastlog, pam_rhosts,
909 pam_wheel, libpam/pam_handlers). (Michael Smith)
911 * added configuration directory $SCONFIGED for module specific
914 * added two new "linked" man pages (pam.conf(8) and pam.d(8))
916 * included a reasonable default for /etc/pam.conf (which can be
917 translated to /etc/pam.d/* files with the pam_conv1 binary)
919 * fixed the names of the new configuration files in
920 conf/pam_conv1/pam_conv.y
924 * pam_lastlog fixed to handle UID in virgin part of /var/log/lastlog
925 (bug report from Ronald Wahl).
927 * grammar fix in pam_cracklib
929 * segfault avoided in pam_pwdb (getting user). Updating of passwords
930 that are directed to a "new" database are more robust now (bug noted
931 by Michael K. Johnson). Added "unix" module argument for migrating
932 passwords from another database to /etc/passwd. (documentation
933 updated). Removed "bad username []" warning for empty passwords -
934 on again if you supply the 'debug' module argument.
936 * ctrl-D respected in conversation function (libpam_misc)
938 * Removed -DPAM_FAIL_DELAY_ON from top-level Makefile. Nothing in
939 the distribution uses it. I guess this change happened a while
940 back, basically I'm trying to make the module parts of the
941 distribution "source compatible" with the RFC definition of PAM.
942 This implementation of PAM is a superset of that definition. I have
943 added the following symbols to the Linux-PAM header files:
945 PAM_DATA_SILENT (see _pam_types.h)
946 HAVE_PAM_FAIL_DELAY (see _pam_types.h)
947 PAM_DATA_REPLACE (see _pam_modules.h)
949 Any module (or application) that wants to utilize these features,
950 should check (#ifdef) for these tokens before using the associated
951 functionality. (Credit to Michael K. Johnson for pointing out my
952 earlier omission: not documenting this change :*)
954 * first stab at making modules more independent of full library
955 source. Modules converted:
961 * pam_env.c: #include <errno.h> added to ease GNU libc use. (Michael
964 * pam_unix_passwd fixes to shadow aging code (Eliot Frank)
966 * added README for pam_tally
968 0.57: Fri Apr 4 23:00:45 PST 1997 Andrew Morgan <morgan@parc.power.net>
970 * added "nodelay" argument to pam_pwdb. This can be used to turn off
971 the call to pam_fail_delay that takes effect when the user fails to
972 authenticate themself.
974 * added "suppress" argument to pam_rhosts_auth module. This will stop
975 printing the "rlogin failure message" when the user does not have a
978 * Extra fixes for FAKEROOT in Makefiles (Savochkin Andrey
981 * pam_tally added to tree courtesy of Tim Baverstock
983 * pam_rhosts_auth was failing to read NFS mounted .rhosts
984 files. (Fixed by Peter Allgeyer). Refixed and further enhanced
985 (netgroups) by Nicolai Langfeldt. [Credit also to G.Wilford for some
986 changes that were not actually included..]
988 * optional (#ifdef PAM_READ_BOTH_CONFS) support for parsing of pam.d/
989 AND pam.conf files (Elliot Lee).
991 * Added (and signed) Cristian's PGP key. (I've never met him, but I am
992 convinced the key belongs to the guy that is making the PAM rpms and
993 also producing libpwdb. Please note, I will not be signing anyone
994 else's key without a personal introduction..)
996 * fixed erroneous syslog warning in pam_listfile (Savochkin Andrey
997 Vladimirovich, whole file reformatted by Cristian)
999 * modified pam_securetty to return PAM_IGNORE in the case that the user's
1000 name is not known to the system (was previously, PAM_USER_UNKNOWN). The
1001 Rationale is that pam_securetty's sole purpose is to prevent superuser
1002 login anywhere other than at the console. It is not its concern that the
1003 user is unknown - only that they are _not_ root. Returning
1004 PAM_IGNORE, however, insures that the pam_securetty can never be used to
1005 "authenticate" a non-existent user. (Cristian Gafton with bug report from
1008 * Modified pam_nologin to display the no-login message when the user
1009 is not known. The return value in this case is still PAM_USER_UNKNOWN.
1010 (Bug report from Cristian Gafton)
1012 * Added NEED_LCKPWD for pam_unix/ This is used to define the locking
1013 functions and should only be turned on if you don't have them in
1016 * tidied up pam_lastlog and pam_pwdb: removed function that was never used.
1018 * Note for package maintainers: I have added $(FAKEROOT) to the list of
1019 environment variables. This should help greatly when you build PAM
1020 in a subdirectory. I've gone through the tree and tried to make
1021 everything compatible with it.
