pam_wheel: Use pam_modutil_user_in_group_uid_gid instead of reimplementation

The pam_modutil_user_in_group... functions use getgrouplist to check the membership so they work also in setups with remote services which do not provide group members in struct group. Fixes #297 * modules/pam_wheel/pam_wheel.c (perform_check): Call pam_modutil_user_in_group_uid_gid to do the group check.
author: Tomas Mraz <tmraz@fedoraproject.org> 2020-11-23 10:26:07 +0100
committer: Tomas Mraz <tmraz@fedoraproject.org> 2020-11-24 15:00:58 +0100
commit: 5b7ba35ebfd280c931933fedbf98cb7f4a8846f2 (patch)
tree: 89b6374080adf878b76aa98500a15aa10558a364 /NEWS
parent: 28b8c7045ac8ea4ea080bce02a2df9e3b9e98f06 (diff)
download: pam-5b7ba35ebfd280c931933fedbf98cb7f4a8846f2.tar.gz
pam-5b7ba35ebfd280c931933fedbf98cb7f4a8846f2.tar.bz2
pam-5b7ba35ebfd280c931933fedbf98cb7f4a8846f2.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index bd4bca65..d6e971c9 100644
--- a/NEWS
+++ b/NEWS
@@ -4,6 +4,8 @@ Release 1.5.1
 * pam_unix: fixed CVE-2020-27780 - authentication bypass when an
             user doesn't exist and root password is blank
 * pam_faillock: added nodelay option to not set pam_fail_delay
+* pam_wheel: use pam_modutil_user_in_group to check for the group membership
+             with getgrouplist where it is available
 
 Release 1.5.0
 * Multiple minor bug fixes, portability fixes, and documentation improvements.
author	Tomas Mraz <tmraz@fedoraproject.org>	2020-11-23 10:26:07 +0100
committer	Tomas Mraz <tmraz@fedoraproject.org>	2020-11-24 15:00:58 +0100
commit	5b7ba35ebfd280c931933fedbf98cb7f4a8846f2 (patch)
tree	89b6374080adf878b76aa98500a15aa10558a364 /NEWS
parent	28b8c7045ac8ea4ea080bce02a2df9e3b9e98f06 (diff)
download	pam-5b7ba35ebfd280c931933fedbf98cb7f4a8846f2.tar.gz pam-5b7ba35ebfd280c931933fedbf98cb7f4a8846f2.tar.bz2 pam-5b7ba35ebfd280c931933fedbf98cb7f4a8846f2.zip