| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
| |
* modules/pam_unix/bigcrypt.c (bigcrypt) [HAVE_CRYPT_R]: Do not leak
cdata if crypt_r() fails.
|
| |
|
|
|
|
|
|
|
|
| |
* modules/pam_limits/limits.conf: Replace "overriden" with "overridden".
* modules/pam_mkhomedir/mkhomedir_helper.c (create_homedir): Replace
"preseves" with "preserves".
* modules/pam_setquota/pam_setquota.8.xml: Replace "specifed" with
"specified".
* modules/pam_setquota/pam_setquota.c (pam_sm_open_session): Replace
"fileystem" with "filesystem", "conditons" with "conditions".
|
| |
|
|
|
|
|
|
|
|
| |
* NEWS: Replace "an user" with "a user".
* modules/pam_faillock/pam_faillock.8.xml: Likewise.
* modules/pam_lastlog/pam_lastlog.8.xml: Likewise.
* modules/pam_limits/pam_limits.c: Likewise.
* modules/pam_sepermit/sepermit.conf: Likewise.
* modules/pam_tty_audit/pam_tty_audit.8.xml: Likewise.
* modules/pam_userdb/pam_userdb.c: Likewise.
|
| |
|
|
|
|
|
|
|
|
|
| |
The pam_modutil_user_in_group... functions use getgrouplist to check
the membership so they work also in setups with remote services which do
not provide group members in struct group.
Fixes #297
* modules/pam_wheel/pam_wheel.c (perform_check): Call pam_modutil_user_in_group_uid_gid
to do the group check.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The commit af0faf66 ("pam_unix: avoid determining if user exists") introduced
a regression where the blank check could return 1 if root had an empty
password hash because in the second case the password hash of root was
used. We now always return 0 in this case.
The issue was found by Johannes Löthberg.
Fixes #284
* modules/pam_unix/support.c (_unix_blankpasswd): Make the loop
to cover the complete blank check so both existing and non existing
cases are identical except for the possible return value.
|
| |
|
|
| |
Fixes #295
|
| |
|
|
|
|
| |
* modules/pam_env/pam_env.8.xml: Add the notice to the manual.
* modules/pam_env/pam_env.c (_pam_parse): Log deprecation warning
if user_readenv is set.
|
| |
|
|
|
|
| |
Fixes #263
* modules/pam_env/pam_env.c (_assemble_line): Do not error out if at feof()
|
| |
|
|
|
| |
modules/pam_ftp/pam_ftp.c: free anon_user before returning as it may be
still in use.
|
| |
|
|
|
| |
modules/pam_faillock/main.c: remove store statement since the value is
only read in the enclosing expression.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* ci/run-build-and-tests.sh (DISTCHECK_CONFIGURE_FLAGS): Remove
--enable-tally --enable-tally2.
* configure.ac: Remove --enable-tally and --enable-tally2 options.
(AM_CONDITIONAL): Remove COND_BUILD_PAM_TALLY and COND_BUILD_PAM_TALLY2.
(AC_CONFIG_FILES): Remove modules/pam_tally/Makefile and
modules/pam_tally2/Makefile.
* doc/sag/pam_tally.xml: Remove.
* doc/sag/pam_tally2.xml: Likewise.
* doc/sag/Linux-PAM_SAG.xml: Do not include pam_tally.xml and
pam_tally2.xml.
* modules/Makefile.am (MAYBE_PAM_TALLY, MAYBE_PAM_TALLY2): Remove.
(SUBDIRS): Remove MAYBE_PAM_TALLY and MAYBE_PAM_TALLY2.
* modules/pam_tally/.gitignore: Remove.
* modules/pam_tally/Makefile.am: Likewise.
* modules/pam_tally/README.xml: Likewise.
* modules/pam_tally/faillog.h: Likewise.
* modules/pam_tally/pam_tally.8.xml: Likewise.
* modules/pam_tally/pam_tally.c: Likewise.