1023 * added pam_env (courtesy of Dave Kinchlea)
1025 * removed pam_passwd+ from the tree. It has not been maintained in a
1026 long time and running a shell script was basically insecure. I've
1027 indicated where you can pick up the source if you want it.
1029 * #define HAVE_PAM_FAIL_DELAY . Applications can conditionally compile
1030 with this if they want to see if the facility is available. It is
1031 now always available. (corresponding compilation cleanups..)
1033 * _pam_sanitize() added to pam_misc. It purges the PAM_AUTHTOK and
1034 PAM_OLDAUTHTOK items. (calls replaced in pam_auth and pam_password)
1036 * pam_rhosts now knows about the '+' entry. Since I think this is a
1037 dangerous thing, I have required that the sysadmin supply the
1038 "promiscuous" flag for it in the corresponding configuration file
1039 before it will work.
1041 * FULL_LINUX_PAM_SOURCE_TREE exported from the top level make file.
1042 If you want to build a module, you can test for this to determine if
1043 it should take its directions from above or supply default locations
1044 for installation. Etc.
1046 0.56: Sat Feb 15 12:21:01 PST 1997 <morgan@parc.power.net>
1048 * pam_handlers.c can now interpret the pam.d/ service config tree:
1049 - if /etc/pam.d/ exists /etc/pam.conf is IGNORED
1050 (otherwise /etc/pam.conf is treated as before)
1052 . config files are named (in lower case) by service-name
1053 . config files have same syntax as /etc/pam.conf except
1054 that the "service-name" field is not present. (there
1055 are thus three manditory fields (and arguments are
1058 module-type control-flag module-path optional-args...
1062 * included conf/pam_conv1 for converting pam.conf to a pam.d/ version
1063 1.0 directory tree. This program reads a pam.conf file on the
1064 standard input stream and creates ./pam.d/ (in the local directory)
1065 and fills it with ./pam.d/"service-name" files.
1067 *> Note: It will fail if ./pam.d/ already exists.
1069 PLEASE REPORT ANY BUGS WITH THIS CONVERSION PROGRAM... It currently
1070 cannot retain comments from the old conf file, so take care to do this
1071 by hand. Also, please email me with the fix that makes the
1072 shift/reduce conflict go away...
1074 * Added default module path to libpam for modules (see pam_handlers.c)
1075 it makes use of Makfile defined symbol: DEFAULT_MODULE_PATH which is
1076 inhereted from the defs/* variable $(SECUREDIR). Removed module
1077 paths from the sample pam.conf file as they are no longer needed.
1079 * pam_pwdb can now verify read protected passwords when it is not run
1080 by root. This is via a helper binary that is setuid root.
1082 * pam_permit now prompts for a username if it is not already determined
1084 * pam_rhosts now honors "debug" and no longer hardwire's "root" as the
1087 * pam_securetty now honors the "debug" flag
1089 * trouble parsing extra spaces fixed in pam_time and pam_group
1091 * added Michael K. Johnson's PGP key to the pgp.keys.asc list
1093 * pam_end->env not being free()'d: fixed
1095 * manuals relocated to section 3
1097 * fixed bug in pam_mail.c, and enhanced to recognize '~' as a prefix
1098 to indicate the $HOME of the user (courtesy David
1099 Kinchlea). *Changed* from a "session" module to an "auth"
1100 module. It cannot be used to authenticate a user, but it can be used
1101 in setting credentials.
1103 * fixed a stupid bug in pam_warn.. Only PAM_SERVICE was being read :*(
1105 * pam_radius rewritten to exclusively make use of libpwdb. (minor fix
1106 to Makefile for cleaning up - AGM)
1108 * pam_limits extended to limit the total number of logins on a system
1111 * libpam and libpam_misc use $(MAJOR_REL) and $(MINOR_REL) to set their
1112 version numbers [defined in top level makefile]
1114 * bugfix in sed command in defs/redhat.defs (AGM's fault)
1116 * The following was related to a possibility of buffer overruns in
1117 the syslogging code: removed fixed length array from syslogging
1118 function in the following modules [capitalized the log identifier
1119 so the sysadmin can "know" these are fixed on the local system],
1121 pam_ftp, pam_stress, pam_rootok, pam_securetty,
1122 pam_listfile, pam_shells, pam_warn, pam_lastlog
1124 pam_unix_passwd (where it was definitely _not_ exploitable)
1126 0.55: Sat Jan 4 14:43:02 PST 1997, Andrew Morgan <morgan@parc.power.net>
1128 * added "requisite" control_flag to /etc/pam.conf syntax. [See
1129 Sys. Admin. Guide for explanation] changes to pam_handlers.c
1131 * completely new handling of garbled pam.conf lines. The modus
1132 operandi now is to assume that any errors in the line are minor.
