aboutsummaryrefslogtreecommitdiff
path: root/modules/pam_env/pam_env.c
Commit message (Collapse)AuthorAgeFilesLines
...
* Relevant BUGIDs:Tomas Mraz2010-10-111-1/+1
| | | | | | | | | | | Purpose of commit: bugfix Commit summary: --------------- 2010-10-11 Tomas Mraz <t8m@centrum.cz> * modules/pam_env/pam_env.c: Change default for user_readenv to 0. * modules/pam_env/pam_env.8.xml: Document the new default for user_readenv.
* Relevant BUGIDs:Dmitry V. Levin2010-10-031-4/+9
| | | | | | | | | | | | | | | | | | | | | Purpose of commit: bugfix Commit summary: --------------- 2010-10-04 Dmitry V. Levin <ldv@altlinux.org> * libpam/pam_modutil_priv.c: New file. * libpam/Makefile.am (libpam_la_SOURCES): Add it. * libpam/include/security/pam_modutil.h (struct pam_modutil_privs, PAM_MODUTIL_DEF_PRIVS, pam_modutil_drop_priv, pam_modutil_regain_priv): New declarations. * libpam/libpam.map (LIBPAM_MODUTIL_1.1.3): New interface. * modules/pam_env/pam_env.c (handle_env): Use new pam_modutil interface. * modules/pam_mail/pam_mail.c (_do_mail): Likewise. * modules/pam_xauth/pam_xauth.c (check_acl, pam_sm_open_session, pam_sm_close_session): Likewise. (pam_sm_open_session): Remove redundant fchown call. Fixes CVE-2010-3430, CVE-2010-3431.
* Relevant BUGIDs:Dmitry V. Levin2010-09-201-3/+2
| | | | | | | | | | | | | | Purpose of commit: cleanup Commit summary: --------------- 2010-09-16 Dmitry V. Levin <ldv@altlinux.org> * modules/pam_env/pam_env.c (handle_env): Use setfsuid() return code. * modules/pam_mail/pam_mail.c (_do_mail): Likewise. * modules/pam_xauth/pam_xauth.c (check_acl, pam_sm_open_session, pam_sm_close_session): Likewise.
* Relevant BUGIDs:Thorsten Kukuk2010-08-131-2/+7
| | | | | | | | | | | | | | | | | | | | | | Purpose of commit: bugfix Commit summary: --------------- 2010-08-12 Thorsten Kukuk <kukuk@thkukuk.de> * modules/pam_mail/pam_mail.c: Check for mail only with user privilegs. * modules/pam_xauth/pam_xauth.c (run_coprocess): Check return value of setgid, setgroups and setuid. * modules/pam_xauth/pam_xauth.c (check_acl): Save errno for later usage. * modules/pam_env/pam_env.c (handle_env): Check if user exists, read local user config only with user privilegs.`
* Relevant BUGIDs:Thorsten Kukuk2009-06-281-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Purpose of commit: bugfix Commit summary: --------------- 2009-06-26 Thorsten Kukuk <kukuk@thkukuk.de> * modules/pam_namespace/Makefile.am: Fix make maintainer-clean, fix docu dependencies. * modules/pam_xauth/Makefile.am: Fix make maintainer-clean. * modules/pam_access/Makefile.am: Likewise. * modules/pam_debug/Makefile.am: Likewise. * modules/pam_deny/Makefile.am: Likewise. * modules/pam_echo/Makefile.am: Likewise. * modules/pam_env/Makefile.am: Likewise. * modules/pam_faildelay/Makefile.am: Likewise. * modules/pam_ftp/Makefile.am: Likewise. * modules/pam_group/Makefile.am: Likewise. * modules/pam_issue/Makefile.am: Likewise. * modules/pam_keyinit/Makefile.am: Likewise. * modules/pam_lastlog/Makefile.am: Likewise. * modules/pam_limits/Makefile.am: Likewise. * modules/pam_listfile/Makefile.am: Likewise. * modules/pam_localuser/Makefile.am: Likewise. * modules/pam_loginuid/Makefile.am: Likewise. * modules/pam_mail/Makefile.am: Likewise. * modules/pam_mkhomedir/Makefile.am: Likewise. * modules/pam_motd/Makefile.am: Likewise. * modules/pam_nologin/Makefile.am: Likewise. * modules/pam_pwhistory/Makefile.am: Likewise. * modules/pam_rhosts/Makefile.am: Likewise. * modules/pam_rootok/Makefile.am: Likewise. * modules/pam_securetty/Makefile.am: Likewise. * modules/pam_shells/Makefile.am: Likewise. * modules/pam_succeed_if/Makefile.am: Likewise. * modules/pam_tally2/Makefile.am: Likewise. * modules/pam_tally/Makefile.am: Likewise. * modules/pam_time/Makefile.am: Likewise. * modules/pam_timestamp/Makefile.am: Likewise. * modules/pam_tty_audit/Makefile.am: Likewise. * modules/pam_umask/Makefile.am: Likewise. * modules/pam_unix/Makefile.am: Likewise. * modules/pam_warn/Makefile.am: Likewise. * modules/pam_wheel/Makefile.am: Likewise. * modules/pam_filter/Makefile.am: Likewise. * configure.in: Make regeneration of docu configureable, rename enable_man to enable_docu. * modules/pam_env/pam_env.c (_pam_parse): Fix typo in debug code. * modules/pam_cracklib/Makefile.am: Don't install docu if module is disabled for building. * modules/pam_userdb/Makefile.am: Likewise.
