| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
| |
Free the environment variables list via the designated helper
free_string_array() rather than free its elements in a loop, which might
skip some.
|
| |
|
|
|
| |
On failure the content of the string pointer passed to asprintf(3) is
undefined. Set to NULL before free'ing the parent array.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The struct utmp from glibc uses on many 64bit architectures a 32bit
time_t for compatibility with a 32bit userland, which means utmp will
not survive the year 2038 (32bit time_t overflow). Use the data from
logind instead of utmp.
* configure.ac: Add option --enable-logind
* modules/pam_issue/Makefile.am: Add CFLAGS/LIBS for logind support
* modules/pam_issue/pam_issue.c: Use sd_get_sessions instead of utmp
* modules/pam_timestamp/Makefile.am: Add CFLAGS/LIBS for logind support
* modules/pam_timestamp/pam_timestamp.c: query logind for login time
|
| |
|
|
|
|
| |
Currently translated at 16.8% (17 of 101 strings).
Translate-URL: https://translate.fedoraproject.org/projects/linux-pam/master/sl/
|
| |
|
|
|
|
| |
Currently translated at 100.0% (101 of 101 strings).
Translate-URL: https://translate.fedoraproject.org/projects/linux-pam/master/he/
|
| |
|
|
|
|
|
|
|
|
| |
Make /usr/lib/pam.d and <vendordir>/pam.d more visible in the standard
manual pages, so that people don't assume there is only /etc/pam.d
* doc/man/pam.8.xml: Don't always speak about /etc/pam.d only
* doc/man/pam.conf-desc.xml: Don't always speak about /etc/pam.d only
* doc/man/pam.conf-dir.xml: Explain search path for pam config files
* doc/man/pam.conf.5.xml: Add filelist with all pam.d directories
|
| |
|
|
|
|
|
|
|
|
|
|
| |
pam_lastlog uses utmp, wtmp, btmp and lastlog. None of them is Y2038
safe, even on 64bit architectures. Most 64bit architectures use 32bit
time_t for compat reasons with 32bit userland.
Additionally, all relevant tools for which pam_lastlog would make sense
already have their own support for all four files, so this module will
most likely only create duplicate entries.
* configure.ac: don't build pam_lastlog by default.
* ci/run-build-and-tests.sh: enable pam_lastlog.
|
| |
|
|
|
|
|
|
|
| |
utmp uses 32bit time_t for compatibility with 32bit userland on some
64bit systems and is thus not Y2038 safe. Use getlogin() from libc
which avoids using utmp and is more safe than the old utmp-based
implementation by using /proc/self/loginuid.
* libpam/pam_modutil_getlogin.c: Use getlogin() instead of parsing utmp
|
| |
|
|
|
|
| |
Currently translated at 100.0% (101 of 101 strings).
Translate-URL: https://translate.fedoraproject.org/projects/linux-pam/master/cs/
|
| |
|
|
|
|
| |
Currently translated at 100.0% (101 of 101 strings).
Translate-URL: https://translate.fedoraproject.org/projects/linux-pam/master/ko/
|
| |
|
|
|
|
| |
Currently translated at 100.0% (101 of 101 strings).
Translate-URL: https://translate.fedoraproject.org/projects/linux-pam/master/hr/
|
| |
|
|
|
|
| |
Currently translated at 100.0% (101 of 101 strings).
Translate-URL: https://translate.fedoraproject.org/projects/linux-pam/master/kk/
|
| |
|
|
|
|
| |
Currently translated at 100.0% (101 of 101 strings).
Translate-URL: https://translate.fedoraproject.org/projects/linux-pam/master/de/
|
| |
|
|
|
|
| |
Currently translated at 100.0% (101 of 101 strings).
Translate-URL: https://translate.fedoraproject.org/projects/linux-pam/master/sv/
|
| |
|
|
|
|
| |
Currently translated at 100.0% (101 of 101 strings).
Translate-URL: https://translate.fedoraproject.org/projects/linux-pam/master/fi/
|
| |
|
|
|
|
| |
Currently translated at 100.0% (101 of 101 strings).
Translate-URL: https://translate.fedoraproject.org/projects/linux-pam/master/uk/
|
| |
|
|
|
|
| |
Currently translated at 100.0% (101 of 101 strings).
Translate-URL: https://translate.fedoraproject.org/projects/linux-pam/master/tr/
|
| |
|
|
|
|
| |
Currently translated at 100.0% (101 of 101 strings).
Translate-URL: https://translate.fedoraproject.org/projects/linux-pam/master/pl/
|
| |
|
|
|
|
| |
Currently translated at 100.0% (101 of 101 strings).
Translate-URL: https://translate.fedoraproject.org/projects/linux-pam/master/ko/
|
| |
|
|
|
|
| |
Currently translated at 100.0% (101 of 101 strings).
