Relevant BUGIDs:

Purpose of commit: new feature

Commit summary:
---------------
2008-11-28  Tomas Mraz <t8m@centrum.cz>

        * modules/pam_tally2/pam_tally2.c (tally_check): Fix info format
        to be the same as in pam_tally.

        * configure.in: Add modules/pam_timestamp/Makefile.
        * doc/sag/Linux-PAM_SAG.xml: Include pam_timestamp.xml.
        * doc/sag/pam_timestamp.xml: New.
        * libpam/pam_static_modules.h: Add pam_timestamp static struct.
        * modules/Makefile.am: Add pam_timestamp directory.
        * modules/pam_timestamp/Makefile.am: New.
        * modules/pam_timestamp/README.xml: New.
        * modules/pam_timestamp/hmacsha1.h: New.
        * modules/pam_timestamp/sha1.h: New.
        * modules/pam_timestamp/pam_timestamp.8.xml: New.
        * modules/pam_timestamp/pam_timestamp_check.8.xml: New.
        * modules/pam_timestamp/pam_timestamp.c: New.
        * modules/pam_timestamp/pam_timestamp_check.c: New.
        * modules/pam_timestamp/hmacfile.c: New.
        * modules/pam_timestamp/hmacsha1.c: New.
        * modules/pam_timestamp/sha1.c: New.
        * modules/pam_timestamp/tst-pam_timestamp: New.
        * po/POTFILES.in: Add pam_timestamp sources.
        * po/*.po: Regenerate.
        * po/cs.po: Updated translations.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------
2008-11-28  Tomas Mraz <t8m@centrum.cz>

        * modules/pam_unix/unix_update.c (set_password): Allow root to change
        passwords without verification of the old ones.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

2008-11-25  Thorsten Kukuk  <kukuk@thkukuk.de>

        * modules/pam_pwhistory/opasswd.c (save_old_password): Fix typo.

Relevant BUGIDs: debian #326407

Purpose of commit: bugfix

Commit summary:
---------------

2008-11-25  Thorsten Kukuk  <kukuk@thkukuk.de>

        * modules/pam_time/pam_time.c (is_same): Fix check
        of correct string length (debian bug #326407).

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

Fix last commit

Relevant BUGIDs: debian #326407

Purpose of commit: new testcase

Commit summary:
---------------

User entries with "|" don't work as expected.

2008-11-24  Thorsten Kukuk  <kukuk@thkukuk.de>

        * xtests/Makefile.am: Add pam_time1 tests.
        * xtests/tst-pam_time1.c: New test case.
        * xtests/tst-pam_time1.pamd: New.
        * xtests/time.conf: New.
        * xtests/run-xtests.sh: Copy time.conf.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------
2008-11-24  Tomas Mraz <t8m@centrum.cz>

        * modules/pam_cracklib/pam_cracklib.c(pam_sm_chauthtok): Fix leaks
        in error path.
        * modules/pam_env/pam_env.c(_parse_env_file): Remove superfluous
        condition.
        * modules/pam_group/pam_group.c(check_account): Fix leak
        in error path.
        * modules/pam_listfile/pam_listfile.c(pam_sm_authenticate): Fix leak
        in error path.
        * modules/pam_securetty/pam_securetty.c(securetty_perform_check): Remove
        superfluous condition.
        * modules/pam_stress/pam_stress.c(stress_get_password,pam_sm_authenticate):
        Remove superfluous conditions.
        (pam_sm_chauthtok): Fix mistaken && for &.
        * modules/pam_unix/pam_unix_auth.c(pam_sm_authenticate): Remove
        superfluous condition.
        All the problems fixed in this commit were found by Steve Grubb.

Relevant BUGIDs: rhbz#471762

Purpose of commit: new feature

Commit summary:
---------------
2008-11-24  Tomas Mraz <t8m@centrum.cz>

        * libpam/pam_handlers.c (_pam_parse_conf_file): '-' at
        beginning of type token marks silent module.
        (_pam_load_module): Add handler_type parameter. Do not log
        module load error if module is silent.
        (_pam_add_handler): Pass handler_type to _pam_load_module().
        * libpam/pam_private.h: Add PAM_HT_SILENT_MODULE.
        * doc/man/pam.conf-syntax.xml: Document the '-' at beginning
        of type.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------
2008-11-20  Tomas Mraz <t8m@centrum.cz>

        * modules/pam_sepermit/pam_sepermit.c (sepermit_match): Do not
        call sepermit_lock() if sense is deny. Do not crash on NULL seuser
        match.
        (pam_sm_authenticate): Try to call getseuserbyname() even if
        SELinux is disabled.

Relevant BUGIDs:

Purpose of commit: fix

Commit summary:
---------------

Revert wrong commitment

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

2008-11-19  Thorsten Kukuk  <kukuk@thkukuk.de>

        * modules/pam_xauth/pam_xauth.c (pam_sm_open_session):
        Preserve XAUTHLOCALHOSTNAME environment variable.

Relevant BUGIDs:

Purpose of commit: missing part of new feature

Commit summary:
---------------

2008-11-19  Thorsten Kukuk  <kukuk@thkukuk.de>

        * modules/pam_pwhistory/pam_pwhistory.c (pam_sm_chauthtok): Finish
        implementation of type=STRING option.