1133 Errors of this sort should *most definitely* lead to the module
1134 failing, however, just ignoring the line (as was the case
1135 previously) can lead to gaping security holes(! Not foreseen by the
1136 RFC). The "motivation" for the RFC's comments about ignoring garbled
1137 lines is present in spirit in the new code: basically a garbled line
1138 is treated like an instance of the pam_deny.so module.
1139 changes to pam_handlers.c and pam_dispatch.c .
1141 * patched libpam, to (a) call _pam_init_handlers from pam_start() and
1142 (b) to log a text error if there are no modules defined for a given
1143 service when a call to a module is requested. [pam_start() and
1144 pam_dispatch() were changed].
1146 * patched pam_securetty to deal with "/dev/" prefix on PAM_TTY item.
1148 * reorganized the modules/Makefile to include *ALL* modules. It is now
1149 the responsibility of the modules themselves to test whether they can
1150 be compiled locally or not.
1152 * modified pam_group to add to the getgroups() list rather than overwrite
1153 it. [In the case of "HAVE_LIBPWDB" we use the pwdb_..() calls to
1154 translate the group names.]. Module now pays attention to
1157 * identified and removed bugs in field reading code of pam_time and
1160 * Cristian's patches to pam_listfile module, corresponding change to
1163 * I've discovered &ero; for sgml!
1164 Added pam_time documentation to the admin guide.
1166 * added manual pages: pam.8, pam_start.2(=pam_end.2),
1167 pam_authenticate.2, pam_setcred.2, pam_strerror.2,
1168 pam_open_session.2(=pam_close_session.2) and pam_chauthtok.2 .
1170 * added new modules:
1172 - pam_mail (tells the user if they have any new mail
1173 and sets their MAIL env variable)
1174 - pam_lastlog (reports on the last time this user called
1177 * new module hooks provided.
1179 * added a timeout feature to the conversation function in
1180 libpam_misc. Documented it in the application developers' guide.
1182 * fixed bug in pam_misc_paste_env() function..
1184 * slight modifications to wheel and rhosts writeup.
1186 * more security issues added to module and application guides.
1189 Things present but not mentioned in previous release (sorry)
1191 * pam_pwdb module now resets the "last_change" entry before updating a
1195 Sat Nov 30 19:30:20 PST 1996, Andrew Morgan <morgan@parc.power.net>
1197 * added environment handling to libpam. involved change to _pam_types.h
1198 also added supplementary functions to libpam_misc
1200 * added pam_radius - Cristian
1202 * slight speed up for pam_rhosts
1204 * significantly enhanced sys-admin documentation (8 p -> 41 p in
1205 PostScript). Added to other documentation too. Mostly the changes
1206 in the other docs concern the new PAM-environment support, there is
1207 also some coverage of libpam_misc in the App. Developers' guide.
1209 * Cristian's patches to pam_limits and pam_pwdb. Fixing bugs. (MORE added)
1211 * adopted Cristian's _pam_macros.h file to help with common macros and
1212 debugging stuff, gone through tree tidying up debugging lines to use
1213 this [not complete].
1215 - for consistency replaced DROP() with _pam_drop()
1217 * commented memory debugging in top level makefile
1219 * added the following modules
1221 - pam_warn log information to syslog(3) about service application
1222 - pam_ftp if user is 'ftp' then set PAM_RUSER/PAM_RHOST with password
1223 (comment about nologin added to last release's notes)
1225 * modified the pam_listfile module. It now declares a meaningful static
1228 Sun Nov 10 13:26:39 PST 1996, Andrew Morgan <morgan@parc.power.net>
1230 **PLEASE *RE*AMEND YOUR PERSONAL LINKS**
1232 -------> http://parc.power.net/morgan/Linux-PAM/index.html <-------
1234 **PLEASE *RE*AMEND YOUR PERSONAL LINKS**
1236 A brief summary of what has changed:
1238 * many modules have been modified to accomodate fixing the pam_get_user()
1239 change. Please take note if you have a module in this distribution.
1241 * pam_unix is now the pam_unix that Red Hat has been using and which
1242 should be fairly well debugged.
