aboutsummaryrefslogtreecommitdiff
path: root/configure.ac
Commit message (Collapse)AuthorAgeFilesLines
* Prepare for 1.5.1 releaseDmitry V. Levin2020-11-241-1/+1
| | | | * configure.ac (AC_INIT): Raise version to 1.5.1.
* Prepare for 1.5.0 releaseDmitry V. Levin2020-11-031-1/+1
| | | | | * configure.ac (AC_INIT): Raise version to 1.5.0. * NEWS: Update.
* Remove deprecated pam_tally and pam_tally2 modulesDmitry V. Levin2020-10-291-22/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * ci/run-build-and-tests.sh (DISTCHECK_CONFIGURE_FLAGS): Remove --enable-tally --enable-tally2. * configure.ac: Remove --enable-tally and --enable-tally2 options. (AM_CONDITIONAL): Remove COND_BUILD_PAM_TALLY and COND_BUILD_PAM_TALLY2. (AC_CONFIG_FILES): Remove modules/pam_tally/Makefile and modules/pam_tally2/Makefile. * doc/sag/pam_tally.xml: Remove. * doc/sag/pam_tally2.xml: Likewise. * doc/sag/Linux-PAM_SAG.xml: Do not include pam_tally.xml and pam_tally2.xml. * modules/Makefile.am (MAYBE_PAM_TALLY, MAYBE_PAM_TALLY2): Remove. (SUBDIRS): Remove MAYBE_PAM_TALLY and MAYBE_PAM_TALLY2. * modules/pam_tally/.gitignore: Remove. * modules/pam_tally/Makefile.am: Likewise. * modules/pam_tally/README.xml: Likewise. * modules/pam_tally/faillog.h: Likewise. * modules/pam_tally/pam_tally.8.xml: Likewise. * modules/pam_tally/pam_tally.c: Likewise. * modules/pam_tally/pam_tally_app.c: Likewise. * modules/pam_tally/tst-pam_tally: Likewise. * modules/pam_tally2/.gitignore: Likewise. * modules/pam_tally2/Makefile.am: Likewise. * modules/pam_tally2/README.xml: Likewise. * modules/pam_tally2/pam_tally2.8.xml: Likewise. * modules/pam_tally2/pam_tally2.c: Likewise. * modules/pam_tally2/pam_tally2_app.c: Likewise. * modules/pam_tally2/tallylog.h: Likewise. * modules/pam_tally2/tst-pam_tally2: Likewise. * modules/pam_timestamp/pam_timestamp_check.8.xml: Fix typo by replacing pam_tally with pam_timestamp. * po/POTFILES.in: Remove ./modules/pam_tally/pam_tally_app.c, ./modules/pam_tally/pam_tally.c, ./modules/pam_tally2/pam_tally2_app.c, and ./modules/pam_tally2/pam_tally2.c. * NEWS: Document this change.
* Remove deprecated pam_cracklib moduleDmitry V. Levin2020-10-291-24/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * ci/install-dependencies.sh: Remove libcrack2-dev. * ci/run-build-and-tests.sh (DISTCHECK_CONFIGURE_FLAGS): Remove --enable-cracklib=check. * conf/pam.conf: Remove references to pam_cracklib.so. * configure.ac: Remove --enable-cracklib option. (AC_SUBST): Remove LIBCRACK. (AM_CONDITIONAL): Remove COND_BUILD_PAM_CRACKLIB. (AC_CONFIG_FILES): Remove modules/pam_cracklib/Makefile. * doc/sag/pam_cracklib.xml: Remove. * doc/sag/Linux-PAM_SAG.xml: Do not include pam_cracklib.xml. * modules/Makefile.am (MAYBE_PAM_CRACKLIB): Remove. (SUBDIRS): Remove MAYBE_PAM_CRACKLIB. * modules/pam_cracklib/Makefile.am: Remove. * modules/pam_cracklib/README.xml: Likewise. * modules/pam_cracklib/pam_cracklib.8.xml: Likewise. * modules/pam_cracklib/pam_cracklib.c: Likewise. * modules/pam_cracklib/tst-pam_cracklib: Likewise. * xtests/tst-pam_cracklib1.c: Likewise. * xtests/tst-pam_cracklib1.pamd: Likewise. * xtests/tst-pam_cracklib2.c: Likewise. * xtests/tst-pam_cracklib2.pamd: Likewise. * modules/pam_pwhistory/pam_pwhistory.8.xml: Replace pam_cracklib in examples with pam_passwdqc. * modules/pam_unix/pam_unix.8.xml: Likewise. * po/POTFILES.in: Remove ./modules/pam_cracklib/pam_cracklib.c. * xtests/.gitignore: Remove tst-pam_cracklib1 and tst-pam_cracklib2. * xtests/Makefile.am (EXTRA_DIST): Remove tst-pam_cracklib1.pamd and tst-pam_cracklib2.pamd. (XTESTS): Remove tst-pam_cracklib1 and tst-pam_cracklib2. * NEWS: Document this change.