        * modules/pam_pwhistory/pam_pwhistory.8.xml: Document
        "type=STRING" option.

Relevant BUGIDs:

Purpose of commit:

Commit summary:
---------------

2008-10-27  Thorsten Kukuk  <kukuk@thkukuk.de>

        * doc/man/pam_setcred.3.xml: Document when credentials
        should be deleted.
        * po/ja.po: Fix syntax error.
        * po/de.po: Update translations.
        * po/*.po: Regenerate with pam_tally2 added.

Relevant BUGIDs:

Purpose of commit: translations

Commit summary:
---------------
2008-10-23  Taylon Silmer Lacerda Silva <taylonsilva@gmail.com>

        * po/pt_BR.po: Updated translations.

2008-10-23  Krishna Babu K <kkrothap@redhat.com>

        * po/LINGUAS: New language.
        * po/te.po: New translation to Telugu.

2008-10-23  Manoj Kumar Giri <mgiri@redhat.com>

        * po/or.po: Updated translations.

Relevant BUGIDs:

Purpose of commit: translations

Commit summary:
---------------
2008-10-21  Amitakhya Phukan <aphukan@redhat.com>

        * po/as.po: Updated translations.

2008-10-21  Ondrej Sulek <feonsu@gmail.com>

        * po/sk.po: Updated translations.

2008-10-21  Terry Chuang <tchuang@redhat.com>

        * po/zh_TW.po: Updated translations.

2008-10-21  Kiyoto Hashida <khashida@redhat.com>

        * po/ja.po: Updated translations.

2008-10-21  Francesco Valente <fvalen@redhat.com>

        * po/it.po: Updated translations.

2008-10-21  Peter van Egdom <p.van.egdom@gmail.com>

        * po/nl.po: Updated translations.

Relevant BUGIDs:

Purpose of commit: translations

Commit summary:
---------------
2008-10-20  Ani Peter <apeter@redhat.com>

        * po/ml.po: Updated translations.

Relevant BUGIDs:

Purpose of commit: translations

Commit summary:
---------------
2008-10-20  Pablo Martin-Gomez <pablo.martin-gomez@laposte.net>

        * po/fr.po: Updated translations.

Relevant BUGIDs:

Purpose of commit: translations

Commit summary:
---------------
2008-10-20  Runa Bhattacharjee <runab@redhat.com>

        * po/bn_IN.po: Updated translations.

Relevant BUGIDs:

Purpose of commit: translations

Commit summary:
---------------
2008-10-20  Shankar Prasad <svenkate@redhat.com>

        * po/kn.po: Updated translations.

Relevant BUGIDs:

Purpose of commit: translations

Commit summary:
---------------
2008-10-20  Leah Liu <lliu@redhat.com>

        * po/zh_CN.po: Updated translations.

Relevant BUGIDs:

Purpose of commit: translations

Commit summary:
---------------
2008-10-20  Ondrej Sulek <feonsu@gmail.com>

        * po/LINGUAS: New language.
        * po/sk.po: New translation to Slovak.

Relevant BUGIDs:

Purpose of commit: new feature

Commit summary:
---------------
2008-10-17  Tomas Mraz <t8m@centrum.cz>

        * configure.in: Add modules/pam_tally2/Makefile.
        * doc/sag/Linux-PAM_SAG.xml: Include pam_tally2.xml.
        * doc/sag/pam_tally2.xml: New.
        * libpam/pam_static_modules.h: Add pam_tally2 static struct.
        * modules/Makefile.am: Add pam_tally2 directory.
        * modules/pam_tally2/Makefile.am: New.
        * modules/pam_tally2/README.xml: New.
        * modules/pam_tally2/tallylog.h: New.
        * modules/pam_tally2/pam_tally2.8.xml: New.
        * modules/pam_tally2/pam_tally2.c: New.
        * modules/pam_tally2/pam_tally2_app.c: New.
        * modules/pam_tally2/tst-pam_tally2: New.
        * po/POTFILES.in: Add pam_tally2 sources.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------
2008-10-15  Tomas Mraz <t8m@centrum.cz>

        * modules/pam_keyinit/pam_keyinit.c (kill_keyrings): Save the old
        euid to suid to be able to restore it.

Relevant BUGIDs:

Purpose of commit: translations

Commit summary:
---------------
2008-10-17  Xavier Queralt Mateu <xqueralt@gmail.com>

        * po/ca.po: Updated translations.

Relevant BUGIDs:

Purpose of commit: translations

Commit summary:
---------------
2008-10-15  Piotr Drąg <piotrdrag@gmail.com>

        * po/pl.po: Updated translations.

Relevant BUGIDs:

Purpose of commit: translations

Commit summary:
---------------
Missed from the last commit.

Relevant BUGIDs:

Purpose of commit: translations

Commit summary:
---------------
2008-10-13  Tomas Mraz <t8m@centrum.cz>

        * po/LINGUAS: New languages.
        * po/cs.po: Updated translations.

2008-10-13  Amitakhya Phukan <aphukan@redhat.com>

        * po/as.po: Updated translations.

2008-10-13  Shankar Prasad <svenkate@redhat.com>

        * po/kn.po: Updated translations.

2008-10-13  Sandeep Sheshrao Shedmake <sshedmak@redhat.com>

        * po/mr.po: New translation to Marathi.