Translate-URL: https://translate.fedoraproject.org/projects/linux-pam/master/ka/
|
| |
|
|
|
|
|
|
|
| |
Otherwise the corresponding files are still installed in /etc/security.
* configure.ac (AC_SUBST): Add VENDOR_SCONFIGDIR.
(AM_CONDITIONAL): Add HAVE_VENDORDIR.
* modules/*/Makefile.am (secureconfdir): Set to VENDOR_SCONFIGDIR
if HAVE_VENDORDIR has been set, otherwise to SCONFIGDIR.
|
| |
|
|
|
|
|
|
| |
* .github/workflows/ci.yml (clang-14): Change VENDORDIR from /usr/etc to
${prefix}/share/etc, this should help to check that the code no longer
relies on the assumption that VENDORDIR == /usr/etc.
Complements: 0d1c62eb4733 ("ci: make VENDORDIR based on $prefix")
|
| |
|
|
|
|
|
| |
* ci/run-build-and-tests.sh: Accept VENDORDIR that does not start with /.
* .github/workflows/ci.yml (VENDORDIR): Change from /usr/etc to
${prefix}/share/etc, this should help to check that the code no longer
relies on the assumption that VENDORDIR == /usr/etc.
|
| |
|
|
|
|
|
| |
* modules/pam_env/tst-pam_env-retval.c: Include <errno.h> and <libgen.h>.
[VENDORDIR] (dir, dir_usr, dir_usr_etc): Remove.
[VENDORDIR] (mkdir_p, rmdir_p): New functions.
(setup, cleanup) [VENDORDIR]: Use them.
|
| |
|
|
|
|
|
|
| |
* modules/pam_env/tst-pam_env-retval.c: Replace /usr/etc/security with
VENDOR_SCONFIGDIR, /usr/etc with VENDORDIR. Do not define and use
VENDORDIR based variables unless VENDORDIR is defined.
Fixes: 6135c45347b6 ("pam_env: Use vendor specific pam_env.conf and environment as fallback")
|
| |
|
|
|
|
| |
* modules/pam_env/pam_env.conf.5.xml: Replace /usr/etc with %vendordir%.
Fixes: 6135c45347b6 ("pam_env: Use vendor specific pam_env.conf and environment as fallback")
|
| |
|
|
|
|
|
| |
* modules/pam_env/pam_env.c (VENDOR_DEFAULT_ETC_ENVFILE): Assume that
VENDORDIR already includes "/etc".
Fixes: 6135c45347b6 ("pam_env: Use vendor specific pam_env.conf and environment as fallback")
|
| |
|
|
|
|
|
|
|
| |
* configure.ac: Define HAVE_NIS if NIS is enabled.
* modules/pam_unix/Makefile.am: Don't link against yppasswd_xdr.c
if NIS is disabled.
* modules/pam_unix/pam_unix_passwd.c: Don't redefine HAVE_NIS.
Resolves: https://github.com/linux-pam/linux-pam/issues/523
|
| |
|
|
|
|
|
|
| |
* libpam/include/pam_cc_compat.h (DIAG_PUSH_IGNORE_FORMAT_NONLITERAL,
DIAG_POP_IGNORE_FORMAT_NONLITERAL): New macros.
* libpam/pam_handlers.c (_pam_open_config_file): Use them to exempt
usage of format string literals from a constant array.
* m4/warn_lang_flags.m4 (gl_WARN_ADD): Add -Wformat=2.
|
| |
|
|
|
|
| |
* modules/pam_unix/pam_unix_passwd.c: Wrap checks for configure macros
into defined() operator.
* m4/warn_lang_flags.m4 (gl_WARN_ADD): Add -Wundef.
|
| |
|
|
|
|
|
| |
The current codebase should comply with those.
* m4/warn_lang_flags.m4 (gl_WARN_ADD): Add -Winit-self,
-Wnull-dereference, and -Wunused.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Use the vendor directory defined by --enable-vendordir=DIR configure
option as fallback for the distribution provided default config file
if there is no configuration in /etc.
* modules/pam_pwhistory/pam_pwhistory.8.xml: Describe pwhistory.conf
* modules/pam_pwhistory/pwhistory_config.c [VENDOR_SCONFIGDIR]
(VENDOR_PWHISTORY_DEFAULT_CONF): New macro.
(parse_config_file) [VENDOR_PWHISTORY_DEFAULT_CONF]: Try to open
VENDOR_PWHISTORY_DEFAULT_CONF if PWHISTORY_DEFAULT_CONF file does not
exist.
|
| |
|
|
|
|
| |
* modules/pam_pwhistory/tst-pam_pwhistory-retval.c: New file.
* modules/pam_pwhistory/Makefile.am (TESTS): Add $(check_PROGRAMS).