* modules/pam_tally/pam_tally_app.c: Likewise.
* modules/pam_tally/tst-pam_tally: Likewise.
* modules/pam_tally2/.gitignore: Likewise.
* modules/pam_tally2/Makefile.am: Likewise.
* modules/pam_tally2/README.xml: Likewise.
* modules/pam_tally2/pam_tally2.8.xml: Likewise.
* modules/pam_tally2/pam_tally2.c: Likewise.
* modules/pam_tally2/pam_tally2_app.c: Likewise.
* modules/pam_tally2/tallylog.h: Likewise.
* modules/pam_tally2/tst-pam_tally2: Likewise.
* modules/pam_timestamp/pam_timestamp_check.8.xml: Fix typo by replacing
pam_tally with pam_timestamp.
* po/POTFILES.in: Remove ./modules/pam_tally/pam_tally_app.c,
./modules/pam_tally/pam_tally.c, ./modules/pam_tally2/pam_tally2_app.c,
and ./modules/pam_tally2/pam_tally2.c.
* NEWS: Document this change.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* ci/install-dependencies.sh: Remove libcrack2-dev.
* ci/run-build-and-tests.sh (DISTCHECK_CONFIGURE_FLAGS): Remove
--enable-cracklib=check.
* conf/pam.conf: Remove references to pam_cracklib.so.
* configure.ac: Remove --enable-cracklib option.
(AC_SUBST): Remove LIBCRACK.
(AM_CONDITIONAL): Remove COND_BUILD_PAM_CRACKLIB.
(AC_CONFIG_FILES): Remove modules/pam_cracklib/Makefile.
* doc/sag/pam_cracklib.xml: Remove.
* doc/sag/Linux-PAM_SAG.xml: Do not include pam_cracklib.xml.
* modules/Makefile.am (MAYBE_PAM_CRACKLIB): Remove.
(SUBDIRS): Remove MAYBE_PAM_CRACKLIB.
* modules/pam_cracklib/Makefile.am: Remove.
* modules/pam_cracklib/README.xml: Likewise.
* modules/pam_cracklib/pam_cracklib.8.xml: Likewise.
* modules/pam_cracklib/pam_cracklib.c: Likewise.
* modules/pam_cracklib/tst-pam_cracklib: Likewise.
* xtests/tst-pam_cracklib1.c: Likewise.
* xtests/tst-pam_cracklib1.pamd: Likewise.
* xtests/tst-pam_cracklib2.c: Likewise.
* xtests/tst-pam_cracklib2.pamd: Likewise.
* modules/pam_pwhistory/pam_pwhistory.8.xml: Replace pam_cracklib
in examples with pam_passwdqc.
* modules/pam_unix/pam_unix.8.xml: Likewise.
* po/POTFILES.in: Remove ./modules/pam_cracklib/pam_cracklib.c.
* xtests/.gitignore: Remove tst-pam_cracklib1 and tst-pam_cracklib2.
* xtests/Makefile.am (EXTRA_DIST): Remove tst-pam_cracklib1.pamd
and tst-pam_cracklib2.pamd.
(XTESTS): Remove tst-pam_cracklib1 and tst-pam_cracklib2.
* NEWS: Document this change.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Exported functions already have these attributes, add them to other functions.
This enables compilers to find format specifier mismatches, like:
foo_print("Hello %d", "world")
* m4/warn_lang_flags.m4 (gl_WARN_ADD): Add -Wmissing-format-attribute.
* conf/pam_conv1/Makefile.am (AM_CFLAGS): Add -I$(top_srcdir)/libpam/include.
* conf/pam_conv1/pam_conv_y.y: Include <security/_pam_types.h>.
(yyerror): Add printf format attribute.
* modules/pam_pwhistory/opasswd.c (helper_log_err): Likewise.
* modules/pam_rootok/pam_rootok.c (log_callback): Likewise.
* modules/pam_tally/pam_tally.c (tally_log): Likewise.
