granicus.if.org Git - linux-pam/log

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

2007-09-27  Thorsten Kukuk  <kukuk@thkukuk.de>

        * xtests/run-xtests.sh: Add support to skip tests.
        * xtests/tst-pam_limits1.c: Skip test if RLIMIT_NICE is not
        defined.

Relevant BUGIDs: Debian bug #331278

Purpose of commit: bugfix/cleanup

Commit summary:
---------------
2007-09-03  Steve Langasek  <vorlon@debian.org>

        * modules/pam_limits/pam_limits.c: remove a number of unnecessary
        string manipulations, including a strncpy() that was acting on
        overlapping memory.

Relevant BUGIDs: Debian bug #1708

Purpose of commit: cleanup (behavior change)

Commit summary:
---------------
2007-09-03  Steve Langasek  <vorlon@debian.org>

        * libpam_misc/misc_conv.c: don't block SIGINT in misc_conv; it's
        perfectly valid to allow the user to interrupt at a prompt.  If
        an application wants prompts to not be interruptable, the
        application should take responsibility for blocking SIGINT.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

2007-09-02  Thorsten Kukuk  <kukuk@thkukuk.de>

        * examples/Makefile.am: Fix usage of LIBADD, LDADD and LDFLAGS.
        * libpam/Makefile.am: Likewise.
        * modules/pam_access/Makefile.am: Likewise.
        * modules/pam_cracklib/Makefile.am: Likewise.
        * modules/pam_debug/Makefile.am: Likewise.
        * modules/pam_deny/Makefile.am: Likewise.
        * modules/pam_echo/Makefile.am: Likewise.
        * modules/pam_env/Makefile.am: Likewise.
        * modules/pam_exec/Makefile.am: Likewise.
        * modules/pam_faildelay/Makefile.am: Likewise.
        * modules/pam_filter/Makefile.am: Likewise.
        * modules/pam_filter/upperLOWER/Makefile.am: Likewise.
        * modules/pam_ftp/Makefile.am: Likewise.
        * modules/pam_group/Makefile.am: Likewise.
        * modules/pam_issue/Makefile.am: Likewise.
        * modules/pam_keyinit/Makefile.am: Likewise.
        * modules/pam_lastlog/Makefile.am: Likewise.
        * modules/pam_limits/Makefile.am: Likewise.
        * modules/pam_listfile/Makefile.am: Likewise.
        * modules/pam_localuser/Makefile.am: Likewise.
        * modules/pam_loginuid/Makefile.am: Likewise.
        * modules/pam_mail/Makefile.am: Likewise.
        * modules/pam_mkhomedir/Makefile.am: Likewise.
        * modules/pam_motd/Makefile.am: Likewise.
        * modules/pam_namespace/Makefile.am: Likewise.
        * modules/pam_nologin/Makefile.am: Likewise.
        * modules/pam_permit/Makefile.am: Likewise.
        * modules/pam_rhosts/Makefile.am: Likewise.
        * modules/pam_rootok/Makefile.am: Likewise.
        * modules/pam_securetty/Makefile.am: Likewise.
        * modules/pam_selinux/Makefile.am: Likewise.
        * modules/pam_shells/Makefile.am: Likewise.
        * modules/pam_stress/Makefile.am: Likewise.
        * modules/pam_succeed_if/Makefile.am: Likewise.
        * modules/pam_tally/Makefile.am: Likewise.
        * modules/pam_time/Makefile.am: Likewise.
        * modules/pam_umask/Makefile.am: Likewise.
        * modules/pam_unix/Makefile.am: Likewise.
        * tests/Makefile.am: Likewise.

Relevant BUGIDs: Debian bug #197080

Purpose of commit: cleanup

Commit summary:
---------------
2007-08-31  Steve Langasek  <vorlon@debian.org>

        * modules/pam_group/group.conf: don't use "games" as an example
        group, on some distros this is a pre-existing group that it would
        be a security hole to give users access to.

Relevant BUGIDs: Debian bugs #95220, #175900

Purpose of commit: bugfix

Commit summary:
---------------
2007-08-30  Steve Langasek  <vorlon@debian.org>

        * modules/pam_unix/support.c, modules/pam_unix/unix_chkpwd.c:
        A wrong username doesn't need to be logged at LOG_ALERT;
        LOG_WARNING should be sufficient.
        Patch from Sam Hartman <hartmans@debian.org>.

Relevant BUGIDs:

Purpose of commit: documentation fix

Commit summary:
---------------

2007-08-30  Thorsten Kukuk  <kukuk@thkukuk.de>

        * modules/pam_limits/limits.conf.5.xml: Document that maxlogins
        is ignored for users with UID 0.