1244 - I've added some #ifdef's to make it compile for me, and also
1245 updated it with respect to the libpam-0.53, so have a look at the
1246 .../modules/pam_unix/Makefile to enable cracklib and shadow features
1248 ** BECAUSE OF THIS, I cannot guarantee this code works as it **
1249 ** did for Red Hat. Please test and report any problems. **
1251 * the pam_unix of .52 (renamed to pam_pwdb) has been enhanced and made
1252 more flexible with by implementing it with respect to the new
1253 "Password Database Library" see
1255 http://parc.power.net/morgan/libpwdb/index.html
1257 modules included in this release that require this library to
1258 function are the following:
1260 - pam_pwdb (ne pam_unix-0.52 + some enhancements)
1265 * Added some optional code for memory debugging. In order to support
1266 this you have to enable MEMORY_DEBUG in the top level makefile and
1267 also #define MEMORY_DEBUG in your applications when they are compiled.
1268 The extra code resides in libpam (compiled if MEMORY_DEBUG is defined)
1269 and the macros for malloc etc. are to be found at the end of
1272 * used above code to locate two memory leaks in pam_unix module and two
1273 in libpam (pam_handlers.h)
1275 * pam_get_user() now sets the PAM_USER item. After reading the Sun
1276 manual page again, it was clear that it should do this. Various
1277 modules have been assuming this and now I have modified most of them
1278 to account for this change. Additionally, pam_get_user() is now
1279 located in the module include file; modules are supposed to be the
1280 ones that use it(!) [Note, this is explicitly contrary to the Sun
1281 manual page, but in the spirit of the Linux distribution to date.]
1283 * replaced -D"LINUX" with -D"LINUX_PAM" as this is more explicit and less
1284 likely to be confused with -D"linux".
1285 Also, modified the libpam #include files to behave more like the Sun
1286 ones #ifndef LINUX_PAM.
1288 * removed <bf/ .. / from documentation titles. This was not giving
1289 politically correct html..
1291 ----- My vvvvvvvvvvvvvvvvvvv was a long time ago ;*] -----
1293 Wed Sep 4 23:57:19 PDT 1996 (Andrew Morgan <morgan@physics.ucla.edu>
1295 0. Before I begin, Linux-PAM has a new primary distribution site (kindly
1296 donated by Power Net Inc., Los Angeles)
1298 **PLEASE AMMEND YOUR PERSONAL LINKS**
1300 -------> http://www.power.net/morgan/Linux-PAM <-------
1302 **PLEASE AMMEND YOUR PERSONAL LINKS**
1304 1. I'm hoping to make the next release a bug-fix release... So please find
1307 2. here are the changes for .52:
1309 * minor changes to module documentation [Incidently, it is now
1310 available on-line from the WWW page above]. More changes to follow in
1311 the next two releases. PLEASE EMAIL me or the list if there is
1312 anything that isn't clear!
1314 * completely changed the unix module. Now a single module for all four
1315 management groups (this meant that I could define all functions as
1316 static that were not part of the pam_sm_... scheme. AGM)
1318 - Shadow support added
1319 PASSWD - Elliot's account management included, and enhanced by Cristian Gafton.
1320 - MD5 password support added by Cristian Gafton.
1321 - maxtries for authentication now enforced.
1322 - Password changing function in pam_unix now works!
1323 Although obviously, I'm not going to *guarantee* it ;^) .
1324 - stole Marek's locking code from the Red Hat unix module.
1325 [ If you like you can #ifdef it in or out ... ]
1327 You can configure the module more from its Makefile in
1328 0.52/modules/pam_unix/
1330 If you are nervous that it will destroy your /etc/passwd or shadow
1331 files then EDIT the 0.52/modules/pam_unix/pam_unix_pass.-c file.
1332 Here is the warning comment from this file...
1334 -------------8<-----------------
1337 * Uncomment the following #define if you are paranoid, and do not
1338 * want to risk losing your /etc/passwd or shadow files.
1339 * It works for me (AGM) but there are no guarantees.
1343 /* #define TMP__FILE */
1344 ------------->8-----------------
1346 *** If anyone has any trouble, please *say*. Your problem will be
1347 fixed in the next release. Also please feel free to scour the
1348 code for race conditions etc...
1350 [* The above change requires that you purge your /usr/lib/security
1351 directory of the old pam_unix_XXX.so modules: they will NOT be deleted
1352 with a 'make remove'.]
1354 * the prototype for the cleanup function supplied to pam_set_data used
1355 to return "int". According to Sun it should be "void". CHANGED.
1357 * added some definitions for the 'error_status' mask values that are
1358 passed to the cleanup function associated with each
1359 module-data-item. These numbers were needed to keep up with changing
1360 a data item (see for example the code in pam_unix/support.-c that
1361 manages the maximum number of retries so far). Will see what Sun says
1362 (current indications are positive); this may be undone before 1.0 is
1363 released. Here are the definitions (from pam_modules.h).