* Revert "libpam/pam_modutil_sanitize.c: optimize the way to close fds"Tomas Mraz2020-10-201-1/+1
| | | | This reverts commit 1b087edc7f05237bf5eccc405704cd82b848e761.
* configure: add --disable-unix optionDmitry V. Levin2020-08-081-0/+10
| | | | | | | | | | | | Some distributions do not build pam_unix, e.g. ALT uses pam_tcb instead. Add a configure option to disable build of pam_unix so that those who choose not to build pam_unix no longer have to edit modules/Makefile.am file. The default is unchanged, i.e. build of pam_unix is enabled. * configure.ac (AC_ARG_ENABLE): Add unix. (AM_CONDITIONAL): Add COND_BUILD_PAM_UNIX. * modules/Makefile.am [COND_BUILD_PAM_UNIX] (MAYBE_PAM_UNIX): Define. (SUBDIRS): Replace pam_unix with $(COND_BUILD_PAM_UNIX).
* Build all installed executables with -Wl,-z,now if availableDmitry V. Levin2020-08-071-1/+2
| | | | | | | | | This makes them built with full RELRO if -Wl,-z,relro is specified. * m4/ld-z-now.m4: New file. * m4/.gitignore: Add it to exclude list. * configure.ac: Call PAM_LD_Z_NOW. (EXE_LDFLAGS): Append $ZNOW_LDFLAGS.
* build: rename PIE_* AC_SUBST variables to EXE_*Dmitry V. Levin2020-08-071-2/+4
| | | | | | | | | There are going to be other options added to CFLAGS and LDFLAGS of executables made along with modules. * configure.ac (EXE_CFLAGS, EXE_LDFLAGS): New variables initialized from PIE_CFLAGS and PIE_LDFLAGS, respectively. AC_SUBST them instead of PIE_CFLAGS and PIE_LDFLAGS. All users updated.
* configure.ac: rewrite --disable-pie and -fpie/pie checkDmitry V. Levin2020-08-071-28/+34
| | | | | | | * configure.ac: Rewrite -fpie/pie check using AC_LINK_IFELSE to make the code more readable. Add --enable-pie=check support and make it the default, terminate if --enable-pie is specified but -fpie/pie support is not available.
* m4: rewrite __attribute__((unused)) checkDmitry V. Levin2020-08-071-1/+1
| | | | | | | | | Rewrite using AC_CACHE_CHECK to create a more readable autoconf macro. * m4/attribute.m4: New file. * m4/japhar_grep_cflags.m4: Remove. * m4/.gitignore: Replace japhar_grep_cflags.m4 with attribute.m4. * configure.ac: Replace AC_C___ATTRIBUTE__ with PAM_ATTRIBUTE_UNUSED.