Relevant BUGIDs:

Purpose of commit: cleanup

Commit summary:
---------------
2007-08-30  Steve Langasek  <vorlon@debian.org>

        * modules/pam_cracklib/pam_cracklib.c:
        s/CRACKLIB_DICT/CRACKLIB_DICTS/, for consistency with existing
        #define in pam_unix

Relevant BUGIDs:

Purpose of commit: portability, cleanup

Commit summary:
---------------
2007-08-29  Steve Langasek  <vorlon@debian.org>

        * libpam/pam_modutil_getgrgid.c, libpam/pam_modutil_getgrnam.c,
        libpam/pam_modutil_getpwnam.c, libpam/pam_modutil_getpwuid.c,
        libpam/pam_modutil_getspnam.c: don't use pthread mutexes in libpam
        unnecessarily; this avoids linking problems on non-Linux
        platforms.

Relevant BUGIDs: Debian bug #84428

Purpose of commit: new feature

Commit summary:
---------------
2007-08-29  Steve Langasek  <vorlon@debian.org>

        * modules/pam_listfile/pam_listfile.c, modules/pam_listfile/README,
        modules/pam_listfile/pam_listfile.8,
        modules/pam_listfile/pam_listfile.8.xml: add a 'quiet' option to
        avoid logging errors any time a user is refused service by this
        module.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

2007-08-29  Thorsten Kukuk  <kukuk@thkukuk.de>

        * modules/pam_rhosts/pam_rhosts_auth.c: buflen needs to be size_t.
        (__icheckhost): Cast to int32_t to fix limited range error.

        * modules/pam_cracklib/pam_cracklib.c: Mark cracklib_dictpath
        as const.

Relevant BUGIDs: Debian bug #440019

Purpose of commit: bugfix

Commit summary:
---------------
2007-08-29  Steve Langasek <vorlon@debian.org>

        * modules/pam_rhosts/pam_rhosts_auth.c: getline returns -1 at
        EOF, not 0.  Check accordingly to fix an infinite loop.  Thanks
        to Stephan Springl <springl-rhosts@bfw-online.de> for catching
        this.

Relevant BUGIDs:

Purpose of commit: cleanup

Commit summary:
---------------
2007-08-28  Steve Langasek <vorlon@debian.org>

        * configure.in: call AC_CHECK_HEADERS instead of AC_CHECK_HEADER
        for crack.h, so we get a HAVE_CRACK_H define.
        * modules/pam_cracklib/pam_cracklib.c: don't copy around the
        cracklib dictpath into a fixed-width buffer, when we can just
        point at the existing strings; and allow users to override the
        default cracklib path with -DCRACKLIB_DICT, required for
        compatibility with cracklib 2.7.

Relevant BUGIDs: Debian bugs #76119, #165066

Purpose of commit: portability

Commit summary:
---------------
2007-08-27 Steve Langasek <vorlon@debian.org>

* modules/pam_limits/pam_limits.c: when building on non-Linux
systems, give a warning only, not an error; no one seems to
remember why this error was here in the first place, but leave
something in that might still grab the attention of non-Linux
users.
Patch from Michal Suchanek <hramrach_l@centrum.cz>.
* configure.in, modules/pam_rhosts/pam_rhosts_auth.c: check for
the presence of net/if.h before using, required for Hurd
compatibility.
Patch from Igor Khavkine <i_khavki@alcor.concordia.ca>.
* modules/pam_limits/pam_limits.c: conditionalize the use of
RLIMIT_AS, which is not present on the Hurd.
Patch from Igor Khavkine <i_khavki@alcor.concordia.ca>.
* modules/pam_rhosts/pam_rhosts_auth.c: use getline() instead of
a static buffer when available; fixes the build on systems
without MAXHOSTNAMELEN (i.e., the Hurd).
* modules/pam_xauth/pam_xauth.c: make sure PATH_MAX is defined
before using it.

Relevant BUGIDs:

Purpose of commit: minor typo fix

Commit summary:
---------------
Noticed the \[ vs \] documentation error when replying to a user about
jumps in the config syntax.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

2007-08-25  Steve Langasek  <vorlon@debian.org>

        * doc/man/pam.conf-syntax.xml, doc/man/pam.conf.5:
        Document "new" control options conv_again and incomplete, supported
        in pam.d's extended syntax.
        Patch from Ben Collins <bcollins@debian.org>.

Relevant BUGIDs:

Purpose of commit: cleanup

Commit summary:
---------------
2007-08-15  Tomas Mraz  <t8m@centrum.cz>

        * modules/pam_access/pam_access.c (list_match): Add explicit
        sptr argument for strtok_r, otherwise the code is not portable.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------
2007-08-13  Olivier Blin <blino@mandriva.com>

        * doc/man/pam.3.xml: Fix typo.
        * doc/man/pam.3: Likewise.
        * doc/man/pam_end.3.xml: Likewise.
        * doc/man/pam_end.3: Likewise.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

2007-07-18  Thorsten Kukuk  <kukuk@thkukuk.de>

        * release version 0.99.8.1

        * libpam/pam_audit.c: Include unistd.h for getuid().
        * libpam/Makefile.am: Bump version number.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

2007-07-12  Thorsten Kukuk  <kukuk@thkukuk.de>

        * libpam/pam_audit.c (_pam_audit_writelog): Don't return
        error if application runs as normal user. Fixes regression
        introduced with last change.

