summaryrefslogtreecommitdiffstats
path: root/ChangeLog
diff options
context:
space:
mode:
Diffstat (limited to 'ChangeLog')
-rw-r--r--ChangeLog1920
1 files changed, 1920 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
new file mode 100644
index 0000000..3e135be
--- /dev/null
+++ b/ChangeLog
@@ -0,0 +1,1920 @@
+2018-05-18 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ Release version 1.3.1.
+
+ Add xz compression.
+
+2018-05-16 Allison Karlitskaya <allison.karlitskaya@redhat.com>
+
+ pam_motd: add support for a motd.d directory (#48)
+ Add a new feature to pam_motd to allow packages to install their own
+ message files in a "motd.d" directory, to be displayed after the primary
+ motd.
+
+ Add an option motd_d= to specify the location of this directory.
+
+ Modify the defaults, in the case where no options are given, to display
+ both /etc/motd and /etc/motd.d.
+
+ Fixes #47
+
+ * modules/pam_motd/pam_motd.c: add support for motd.d
+ * modules/pam_motd/pam_motd.8.xml: update the manpage
+
+2018-05-02 Tomas Mraz <tmraz@fedoraproject.org>
+
+ pam_umask: Fix documentation to align with order of loading umask.
+ * modules/pam_umask/pam_umask.8.xml: Document the real order of loading
+ umask.
+
+2018-04-10 Joey Chagnon <joeychagnon@users.noreply.github.com>
+
+ Fix missing word in documentation.
+ * doc/man/pam_get_user.3.xml: Fix it.
+
+2017-11-10 Dmitry V. Levin <ldv@altlinux.org>
+
+ pam_tally2 --reset: avoid creating a missing tallylog file.
+ There is no need for pam_tally2 in --reset=0 mode to create a missing
+ tallylog file because its absence has the same meaning as its existence
+ with the appropriate entry reset.
+
+ This was not a big deal until useradd(8) from shadow suite release 4.5
+ started to invoke /sbin/pam_tally2 --reset routinely regardless of PAM
+ configuration.
+
+ The positive effect of this change is noticeable when using tools like
+ cpio(1) that cannot archive huge sparse files efficiently.
+
+ * modules/pam_tally2/pam_tally2.c [MAIN] (main) <cline_user>: Stat
+ cline_filename when cline_reset == 0, exit early if the file is missing.
+
+2017-11-10 Tomas Mraz <tmraz@fedoraproject.org>
+
+ pam_mkhomedir: Allow creating parent of homedir under /
+ * modules/pam_mkhomedir/mkhomedir_helper.c (make_parent_dirs): Do not
+ skip creating the directory if we are under /.
+
+2017-10-09 Tomas Mraz <tmraz@fedoraproject.org>
+
+ pam_tty_audit: Fix regression introduced by adding the uid range support.
+ * modules/pam_tty_audit/pam_tty_audit.c (parse_uid_range): Fix constification and
+ remove unneeded code carried from pam_limits.
+ (pam_sm_open_session): When multiple enable/disable options are present do not
+ stop after first match.
+
+2017-09-06 Tomas Mraz <tmraz@fedoraproject.org>
+
+ pam_access: Add note about spaces around ':' in access.conf(5)
+ * modules/pam_access/access.conf.5.xml: Add note about spaces around ':'
+
+ Workaround formatting problem in pam(8)
+ * doc/man/pam.8.xml: Workaround formatting problem.
+
+2017-07-12 Peter Urbanec <peterurbanec@users.noreply.github.com>
+
+ pam_unix: Check return value of malloc used for setcred data (#24)
+ Check the return value of malloc and if it failed print debug info, send
+ a syslog message and return an error code.
+
+ The test in AUTH_RETURN for ret_data not being NULL becomes redundant.
+
+2017-07-10 Tomas Mraz <tmraz@fedoraproject.org>
+
+ pam_cracklib: Drop unused prompt macros.
+ * modules/pam_cracklib/pam_cracklib.c: Drop the unused macros.
+
+2017-06-28 Tomas Mraz <tmraz@fedoraproject.org>
+
+ pam_tty_audit: Support matching users by uid range.
+ * modules/pam_tty_audit/pam_tty_audit.c (parse_uid_range): New function to
+ parse the uid range.
+ (pam_sm_open_session): Call parse_uid_range() and behave according to its result.