* Relevant BUGIDs:Thorsten Kukuk2008-12-021-70/+86
| | | | | | | | | | | | | Purpose of commit: new features Commit summary: --------------- 2008-12-02 Thorsten Kukuk <kukuk@thkukuk.de> * modules/pam_env/pam_env.c: Add support for user specific environment file. Based on a patch from Ubuntu. * modules/pam_env/pam_env.8.xml: Document new options.
* Relevant BUGIDs:Tomas Mraz2008-11-241-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | Purpose of commit: bugfix Commit summary: --------------- 2008-11-24 Tomas Mraz <t8m@centrum.cz> * modules/pam_cracklib/pam_cracklib.c(pam_sm_chauthtok): Fix leaks in error path. * modules/pam_env/pam_env.c(_parse_env_file): Remove superfluous condition. * modules/pam_group/pam_group.c(check_account): Fix leak in error path. * modules/pam_listfile/pam_listfile.c(pam_sm_authenticate): Fix leak in error path. * modules/pam_securetty/pam_securetty.c(securetty_perform_check): Remove superfluous condition. * modules/pam_stress/pam_stress.c(stress_get_password,pam_sm_authenticate): Remove superfluous conditions. (pam_sm_chauthtok): Fix mistaken && for &. * modules/pam_unix/pam_unix_auth.c(pam_sm_authenticate): Remove superfluous condition. All the problems fixed in this commit were found by Steve Grubb.
* Relevant BUGIDs:Thorsten Kukuk2008-11-191-86/+64
| | | | | | | | | Purpose of commit: fix Commit summary: --------------- Revert wrong commitment
* Relevant BUGIDs:Thorsten Kukuk2008-11-191-64/+86
| | | | | | | | | | | | | | | Purpose of commit: missing part of new feature Commit summary: --------------- 2008-11-19 Thorsten Kukuk <kukuk@thkukuk.de> * modules/pam_pwhistory/pam_pwhistory.c (pam_sm_chauthtok): Finish implementation of type=STRING option. * modules/pam_pwhistory/pam_pwhistory.8.xml: Document "type=STRING" option.
* Relevant BUGIDs: Debian bug #439984Steve Langasek2008-07-271-2/+15
| | | | | | | | | | | | Purpose of commit: bugfix Commit summary: --------------- 2008-07-26 Steve Langasek <vorlon@debian.org> * modules/pam_env/pam_env.c: Fix module to skip over non-alphanumeric variable names, and to handle the case when asked to delete a non-existent variable.
* Relevant BUGIDs: noneDmitry V. Levin2005-12-121-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | Purpose of commit: cleanup Commit summary: --------------- 2005-12-12 Dmitry V. Levin <ldv@altlinux.org> Cleanup pam_syslog messages. * modules/pam_env/pam_env.c (_expand_arg): Fix compiler warning. * modules/pam_filter/pam_filter.c (set_filter): Append %m specifier to pam_syslog messages where appropriate. * modules/pam_group/pam_group.c (read_field): Likewise. * modules/pam_mkhomedir/pam_mkhomedir.c (make_remark): Remove. (create_homedir): Do not use make_remark() wrapper, call pam_info() directly. Call pam_syslog() right after failed operation and append %m specifier to pam_syslog messages where appropriate. * modules/pam_rhosts/pam_rhosts_auth.c (pam_iruserok): Replace sequence of malloc(), strcpy() and strcat() calls with asprintf(). Append %m specifier to pam_syslog messages where appropriate. * modules/pam_securetty/pam_securetty.c (securetty_perform_check): Append %m specifier to pam_syslog messages where appropriate. * modules/pam_shells/pam_shells.c (perform_check): Likewise.