2008-10-13  Runa Bhattacharjee <runab@redhat.com>

        * po/bn_IN.po: Updated translations.

2008-10-13  Sharuzzaman Ahmat Raslan <sharuzzaman@gmail.com>

        * po/ms.po: New translation to Malay.

Relevant BUGIDs:

Purpose of commit:

Commit summary:
---------------

2008-10-10  Thorsten Kukuk  <kukuk@thkukuk.de>

        * modules/pam_cracklib/pam_cracklib.c (_pam_unix_approve_pass):
        Remove check for re-used passwords.
        * modules/pam_cracklib/pam_cracklib.8.xml: Remove documentation
        of re-used password check.

Relevant BUGIDs:

Purpose of commit: new feature

Commit summary:
---------------

2008-10-10  Thorsten Kukuk  <kukuk@thkukuk.de>

        * configure.in: add modules/pam_pwhistory/Makefile.
        * doc/sag/Linux-PAM_SAG.xml: Include pam_pwhistory.xml.
        * doc/sag/pam_pwhistory.xml: New.
        * libpam/pam_static_modules.h: Add pam_pwhistory data.
        * modules/Makefile.am: Add pam_pwhistory directory.
        * modules/pam_pwhistory/Makefile.am: New.
        * modules/pam_pwhistory/README.xml: New.
        * modules/pam_pwhistory/opasswd.c: New.
        * modules/pam_pwhistory/opasswd.h: New.
        * modules/pam_pwhistory/pam_pwhistory.8.xml: New.
        * modules/pam_pwhistory/pam_pwhistory.c: New.
        * modules/pam_pwhistory/tst-pam_pwhistory: New.
        * xtests/Makefile.am: New.
        * xtests/run-xtests.sh: New.
        * xtests/tst-pam_pwhistory1.c: New.
        * xtests/tst-pam_pwhistory1.pamd: New.
        * xtests/tst-pam_pwhistory1.sh: New.
        * po/POTFILES.in: Add modules/pam_pwhistory/.
        * po/de.po: Update translations.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

2008-10-02  Thorsten Kukuk  <kukuk@thkukuk.de>

        * po/de.po: Update translations.

Relevant BUGIDs:

Purpose of commit: translations

Commit summary:
---------------
2008-09-30  Manoj Kumar Giri <mgiri@redhat.com>

        * po/or.po: Updated translations.

2008-09-30  Sharuzzaman Ahmat Raslan <sharuzzaman@gmail.com>

        * po/ms.po: New translation to Malay.

2008-09-30  Taylon Silmer Lacerda Silva <taylonsilva@gmail.com>

        * po/pt_BR.po: Updated translations.

2008-09-30  Tomas Mraz <t8m@centrum.cz>

        * po/Linux-pam.pot: Updated strings to translate.
        * po/*.po: Likewise.

Relevant BUGIDs:

Purpose of commit: new feature

Commit summary:
---------------
2008-09-30  Tomas Mraz <t8m@centrum.cz>

        * modules/pam_lastlog/pam_lastlog.8.xml: Document new options
        noupdate and showfailed.
        * modules/pam_lastlog/pam_lastlog.c(pam_parse): Recognize the new
        options.
        (last_login_read): New output parameter lltime. Do not display
        the last login message if it would be empty.
        (last_login_date): New output parameter lltime. Do not write the
        last login info when LASTLOG_UPDATE is not set.
        (last_login_failed): New function to display the last bad login
        attempt from btmp.
        (pam_sm_open_session): Obtain lltime from last_login_date() and
        call last_login_failed() when appropriate.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

2008-09-29  Thorsten Kukuk  <kukuk@thkukuk.de>

        * modules/pam_echo/pam_echo.8.xml: Fix format error.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------
2008-09-25  Tomas Mraz <t8m@centrum.cz>

        * modules/pam_tally/pam_tally.c(get_tally): Fix syslog message.
        (tally_check): Open faillog read only. Close file descriptor.
        Fix typos in messages.

Relevant BUGIDs: http://bugs.debian.org/439268

Purpose of commit: bugfix

Commit summary:
---------------

2008-09-25  Thorsten Kukuk  <kukuk@thkukuk.de>

        * modules/pam_mail/pam_mail.c (report_mail): Fix logic of
        "quiet" option (Patch from Andreas Henriksson <andreas@fatal.se>)

        * modules/pam_mail/pam_mail.8.xml: Fix typo.

Relevant BUGIDs:

Purpose of commit: cleanup

Commit summary:
---------------
2008-09-23  Tomas Mraz <t8m@centrum.cz>

        * modules/pam_limits/limits.conf.5.xml: Comment that rss limit is
        ignored.

Relevant BUGIDs:

Purpose of commit: new feature

Commit summary:
---------------
2008-09-19  Tomas Mraz <t8m@centrum.cz>

        * modules/pam_cracklib/pam_cracklib.8.xml: Fix description
        of the palindrome test. Document new options maxrepeat and
        reject_username.
        * modules/pam_cracklib/pam_cracklib.c(_pam_parse): Parse
        the maxrepeat and reject_username options.
        (password_check): Call the new tests usercheck() and
        consecutive().
        (_pam_unix_approve_pass): Pass user name to the password_check().