* modules/pam_tally2/pam_tally2.c (tally_log): Likewise.
* modules/pam_unix/passverify.c (helper_log_err): Likewise.
|
| |
|
|
|
| |
modules/pam_motd/pam_motd.c: set NULL value instead of "key user" for the
prompt when dropping privileges.
|
| |
|
|
|
|
| |
modules/pam_motd/pam_motd.8.xml: document file filtering of motd
messages.
NEWS: annotate change.
|
| |
|
|
|
|
|
|
|
| |
modules/pam_motd/pam_motd.c: filter motd by user and group owning the
proper files. This is achieved by changing the ids of the process
reading the files from root to the target user.
Resolves:
https://bugzilla.redhat.com/show_bug.cgi?id=1861640
|
| |
|
|
|
|
| |
args_parse function pass "conf=" argument to set_conf_opt() after handling by self.
set_conf_opt is not able to handle "conf" argument and write error:
sddm-helper[415]: pam_faillock(sddm:auth): Unknown option: conf
|
| |
|
|
|
|
|
| |
modules/pam_namespace/pam_namespace.8.xml: delete obsolete information
about polyinstantiation and refer to gdm's documentation.
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1861841
|
| |
|
|
|
|
|
|
|
|
| |
When running systemd service with DynamicUser being set, the dynamic UID
might be not mapped to user name (/etc/nsswitch.conf is not configured
with systemd nss module).
The getuidname() routine might return NULL and this is not checked by callee.
Signed-off-by: Anton D. Kachalov <rnouse@google.com>
|
| |
|
|
|
| |
modules/pam_wheel/pam_wheel.8.xml: indicate that use_uid option uses the
real uid of the calling process.
|
| |
|
|
|
|
|
|
| |
modules/pam_wheel/pam_wheel.c: if getlogin fails to obtain the real user
ID, then try with PAM_RUSER.
Resolves:
https://bugzilla.redhat.com/show_bug.cgi?id=1866866
|
| |
|
|
|
| |
modules/pam_wheel/pam_wheel.c: improve indentation and explicitly state
condition statements
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Some distributions do not build pam_unix, e.g. ALT uses pam_tcb instead.
Add a configure option to disable build of pam_unix so that those who
choose not to build pam_unix no longer have to edit modules/Makefile.am
file. The default is unchanged, i.e. build of pam_unix is enabled.
* configure.ac (AC_ARG_ENABLE): Add unix.
(AM_CONDITIONAL): Add COND_BUILD_PAM_UNIX.
* modules/Makefile.am [COND_BUILD_PAM_UNIX] (MAYBE_PAM_UNIX): Define.
(SUBDIRS): Replace pam_unix with $(COND_BUILD_PAM_UNIX).
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This makes all installed executables built with @EXE_CFLAGS@ and
@EXE_LDFLAGS@.
* modules/pam_mkhomedir/Makefile.am (mkhomedir_helper_CFLAGS,
mkhomedir_helper_LDFLAGS): New variables.
* modules/pam_tally/Makefile.am (pam_tally_CFLAGS, pam_tally_LDFLAGS):
Likewise.
* modules/pam_tally2/Makefile.am (pam_tally2_CFLAGS,
pam_tally2_LDFLAGS): Likewise.
|
| |
|
|
|
|
|
|
|
| |
There are going to be other options added to CFLAGS and LDFLAGS
of executables made along with modules.