* Relevant BUGIDs: Debian bugs #330458, #330852Steve Langasek2005-11-061-5/+11
| | | | | | | | | | | Purpose of commit: bugfix Commit summary: --------------- don't treat a missing /etc/environment as a fatal error when attempting to read it, and try to read this file by default; this restores the behavior from Linux-PAM 0.76.
* 2005-10-02 Dmitry V. Levin <ldv@altlinux.org>Dmitry V. Levin2005-10-041-25/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Steve Langasek <vorlon@debian.org> Cleanup gratuitous use of strdup(). Fix "missing argument" checks. * modules/pam_env/pam_env.c (_pam_parse): Add const qualifier to conffile and envfile arguments. Do not use x_strdup() for conffile and envfile initialization. Fix "missing argument" checks. (_parse_config_file): Take conffile argument of type "const char *" instead of "char **". Do not free conffile. (_parse_env_file): Take env_file argument of type "const char *" instead of "char **". Do not free env_file. (pam_sm_setcred): Add const qualifier to conf_file and env_file. Pass conf_file and env_file to _parse_config_file() and _parse_env_file() by value. (pam_sm_open_session): Likewise. * modules/pam_ftp/pam_ftp.c (_pam_parse): Add const qualifier to users argument. Do not use x_strdup() for users initialization. (lookup): Add const qualifier to list argument. (pam_sm_authenticate): Add const qualifier to users argument. * modules/pam_mail/pam_mail.c (_pam_parse): Add const qualifier to maildir argument. Do not use x_strdup() for maildir initialization. Fix "missing argument" check. (get_folder): Take path_mail argument of type "const char *" instead of "char **". Do not free path_mail. (_do_mail): Add const qualifier to path_mail argument. Pass path_mail to get_folder() by value. * modules/pam_motd/pam_motd.c: Include <syslog.h>. (pam_sm_open_session): Add const qualifier to motd_path. Do not use x_strdup() for motd_path initialization. Do not free motd_path. Fix "missing argument" check. Add "unknown option" warning. * modules/pam_userdb/pam_userdb.c (_pam_parse): Add const qualifier to database and cryptmode arguments. Fix "missing argument" checks. (pam_sm_authenticate): Add const qualifier to database and cryptmode. (pam_sm_acct_mgmt): Likewise.
* Relevant BUGIDs:Tomas Mraz2005-09-171-15/+12
| | | | | | | | Purpose of commit: cleanup Commit summary: --------------- Improved logging, code cleanup (by ldv)
* Relevant BUGIDs: noneThorsten Kukuk2005-09-041-42/+36
| | | | | | | | | Purpose of commit: cleanup Commit summary: --------------- Replace _log_err with pam_syslog
* Relevant BUGIDs: noneThorsten Kukuk2005-08-161-25/+21
| | | | | | | | | Purpose of commit: new feature Commit summary: --------------- Big "automake/autoconf/libtool" commit
* Relevant BUGIDs: noneThorsten Kukuk2005-07-201-1/+1
| | | | | | | | | Purpose of commit: cleanup Commit summary: --------------- Rename _pam_aconf.h to config.h.
* Relevant BUGIDs: noneThorsten Kukuk2005-06-091-84/+84
| | | | | | | | | | Purpose of commit: cleanup Commit summary: --------------- Fix all occurrence of dereferencing type-punned pointer will break strict-aliasing rules warnings
* Relevant BUGIDs:Thorsten Kukuk2004-09-151-11/+12
| | | | | | | | | Purpose of commit: Commit summary: --------------- bugfix: Add parts of Steve Grubb's resource leak and other fixes
* Relevant BUGIDs: 473034Andrew G. Morgan2001-11-121-9/+13
| | | | | | | | | Purpose of commit: bugfix Commit summary: --------------- pam_env was only coincidentally parsing environment variables correctly. Bug report from weichangyang of hotmail com.
* Relevant BUGIDs: 435991Andrew G. Morgan2001-10-121-1/+2
| | | | | | | | Purpose of commit: bugfix Commit summary: --------------- use strncpy, and even then remember to nul terminate. Courtesy of Harald Welte.
* Relevant BUGIDs: task 15788, bugs 108297, 117476, 117474Andrew G. Morgan2000-11-191-3/+1
| | | | | | | | | | | | | | Purpose of commit: autoconf support for Linux-PAM Commit summary: --------------- This is a merge of the autoconf support that was developed against a 0-72 branch. [Note, because CVS has some issues, this is actually only 95% of the actual commit. The other files were actually committed when the preparation branch Linux-PAM-0-73pre-autoconf was updated. Hopefully, this will complete the merge.]
* Initial revisionAndrew G. Morgan2000-06-201-0/+839
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-16 10:20:38 +0000