Relevant BUGIDs:

Purpose of commit: bugfix/new feature

Commit summary:
---------------

2007-07-10  Thorsten Kukuk  <kukuk@thkukuk.de>

        * configure.in: Add --with-db-uniquename option to support
        db libraries and functions with unique name extension.
        Patch from Diego 'Flameeyes' Pettenò <flameeyes@gmail.com>.

        * modules/pam_limits/pam_limits.c: Include locale.h.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

Fix version number

Relevant BUGIDs:

Purpose of commit:  bugfix, release

Commit summary:
---------------

2007-07-06  Thorsten Kukuk  <kukuk@thkukuk.de>

        * release version 0.99.8.0

        * configure.in: Check for audit_log_acct_message instead of
        audit_log_user_message.
        * libpam/pam_audit.c: Use audit_log_acct_message.
        Based on patch from Mark J Cox <mjc@redhat.com>.
        * libpam/Makefile.am: Bump version number of libpam.

        * modules/pam_umask/pam_umask.c (set_umask): mode_t is 32bit,
        not 64bit.

        * xtests/tst-pam_limits1.c: Fix printf arguments.

        * po/*.po: Merge po files with latest code changes.

Relevant BUGIDs:

Purpose of commit:

Commit summary:
---------------

forgot to commit ...

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

2007-06-26  Thorsten Kukuk  <kukuk@thkukuk.de>

        * modules/pam_limits/pam_limits.c (process_limit): Check upper and
        lower limit of nice value, fix off-by-one in conversation to rlim_t.
        * xtests/Makefile.am: Add new pam_limits test case.
        * xtests/limits.conf: New, config file for test case.
        * xtests/pam_limits1.c: New, test case for RLIMIT_NICE.
        * xtests/pam_limits1.sh: Likewise.
        * xtests/pam_limits1.pamd: Likewise.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

2007-06-25  Thorsten Kukuk  <kukuk@thkukuk.de>

        * modules/pam_access/pam_access.c (list_match): Use saveptr of strtok_r
        result for recursive calls.
        * xtests/Makefile.am: Add new pam_access test cases.
        * xtests/pam_access1.c: New test case.
        * xtests/pam_access2.c: Likewise.
        * xtests/pam_access3.c: Likewise.
        * xtests/pam_access4.c: Likewise.
        * xtests/pam_access1.sh: Wrapper to create user accounts.
        * xtests/pam_access2.sh: Likewise.
        * xtests/pam_access3.sh: Likewise.
        * xtests/pam_access4.sh: Likewise.
        * xtests/pam_access1.pamd: PAM config file for pam_access tests.
        * xtests/pam_access2.pamd: Likewise.
        * xtests/pam_access3.pamd: Likewise.
        * xtests/pam_access4.pamd: Likewise.
        * xtests/access.conf: Config file for pam_access tests.
        * xtests/run-tests.sh: Install access.conf into system.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

2007-06-22  Thorsten Kukuk  <kukuk@thkukuk.de>

        * modules/pam_loginuid/pam_loginuid.c (set_loginuid): Print
        better error message if /proc/self/loginuid cannot be opened.

        * modules/pam_limits/pam_limits.c (process_limit): Check for
        variable overflow after multiplication [bnc#283001].

Relevant BUGIDs: 411390

Purpose of commit: new feature

Commit summary:
---------------

2007-06-22  Thorsten Kukuk  <kukuk@thkukuk.de>

        * modules/pam_access/pam_access.c: Add new syntax for groups
        in access.conf to differentiate group names from account names.
        Based on patch from Julien Lecomte <julien@famille-lecomte.net>,
        solves feature request [#411390].
        * modules/pam_access/access.conf: Add example for new group
        syntax.
        * modules/pam_access/access.conf.5.xml: Document new syntax.

Relevant BUGIDs: 1688777

Purpose of commit: new features

Commit summary:
---------------

2007-06-20  Thorsten Kukuk  <kukuk@thkukuk.de>

        * modules/pam_cracklib/pam_cracklib.8.xml: Document new minclass
        option.
        * modules/pam_cracklib/pam_cracklib.c: Add support for minimum
        character classes [#1688777]. Based on patch from Keith Schincke.

        * xtests/tst-pam_cracklib2.c: New, test case for minclass option.
        * xtests/tst-pam_cracklib2.pamd: New, PAM config file for test case.
        * xtests/Makefile.am: Add new testcase.

        * xtests/pam_cracklib.c: Fix comment what this application tests.

        * configure.in: Use /lib64 on x86-64, ppc64, s390x, sparc64

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------
2007-06-15 Tomas Mraz <t8m@centrum.cz>

* configure.in: Check for setkeycreatecon().