+ * modules/pam_tty_audit/pam_tty_audit.8.xml: Document the uid range matching.
+
+2017-05-31 Tomas Mraz <tmraz@fedoraproject.org>
+
+ pam_access: support parsing files in /etc/security/access.d/*.conf.
+ * modules/pam_access/pam_access.c (login_access): Return NOMATCH if
+ there was no match in the parsed file.
+ (pam_sm_authenticate): Add glob() call to go through the ACCESS_CONF_GLOB
+ subdirectory and call login_access() on the individual files matched.
+ * modules/pam_access/pam_access.8.xml: Document the addition.
+ * modules/pam_access/Makefile.am: Add ACCESS_CONF_GLOB definition.
+
+2017-04-11 Tomas Mraz <tmraz@fedoraproject.org>
+
+ pam_localuser: Correct the example in documentation.
+ * modules/pam_localuser/pam_localuser.8.xml: The example configuration
+ does something different.
+
+ pam_localuser: Correct documentation of return value.
+ * modules/pam_localuser/pam_localuser.8.xml: The module returns
+ PAM_PERM_DENIED when the user is not listed.
+
+2017-03-10 Saul Johnson <saul.a.johnson@gmail.com>
+
+ Make maxclassrepeat=1 behavior consistent with docs (#9)
+ * modules/pam_cracklib/pam_cracklib.c (simple): Apply the maxclassrepeat when greater than 0.
+
+2017-02-09 Josef Moellers <jmoellers@suse.de>
+
+ Properly test for strtol() failure to find any digits.
+ * modules/pam_access/pam_access.c (network_netmask_match): Test for endptr set
+ to beginning and not NULL.
+
+2017-01-19 Daniel Abrecht <daniel.abrecht@hotmail.com>
+
+ pam_exec: fix a potential null pointer dereference.
+ Fix a null pointer dereference when pam_prompt returns PAM_SUCCESS
+ but the response is set to NULL.
+
+ * modules/pam_exec/pam_exec.c (call_exec): Do not invoke strndupa
+ with a null pointer.
+
+ Closes: https://github.com/linux-pam/linux-pam/pull/2
+
+2016-12-07 Antonio Ospite <ao2@ao2.it>
+
+ Add missing comma in the limits.conf.5 manpage.
+ * modules/pam_limits/limits.conf.5.xml: add a missing comma
+
+2016-11-14 Tomas Mraz <tmraz@fedoraproject.org>
+
+ Regular links doesn't work with -no-numbering -no-references.
+ * configure.ac: Use elinks instead of links.
+
+2016-11-01 Tomas Mraz <tmraz@fedoraproject.org>
+
+ pam_access: First check for the (group) match.
+ The (group) match is performed first to allow for groups
+ containing '@'.
+
+ * modules/pam_access/pam_access.c (user_match): First check for the (group) match.
+
+2016-10-17 Tomas Mraz <tmraz@fedoraproject.org>
+
+ pam_ftp: Properly use the first name from the supplied list.
+ * modules/pam_ftp/pam_ftp.c (lookup): Return first user from the list
+ of anonymous users if user name matches.
+ (pam_sm_authenticate): Free the returned value allocated in lookup().
+
+2016-09-12 Bartos-Elekes Zsolt <muszi@kite.hu>
+
+ pam_issue: Fix no prompting in parse escape codes mode.
+ * modules/pam_issue/pam_issue.c (read_issue_quoted): Fix misplaced strcat().
+
+2016-06-30 Maxin B. John <maxin.john@intel.com>
+
+ xtests: remove bash dependency.
+ There are no bash specific syntax in the xtest scripts. So, remove
+ the bash dependency.
+
+2016-06-30 Tomas Mraz <tmraz@fedoraproject.org>
+
+ Unification and cleanup of syslog log levels.
+ * libpam/pam_handlers.c: Make memory allocation failures LOG_CRIT.
+ * libpam/pam_modutil_priv.c: Make memory allocation failures LOG_CRIT.
+ * modules/pam_echo/pam_echo.c: Make memory allocation failures LOG_CRIT.
+ * modules/pam_env/pam_env.c: Make memory allocation failures LOG_CRIT.
+ * modules/pam_exec/pam_exec.c: Make memory allocation failures LOG_CRIT.
+ * modules/pam_filter/pam_filter.c: Make all non-memory call errors LOG_ERR.