1365 #define PAM_DATA_SILENT 0x40000000 /* used to suppress messages... */
1366 #define PAM_DATA_REPLACE 0x20000000 /* used when replacing a data item */
1368 * Changed the .../conf/pam.conf file. It now points to the new
1369 pam_unix module for 'su' and 'passwd' [can get these as SimpleApps --
1370 I use them for testing. A more extensive selection of applications is
1371 available from Red Hat...]
1373 * corrected a bug in pam_dispatch. Basically, the problem was that if
1374 all the modules were "sufficient" then the return value for this
1375 function was never set. The net effect was that _pam_dispatch_aux
1376 returned success when all the sufficient modules failed. :^( I think
1377 this is the correct fix to a problem that the Red Hat folks had
1380 sopwith* Removed advisory locking from libpam (thanks for the POSIX patch
1381 goes to Josh Wilmes's, my apologies for not using it in the
1382 end.). Advisory locking did not seem sufficiently secure for libpam.
1383 Thanks to Werner Almesberger for identifying the corresponding "denial
1384 of service attack". :*(
1386 * related to fix, have introduced a lock file /var/lock/subsys/PAM
1387 that can be used to indicate the system should pay attention to
1388 advisory locking on /etc/pam.conf file. To implement this you need to
1389 define PAM_LOCKING though. (see .52/libpam)
1391 * modified pam_fail_delay() function. Couldn't find the "not working"
1392 problem indicated by Michael, but modified it to do pseudo-random
1393 delays based on the values indicated by pam_fail_delay() -- the
1394 function "that may eventually go away"... Although Sun is warming to
1397 * new modules include:
1399 pam_shells - authentication for users with a shell listed in
1400 /etc/shells. Erik Troan <ewt@redhat.com>
1402 pam_listfile - authentication based on the contents of files.
1403 Set to be more general than the above in the
1404 future. UNTESTED. Elliot Lee <@redhat.com>
1405 [Note, this module compiles with a non-trivial
1408 Thu Aug 8 22:32:15 PDT 1996 (Andrew Morgan <morgan@physics.ucla.edu>)
1410 * modified makefiles to take more of their installation instructions
1411 from the top level makefile. Desired for integration into the Debian
1412 distribution, and generally a good idea.
1414 * fixed memory arithmetic in pam_handlers
1415 -- still need to track down why failure to load modules can lead to
1416 authentication succeding..
1418 * added tags for new modules (smartcards from Alex -- just a promise
1419 at this stage) and a new module from Elliot Lee; pam_securetty
1421 * I have not had time to smooth out the wrinkles with it, but Alex's
1422 pam_unix modifications are provided in pam_unix-alex (in the modules
1423 directory) they will not be compiled by 'make all' and I can't even
1424 say if they do compile... I will try to look at them for .52 but, in
1425 the mean time please feel free to study/fix/discuss what is there.
1427 * pam_rhosts module. Removed code for manually setting the ruser
1428 etc. This was not very secure.
1430 * [remade .ps docs to be in letter format -- my printer complains
1433 Sunday July, 7 12:45:00 PST 1996 (Andrew Morgan <morgan@physics.ucla.edu>)
1435 * No longer accompanying the Linux-PAM release with apps installed.
1436 [Will provide what was here in a separate package.. (soon)
1437 lib Also see http://www.redhat.com/pam for some more (in .rpm form...)]
1439 * renamed libmisc to libpam_misc. It is currently configured to only compile
1440 the static library. For some strange reason (perhaps someone can
1441 investigate) my Linux 2.0.0 kernel with RedHat 3.0.3 system
1442 segfaults when I compile it to be a dynamic library. The segfault
1443 seems to be inside the call to the ** dl_XXX ** function...!?
1445 There is a simple flag in the libpam_misc/Makefile to turn on dynamic
1448 * Added a little unofficial code for delay support in libpam (will probably
1449 disappear later..) There is some documentation for it in the pam_modules
1450 doc now. That will obviously go too.
1452 * rewritten pam_time to use *logic* to specify the stringing together of
1453 users/times/terminals etc.. (what was there before was superficially
1454 logical but basically un-predictable!)