Relevant BUGIDs:

Purpose of commit: new feature

Commit summary:
---------------
2007-06-15  Tomas Mraz  <t8m@centrum.cz>

        * modules/pam_selinux/pam_selinux.8.xml: Remove multiple option,
        add select_context and use_current_range options.
        * modules/pam_selinux/pam_selinux.c (send_audit_message): Added
        function for auditing role/level changes.
        (query_response): Add default response.
        (select_context): Removed.
        (manual_context): Query only role and level.
        (mls_range_allowed): Added function for range check.
        (config_context): Added function for role and level override.
        (pam_sm_open_session): Remove multiple option, add select_context
        and use_current_range_options. Use getseuserbyname to obtain
        SELinux user and level. Audit role/level changes. Call setkeycreatecon
        to assign key creation context. Don't fail on errors when SELinux
        is not in enforcing mode.

Relevant BUGIDs:

Purpose of commit: bugfix, new feature

Commit summary:
---------------
2007-06-15  Tomas Mraz  <t8m@centrum.cz>

        * modules/pam_namespace/README.xml: Avoid duplication of
        documentation.
        * modules/pam_namespace/namespace.conf: More real life example
        from MLS support.
        * modules/pam_namespace/namespace.conf.5.xml: Likewise plus
        properly describe how instance directory names are formed.
        * modules/pam_namespace/namespace.init: Preserve euid when
        called from setuid apps (su, newrole).
        * modules/pam_namespace/pam_namespace.8.xml: Added option
        no_unmount_on_close.
        * modules/pam_namespace/pam_namespace.c (process_line): Polyinst
        methods are now user, level and context. Fix crash on unknown
        override user in config file.
        (ns_override): Add explicit uid parameter.
        (form_context): Skip for user method. Implement level based
        polyinstantiation.
        (poly_name): Initialize contexts. Add level based polyinst,
        remove 'both' metod. Use raw contexts for instance names,
        truncate long instance names and add hash.
        (ns_setup): Hashing moved to poly_name().
        (setup_namespace): Handle correctly override users for
        su (when unmnt_remnt is used).
        (pam_sm_close_session): Added no_unmount_on_close option.
        * modules/pam_namespace/pam_namespace.h: Added
        no_unmount_on_close_option, level method, limit on instance
        directory name length.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

2007-05-04  Thorsten Kukuk  <kukuk@suse.de>

        * xtests/run-xtests.sh: Use SRCDIR to find PAM config files.
        * xtests/Makefile.am:Call run-xtests.sh with srcdir as first
        argument.
        Based on patch by Bernard Leak <thisisnotapipe@hotmail.com>.

Relevant BUGIDs:

Purpose of commit: documentation fix

Commit summary:
---------------

2007-04-30  Thorsten Kukuk  <kukuk@thkukuk.de>

        * modules/pam_limits/limits.conf: Address space limit is KB.
        * modules/pam_limits/limits.conf.5.xml: Likewise.
        Reported by Thomas Vander Stichele <thomas@apestaart.org>.

Relevant BUGIDs: 1706247

Purpose of commit: bugfix

Commit summary:
---------------

2007-04-30  Thorsten Kukuk  <kukuk@thkukuk.de>

        * modules/pam_mail/pam_mail.c (_do_mail): Remove duplicate
        check for PAM_SILENT and don't bail out if it is set [#1706247].

Relevant BUGIDs:

Purpose of commit:

Commit summary:
---------------

Fix typos in ChangeLog

Relevant BUGIDs:

Purpose of commit: new feature

Commit summary:
---------------
        * modules/pam_limits/Makefile.am: Define limits.d dir and install it.
        * modules/pam_limits/pam_limits.8.xml: Describe limits.d parsing.
        * modules/pam_limits/pam_limits.c (pam_limit_s): Make conf_file ptr.
        (pam_parse): conf_file is now ptr.
        (pam_sm_open_session): Add parsing files from limits.d subdir using
        glob, change pl to pointer.

Relevant BUGIDs:

Purpose of commit: cleanup

Commit summary:
---------------
2007-03-29  Tomas Mraz  <t8m@centrum.cz>

        * modules/pam_access/pam_access.c (login_access, list_match):
        Replace strtok with strtok_r.
        * modules/pam_cracklib/pam_cracklib.c (check_old_password):
        Likewise.
        * modules/pam_ftp/pam_ftp.c (lookup, pam_authenticate):
        Likewise.
        * modules/pam_unix/pam_unix_passwd.c (check_old_password,
        save_old_password): Likewise.

Relevant BUGIDs:

Purpose of commit: translations

Commit summary:
---------------

2007-03-12  Thorsten Kukuk  <kukuk@thkukuk.de>

        * po/ar.po: New translation.
        * po/ca.po: Likewise.
        * po/da.po: Likewise.
        * po/ru.po: Likewise.
        * po/sv.po: Likewise.
        * po/zu.po: Likewise.
        * po/LINGUAS: Add ar, ca, da, ru, sv, zu

        * po/hu.po: Update translation.