+ * modules/pam_group/pam_group.c: Make memory allocation failures LOG_CRIT.
+ * modules/pam_issue/pam_issue.c: Make memory allocation failures LOG_CRIT.
+ * modules/pam_lastlog/pam_lastlog.c: The lastlog file creation is syslogged
+ with LOG_NOTICE, memory allocation errors with LOG_CRIT, other errors
+ with LOG_ERR.
+ * modules/pam_limits/pam_limits.c: User login limit messages are syslogged
+ with LOG_NOTICE, stale utmp entry with LOG_INFO, non-memory errors with
+ LOG_ERR.
+ * modules/pam_listfile/pam_listfile.c: Rejection of user is syslogged
+ with LOG_NOTICE.
+ * modules/pam_namespace/pam_namespace.c: Make memory allocation failures
+ LOG_CRIT.
+ * modules/pam_nologin/pam_nologin.c: Make memory allocation failures
+ LOG_CRIT, other errors LOG_ERR.
+ * modules/pam_securetty/pam_securetty.c: Rejection of access is syslogged
+ with LOG_NOTICE, non-memory errors with LOG_ERR.
+ * modules/pam_selinux/pam_selinux.c: Make memory allocation failures LOG_CRIT.
+ * modules/pam_succeed_if/pam_succeed_if.c: Make all non-memory call errors
+ LOG_ERR.
+ * modules/pam_time/pam_time.c: Make memory allocation failures LOG_CRIT.
+ * modules/pam_timestamp/pam_timestamp.c: Make memory allocation failures
+ LOG_CRIT.
+ * modules/pam_unix/pam_unix_acct.c: Make all non-memory call errors LOG_ERR.
+ * modules/pam_unix/pam_unix_passwd.c: Make memory allocation failures LOG_CRIT,
+ other errors LOG_ERR.
+ * modules/pam_unix/pam_unix_sess.c: Make all non-memory call errors LOG_ERR.
+ * modules/pam_unix/passverify.c: Unknown user is syslogged with LOG_NOTICE.
+ * modules/pam_unix/support.c: Unknown user is syslogged with LOG_NOTICE and
+ max retries ignorance by application likewise.
+ * modules/pam_unix/unix_chkpwd.c: Make all non-memory call errors LOG_ERR.
+ * modules/pam_userdb/pam_userdb.c: Password authentication error is syslogged
+ with LOG_NOTICE.
+ * modules/pam_xauth/pam_xauth.c: Make memory allocation failures LOG_CRIT.
+
+2016-06-15 Dmitry V. Levin <ldv@altlinux.org>
+
+ pam_timestamp: fix typo in strncmp usage.
+ Before this fix, a typo in check_login_time resulted to ruser and
+ struct utmp.ut_user being compared by the first character only,
+ which in turn could lead to a too low timestamp value being assigned
+ to oldest_login, effectively causing bypass of check_login_time.
+
+ * modules/pam_timestamp/pam_timestamp.c (check_login_time): Fix typo
+ in strncmp usage.
+
+ Patch-by: Anton V. Boyarshinov <boyarsh@altlinux.org>
+
+2016-05-30 Tomas Mraz <tmraz@fedoraproject.org>
+
+ Correct the examples in pam_fail_delay(3) man page.
+ doc/man/pam_fail_delay.3.xml: Correct the examples.
+
+2016-05-11 Tomas Mraz <tmraz@fedoraproject.org>
+
+ Remove spaces in examples for access.conf.
+ The spaces are ignored only with the default listsep. To remove confusion
+ if non-default listsep is used they are removed from the examples.
+
+ * modules/pam_access/access.conf: Remove all spaces around ':' in examples.
+ * modules/pam_access/access.conf.5.xml: Likewise.
+
+2016-05-05 Mike Frysinger <vapier@gentoo.org>
+
+ build: avoid non-portable == with "test" (ticket #60)
+ POSIX says test only accepts =. Some shells (including bash) accept ==,
+ but we should still stick to = for portability.
+
+ * configure.ac: Replace == with = in "test" invocations.
+
+2016-04-28 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ Release version 1.3.0.
+ * NEWS: add changes for 1.3.0.
+ * configure.ac: bump version number.
+ * libpam/Makefile.am: bump revision of libpam.so version.
+
+2016-04-28 Tomas Mraz <tmraz@fedoraproject.org>
+
+ Updated translations from Zanata.