1456 * added pam_group. Its syntax is almost identical to pam_time but it
1457 has another field added; a list of groups to make the user a member
1458 of if they pass the previous tests. It seems to not co-exist too well
1459 with the groups in the /etc/group but I hope to have that fixed by
1462 * minor re-formatting of pam_modules documentation
1464 * removed ...// since it wasn't being used and didn't look like it
1467 GCCSunday 23 22:35:00 PST 1996 (Andrew Morgan <morgan@physics.ucla.edu>)
1469 * The major change is the addition of a new module: pam_time for
1470 restricting access on terminals at given times for indicated users
1471 it comes with its own configuration file /etc/security/time.conf
1472 and the sample file simply restricts 'you' from satisfying the blank
1473 application if they try to use blank from any tty*
1475 * Small changes include
1476 - altered pam.conf to demonstrate above new module (try typing username: you)
1477 - very minor changes to the docs (pam_appl and pam_modules)
1479 Saturday June 2 01:40:00 PST 1996 (Andrew Morgan <morgan@physics.ucla.edu>)
1481 *** PLEASE READ THE README, it has changed ***
1483 * NOTE, 'su' exhibits a "system error", when static linking is
1484 used. This is because the pam_unix_... module currently only has
1485 partial static linking support. This is likely to change on Monday
1486 June 3, when Alex makes his latest version availible. I will include
1487 the updated module in next release.
1491 * modified the way in which libpam/pam_modules.h defines prototypes for
1492 the pam_sm_ functions. Now the module must declare which functions it
1493 is to provide *before* the #include <security/pam_modules.h> line.
1494 (for contrasting examples, see the pam_deny and pam_rootok modules)
1495 This removed the ugly hack of defining functions that are never called
1496 to overcome warnings... This seems much tidier.
1497 insterted* updated the TODO list. (changed mailing list address)
1498 * updated README in .../modules to reflect modifications to static
1499 compliation protocol
1500 * modified the pam_modules documentation to describe this.
1501 * corrected last argument of pam_get_item( ... ) in
1502 pam_appl/modules.sgml, to "const void **".
1503 * altered GNU GPL's in the documentation, and various other parts of
1504 the distribution. *Please check* that any code you are responsible for
1506 * Added ./Copyright (please check that it is acceptable)
1507 * updated ./README to make current and indicate the new mailing list
1509 * have completely rewritten pam_filter. It now runs modular filter
1510 executables (stored in /usr/sbin/pam_filter/) This should make it
1511 trivial for others to write their own filters.. If you want yours
1512 included in the distribution please email the list/me.
1513 * changes to libpam; there was a silly bug with multiple arguments on a
1514 pam.conf line that was broken with a '\<LF>'.
1515 * 'su' rearranged code (to make better use of PAM)
1516 *Also* now uses POSIX signals--this should help the Alpha port.
1517 * 'passwd' now uses getlogin() to determine who's passwords to change.
1519 Sunday May 26 9:00:00 PST 1996 (Andrew Morgan <morgan@physics.ucla.edu>)
1521 * fixed module makefiles to create needed dynamic/static subdirectories
1523 Saturday May 25 20:30:27.8 PST 1996 (Andrew Morgan <morgan@physics.ucla.edu>)
1525 * LOTS has changed regarding how the modules/libpam are built.
1526 * Michael's mostly complete changes for static support--see below
1527 (Andrew got a little carried away and automated the static linking
1528 of modules---bugs are likely mine ;( )
1529 * Thanks mostly to Michael, libpam now compiles without a single warning :^]
1530 * made static modules/library optional.
1531 CFLAGS* added 'make sterile' to top level makefile. This does extraclean and remove
1532 * added Michael and Joseph to documentation credits (and a subsection for
1533 future documentation of static module support in pam_modules.sgml)
1534 * libpam; many changes to makefiles and also automated the inclusion of
1535 static module objects in pam_static.c
1536 * modified modules for automated static/dynamic support. Added static &
1537 dynamic subdirectories, as instructed by Michael
1538 * removed an annoying syslog message from pam_filter: "parent exited.."
1539 * updated todo list (anyone know anything about svgalib/X? we probably should
1540 have some support for these...)
1542 Friday May 24 16:30:15 EDT 1996 (Michael K. Johnson <johnsonm@redhat.com>)
1544 * Added first (incomplete) cut at static support.
1546 . changes in libpam, including a new file, pam_static.c
1547 . changes to modules including exporting struct of function pointers
1548 . static and dynamic linking can be combined
1549 . right now, the only working combinations are just dynamic
1550 linking and dynamic libpam.so with static modules linked
1551 into libpam.so. That's on the list of things to fix...