(check_PROGRAMS, tst_pam_pwhistory_retval_LDADD): New variables.
|
| | |
|
| |
|
|
|
|
|
| |
Regenerate yppasswd.h and yppasswd_xdr.c from yppasswd.x (libnsl) to
avoid GPL code in a PAM module.
Link: https://github.com/thkukuk/libnsl/blob/master/src/rpcsvc/yppasswd.x
|
| |
|
|
|
|
|
|
|
|
| |
Apparently, the PAM_SHL variant cannot be compiled since the very first
commit back in 2005 when it was introduced, and another variant uses
PAM_DYLD which is virtually unknown to search engines.
* libpam/pam_dynamic.c [PAM_SHL || PAM_DYLD]: Remove.
Resolves: https://github.com/linux-pam/linux-pam/issues/477
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
security_getenforce(3) can return -1 on error; either because the
selinuxfs is not mounted or reading from /sys/fs/selinux/enforce failed.
Since security_getenforce(3) is either called after an approving call to
is_selinux_enabled(3) in create_context() or with populated module
data in restore_context(), which requires a previous pass of
create_context(), the selinuxfs should be mounted.
Reading from /sys/fs/selinux/enforce should never fail (except being
prohibited by the SElinux policy itself) since it is a public interface.
In the unlikely case of security_getenforce(3) nevertheless failing
continue execution as if the result was enforcing (likewise to
pam_sepermit and pam_rootok).
|
| |
|
|
|
|
|
|
|
| |
* .github/workflows/ci.yml (gcc12-x86_64, clang14-x86_64,
clang13-x86_64): New jobs.
(gcc11-x86_64-vendordir): Rename to gcc12-x86_64-vendordir,
replace gcc-11 with gcc-12.
(clang12-x86_64-vendordir): Rename to clang14-x86_64-vendordir,
replace clang-12 with clang-14.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Switch runners to the latest Ubuntu LTS available, which is currently
Ubuntu 22.04. Also, remove old compiler versions from the ci matrix.
* .github/workflows/ci.yml (gcc8-x86_64, clang10-x86_64, clang9-x86_64,
clang8-x86_64): Remove.
(gcc11-x86_64-vendordir, gcc11-x86_64, gcc10-x86_64, gcc9-x86_64,
clang12-x86_64-vendordir, clang12-x86_64, clang11-x86_64): Replace
ubuntu-20.04 with ubuntu-latest.
Link: https://github.blog/changelog/2022-11-09-github-actions-ubuntu-latest-workflows-will-use-ubuntu-22-04/
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
clang-14 insists on issuing the following warning:
In file included from md5_good.c:4:
md5.c:92:15: error: passing 1-byte aligned argument to 4-byte aligned parameter 1 of 'byteReverse' may result in an unaligned pointer access [-Werror,-Walign-mismatch]
byteReverse(ctx->in.c, 16);
^
md5.c:101:15: error: passing 1-byte aligned argument to 4-byte aligned parameter 1 of 'byteReverse' may result in an unaligned pointer access [-Werror,-Walign-mismatch]
byteReverse(ctx->in.c, 16);
^
md5.c:136:15: error: passing 1-byte aligned argument to 4-byte aligned parameter 1 of 'byteReverse' may result in an unaligned pointer access [-Werror,-Walign-mismatch]
byteReverse(ctx->in.c, 16);
^
md5.c:145:14: error: passing 1-byte aligned argument to 4-byte aligned parameter 1 of 'byteReverse' may result in an unaligned pointer access [-Werror,-Walign-mismatch]
byteReverse(ctx->in.c, 14);
^
md5.c:151:14: error: passing 1-byte aligned argument to 4-byte aligned parameter 1 of 'byteReverse' may result in an unaligned pointer access [-Werror,-Walign-mismatch]
byteReverse(ctx->buf.c, 4);
^
* modules/pam_unix/md5.c (byteReverse): Use uint32 instead of
uint8_aligned, update all users.