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

2008-09-16  Thorsten Kukuk  <kukuk@thkukuk.de>

        * modules/pam_cracklib/pam_cracklib.8.xml: Fix typo.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

2008-09-16  Thorsten Kukuk  <kukuk@thkukuk.de>

        * modules/pam_unix/pam_unix.8.xml: Fix typo.

Relevant BUGIDs:

Purpose of commit: new feature

Commit summary:
---------------

2008-09-03  Thorsten Kukuk  <kukuk@thkukuk.de>

        * modules/pam_exec/pam_exec.c: Expose authtok if requested,
        provide environment variable containing service type.
        * modules/pam_exec/pam_exec.8.xml: Document new option.

Relevant BUGIDs: rhbz#460241

Purpose of commit: bugfix

Commit summary:
---------------
2008-08-29  Tomas Mraz <t8m@centrum.cz>

        * modules/pam_loginuid/pam_loginuid.c(set_loginuid): Uids
        are unsigned.

Relevant BUGIDs:

Purpose of commit: cleanup

Commit summary:
---------------

Remove duplicate entry

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

2008-08-18  Thorsten Kukuk  <kukuk@thkukuk.de>

        * Makefile.am (M4_FILES): Adjust list.

        * modules/pam_access/pam_access.8.xml: Fix module service
        vs. module type.
        * modules/pam_cracklib/pam_cracklib.8.xml: Likewise.
        * modules/pam_debug/pam_debug.8.xml: Likewise.
        * modules/pam_deny/pam_deny.8.xml: Likewise.
        * modules/pam_echo/pam_echo.8.xml: Likewise.
        * modules/pam_env/pam_env.8.xml: Likewise.
        * modules/pam_exec/pam_exec.8.xml: Likewise.
        * modules/pam_faildelay/pam_faildelay.8.xml: Likewise.
        * modules/pam_filter/pam_filter.8.xml: Likewise.
        * modules/pam_ftp/pam_ftp.8.xml: Likewise.
        * modules/pam_group/pam_group.8.xml: Likewise.
        * modules/pam_issue/pam_issue.8.xml: Likewise.
        * modules/pam_keyinit/pam_keyinit.8.xml: Likewise.
        * modules/pam_lastlog/pam_lastlog.8.xml: Likewise.
        * modules/pam_limits/pam_limits.8.xml: Likewise.
        * modules/pam_listfile/pam_listfile.8.xml: Likewise.
        * modules/pam_localuser/pam_localuser.8.xml: Likewise.
        * modules/pam_loginuid/pam_loginuid.8.xml: Likewise.
        * modules/pam_mail/pam_mail.8.xml: Likewise.
        * modules/pam_mkhomedir/pam_mkhomedir.8.xml: Likewise.
        * modules/pam_motd/pam_motd.8.xml: Likewise.
        * modules/pam_namespace/pam_namespace.8.xml: Likewise.
        * modules/pam_nologin/pam_nologin.8.xml: Likewise.
        * modules/pam_permit/pam_permit.8.xml: Likewise.
        * modules/pam_rhosts/pam_rhosts.8.xml: Likewise.
        * modules/pam_rootok/pam_rootok.8.xml: Likewise.
        * modules/pam_securetty/pam_securetty.8.xml: Likewise.
        * modules/pam_selinux/pam_selinux.8.xml: Likewise.
        * modules/pam_sepermit/pam_sepermit.8.xml: Likewise.
        * modules/pam_shells/pam_shells.8.xml: Likewise.
        * modules/pam_succeed_if/pam_succeed_if.8.xml: Likewise.
        * modules/pam_tally/pam_tally.8.xml: Likewise.
        * modules/pam_time/pam_time.8.xml: Likewise.
        * modules/pam_tty_audit/pam_tty_audit.8.xml: Likewise.
        * modules/pam_umask/pam_umask.8.xml: Likewise.
        * modules/pam_unix/pam_unix.8.xml: Likewise.
        * modules/pam_userdb/pam_userdb.8.xml: Likewise.
        * modules/pam_warn/pam_warn.8.xml: Likewise.
        * modules/pam_wheel/pam_wheel.8.xml: Likewise.
        * modules/pam_xauth/pam_xauth.8.xml: Likewise.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

2008-08-01  Thorsten Kukuk  <kukuk@thkukuk.de>

        * configure.in: Add version for gettext, add search path
        for m4 directory, fix handling of --disable-* options.
        Patches from Diego Pettenò <flameeyes@gmail.com>.

        * configure.in: Run autoupdate on it.

Relevant BUGIDs:

Purpose of commit: cleanup

Commit summary:
---------------

2008-08-01  Thorsten Kukuk  <kukuk@thkukuk.de>

        * acincludde.m4: Rename to ...
        * m4/jh_path_xml_catalog.m4: ... this.

        * m4/*.m4: Remove all autoconf m4 files.

Remove old autoconf m4 files from CVS, autogen.sh will now copy current
versions from the system. (Avoid having old buggy versions forever).