1552 . modules are built differently depending on whether they
1553 are static or dynamic. Therefore, there are two directories
1554 under each module directory, one for static, and one for
1556 * Fixed random brokenness in the Makefiles. [ foo -nt bar ] is
1557 rather redundant in a makefile, for instance. Also, passing
1558 on the command line is broken because it cannot be
1559 overridden in any way (even adding important parts) in lower-level
1561 * Unfortunately, fixing some of the brokenness meant that I used
1562 GNU-specific stuff. However, I *think* that there was GNU-specific
1563 stuff already. And I think that we should just use the GNU
1564 extensions, because any platform that GNU make doesn't port to
1565 easily will be hard to port to anyway. It also won't be likely
1566 passwd to handle autoconf, which was Ted's suggestion for getting
1567 around limitations in standard make...
1568 For now, I suggest that we just use some simple GNU-specific
1571 Monday May 20 22:00:00 PST 1996 (Andrew Morgan <morgan@physics.ucla.edu>)
1573 * added some text to pam_modules.sgml
1574 * corrected Marek's name in all documentation
1575 * made pam_stress conform to chauthtok conventions -- ie can now request
1576 old password before proceeding.
1577 * included Alex's latest unix module
1578 * included Al's + password strength checking module
1579 * included pam_rootok module
1580 * fixed too many bugs in libpam.. all subtly related to the argument lists
1581 or use of syslog. Added more debugging lines here too.
1582 * fixed the pam.conf file
1583 * deleted pam_test module. It is pretty old and basically superceeded
1586 Friday May 9 1:00:00 PST 1996 (Andrew Morgan <morgan@physics.ucla.edu>)
1588 * updated documentaion, added Al Longyear to credits and corrected the
1589 spelling of Jeff's name(!). Most changes to pam.sgml (even added a figure!)
1590 * new module pam_rhosts_auth (from Al Longyear)
1591 * new apps rlogind and ftpd (a patch) from Al.
1592 * modified 'passwd' to not call pam_authenticate (note, none of the
1593 modules respect this convention yet!)
1594 * fixed bug in libpam that caused trouble if the last line of a
1595 pam.conf file ends with a module name and no newline character
1596 * also made more compatable with documentation, in that bad lines in
1597 pam.conf are now ignored rather than causing libpam to return an
1599 * libpam now overwrites the AUTHTOKs when returning from
1600 pam_authenticate and pam_chauthtok calls (as per Sun/RFC too)
1601 * libpam is now installed as libpam.so.XXX in a way that ldconfig can
1605 Wednesday May 1 22:00:00 PST 1996 (Andrew Morgan <morgan@physics.ucla.edu>)
1607 * removed .../test directory, use .../examples from now on.
1608 * added .../apps directory for fully functional applications
1609 - the apps directory contains directories that actually contain the apps.
1610 the idea is to make application compilation conditional on the presence
1611 of the directory. Note, there are entries in the Makefile for
1612 'login' and 'ftpd' that are ready for installation... Email me if
1613 you want to reserve a directory name for an application you are
1615 * similar changes to .../modules makefile [entries for pam_skey and
1616 pam_kerberos created---awaiting the directories.] Email me if you
1617 want to register another module...
1618 * minor changes to docs.. Not really worth reprinting them quite yet!
1620 * added misc_conv to libmisc. it is a generic conversation function
1621 for text based applications. [would be nice to see someone create
1622 an Xlib and/or svgalib version]
1623 * fixed ctrl-z/c bug with pam_filter module [try xsh with the default
1625 * added 'required' argument to 'pam_stress' module.
1626 * added a TODO list... other suggestions to the list please.
1628 Saturday April 7 00:00:00 PST 1996 ( Andrew Morgan <morgan@physics.ucla.edu> )
1630 * Alex and Marek please note I have altered _pam_auth_unix a little, to
1631 make it get the passwords with the "proper method" (and also fixed it
1632 to not have as many compiler warnings)
1633 * updated the conf/pam.conf file
1634 * added new example application examples/xsh.c (like blank but invokes
1636 * Marc's patches for examples/blank.c (and AGM's too)
1637 * fixed stacking of modules in libpam/pam_handlers.c
1638 * fixed RESETing in libpam/pam_item.c
1639 * added new module modules/pam_filter/ to demonstrate the possibility
1640 of inserting an arbitrary filter between the terminal and the
1641 application that could do customized logging etc... (see use of
1642 bin/xsh as defined in conf/pam.conf)
1645 Saturday March 16 19:00:00 PST 1996 ( Andrew Morgan <morgan@physics.ucla.edu> )
1647 These notes are for 0.3 I don't think I've left anything important
1648 out, but I will use emacs 'C-x v a' next time! (Thanks Jeff)
1650 * not much has changed with the functionality of the Linux-PAM lib
1652 - pam_password calls module twice with different arguments
1653 - added const to some of the function arguments
1654 - added PAM_MAX_MES_ to <security/_pam_types.h>
1655 - was a lot over zealous about purging old passwords...