+ * po/*.po: Updated translations from Zanata.
+
+2016-04-19 Tomas Mraz <tmraz@fedoraproject.org>
+
+ pam_wheel: Correct the documentation of the root_only option.
+ * modules/pam_wheel/pam_wheel.8.xml: Correct the documentation of the
+ root_only option.
+
+ pam_unix: Document that MD5 password hash is used to store old passwords.
+ modules/pam_unix/pam_unix.8.xml: Document that the MD5 password hash is used
+ to store the old passwords when remember option is set.
+
+2016-04-14 Tomas Mraz <tmraz@fedoraproject.org>
+
+ Project registered at Zanata (fedora.zanata.org) for translations.
+ * zanata.xml: Configuration file for zanata client.
+ * po/LINGUAS: Update languages as supported by Zanata.
+ * po/Linux-PAM.pot: Updated from sources.
+ * po/*.po: Updated from sources.
+
+2016-04-06 Tomas Mraz <tmraz@fedoraproject.org>
+
+ pam_unix: Use pam_get_authtok() instead of direct pam_prompt() calls.
+ We have to drop support for not_set_pass option which is not much useful
+ anyway. Instead we get proper support for authtok_type option.
+
+ * modules/pam_unix/pam_unix.8.xml: Removed not_set_pass option, added authtok_ty
+ pe
+ option.
+ * modules/pam_unix/pam_unix_auth.c (pam_sm_authenticate): Replace _unix_read_pas
+ sword()
+ call with equivalent pam_get_authtok() call.
+ * modules/pam_unix/pam_unix_passwd.c (pam_sm_chauthtok): Likewise and also drop
+ support for not_set_pass.
+ * modules/pam_unix/support.c (_unix_read_password): Remove.
+ * modules/pam_unix/support.h: Remove UNIX_NOT_SET_PASS add UNIX_AUTHTOK_TYPE.
+
+ pam_get_authtok(): Add authtok_type support to current password prompt.
+ * libpam/pam_get_authtok.c (pam_get_authtok_internal): When changing password,
+ use different prompt for current password allowing for authtok_type to be
+ displayed to the user.
+
+2016-04-04 Tomas Mraz <tmraz@fedoraproject.org>
+
+ pam_unix: Make password expiration messages more user-friendly.
+ * modules/pam_unix/pam_unix_acct.c (pam_sm_acct_mgmt): Make password
+ expiration messages more user-friendly.
+
+2016-04-04 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ innetgr may not be there so make sure that when innetgr is not present then we inform about it and not use it. [ticket#46]
+ * modules/pam_group/pam_group.c: ditto
+ * modules/pam_succeed_if/pam_succeed_if.c: ditto
+ * modules/pam_time/pam_time.c: ditto
+
+ build: fix build when crypt() is not part of crypt_libs [ticket#46]
+ * configure.ac: Don't set empty -l option in crypt check
+
+ build: use $host_cpu for lib64 directory handling [ticket#46]
+ * configure.ac: use $host_cpu for lib64 directory handling.
+
+2016-04-01 Dmitry V. Levin <ldv@altlinux.org>
+
+ Fix whitespace issues.
+ Remove blank lines at EOF introduced by commit
+ a684595c0bbd88df71285f43fb27630e3829121e,
+ making the project free of warnings reported by
+ git diff --check 4b825dc642cb6eb9a060e54bf8d69288fbee4904 HEAD
+
+ * libpam/pam_dynamic.c: Remove blank line at EOF.
+ * modules/pam_echo/pam_echo.c: Likewise.
+ * modules/pam_keyinit/pam_keyinit.c: Likewise.
+ * modules/pam_mkhomedir/pam_mkhomedir.c: Likewise.
+ * modules/pam_pwhistory/pam_pwhistory.c: Likewise.
+ * modules/pam_rhosts/pam_rhosts.c: Likewise.
+ * modules/pam_sepermit/pam_sepermit.c: Likewise.
+ * modules/pam_stress/pam_stress.c: Likewise.
+
+2016-04-01 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ Use TI-RPC functions if we compile and link against libtirpc. The old SunRPC functions don't work with IPv6.
+ * configure.ac: Set and restore CPPFLAGS
+ * modules/pam_unix/pam_unix_passwd.c: Replace getrpcport with
+ rpcb_getaddr if available.
+
+2016-03-29 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ PAM_EXTERN isn't needed anymore, but don't remove it to not break lot of external code using it.