Relevant BUGIDs: Ubuntu bug #175686

Purpose of commit: grammar fix

Commit summary:
---------------
2008-07-29  Steve Langasek <vorlon@debian.org>

        * modules/pam_cracklib/pam_cracklib.8.xml: correct a typo,
        "Only he" -> "Only the"

Relevant BUGIDs:

Purpose of commit: bugfix (thread safety)

Commit summary:
---------------
2008-07-28  Steve Langasek <vorlon@debian.org>

        * modules/pam_unix/passverify.c: make save_old_password()
        thread-safe by using pam_modutil_getpwnam() instead of getpwnam()
        * modules/pam_unix/passverify.c, modules/pam_unix/passverify.h,
        modules/pam_unix/pam_unix_passwd.c: add pamh argument to
        save_old_password()

Relevant BUGIDs:

Purpose of commit: cleanup

Commit summary:
---------------
2008-07-28  Steve Langasek <vorlon@debian.org>

        * libpamc/test/regress/test.libpamc.c: use standard u_int8_t
        type instead of __u8, as elsewhere.
        Patch from Roger Leigh <rleigh@debian.org>.

Relevant BUGIDs: Debian bug #488690

Purpose of commit: bugfix

Commit summary:
---------------

2008-07-27  Steve Langasek <vorlon@debian.org>

        * modules/pam_env/environment, modules/pam_env/pam_env.8.xml:
        spelling fix, seperate -> separate

Relevant BUGIDs: Debian bug #470137

Purpose of commit: bugfix

Commit summary:
---------------
2008-07-27  Steve Langasek <vorlon@debian.org>

        * modules/pam_*/pam_*.8.xml: fix up the references to pam.d,
        which is in manpage section 5, not 8.

Relevant BUGIDs: Debian bug #439984

Purpose of commit: bugfix

Commit summary:
---------------
2008-07-26  Steve Langasek  <vorlon@debian.org>

        * modules/pam_env/pam_env.c: Fix module to skip over
        non-alphanumeric variable names, and to handle the case when
        asked to delete a non-existent variable.

Relevant BUGIDs: #1980773

Purpose of commit: bugfix

Commit summary:
---------------
2008-07-13  Tomas Mraz <t8m@centrum.cz>

        * modules/pam_mail/pam_mail.8.xml: Module supports session and
        not account service (#1980773).

Relevant BUGIDs:

Purpose of commit: new feature

Commit summary:
---------------
2008-07-11  Tomas Mraz <t8m@centrum.cz>

        * modules/pam_selinux/pam_selinux.c (config_context): Do not
        ask for the level if use_current_range is set.
        (context_from_env): New function to obtain the context from
        PAM environment variables.
        (pam_sm_open_session): Call context_from_env() if env_params option
        is present. use_current_range now modifies behavior of the
        context_from_env and config_context options.
        * modules/pam_selinux/pam_selinux.8.xml: Describe the env_params
        option. Adjust description of use_current_range option.

Relevant BUGIDs: #2009766

Purpose of commit: bugfix

Commit summary:
---------------
2008-07-11  Tomas Mraz <t8m@centrum.cz>

        * modules/pam_unix/pam_unix_acct.c (_unix_run_verify_binary): Do
        not close the pipe descriptor in borderline case (#2009766)
        * modules/pam_unix/pam_unix_passwd.c (_unix_run_update_binary):
        Likewise.
        * modules/pam_unix/support.c (_unix_run_helper_binary): Likewise.
        * modules/pam_unix/support.h: Define upper limit of fds we will
        attempt to close.

Relevant BUGIDs: 1976310

Purpose of commit: feature

Commit summary:
---------------

2008-07-09  Thorsten Kukuk  <kukuk@thkukuk.de>

        * modules/pam_exec/pam_exec.c (call_exec): Move all variable
        declaration to begin of a block (#1976310).

        * xtests/tst-pam_group1.c (run_test): Move no_grps declaration
        to begin of function (#1976310).

Relevant BUGIDs: 1994330

Purpose of commit: bugfix

Commit summary:
---------------

2008-07-09  Thorsten Kukuk  <kukuk@thkukuk.de>

        * modules/pam_securetty/pam_securetty.8.xml: Replace
        PAM_IGNORE with PAM_USER_UNKNOWN (#1994330)

Relevant BUGIDs:

Purpose of commit: new feature

Commit summary:
---------------

2008-07-09  Thorsten Kukuk  <kukuk@thkukuk.de>

        * modules/pam_tally/pam_tally.c: Add support for silent and
        no_log_info options.
        * modules/pam_tally/pam_tally.8.xml: Document silent and
        no_log_info options.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

2008-07-08  Thorsten Kukuk  <kukuk@thkukuk.de>

        * modules/pam_unix/passverify.c (verify_pwd_hash): Adjust debug
        statement.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

2008-06-22  Thorsten Kukuk  <kukuk@thkukuk.de>

        * modules/pam_unix/unix_chkpwd.c (main): Fix compiling without
        audit support.

        * modules/pam_cracklib/pam_cracklib.8.xml: Fix typo in ucredit
        description (reported by Wayne Pollock <pollock@acm.org>)

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------
2008-06-19  Tomas Mraz <t8m@centrum.cz>

        * modules/pam_succeed_if/pam_succeed_if.c (pam_sm_authenticate):
        Detect configuration errors. Fail on incomplete condition.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------
2008-05-20  Tomas Mraz <t8m@centrum.cz>

        * configure.in: Work correctly with autoconf-2.62.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------
2008-05-19  Tomas Mraz <t8m@centrum.cz>

        * doc/man/pam_getenv.3.xml: Correct the pam_getenv documentation.