(uint8_aligned): Remove unused type.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
gcc-12 insists on issuing the following warning:
In file included from libpamc.h:13,
from pamc_converse.c:9:
pamc_converse.c: In function 'pamc_converse':
include/security/pam_client.h:129:27: error: array subscript 'struct <anonymous>[0]' is partly outside array bounds of 'unsigned char[6]' [-Werror=array-bounds]
129 | (*(old_p))->control = cntrl; \
| ^~
pamc_converse.c:209:5: note: in expansion of macro 'PAM_BP_RENEW'
209 | PAM_BP_RENEW(prompt_p, PAM_BPC_FAIL, 0);
| ^~~~~~~~~~~~
include/security/pam_client.h:87:29: note: object of size 6 allocated by 'calloc'
87 | # define PAM_BP_CALLOC calloc
| ^
include/security/pam_client.h:124:29: note: in expansion of macro 'PAM_BP_CALLOC'
124 | if ((*(old_p) = PAM_BP_CALLOC(1, 1+__size))) { \
| ^~~~~~~~~~~~~
pamc_converse.c:209:5: note: in expansion of macro 'PAM_BP_RENEW'
209 | PAM_BP_RENEW(prompt_p, PAM_BPC_FAIL, 0);
| ^~~~~~~~~~~~
* libpamc/include/security/pam_client.h (pamc_bp_t): Decorate the
structure pointed by pamc_bp_t pointer as packed. Despite being a part
of the API, the structure is not supposed to be used directly, and all
the interface macros were assuming from the very beginning that this
structure is packed.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
gcc-12 insists on issuing the following warning:
In file included from /usr/include/string.h:535,
from pam_limits.c:24:
In function 'strncat',
inlined from 'check_logins' at pam_limits.c:287:6,
inlined from 'setup_limits' at pam_limits.c:1066:13,
inlined from 'pam_sm_open_session' at pam_limits.c:1267:14:
/usr/include/x86_64-linux-gnu/bits/string_fortified.h:138:10: error: '__builtin___strncat_chk' argument 2 declared attribute 'nonstring' [-Werror=stringop-overread]
138 | return __builtin___strncat_chk (__dest, __src, __len,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
139 | __glibc_objsize (__dest));
| ~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from /usr/include/utmp.h:29,
from pam_limits.c:37:
/usr/include/x86_64-linux-gnu/bits/utmp.h: In function 'pam_sm_open_session':
/usr/include/x86_64-linux-gnu/bits/utmp.h:66:8: note: argument 'ut_user' declared here
66 | char ut_user[UT_NAMESIZE]
| ^~~~~~~
* modules/pam_limits/pam_limits.c (check_logins): Use memcpy instead of
strncat to pacify the compiler.
|
| |
|
|
|
|
|
|
|
|
|
| |
These types of jobs were implemented using the old version of the OS
that is currently being deprecated by github actions.
* .github/workflows/ci.yml (gcc11-x86-vendordir, gcc11-x86, gcc10-x86,
gcc9-x86, gcc8-x86, clang10-x86, clang9-x86, clang8-x86, gcc11-x32,
gcc10-x32, gcc9-x32, gcc8-x32): Remove.
Link: https://github.com/actions/runner-images/issues/6002
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
pam_listfile assumes the group being tested will be written at the end
of the argument list by carrying only a pointer to the value being
examined in 'myval'.
Therefore example
'''
auth required pam_listfile.so \
onerr=succeed apply=ftp item=user sense=deny file=/etc/ftpusers
'''
modified from https://linux.die.net/man/8/pam_listfile is not working because
'apply_val' will point to the latest value of 'myval', which in this case will
be "/etc/ftpusers" instead of "ftp".
Fix this issue by copying the value of 'myval' instead of just taking
a reference pointer.
Signed-off-by: Cyril Duval <cyril.duval@diabolocom.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changed files
--------------
Make.xml.rules.in:
- Using RNG file instead of DTD file for checking XML files.
- Taking the correct stylesheet for README files.
doc/sag/Makefile.am, doc/adg/Makefile.am, doc/mwg/Makefile.am:
- Using RNG file instead of DTD file for checking XML files.
configure.ac:
- Adding a new option for selecting RNG check file (-enable-docbook-rng)
- Switching stylesheets to docbook 5
- Checking DocBook 5 environment instead of DocBook 4 environment
*.xml:
Update from DockBook 4 to DocBook 5
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Use the vendor directory as fallback for a distribution provided default
config if there is no one in /etc.
* Makefile.am: Add libeconf setting.
* pam_env.c: Take care about the fallback configuration in the vendor directory.
* pam_env.8.xml: Add description for the vendor directory.
* pam_env.conf.5.xml: Add description for the vendor directory.
* tst-pam_env-retval.c: Add tests for libeconf.
* configure.ac: Add ECONF settings for building man pages.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
default config if there is no one in /etc.
If pam will be compiled with the option --enable-vendordir=<vendor_dir> and
NOT defined --disable-econf, the files which define valid login shells will
be parsed in following order:
- <vendor_dir>/shells
- <vendor_dir>/shells.d/*
- /etc/shells.d/shells
But all files in <vendor_dir> will be ingnored if the user has defined his
own file /etc/shells.
This commit solves issue: https://github.com/linux-pam/linux-pam/issues/498
|
| |
|
|
| |
Test case for checking pam_authenticate in pam_shells.
|
| |
|
|
|
| |
The XMLS list of xml sources for the manual pages missed some xml files
and instead contained some nroff sources.
|
| |
|
|
|
|
|
|
| |
Check if quote flag is positive before decrementing it. Otherwise, for
some use case, it could become negative, and have an unwanted empty string
instead of an undefined variable.
Signed-off-by: Valentin Lefebvre <valentin.lefebvre@suse.com>
|