* configure.ac (EXE_CFLAGS, EXE_LDFLAGS): New variables initialized from
PIE_CFLAGS and PIE_LDFLAGS, respectively. AC_SUBST them instead of
PIE_CFLAGS and PIE_LDFLAGS. All users updated.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Apparently, gcc is also not smart enough to infer the alignment
of structure fields, for details see
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89133
Use unions to avoid these casts altogether, this fixes compilation
warnings reported by gcc on arm, e.g.:
md5.c: In function 'MD5Update':
md5.c:92:35: error: cast increases required alignment of target type [-Werror=cast-align]
92 | MD5Name(MD5Transform)(ctx->buf, (uint32 *) ctx->in);
| ^
md5.c:101:35: error: cast increases required alignment of target type [-Werror=cast-align]
101 | MD5Name(MD5Transform)(ctx->buf, (uint32 *) ctx->in);
| ^
md5.c: In function 'MD5Final':
md5.c:136:35: error: cast increases required alignment of target type [-Werror=cast-align]
136 | MD5Name(MD5Transform)(ctx->buf, (uint32 *) ctx->in);
| ^
md5.c:147:9: error: cast increases required alignment of target type [-Werror=cast-align]
147 | memcpy((uint32 *)ctx->in + 14, ctx->bits, 2*sizeof(uint32));
| ^
md5.c:149:34: error: cast increases required alignment of target type [-Werror=cast-align]
149 | MD5Name(MD5Transform)(ctx->buf, (uint32 *) ctx->in);
| ^
* modules/pam_namespace/md5.h (struct MD5Context): Replace "buf" and
"in" fields with unions. All users updated.
* modules/pam_unix/md5.h (struct MD5Context): Likewise.
* modules/pam_timestamp/sha1.h (struct sha1_context.pending): Replace
with a union. All users updated.
Complements: v1.4.0~195 ("Fix most of clang -Wcast-align compilation warnings")
|
| |
|
|
|
|
|
| |
* modules/pam_namespace/md5.c: Do not check against the list of
architectures that are known to be little-endian, instead check
for WORDS_BIGENDIAN macro defined by AC_C_BIGENDIAN autoconf macro
on big-endian platforms.
|
| |
|
|
|
|
|
| |
These retrieved contexts are just passed to libselinux functions and not
printed or otherwise made available to the outside, so a context
translation to human readable MCS/MLS labels is not needed.
(see man:setrans.conf(5))
|
| |
|
|
|
|
|
| |
The retrieved context is just passed to libselinux functions and not
printed or otherwise made available to the outside, so a context
translation to human readable MCS/MLS labels is not needed.
(see man:setrans.conf(5))
|
| |
|
|
|
| |
libselinux 3.1 deprecated the typedef security_context_t.
Use the underlaying type.
|
| |
|
|
|
|
|
| |
These retrieved contexts are just passed to libselinux functions and not
printed or otherwise made available to the outside, so a context
translation to human readable MCS/MLS labels is not needed.
(see man:setrans.conf(5))
|
| |
|
|
|
| |
libselinux 3.1 deprecated the typedef security_context_t.
Use the underlaying type.
|
| |
|
|
|
|
| |
The retrieved context is just passed to the libselinux function
'selinux_check_access()', so a context translation to human readable
MCS/MLS labels is not needed. (see man:setrans.conf(5))
|
| |
|
|
|
| |
libselinux 3.1 deprecated the typedef security_context_t.
Use the underlaying type.
|
| |
|
|
|
| |
The matchpathcon family is deprecated.
Use the selabel family.
|
| |
|
|
|
| |
libselinux 3.1 deprecated the typedef security_context_t.
Use the underlaying type.
|
| |
|
|
|
| |
* modules/pam_unix/pam_unix_acct.c (pam_sm_acct_mgmt): Add comment
about the reason for ignoring PAM_AUTHTOK_ERR.
|
| |
|
|
|
|
|
|
|
|
| |
The daysleft otherwise stays uninitialized if there is no shadow entry.
Regression from commit f5adefa.
Fixes #255
* modules/pam_unix/pam_unix_acct.c (pam_sm_acct_mgmt): Initialize daysleft.
|
| |
|
|
|
|
|
|
| |
The purpose of the helper is to enable tighter confinement of login and
password changing services. The helper is thus called only when SELinux
is enabled on the system.