        * doc/man/pam_prompt.3.xml: Add missing description.

Relevant BUGIDs:

Purpose of commit: translation

Commit summary:
---------------
2008-05-14  Kjartan Maraas <kmaraas@gnome.org>

        * po/nb.po: Updated translation.

2008-05-14  Sulyok Péter <peti@sulyok.hu>

        * po/hu.po: Updated translation.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------
2008-05-14  Tomas Mraz <t8m@centrum.cz>

        * modules/pam_unix/pam_unix_passwd.c(pam_sm_chauthtok): Unset authtok
        item when password is not approved.
        * modules/pam_unix/support.c(_unix_read_password): UNIX_USE_FIRST_PASS
        is always set when UNIX_AUTHTOK is set, change order of conditions.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------
2008-05-14  Tomas Mraz <t8m@centrum.cz>

        * libpam/pam_modutil_getgrgid.c: Replace hardcoded constant with
        define PWD_LENGTH_SHIFT.
        * libpam/pam_modutil_getgrnam.c: Likewise.
        * libpam/pam_modutil_getpwnam.c: Likewise.
        * libpam/pam_modutil_getpwuid.c: Likewise.
        * libpam/pam_modutil_getspnam.c: Likewise.
        * libpam/pam_modutil_private.h: Adjust values for PWD_ constants.

Relevant BUGIDs:

Purpose of commit: cleanup

Commit summary:
---------------
2008-05-02  Tomas Mraz <t8m@centrum.cz>

        * modules/pam_selinux/pam_selinux.c(query_response): Add handling
        for NULL response.
        (manual_context): Handle failed query_response() properly. Rename
        variable responses to response which is more correct name.
        (config_context): Likewise.
        (pam_sm_open_session): Do not base decision on whether there is a tty.

Relevant BUGIDs: rhbz#443667

Purpose of commit: bugfix

Commit summary:
---------------
2008-04-22  Tomas Mraz <t8m@centrum.cz>

        * modules/pam_selinux/pam_selinux.c(pam_sm_close_sesion): Fix
        regression from the change from 2008-03-20. setexeccon() must be
        called also with NULL prev_context.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

2008-04-21  Thorsten Kukuk  <kukuk@thkukuk.de>

        * modules/pam_access/access.conf.5.xml: Document changed behavior
        of LOCAL keyword.
        * modules/pam_access/pam_access.c: Add from_remote_host to
        struct login_info to change behavior of LOCAL keyword: if
        PAM_RHOST is not set, LOCAL will be true.

Relevant BUGIDs:

Purpose of commit: new feature

Commit summary:
---------------
2008-04-18  Tomas Mraz <t8m@centrum.cz>

        * modules/pam_namespace/pam_namespace.c: New functions
        unprotect_dirs(), cleanup_protect_data(), protect_mount(),
        protect_dir() to protect directory by bind mount.
        (cleanup_data): Renamed to cleanup_polydir_data().
        (parse_create_params): Allow missing specification of mode
        or owner.
        (check_inst_parent): Call protect_dir() on the instance parent
        directory. The directory is created when it doesn't exist.
        (create_polydir): Protect and make the polydir by protect_dir(),
        remove potential races.
        (create_dirs): Renamed to create_instance(), remove call to
        inst_init().
        (ns_setup): Call protect_dir() on the polydir if it already exists.
        Call inst_init() after the polydir is mounted.
        (setup_namespace): Set the namespace protect data to be cleaned up
        on pam_close_session()/pam_end().
        (pam_sm_open_session): Initialize the protect_dirs.
        (pam_sm_close_session): Cleanup namespace protect data.
        * modules/pam_namespace/pam_namespace.h: Define struct for the
        stack of protected dirs.
        * modules/pam_namespace/pam_namespace.8.xml: Document when the
        instance init script is called.
        * modules/pam_namespace/namespace.conf.5.xml: Likewise.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------
2008-04-17  Tomas Mraz <t8m@centrum.cz>

        * modules/pam_sepermit/pam_sepermit.c(sepermit_match): Do not try
        to lock if euid != 0.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------
2008-04-17  Tomas Mraz <t8m@centrum.cz>

        * modules/pam_access/pam_access.c(myhostname): Removed function.
        (user_match): Supply hostname of the machine to the netgroup_match().
        Use hostname from the loginfo instead of calling myhostname().
        (pam_sm_authenticate): Call gethostname() to fill hostname in the
        loginfo.

Relevant BUGIDs:

Purpose of commit: new feature

Commit summary:
---------------
2008-04-16  Tomas Mraz <t8m@centrum.cz>

        * modules/pam_cracklib/pam_cracklib.c(_pam_parse): Recognize also
        try_first_pass and use_first_pass options.
        (pam_sm_chauthtok): Implement the new options.

Relevant BUGIDs:

Purpose of commit: new feature

Commit summary:
---------------
2008-04-16  Tomas Mraz <t8m@centrum.cz>

        * modules/pam_unix/Makefile.am: Link unix_chkpwd with libaudit.

        * modules/pam_unix/unix_chkpwd.c(_audit_log): New function for audit.
        (main): Call _audit_log() when appropriate.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------
2008-04-08  Tomas Mraz <t8m@centrum.cz>

        * libpam/pam_item.c (TRY_SET): Do not set when destination
        is identical to source.
        (pam_set_item): Do not overwrite destination when it
        is identical to source.