* configure.ac: rewrite WARN_CFLAGS initializationDmitry V. Levin2020-08-061-51/+1
| | | | | | | | | | | | | As the old machinery was not prepared for adding compiler options conditionally when the compiler supports them, replace it with a new machinery that implements this. * m4/warnings.m4: New file. * m4/warn_lang_flags.m4: Likewise. * m4/.gitignore: Add exclusions for them. * m4/japhar_grep_cflags.m4 (JAPHAR_GREP_CFLAGS): Remove. * configure.ac: Call pam_WARN_LANG_FLAGS. Remove all uses of JAPHAR_GREP_CFLAGS.
* configure.ac: fix typo in --with-kernel-overflow-uid= option to match its ↵Issam Maghni2020-08-031-1/+1
| | | | documentation
* configure.ac: fix non-portable use of test builtinDmitry V. Levin2020-06-151-9/+6
| | | | | | | | | | Portable code should not assume that test builtin supports == operator. * configure.ac (opt_uidmin, opt_sysuidmin, opt_kerneloverflowuid): Fix initialization. Resolves: https://github.com/linux-pam/linux-pam/issues/241 Fixes: 926d7935e ("pam_usertype: new module to tell if uid is in login.defs ranges")
* configure.ac: fix build failure when crypt() does not require libcryptFabrice Fontaine2020-06-111-1/+5
| | | | | | | | | | | Since commit 522246d20e4cd92fadc2d760228cb7e78cbeb4c5, the build fails if "none required" is returned by AC_SEARCH_LIBS for libcrypt. Resolves: https://github.com/linux-pam/linux-pam/pull/235 Fixes: http://autobuild.buildroot.org/results/92b3dd7c984d2b843ac9aacacd69eec99f28743e Fixes: v1.4.0~228 ("Use cached 'crypt' library result correctly") Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
* Deprecate pam_cracklib, pam_tally, and pam_tally2Dmitry V. Levin2020-05-131-13/+25
| | | | | | | | | | | | | | | | Deprecate pam_cracklib, there are two better alternatives to this obsolete module: pam_passwdqc from passwdqc project and pam_pwquality from libpwquality project. Deprecate pam_tally and pam_tally2 in favour of pam_faillock. * configure.ac: Implement --enable-cracklib=check that enables build of pam_cracklib when libcrack is available. Disable build of pam_cracklib, pam_tally, and pam_tally2 by default. * NEWS: Mention this change. * ci/run-build-and-tests.sh (DISTCHECK_CONFIGURE_FLAGS): Add --enable-tally, --enable-tally2, and --enable-cracklib=check to check build of these deprecated modules.
* pam_faillock: New module for locking after multiple auth failuresTomas Mraz2020-04-301-1/+1
|
* build: rework vendordir substitutionDmitry V. Levin2020-04-281-2/+8
| | | | | | | | | | | | | | | | | | | | | | | Since Make.xml.rules is the only place where XSLTPROC_CUSTOM was used, remove stereotypic definitions from other Makefiles, this way we no longer have to worry about vendordir being used somewhere else in documentation files. Likewise, define VENDORDIR in config.h and remove stereotypic -DVENDORDIR= additions from other Makefiles, this way we no longer have to worry about VENDORDIR being used somewhere else in the code. * configure.ac (AM_CONDITIONAL): Remove HAVE_VENDORDIR. (AC_DEFINE_UNQUOTED): Add VENDORDIR. (AC_SUBST): Remove VENDORDIR, add STRINGPARAM_VENDORDIR. * Make.xml.rules.in: Replace $(XSLTPROC_CUSTOM) with @STRINGPARAM_VENDORDIR@. * doc/man/Makefile.am (XSLTPROC_CUSTOM): Remove. * libpam/Makefile.am [HAVE_VENDORDIR]: Remove. * modules/pam_securetty/Makefile.am [HAVE_VENDORDIR]: Remove. (XSLTPROC_CUSTOM): Remove. * modules/pam_securetty/pam_securetty.c: Move definitions of local macros after config.h to benefit from macros defined there.
* Make.xml.rules: prepare for configure substitutionsDmitry V. Levin2020-04-281-0/+1
| | | | | | | * Make.xml.rules: Rename to ... * Make.xml.rules.in: ... new file. * Makefile.am (EXTRA_DIST): Remove Make.xml.rules. * configure.ac (AC_CONFIG_FILES): Add Make.xml.rules.