+ * libpam/include/security/pam_modules.h: Readd PAM_EXTERN for compatibility
+
+ Remove "--enable-static-modules" option and support from Linux-PAM. It was never official supported and was broken since years.
+ * configure.ac: Remove --enable-static-modules option.
+ * doc/man/pam_sm_acct_mgmt.3.xml: Remove PAM_EXTERN.
+ * doc/man/pam_sm_authenticate.3.xml: Likewise.
+ * doc/man/pam_sm_chauthtok.3.xml: Likewise.
+ * doc/man/pam_sm_close_session.3.xml: Likewise.
+ * doc/man/pam_sm_open_session.3.xml: Likewise.
+ * doc/man/pam_sm_setcred.3.xml: Likewise.
+ * libpam/Makefile.am: Remove STATIC_MODULES cases.
+ * libpam/include/security/pam_modules.h: Remove PAM_STATIC parts.
+ * libpam/pam_dynamic.c: Likewise.
+ * libpam/pam_handlers.c: Likewise.
+ * libpam/pam_private.h: Likewise.
+ * libpam/pam_static.c: Remove file.
+ * libpam/pam_static_modules.h: Remove header file.
+ * modules/pam_access/pam_access.c: Remove PAM_EXTERN and PAM_STATIC parts.
+ * modules/pam_cracklib/pam_cracklib.c: Likewise.
+ * modules/pam_debug/pam_debug.c: Likewise.
+ * modules/pam_deny/pam_deny.c: Likewise.
+ * modules/pam_echo/pam_echo.c: Likewise.
+ * modules/pam_env/pam_env.c: Likewise.
+ * modules/pam_exec/pam_exec.c: Likewise.
+ * modules/pam_faildelay/pam_faildelay.c: Likewise.
+ * modules/pam_filter/pam_filter.c: Likewise.
+ * modules/pam_ftp/pam_ftp.c: Likewise.
+ * modules/pam_group/pam_group.c: Likewise.
+ * modules/pam_issue/pam_issue.c: Likewise.
+ * modules/pam_keyinit/pam_keyinit.c: Likewise.
+ * modules/pam_lastlog/pam_lastlog.c: Likewise.
+ * modules/pam_limits/pam_limits.c: Likewise.
+ * modules/pam_listfile/pam_listfile.c: Likewise.
+ * modules/pam_localuser/pam_localuser.c: Likewise.
+ * modules/pam_loginuid/pam_loginuid.c: Likewise.
+ * modules/pam_mail/pam_mail.c: Likewise.
+ * modules/pam_mkhomedir/pam_mkhomedir.c: Likewise.
+ * modules/pam_motd/pam_motd.c: Likewise.
+ * modules/pam_namespace/pam_namespace.c: Likewise.
+ * modules/pam_nologin/pam_nologin.c: Likewise.
+ * modules/pam_permit/pam_permit.c: Likewise.
+ * modules/pam_pwhistory/pam_pwhistory.c: Likewise.
+ * modules/pam_rhosts/pam_rhosts.c: Likewise.
+ * modules/pam_rootok/pam_rootok.c: Likewise.
+ * modules/pam_securetty/pam_securetty.c: Likewise.
+ * modules/pam_selinux/pam_selinux.c: Likewise.
+ * modules/pam_sepermit/pam_sepermit.c: Likewise.
+ * modules/pam_shells/pam_shells.c: Likewise.
+ * modules/pam_stress/pam_stress.c: Likewise.
+ * modules/pam_succeed_if/pam_succeed_if.c: Likewise.
+ * modules/pam_tally/pam_tally.c: Likewise.
+ * modules/pam_tally2/pam_tally2.c: Likewise.
+ * modules/pam_time/pam_time.c: Likewise.
+ * modules/pam_timestamp/pam_timestamp.c: Likewise.
+ * modules/pam_tty_audit/pam_tty_audit.c: Likewise.
+ * modules/pam_umask/pam_umask.c: Likewise.
+ * modules/pam_userdb/pam_userdb.c: Likewise.
+ * modules/pam_warn/pam_warn.c: Likewise.
+ * modules/pam_wheel/pam_wheel.c: Likewise.
+ * modules/pam_xauth/pam_xauth.c: Likewise.
+ * modules/pam_unix/Makefile.am: Remove STATIC_MODULES part.