Relevant BUGIDs:

Purpose of commit: cleanup

Commit summary:
---------------
2007-02-21  Tomas Mraz  <t8m@centrum.cz>

        * modules/pam_unix/unix_chkpwd.c (_unix_verify_password): Test for
        allocation failure in bigcrypt().

        * modules/pam_unix/pam_unix_passwd.c (pam_sm_chauthtok): Allow modification
        of '*' password by root.

Relevant BUGIDs:

Purpose of commit: cleanup

Commit summary:
---------------
2007-02-06  Tomas Mraz  <t8m@centrum.cz>

        * modules/pam_loginuid/pam_loginuid.c (set_loginuid): Remove
        debug syslog message when loginuid doesn't exist.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------
2007-02-01  Tomas Mraz  <t8m@centrum.cz>

        * xtests/tst-pam_unix3.c: Fix typos in comments.

        * modules/pam_unix/support.c (_unix_verify_password): Explicitly
        disallow '!' in the beginning of password hash. Treat only
        13 bytes password hash specifically. (Suggested by Solar Designer.)
        Fix a warning and test for allocation failure.
        * modules/pam_unix/unix_chkpwd.c (_unix_verify_password): Likewise.

Relevant BUGIDs:

Purpose of commit: new feature

Commit summary:
---------------

2007-01-31  Thorsten Kukuk  <kukuk@thkukuk.de>

        * xtests/Makefile.am: Add new pam_unix.so tests
        * xtests/run-xtests.sh: Prefer shell scripts (wrapper)
        over binaries.
        * xtests/tst-pam_cracklib1.c: Fix typo.
        * xtests/tst-pam_unix1.c: New, for sucurity fix.
        * xtests/tst-pam_unix1.pamd: New.
        * xtests/tst-pam_unix1.sh: New.
        * xtests/tst-pam_unix2.c: New, for crypt checks.
        * xtests/tst-pam_unix2.pamd: New.
        * xtests/tst-pam_unix2.sh: New.
        * xtests/tst-pam_unix3.c: New, for bigcrypt checks.
        * xtests/tst-pam_unix3.pamd: New.
        * xtests/tst-pam_unix3.sh: New.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

2007-01-23  Thorsten Kukuk  <kukuk@suse.de>

        * release 0.99.7.1

        * configure.in: Set version number to 0.99.7.1

2007-01-23  Thorsten Kukuk  <kukuk@thukuk.de>
            Tomas Mraz  <t2m@centrum.cz>

        * modules/pam_unix/support.c (_unix_verify_password): Always
        compare full encrypted passwords.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------
2007-01-23  Tomas Mraz  <t8m@centrum.cz>

        * modules/pam_loginuid/Makefile.am (AM_LDFLAGS): Add LIBAUDIT.

        * modules/pam_selinux/Makefile.am (pam_selinux_check_LDFLAGS): Add
        AM_LDFLAGS.
        (pam_selinux_la_LDFLAGS): Likewise.

Relevant BUGIDs:

Purpose of commit: release

Commit summary:
---------------

2007-01-17  Thorsten Kukuk  <kukuk@thkukuk.de>

        * release 0.99.7.0

        * configure.in: Set version number to 0.99.7.0

        * Makefile.am (M4_FILES): Replace GNU make extension by listing
        all m4 files.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------
2007-07-17  Tomas Mraz  <t8m@centrum.cz>

        * po/*.po: Updated strings to translate.
        * po/Linux-PAM.pot: Likewise.

Relevant BUGIDs:

Purpose of commit: new feature

Commit summary:
---------------

2007-07-16  Thorsten Kukuk  <kukuk@thkukuk.de>

        * doc/man/pam.conf-syntax.xml: Improve documentation about
        sufficient keyword (Patch by Petteri Räty <betelgeuse@gentoo.org>)

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

Don't be more restrictive than useradd for account names:

2006-12-20  Thorsten Kukuk  <kukuk@thkukuk.de>

        * modules/pam_unix/pam_unix_passwd.c (pam_sm_chauthtok): Forbid
        only '+' and '-' as first characters for account names.
        * modules/pam_unix/pam_unix_auth.c (pam_sm_authenticate): Likewise.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------
2006-12-18  Tomas Mraz  <t8m@centrum.cz>

        * modules/pam_keyinit/pam_keyinit.c (kill_keyrings): Switch to new
        egid first, euid next. Revert euid/egid to old euid/egid and not
        ruid/rgid.
        (pam_sm_open_session): Switch to new rgid first, ruid next.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------
Truncated passwords in shadow do not make sense for other variants than bigcrypt.

2006-12-18  Tomas Mraz  <t8m@centrum.cz>

        * modules/pam_unix/support.c (_unix_verify_password): Use strncmp
        only for bigcrypt result.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

2006-12-18  Thorsten Kukuk  <kukuk@thkukuk.de>

        * configure.in: Fix ENOKEY check (specify errno.h as header
        file to search in).