Relevant BUGIDs:

Purpose of commit: cleanup

Commit summary:
---------------
2008-04-08  Tomas Mraz <t8m@centrum.cz>

        * modules/pam_xauth/pam_xauth.c(run_coprocess): Avoid multiple
        calls to sysconf() (based on patch by Sami Farin).

Relevant BUGIDs:

Purpose of commit: translation

Commit summary:
---------------
2008-04-07  Miloš Komarčević <kmilos@gmail.com>

        * po/sr.po: New file with translation.
        * po/sr@latin.po: Likewise.
        * po/LINGUAS: Add sr and sr@latin.

Relevant BUGIDs:

Purpose of commit: release

Commit summary:
---------------

Release Version 1.0.0

2008-04-03  Thorsten Kukuk  <kukuk@thkukuk.de>

        * release version 1.0.0

        * configure.in: Set version number to 1.0.0.
        * libpam/Makefile.am: Bump patchlevel of libpam.
        * doc/adg/Linux-PAM_ADG.xml: Update version/date.
        * doc/mwg/Linux-PAM_MWG.xml: Likewise.
        * doc/sag/Linux-PAM_SAG.xml: Likewise.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------
2008-03-31  Dan Walsh <dwalsh@redhat.com>

        * modules/pam_sepermit/pam_sepermit.c(sepermit_lock): Mark lock fd to
        be closed on exec.

Relevant BUGIDs:

Purpose of commit: translations

Commit summary:
---------------
2008-03-25  Leah Liu <lliu@redhat.com>

        * po/zh_CN.po: Updated translation.

Relevant BUGIDs: rhbz#438338, rhbz#438264

Purpose of commit: bugfix

Commit summary:
---------------
2008-03-20  Tomas Mraz <t8m@centrum.cz>

        * modules/pam_namespace/pam_namespace.c(poly_name): Switch to USER
        method only when appropriate.
        (setup_namespace): Do not umount when not mounted with RUSER.

        * modules/pam_selinux/pam_selinux.c(pam_sm_close_session): Call
        freecontext() after the context is logged not before.

Relevant BUGIDs:

Purpose of commit: translation

Commit summary:
---------------
2008-03-18  Canniot Thomas <thomas.canniot@mrtomlinux.org>

        * po/fr.po: Updated translation.

Relevant BUGIDs:

Purpose of commit: translation

Commit summary:
---------------
2008-03-13  Ankit Patel <ankit@redhat.com>

        * po/gu.po: Updated translation.

Relevant BUGIDs:

Purpose of commit: cleanup

Commit summary:
---------------
2008-03-05  Tomas Mraz <t8m@centrum.cz>

        * modules/pam_cracklib/pam_cracklib.c(pam_sm_chauthtok): Avoid
        unnecessary x_strdup() of resp.
        * modules/pam_ftp/pam_ftp(pam_sm_authenticate): Call _pam_overwrite()
        before dropping password resp.

Relevant BUGIDs:

Purpose of commit: cleanup

Commit summary:
---------------
Just cleanup of obsolete translations.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------
2008-03-03  Tomas Mraz <t8m@centrum.cz>

        * libpam/pam_item.c(RESET): Rename to TRY_SET, handle strdup failure.
        (pam_set_item): Use TRY_SET() also for PAM_AUTHTOK and PAM_OLDAUTHTOK.
        Handle allocation failure for PAM_XAUTHDATA.
        (pam_get_user): Return error when conversation returns NULL user.
        Call pam_set_item() instead of RESET().

Relevant BUGIDs:

Purpose of commit: translations

Commit summary:
---------------
2008-03-03  Tomas Mraz <t8m@centrum.cz>

        * modules/pam_selinux/pam_selinux.c: Do not translate syslog messages.
        * po/Linux-PAM.pot: Update.

Relevant BUGIDs:

Purpose of commit: cleanup

Commit summary:
---------------
2008-02-26  Tomas Mraz <t8m@centrum.cz>

        * modules/pam_unix/Makefile.am: Do not link to cracklib.
        * modules/pam_unix/pam_unix_passwd.c(_pam_unix_approve_pass):
        Do not call FascistCheck() from cracklib.

Relevant BUGIDs:

Purpose of commit: translations

Commit summary:
---------------
Updated de translation.

Relevant BUGIDs:

Purpose of commit: translations

Commit summary:
---------------
po/pl.po: Updated translation.

Relevant BUGIDs:

Purpose of commit: translations

Commit summary:
---------------
2008-02-26  Tomas Mraz <t8m@centrum.cz>

        * po/LINUGAS: New languages added.
        * po/es.po: Updated translations.
        * po/fr.po: Likewise.
        * po/it.po: Likewise.
        * po/ja.po: Likewise.
        * po/nl.po: Likewise.
        * po/pl.po: Likewise.
        * po/pt_BR.po: Likewise.
        * po/ru.po: Likewise.
        * po/zh_CN.po: Likewise.
        * po/as.po: New file.
        * po/gu.po: Likewise.
        * po/hi.po: Likewise.
        * po/kn.po: Likewise.
        * po/ko.po: Likewise.
        * po/ml.po: Likewise.
        * po/or.po: Likewise.
        * po/si.po: Likewise.
        * po/ta.po: Likewise.