* configure: fix dlopen checkDmitry V. Levin2020-04-271-2/+9
| | | | | | * configure.ac: Check for the library providing dlopen using AC_SEARCH_LIBS instead of AC_CHECK_LIB to handle the case when dlopen is a part of libc.
* configure: add --disable-tally and --disable-tally2 optionsDmitry V. Levin2020-04-271-0/+18
| | | | | | | | | * configure.ac (AC_ARG_ENABLE): Add tally and tally2. (AM_CONDITIONAL): Add COND_BUILD_PAM_TALLY and COND_BUILD_PAM_TALLY2. * modules/Makefile.am [COND_BUILD_PAM_TALLY] (MAYBE_PAM_TALLY): Define. [COND_BUILD_PAM_TALLY2] (MAYBE_PAM_TALLY2): Likewise. (SUBDIRS): Replace pam_tally with $(COND_BUILD_PAM_TALLY), pam_tally2 with $(COND_BUILD_PAM_TALLY2).
* build: move pam_selinux and pam_sepermit build conditions to modules/Makefile.amDmitry V. Levin2020-04-261-1/+2
| | | | | | | | | | | | * configure.ac (AM_CONDITIONAL): Replace HAVE_LIBSELINUX with COND_BUILD_PAM_SELINUX and COND_BUILD_PAM_SEPERMIT. * modules/Makefile.am [COND_BUILD_PAM_SELINUX] (MAYBE_PAM_SELINUX): Define. [COND_BUILD_PAM_SEPERMIT] (MAYBE_PAM_SEPERMIT): Likewise. (SUBDIRS): Replace pam_selinux with $(MAYBE_PAM_SELINUX), pam_sepermit with MAYBE_PAM_SEPERMIT. * modules/pam_selinux/Makefile.am: Assume HAVE_LIBSELINUX. * modules/pam_sepermit/Makefile.am: Likewise.
* build: simplify the check for unshare functionDmitry V. Levin2020-04-261-3/+2
| | | | | | | * configure.ac (AC_CHECK_FUNCS): Do not set UNSHARE when checking for unshare function. (COND_BUILD_PAM_NAMESPACE): Check for $ac_cv_func_unshare instead of $UNSHARE.
* build: move pam_namespace build condition to modules/Makefile.amDmitry V. Levin2020-04-261-1/+1
| | | | | | | | | * configure.ac (AM_CONDITIONAL): Replace HAVE_UNSHARE with COND_BUILD_PAM_NAMESPACE. * modules/Makefile.am [COND_BUILD_PAM_NAMESPACE] (MAYBE_PAM_NAMESPACE): Define. (SUBDIRS): Replace pam_namespace with $(MAYBE_PAM_NAMESPACE). * modules/pam_namespace/Makefile.am: Assume HAVE_UNSHARE.
* build: move pam_userdb build condition to modules/Makefile.amDmitry V. Levin2020-04-261-1/+1
| | | | | | | | | * configure.ac (AM_CONDITIONAL): Replace HAVE_LIBDB with COND_BUILD_PAM_USERDB. * modules/Makefile.am [COND_BUILD_PAM_USERDB] (MAYBE_PAM_USERDB): Define. (SUBDIRS): Replace pam_userdb with $(MAYBE_PAM_USERDB). * modules/pam_userdb/Makefile.am: Assume HAVE_LIBDB.
* build: remove unused HAVE_LIBCRACKDmitry V. Levin2020-04-261-3/+0
| | | | * configure.ac (AC_DEFINE): Remove unused HAVE_LIBCRACK.
* build: move pam_cracklib build condition to modules/Makefile.amDmitry V. Levin2020-04-261-1/+1
| | | | | | | | | * configure.ac (AM_CONDITIONAL): Replace HAVE_LIBCRACK with COND_BUILD_PAM_CRACKLIB. * modules/Makefile.am [COND_BUILD_PAM_CRACKLIB] (MAYBE_PAM_CRACKLIB): Define. (SUBDIRS): Replace pam_cracklib with $(MAYBE_PAM_CRACKLIB). * modules/pam_cracklib/Makefile.am: Assume HAVE_LIBCRACK.