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

2006-12-18  Thorsten Kukuk  <kukuk@thkukuk.de>

        * configure.in: Add AM_PROG_CC_C_O.
        * libpam/Makefile.am: Add content of AM_LDFLAGS to *_LDFLAGS.
        * modules/pam_tally/Makefile.am: Likewise.
        * modules/pam_unix/Makefile.am: Likewise.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

automake 1.10 ignores AM_LDFLAGS if object specific LDFLAGS are
used, too.

2006-12-18 Thorsten Kukuk <kukuk@thkukuk.de>

* configure.in: Add AM_PROG_CC_C_O.
* libpam/Makefile.am: Add content of AM_LDFLAGS to *_LDFLAGS.
* modules/pam_tally/Makefile.am: Likewise.
* modules/pam_unix/Makefile.am: Likewise.

Relevant BUGIDs:

Purpose of commit: cleanup

Commit summary:
---------------

2006-12-18  Thorsten Kukuk  <kukuk@thkukuk.de>

        * modules/pam_stress/pam_stress.c (pam_sm_chauthtok): Fix
        localisation of message printed to user.
        * po/de.po: Adjust translation.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------
2006-12-18  Tomas Mraz  <t8m@centrum.cz>

        * modules/pam_unix/pam_unix_passwd.c (pam_sm_chauthtok): Localize
        message printed to user.

Relevant BUGIDs: 1606180

Purpose of commit: new feature

Commit summary:
---------------

2006-12-13  Thorsten Kukuk  <kukuk@suse.de>

        * modules/pam_localuser/pam_localuser.c: Add support for session
        and chauthtok [SF#1606180].
        * modules/pam_localuser/pam_localuser.8.xml: Document last change.

        * libpam/pam_audit.c (_pam_audit_writelog): Print error message
        only once.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

2006-12-12  Thorsten Kukuk  <kukuk@thkukuk.de>

        * libpam/pam_audit.c (_pam_audit_writelog): Print error
        message on failure to syslog.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

2006-12-09  Thorsten Kukuk  <kukuk@thkukuk.de>

        * modules/pam_umask/pam_umask.c: Use strtoul instead of strtol,
        fix overflow detection.

Relevant BUGIDs:

Purpose of commit: new feature

Commit summary:
---------------

2006-12-06  Thorsten Kukuk  <kukuk@thkukuk.de>

        * modules/pam_faildelay/pam_faildelay.c: If no argument is
        given, try to read FAIL_DELAY from /etc/login.defs.
        * modules/pam_faildelay/pam_faildelay.8.xml: Document usage
        of /etc/login.defs.

Relevant BUGIDs: 1591598

Purpose of commit: bugfix

Commit summary:
---------------

2006-12-06  Thorsten Kukuk  <kukuk@thkukuk.de>

        * modules/pam_mkhomedir/pam_mkhomedir.c (rec_mkdir): Fix
        handling of left-most path component [SF#1591598].
        (create_homedir): Mark user visible messages for translation.
        * po/de.po: Adjust german translation for pam_mkhomedir.

Relevant BUGIDs: rhbz #211438

Purpose of commit: bugfix

Commit summary:
---------------
2006-12-04  Tomas Mraz <t8m@centrun.cz>

        * po/jp.po: Fixed mistake in Password: message (from
        Peng Huang <phuang@redhat.com>).

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

2006-11-28  Thorsten Kukuk  <kukuk@thkukuk.de>

        * po/hu.po: Update hungarian translation (from
        Kalman Kemenczy <kkemenczy@novell.com>).

Relevant BUGIDs:

Purpose of commit: cleanup

Commit summary:
---------------

2006-11-28 Thorsten Kukuk <kukuk@thkukuk.de>

* configure.in: Allow disabling support for cracklib, audit, libdb.

Relevant BUGIDs:

Purpose of commit: cleanup

Commit summary:
---------------

Add new test case to .cvsignore file

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

2006-11-28 Thorsten Kukuk <kukuk@thkukuk.de>

* modules/pam_faildelay/pam_faildelay.8.xml: Correct name of Author.

Relevant BUGIDs:

Purpose of commit: cleanup

Commit summary:
---------------

2006-11-28  Thorsten Kukuk  <kukuk@thkukuk.de>

        * configure.in: Remove --enable-docdir (obsolete by --docdir).
        * doc/Makefile.am: Don't overwrite htmldir.
        * doc/adg/Makefile.am: Use docdir, htmldir and pdfdir.
        * doc/mwg/Makefile.am: Likewise.
        * doc/sag/Makefile.am: Likewise.
        * doc/specs/Makefile.am: Use docdir.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

fix last checkin for "make distcheck"

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

2006-11-28  Thorsten Kukuk  <kukuk@thkukuk.de>

        * tests/tst-pam_set_data.c: New test cases for pam_set_data().
        * tests/Makefile.am: Add pam_set_data test case.

        * libpam/pam_data.c: Add NULL pointer check for module_data_name.
        * libpam/Makefile.am: Bump revision of shared library.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

* po/POTFILES.in: Add pam_faildelay.c and pam_loginuid.c.