Resolves: https://github.com/linux-pam/linux-pam/pull/247
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
[ldv: rewrote commit message]
* modules/pam_unix/passverify.h (read_passwords): Remove prototype.
* modules/pam_unix/passverify.c (read_passwords): Move ...
* libpam/include/pam_inline.h: ... here, rename to pam_read_passwords,
add static inline qualifiers.
Include <unistd.h> and <errno.h>.
* modules/pam_unix/unix_chkpwd.c: Include "pam_inline.h".
(main): Replace read_passwords with pam_read_passwords.
* modules/pam_unix/unix_update.c: Include "pam_inline.h".
(set_password): Replace read_passwords with pam_read_passwords.
|
| |
|
|
|
|
|
|
|
|
| |
* modules/pam_unix/passverify.h (MAXPASS): Remove.
* modules/pam_unix/passverify.c (read_passwords): Replace MAXPASS
with PAM_MAX_RESP_SIZE.
* modules/pam_unix/pam_unix_passwd.c (_pam_unix_approve_pass): Likewise.
* modules/pam_unix/support.c (_unix_verify_password): Likewise.
* modules/pam_unix/unix_chkpwd.c (main): Likewise.
* modules/pam_unix/unix_update.c (set_password): Likewise.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Resolves: https://github.com/linux-pam/linux-pam/issues/148
Signed-off-by: Lucas Ramage <ramage.lucas@protonmail.com>
* modules/pam_stress/README: Remove.
* modules/pam_stress/README.xml: New file.
* modules/pam_stress/pam_stress.8.xml: Likewise.
* modules/pam_stress/Makefile.am (MAINTAINERCLEANFILES): Add
$(MANS) and README.
(EXTRA_DIST): Add $(XMLS).
(XMLS): Add README.xml and pam_stress.8.xml.
[HAVE_DOC] (dist_man_MANS): Add pam_stress.8.
[ENABLE_REGENERATE_MAN] (dist_noinst_DATA): Add README.
[ENABLE_REGENERATE_MAN]: Include $(top_srcdir)/Make.xml.rules.
* modules/pam_stress/.gitignore: Remove.
Resolves: https://github.com/linux-pam/linux-pam/pull/184
|
| |
|
|
|
|
|
|
| |
[ldv: rewrote commit message]
* modules/pam_loginuid/pam_loginuid.c (set_loginuid): Do not pass to
strncmp the return value of pam_modutil_read in an unlikely case when
the latter fails to read from /proc/self/uid_map.
|
| |
|
|
|
|
|
|
|
|
|
| |
[ldv: rewrote commit message]
* modules/pam_mkhomedir/mkhomedir_helper.c (create_homedir): Close just
opened file descriptor "srcfd" in an unlikely case when it cannot be
fstat'ed.
* modules/pam_namespace/pam_namespace.c (create_instance): Close just
opened file descriptor "fd" in an unlikely case when it cannot be
fstat'ed.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CPPCHECK_WARNING (CWE-843):
error[va_end_missing]: va_list 'ap' was opened but not closed by
va_end().
[ldv: According to POSIX documentation, each invocation of va_start()
must be matched by a corresponding invocation of va_end().
According to the GNU libc documentation, "with most C compilers,
calling 'va_end' does nothing. This is always true in the GNU C
compiler. But you might as well call 'va_end' just in case your
program is someday compiled with a peculiar compiler."
The main reason for applying this change is to pacify static analysis
tools like cppcheck that insist on strict POSIX conformance in this
respect.]
|
| |
|
|
| |
Resolves: https://github.com/linux-pam/linux-pam/pull/249
|
| | |
|
| |
|
|
|
|
| |
* modules/pam_namespace/.gitignore: Add pam_namespace.service.
Complements: v1.4.0~247 ("pam_namespace: secure tmp-inst directories")
|
| |
|
|
|
|
| |
* modules/pam_faillock/.gitignore: Add faillock.
Complements: v1.4.0~76 ("pam_faillock: New module for locking after multiple auth failures")
|