* build: remove unused HAVE_KEY_MANAGEMENTDmitry V. Levin2020-04-261-13/+0
| | | | | * configure.ac (AC_DEFINE, AC_SUBST): Remove unused HAVE_KEY_MANAGEMENT. (AC_CHECK_DECL): Remove unused ENOKEY.
* build: move pam_keyinit build condition to modules/Makefile.amDmitry V. Levin2020-04-261-2/+1
| | | | | | | | | * configure.ac (AM_CONDITIONAL): Replace HAVE_KEY_MANAGEMENT with COND_BUILD_PAM_KEYINIT. * modules/Makefile.am [COND_BUILD_PAM_KEYINIT] (MAYBE_PAM_KEYINIT): Define. (SUBDIRS): Replace pam_keyinit with $(MAYBE_PAM_KEYINIT). * modules/pam_keyinit/Makefile.am: Assume HAVE_KEY_MANAGEMENT.
* build: remove unused AC_DEFINE([HAVE_AUDIT_TTY_STATUS])Dmitry V. Levin2020-04-261-2/+0
| | | | * configure.ac (AC_DEFINE): Remove unused HAVE_AUDIT_TTY_STATUS.
* build: move pam_tty_audit build condition to modules/Makefile.amDmitry V. Levin2020-04-261-2/+1
| | | | | | | | | * configure.ac (AM_CONDITIONAL): Replace HAVE_AUDIT_TTY_STATUS with COND_BUILD_PAM_TTY_AUDIT. * modules/Makefile.am [COND_BUILD_PAM_TTY_AUDIT] (MAYBE_PAM_TTY_AUDIT): Define. (SUBDIRS): Replace pam_tty_audit with $(MAYBE_PAM_TTY_AUDIT). * modules/pam_tty_audit/Makefile.am: Assume HAVE_AUDIT_TTY_STATUS.
* configure.ac: sort COND_BUILD_* conditionalsDmitry V. Levin2020-04-261-4/+4
| | | | ... and move them closer to the end of configure.ac.
* build: cleanup: replace "test ! -z" with "test -n"Dmitry V. Levin2020-04-261-9/+9
| | | | * configure.ac: replace "test ! -z" with "test -n".
* pam_setquota: new module to set or modify disk quotas on session startSven Hartge2020-04-171-2/+4
| | | | | | | This makes disk quotas usable with central user databases, such as MySQL or LDAP. Resolves: https://github.com/linux-pam/linux-pam/issues/92
* Fix various typos found using codespell toolDmitry V. Levin2020-03-281-2/+2
|
* configure: implement --enable-Werror optionDmitry V. Levin2020-03-191-1/+12
| | | | | | | | | | When configure is invoked with --enable-Werror option, -Werror compiler option is added to WARN_CFLAGS. This new configure option is intended primarily for CI purposes. * configure.ac (AC_ARG_ENABLE): Add Werror. Forward -Werror to JAPHAR_GREP_CFLAGS.