Relevant BUGIDs:

Purpose of commit: new feature

Commit summary:
---------------

2006-11-08  Thorsten Kukuk  <kukuk@thkukuk.de>

        * configure.in: Add modules/pam_faildelay/Makefile.
        * doc/sag/Linux-PAM_SAG.xml: Include pam_faildelay.xml.
        * doc/sag/pam_faildelay.xml: New.
        * libpam/pam_static_modules.h: Include static pam_faildelay data.
        * modules/Makefile.am: Add pam_faildelay directory.
        * modules/pam_faildelay/Makefile.am: New.
        * modules/pam_faildelay/README: New, generated from XML file.
        * modules/pam_faildelay/README.xml: New.
        * modules/pam_faildelay/pam_faildelay.8: New, generated from xml.
        * modules/pam_faildelay/pam_faildelay.8.xml: New.
        * modules/pam_faildelay/pam_faildelay.c: New.
        * modules/pam_faildelay/tst-pam_faildelay: New.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

2006-11-07  Thorsten Kukuk  <kukuk@thkukuk.de>

        * modules/pam_cracklib/pam_cracklib.c: PAM_DEBUG_ARG
        is a bit mask and not a boolean value (Reported by
        Jochen Voss <voss@seehuhn.de>).

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

2006-10-26 Thorsten Kukuk <kukuk@thkukuk.de>

* modules/pam_motd/pam_motd.8.xml: Fix typo.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

2006-10-26 Thorsten Kukuk <kukuk@thkukuk.de>

* doc/man/pam.3.xml: Add pam_get_user function.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

2006-10-24  Thorsten Kukuk  <kukuk@thkukuk.de>

        * modules/pam_namespace/pam_namespace.c: Reserve space for
        trailing zero.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

2006-10-24  Thorsten Kukuk  <kukuk@thkukuk.de>

        * modules/pam_unix/support.c (_unix_verify_password): Try system
        crypt() if we don't know the hash alogorithm.
        * modules/pam_unix/unix_chkpwd.c (_unix_verify_password): Likewise.

Relevant BUGIDs:

Purpose of commit: cleanup

Commit summary:
---------------
2006-10-13  Tomas Mraz <t8m@centrum.cz>

        * doc/sag/Linux-PAM_SAG.xml: Add id to book.
        * doc/adg/Linux-PAM_ADG.xml: Add id to book.
        * doc/mwg/Linux-PAM_MWG.xml: Add id to book.

Relevant BUGIDs:

Purpose of commit: cleanup

Commit summary:
---------------
2006-10-13  Tomas Mraz <t8m@centrum.cz>

        * doc/mwg/Linux-PAM_MWG.xml: Add id[s] to section[s].
        * doc/sag/pam_access.xml: Likewise.
        * doc/sag/pam_echo.xml: Likewise.
        * doc/sag/pam_env.xml: Likewise.
        * doc/sag/pam_exec.xml: Likewise.
        * doc/sag/pam_group.xml: Likewise.
        * doc/sag/pam_limits.xml: Likewise.
        * doc/sag/pam_namespace.xml: Likewise.
        * doc/sag/pam_time.xml: Likewise.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

2006-10-07  Thorsten Kukuk  <kukuk@suse.de>

        * po/hu.po: Updated hungarian translation (from
        Kalman Kemenczy <kkemenczy@novell.com>)

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

Fix typo.

Relevant BUGIDs:

Purpose of commit: new feature/bugfix

Commit summary:
---------------

2006-09-20  Thorsten Kukuk  <kukuk@thkukuk.de>

        * doc/adg/Makefile.am: Add manual pages as dependency.
        * doc/mwg/Makefile.am: Likewise.
        * doc/sag/Makefile.am: Likewise.
        * doc/sag/Linux-PAM_SAG.xml: Include pam_unix.xml.
        * doc/sag/pam_unix.xml: New.
        * modules/pam_unix/Makefile.am: Generate pam_unix.8 manual page.
        * modules/pam_unix/README.xml: New.
        * modules/pam_unix/pam_unix.8.xml: New.
        * modules/pam_unix/README: Regenerate from XML.
        * modules/pam_unix/pam_unix.8: Generated from XML.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

2006-09-09 Dmitry V. Levin <ldv@altlinux.org>

* modules/pam_wheel/pam_wheel.8.xml: Fix typo.
* modules/pam_wheel/pam_wheel.8: Likewise.
* modules/pam_wheel/README: Likewise.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

2006-09-08 Thorsten Kukuk <kukuk@thkukuk.de>

* po/de.po: Fix typo.

Relevant BUGIDs:

Purpose of commit: release

Commit summary:
---------------

Prepare release of Version 0.99.6.3

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

2006-09-01 Thorsten Kukuk <kukuk@thkukuk.de>

* modules/pam_loginuid/pam_loginuid.8.xml: Fix typo in
config name.