Relevant BUGIDs: rhbz#433459

Purpose of commit: bugfix

Commit summary:
---------------
2008-02-21  Tomas Mraz <t8m@centrum.cz>

        * libpam/pam_audit.c (_pam_audit_writelog): Silence syslog
        message on non-error return.

        * modules/pam_unix/unix_chkpwd.c (main): Proceed as unprivileged
        user when checking password of another user.
        * modules/pam_unix/unix_update.c: Fix comment.

Relevant BUGIDs:

Purpose of commit: cleanup

Commit summary:
---------------
Rename tst-pam_assemble_line to tst-pam_assemble_line1

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------
2008-02-18  Dmitry V. Levin  <ldv@altlinux.org>

* xtests/Makefile.am (EXTRA_DIST): Add tst-pam_assemble_line.pamd
and tst-pam_assemble_line.sh

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------
2008-02-18  Dmitry V. Levin  <ldv@altlinux.org>

* libpam/pam_handlers.c (_pam_assemble_line): Fix potential
buffer overflow.
* xtests/tst-pam_assemble_line.pamd: New test for
_pam_assemble_line.
* xtests/tst-pam_assemble_line.sh: New script for
tst-pam_assemble_line.
* xtests/Makefile.am (NOSRCTESTS): Add tst-pam_assemble_line.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------
2008-02-18  Dmitry V. Levin  <ldv@altlinux.org>

* modules/pam_exec/pam_exec.c (call_exec): Fix asprintf return
code check.

Relevant BUGIDs:

Purpose of commit: prepare release

Commit summary:
---------------

Missing pieces for a 0.99.10.0 release

2008-02-13  Thorsten Kukuk  <kukuk@thkukuk.de>

        * release version 0.99.10.0

        * configure.in: set version number.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

2008-02-13  Thorsten Kukuk  <kukuk@thkukuk.de>

        * modules/pam_rhosts/Makefile.am: Remove pam_rhosts_auth.
        * modules/pam_rhosts/pam_rhosts_auth.c: Removed.
        * modules/pam_rhosts/tst-pam_rhosts_auth: Removed.

        * modules/pam_namespace/Makefile.am (noinst_HEADERS): Add
        pam_namespace.h.

Relevant BUGIDs:

Purpose of commit: bugfix, new feature

Commit summary:
---------------
2008-02-13  Tomas Mraz  <t8m@centrum.cz>

        * modules/pam_namespace/Makefile.am: Add argv_parse files and namespace.d
        dir.
        * modules/pam_namespace/argv_parse.c: New file.
        * modules/pam_namespace/argv_parse.h: New file.
        * modules/pam_namespace/namespace.conf.5.xml: Document new features.
        * modules/pam_namespace/pam_namespace.8.xml: Likewise.
        * modules/pam_namespace/pam_namespace.h: Use SECURECONF_DIR define.
        Define NAMESPACE_D_DIR and NAMESPACE_D_GLOB. Define new option flags
        and polydir flags.
        (polydir_s): Add rdir, replace exclusive with flags, add init_script,
        owner, group, and mode.
        (instance_data): Add ruser, gid, and ruid.
        * modules/pam_namespace/pam_namespace.c: Remove now unused copy_ent().
        (add_polydir_entry): Add the entry directly, no copy.
        (del_polydir): New function.
        (del_polydir_list): Call del_polydir().
        (expand_variables, parse_create_params, parse_iscript_params,
        parse_method): New functions.
        (process_line): Call expand_variables() on polydir and instance prefix.
        Call argv_parse() instead of strtok_r(). Allocate struct polydir_s on heap.
        (parse_config_file): Parse .conf files from namespace.d dir after
        namespace.conf.
        (form_context): Call getcon() or get_default_context_with_level() when
        appropriate flags are set.
        (poly_name): Handle shared polydir flag.
        (inst_init): Execute non-default init script when specified.
        (create_polydir): New function.
        (create_dirs): Remove the code which checks the polydir. Do not call
        inst_init() when noinit flag is set.
        (ns_setup): Check the polydir and eventually create it if the create flag
        is set.
        (setup_namespace): Use ruser uid from idata. Set the namespace polydir
        pam data only when namespace was set up correctly. Unmount polydir
        based on ruser.
        (get_user_data): New function.
        (pam_sm_open_session): Check for use_current_context and
        use_default_context options. Call get_user_data().
        (pam_sm_close_session): Call get_user_data().

Relevant BUGIDs:

Purpose of commit: new feature

Commit summary:
---------------

2008-02-04  Thorsten Kukuk  <kukuk@thkukuk.de>

        * modules/pam_exec/pam_exec.c: Set PAM environment variables and
        add 'quiet' option.
        * modules/pam_exec/pam_exec.8.xml: Document new behavior.
        Patch from Julien Lecomte <julien@lecomte.at>.

Relevant BUGIDs:

Purpose of commit: bugfixes

Commit summary:
---------------

2008-02-04  Thorsten Kukuk  <kukuk@thkukuk.de>

        * modules/pam_sepermit/Makefile.am: Install config file only
        if we build the module.

        * doc/Makefile.am: Fix build out of source directory.

        * po/POTFILES.in: Add pam_sepermit.c.