* Use cached 'crypt' library result correctlyMark Wutzke2020-03-041-1/+1
| | | | | | | | | | | | Configure script incorrectly used a non-cached variable (ac_lib) in the cached code path. This results in no -lcrypt being defined resulting in link errors on a re-build. Update configure.ac to use ac_cv_search_crypt (via ac_res) to setup the correct library arguments. Signed-off-by: Mark Wutzke <mark.wutzke@alliedtelesis.co.nz> Signed-off-by: Chris Packham <chris.packham@alliedtelesis.co.nz>
* Prepare for the 1.4.0 releaseTomas Mraz2020-03-031-1/+1
|
* pam_namespace: secure tmp-inst directoriesTopi Miettinen2020-02-181-0/+1
| | | | | | | | | | | | | | | When using polyinstantiation for /tmp and/or /var/tmp, pam_namespace creates subdirectories with fixed name tmp-inst. These paths should be secured as early as possible to avoid that somehow these directories could created and controlled by for example a malicious user or service. Ship a systemd service, which creates the directories early in boot sequence with correct permissions and ownership. Closes #111. Signed-off-by: Topi Miettinen <toiwoton@gmail.com>
* pam_usertype: new module to tell if uid is in login.defs rangesPavel Březina2020-01-281-0/+22
| | | | | | | | | | | | | | This module will check if the user account type is system or regular based on its uid. To evaluate the condition it will use 0-99 reserved range together with `SYS_UID_MIN` and `SYS_UID_MAX` values from `/etc/login.defs`. If these values are not set, it uses configure-time defaults `--with-sys-uid-min` and `--with-uid-min` (according to `login.defs` man page `SYS_UID_MAX` defaults to `UID_MIN - 1`. This information can be used to skip specific module in pam stack based on the account type. `pam_succeed_if uid < 1000` is used at the moment however it does not reflect changes to `login.defs`.
* configure.ac: add --enable-doc optionFabrice Fontaine2020-01-271-1/+6
| | | | | | | | Allow the user to disable documentation through --disable-doc (enabled by default), this is especially useful when cross-compiling for embedded targets Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
* pam_umask: build-time usergroups option defaultAndreas Henriksson2020-01-101-0/+11
| | | | | | | | | | This change adds a configure option to set the default value of the usergroups option (of the pam_umask module) at build-time. Distributions usually makes the decision if usergroups should be used or not. This allows them to control the built-in default value, without having to ship the value in a config file (cluttering up the view of actually relevant user/system configuration overrides).
* Do not use CFLAGS for warning flags set from configureTomas Mraz2019-12-181-2/+4
| | | | | | | | To be able to set CFLAGS from make command-line but not to lose the warning flags. * configure.ac: Put warning flags to WARN_CFLAGS instead of CFLAGS. * */Makefile.am: Apply WARN_CFLAGS to AM_CFLAGS.
* Fixed missing quotes in configure scriptMarek Černocký2019-09-231-2/+2
|
* Add support for a vendor directory and libeconf (#136)Thorsten Kukuk2019-09-161-0/+17
| | | | | | | | | | With this, it is possible for Linux distributors to store their supplied default configuration files somewhere below /usr, while /etc only contains the changes made by the user. The new option --enable-vendordir defines where Linux-PAM should additional look for pam.d/*, login.defs and securetty if this files are not in /etc. libeconf is a key/value configuration file reading library, which handles the split of configuration files in different locations and merges them transparently for the application.
* libpam/pam_modutil_sanitize.c: optimize the way to close fdsChristophe Besson2019-08-261-1/+1
|
* Fix regressions from the last commits.Tomas Mraz2019-01-041-0/+3
| | | | | | * configure.ac: Test for logwtmp needs -lutil in LIBS. * modules/Makefile.am: Fix indentation of variable assignments causing creation of incorrect Makefile.
* build: ignore pam_lastlog when logwtmp is not available.Yousong Zhou2019-01-041-0/+2
| | | | | | | * configure.ac: check logwtmp and set COND_BUILD_PAM_LASTLOG * modules/pam_lastlog/Makefile.am: check COND_BUILD_PAM_LASTLOG Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* build: ignore pam_rhosts if neither ruserok nor ruserok_af is available.Yousong Zhou2019-01-041-1/+4
| | | | | | | | * configure.ac: check for ruserok and ruserok_af * modules/Makefile.am: ignore pam_rhosts/ if it's disabled * modules/pam_rhosts/pam_rhosts.c: include stdlib.h for malloc and free Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* Release version 1.3.1Thorsten Kukuk2018-05-181-1/+1
|
* Regular links doesn't work with -no-numbering -no-references.Tomas Mraz2016-11-141-1/+1
| | | | * configure.ac: Use elinks instead of links.
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-15 07:50:33 +0000