1656 I have removed much of this from source to make it
1657 more compatible with SUN.
1658 - moved some PAM_... tokens to pam_modules.h from _pam_types.h
1659 (no-one should notice)
1661 * added three modules: pam_permit pam_deny pam_stress
1662 no prizes for guessing what the first two do. The third is
1663 a reasonably complete (functional) module. Is intended for testing
1666 * fixed a few pieces of examples/blank.c so that it works (with
1669 * ammended the documentation. Looking better, but suggestions/comments
1672 Sunday March 10 10:50:00 PST 1996 ( Andrew Morgan <morgan@physics.ucla.edu> )
1674 These notes are for Linux-PAM release 0.21. They cover what's changed
1675 since I relased 0.2.
1678 * substantially changed ./README
1679 * fixed bug reading \\\n in pam.conf file
1680 * small changes to documentation
1681 * added `blank' application to ./examples (could be viewed as
1682 a `Linux-PAM aware' application template.)
1683 * oops. now including pam_passwd.o and pam_session.o in pamlib.so
1684 * compute md5 checksums for all the source when making a release
1685 - added `make check' and `make RCScheck' to compute md5 checksums
1686 * create a second tar file with all the RCS files in.
1687 * removed the .html and .txt docs, supplying sgml sources instead.
1688 - see README for info on where to get .ps files
1690 Thursday March 6 0:44:?? PST 1996 ( Andrew Morgan <morgan@physics.ucla.edu> )
1692 These notes are for Linux-PAM release 0.2. They cover what's changed
1693 since Marc Ewing relased 0.1.
1695 **** Please note. All of the directories in this release have been modified
1696 **** slightly to conform to the new pamlib. A couple of new directories have
1697 **** been added. As well as some documentation. If some of your code
1698 **** was in the previous release. Feel free to update it, but please
1699 **** try to conform to the new headers and Makefiles.
1701 * Andrew Morgan (morgan@physics.ucla.edu) is making this release
1702 availible, Marc has been busy...!
1704 * Marc's pam-0.1/lib has been (quietly) enhanced and integrated into
1705 Alex Yurie's collected tree of library and module code
1706 (linux-pam.prop.1.tar.gz). Most of the changes are to do with error
1707 checking. Some more robustness in the reading of the pam.conf file
1708 and the addition of the pam_get_user() function.
1710 * The pam_*.h files have been reorganized to logically enforce the
1711 separation of modules from applications. [Don't panic! Apart from
1712 changing references of the form
1714 #include "pam_appl.h"
1718 #include <security/pam_appl.h>
1720 The reorganization should be backwardly compatable (ie. a module
1721 written for SUN will be as compatable as it was before with the
1722 previous version ;)~ ]
1724 (All of the source in this tree now conforms to this scheme...)
1726 The new reorganization means that modules can be compiled with a
1727 single header, <security/pam_modules.h>, and applications with
1728 <security/pam_appl.h>.
1730 * I have tried to remove all the compiler warnings from the updated
1731 "pamlib/*.c" files. On my system, (with a slightly modified <dlfcn.h>
1732 email me if it interests you..) there are only two warnings that
1733 remain: they are that ansi does not permit void --> fn ptr
1734 assignment. K&Rv2 doesn't mention this....? As a matter of principle,
1735 if anyone knows how to get rid of that warning... please
1736 tell. Thanks! "-pedantic"
1738 * you can "make all" as a plain user, but
1740 * to "make install" you must be root. The include files are placed in
1741 /usr/include/security. The libpam.so library is installed in /usr/lib
1742 and the modules in /usr/lib/security. The two test binaries
1743 are installed in the Linux-PAM-0.2/bin directory and a chance is given to
1744 replace your /etc/pam.conf file with the one in Linux-PAM-0.2/conf.
1746 * I have included some documentation (pretty preliminary at the
1747 moment) which I have been working on in .../doc .
1749 I have had a little trouble with the modules, but atleast there are no
1750 segfaults! Please try it out and discuss your results... I actually
1751 hope it all works for you. But, Email any bugs/suggestions to the
1752 Linux-PAM list: linux-pam@mit.edu .....
1757 (morgan@physics.ucla.edu)
1760 Sat Feb 17 17:30:24 EST 1996 (Alexander O. Yuriev alex@bach.cis.temple.edu)
1762 * conf directory created with example of pam_conf
1763 * stable code from pam_unix is added to modules/pam_unix
1764 * test/test.c now requests username and password and attempts
1765 to perform authentication