pam.git - Unnamed repository; edit this file 'description' to name the repository.

	Commit message (Collapse)	Author	Age	Files	Lines
*	pam_faillock: drop duplicate include	Christian Göttsche	2024-02-22	1	-1/+0
\|
*	modules: enclose macro parameter	Christian Göttsche	2024-02-22	1	-1/+1
\|
*	treewide: use asprintf to construct strings	Tobias Stoeckmann	2023-12-19	1	-9/+7
\| \| \| \| \| \| \| \|	The asprintf function is considered as given for current code already. Use it instead of calling malloc + strcpy + strcat manually. Reported-by: Benny Baumann <BenBE@geshi.org> Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
*	faillock: create tallydir before creating tallyfile	Changqing Li	2021-01-27	1	-0/+3
\| \| \| \| \| \| \| \| \| \| \| \| \|	The default tallydir is "/var/run/faillock", and this default tallydir may not exist. Function open may fail as tallydir does not exist when creating the tallyfile. Therefore, faillock will not work well. Fix this problem by creating tallydir before creating tallyfile when the tallydir does not exist. Signed-off-by: Changqing Li <changqing.li@windriver.com>
*	pam_faillock: change /run/faillock/$USER permissions to 0660	ikerexxe	2020-06-17	1	-1/+13
\| \| \| \| \| \| \| \| \|	Nowadays, /run/faillock/$USER files have user:root ownership and 0600 permissions. This forces the process that writes to these files to have CAP_DAC_OVERRIDE capabilites. Just by changing the permissions to 0660 the capability can be removed, which leads to a more secure system. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1661822
*	pam_faillock: New module for locking after multiple auth failures	Tomas Mraz	2020-04-30	1	-0/+161