Relevant BUGIDs:

Purpose of commit: new feature

Commit summary:
---------------

2006-08-31  Thorsten Kukuk  <kukuk@thkukuk.de>

        * modules/pam_env/environment: New, dummy environment example
        config file.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

Fix some bugs on older distributions

2006-08-31  Thorsten Kukuk  <kukuk@thkukuk.de>

        * modules/pam_namespace/Makefile.am: Don't install
        manual page if we don't build module.

        * m4/ld-as-needed.m4: Don't set LDFLAGS if check failed.
        * m4/ld-O1: Likewise.

Relevant BUGIDs:

Purpose of commit: new feature

Commit summary:
---------------
2006-08-30  Tomas Mraz  <t8m@centrum.cz>

        * modules/pam_access/pam_access.8.xml: All services supported.
        * modules/pam_access/pam_access.c (pam_sm_open_session): New.
        (pam_sm_close_session): New.
        (pam_sm_chauthtok): New.

        * modules/pam_access/pam_succeed_if.8.xml: All services supported.
        * modules/pam_access/pam_succeed_if.c (pam_sm_setcred): Return
        PAM_IGNORE rather than success.
        (pam_sm_open_session): New.
        (pam_sm_close_session): New.
        (pam_sm_chauthtok): New.

Relevant BUGIDs:

Purpose of commit: cleanup/bugfix

Commit summary:
---------------

2006-08-30  Thorsten Kukuk  <kukuk@thkukuk.de>

        * xtests/Makefile.am: Move shell code to execute tests from here ...
        * xtests/run-xtests.sh: ... to here.
        * xtests/*.c: Include config.h.
        * tests/*.c: Likewise.

Relevant BUGIDs:

Purpose of commit: cleanup

Commit summary:
---------------

2006-08-30  Thorsten Kukuk  <kukuk@thkukuk.de>

        * modules/pam_namespace/pam_namespace.c: Use pam_modutil_getpwnam()
        instead of getpwnam().

Relevant BUGIDs:

Purpose of commit: new feature

Commit summary:
---------------

As discussed with Tomas I'm adding the pam_loginuid module from RH
to make the SELinux/Audit stack complete:

2006-08-29  Thorsten Kukuk  <kukuk@thkukuk.de>

        * doc/sag/pam_loginuid.xml: New.
        * doc/sag/Linux-PAM_SAG.xml: Include pam_loginuid.xml.

        * configure.in: Add modules/pam_loginuid/Makefile.
        * modules/Makefile.am: Add pam_loginuid sub directory.

        * libpam/pam_static_modules.h: Add pam_loginuid.

        * modules/pam_loginuid/Makefile.am: New.
        * modules/pam_loginuid/tst-pam_loginuid: New.
        * modules/pam_loginuid/pam_loginuid.8.xml: New.
        * modules/pam_loginuid/pam_loginuid.8: New, generated from XML source.
        * modules/pam_loginuid/pam_loginuid.c: New.
        * modules/pam_loginuid/README.xml: New.
        * modules/pam_loginuid/README: New, generated from XML source.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

2006-08-29 Dmitry V. Levin <ldv@altlinux.org>

* modules/pam_exec/pam_exec.c (call_exec): Add required third
argument to open() call with O_CREAT flag set.

Relevant BUGIDs:

Purpose of commit: cleanup

Commit summary:
---------------

2006-08-28  Thorsten Kukuk  <kukuk@thkukuk.de>

        * modules/pam_cracklib/pam_cracklib.c (pam_sm_chauthtok): Remove
        duplicate code.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

Of course, it should be LOG_WARNING and not LOG_WARN ...

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

2006-08-24  Thorsten Kukuk  <kukuk@thkukuk.de>

        * release version 0.99.6.2

        * modules/pam_lastlog/pam_lastlog.c (last_login_date): Create
        lastlog file if it does not exist.

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

2006-08-24  Thorsten Kukuk  <kukuk@thkukuk.de>

        * modules/pam_cracklib/pam_cracklib.c (pam_sm_chauthtok): Check
        for error from getting second token.
        * xtests/Makefile.am: Add tst-pam_cracklib1
        * xtests/tst-pam_cracklib1.c: New, check for pam_cracklib seg.fault.
        * xtests/tst-pam_cracklib1.pamd: New, config for cracklib test.

Relevant BUGIDs:

Purpose of commit: new feature

Commit summary:
---------------

Add test for [...] control sequences.

2006-08-24  Thorsten Kukuk  <kukuk@thkukuk.de>

        * xtests/tst-pam_dispatch4.c: New test.
        * xtests/tst-pam_dispatch4.pamd: PAM config for new test.

Relevant BUGIDs:

Purpose of commit:

Commit summary:
---------------

Prepare 0.99.6.1 release

Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------
2006-08-09  David Howells  <dhowells@redhat.com>

        * modules/pam_keyinit/pam_keyinit.c (kill_keyrings): Set real uid
        to user's before revoking.
        (pam_sm_open_session): Remember the uid.