+ * modules/pam_unix/pam_unix_acct.c: Remove PAM_STATIC part.
+ * modules/pam_unix/pam_unix_auth.c: Likewise.
+ * modules/pam_unix/pam_unix_passwd.c: Likewise.
+ * modules/pam_unix/pam_unix_sess.c: Likewise.
+ * modules/pam_unix/pam_unix_static.c: Removed.
+ * modules/pam_unix/pam_unix_static.h: Removed.
+ * po/POTFILES.in: Remove removed files.
+ * tests/tst-dlopen.c: Remove PAM_STATIC part.
+
+2016-03-24 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ Fix check for libtirpc and enhance check for libnsl to include new libnsl.
+ * configure.ac: fix setting of CFLAGS/LIBS, enhance libnsl check
+ * modules/pam_unix/Makefile.am: replace NIS_* with TIRPC_* and NSL_*
+
+2016-03-23 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ Remove YP dependencies from pam_access, they were never used and such not needed.
+ * modules/pam_access/Makefile.am: Remove NIS_CFLAGS and NIS_LIBS
+ * modules/pam_access/pam_access.c: Remove yp_get_default_domain case,
+ it will never be used.
+
+2016-03-04 Tomas Mraz <tmraz@fedoraproject.org>
+
+ Add checks for localtime() returning NULL.
+ * modules/pam_lastlog/pam_lastlog.c (last_login_read): Check for localtime_r
+ returning NULL.
+ * modules/pam_tally2/pam_tally2.c (print_one): Check for localtime returning
+ NULL.
+
+ pam_unix: Silence warnings and fix a minor bug.
+ Fixes a minor bug in behavior when is_selinux_enabled()
+ returned negative value.
+
+ * modules/pam_unix/passverify.c: Add parentheses to SELINUX_ENABLED macro.
+ (unix_update_shadow): Safe cast forwho to non-const char *.
+ * modules/pam_unix/support.c: Remove unused SELINUX_ENABLED macro.
+
+2016-02-17 Tomas Mraz <tmraz@fedoraproject.org>
+
+ pam_env: Document the /etc/environment file.
+ * modules/pam_env/Makefile.am: Add the environment.5 soelim stub.
+ * modules/pam_env/pam_env.8.xml: Add environ(7) reference.
+ * modules/pam_env/pam_env.conf.5.xml: Add environment alias name.
+ Add a paragraph about /etc/environment. Add environ(7) reference.
+
+ pam_unix: Add no_pass_expiry option to ignore password expiration.
+ * modules/pam_unix/pam_unix.8.xml: Document the no_pass_expiry option.
+ * modules/pam_unix/pam_unix_acct.c (pam_sm_acct_mgmt): If no_pass_expiry
+ is on and return value data is not set to PAM_SUCCESS then ignore
+ PAM_NEW_AUTHTOK_REQD and PAM_AUTHTOK_EXPIRED returns.
+ * modules/pam_unix/pam_unix_auth.c (pam_sm_authenticate): Always set the
+ return value data.
+ (pam_sm_setcred): Test for likeauth option and use the return value data
+ only if set.
+ * modules/pam_unix/support.h: Add the no_pass_expiry option.
+
+2016-01-25 Tomas Mraz <tmraz@fedoraproject.org>
+
+ pam_unix: Change the salt length for new hashes to 16 characters.
+ * modules/pam_unix/passverify.c (create_password_hash): Change the
+ salt length for new hashes to 16 characters.
+
+2015-12-17 Tomas Mraz <tmraz@fedoraproject.org>
+
+ Relax the conditions for fatal failure on auditing.
+ The PAM library calls will not fail anymore for any uid if the return
+ value from the libaudit call is -EPERM.
+
+ * libpam/pam_audit.c (_pam_audit_writelog): Remove check for uid != 0.
+
+2015-12-16 Tomas Mraz <tmraz@fedoraproject.org>
+
+ pam_tally2: Optionally log the tally count when checking.
+ * modules/pam_tally2/pam_tally2.c (tally_parse_args): Add debug option.
+ (tally_check): Always log the tally count with debug option.
+
+2015-10-02 Jakub Hrozek <jakub.hrozek@posteo.se>
+
+ Docfix: pam handle is const in pam_syslog() and pam_vsyslog()
+ * doc/man/pam_syslog.3.xml: Add const to pam handle in pam_syslog() and pam_vsyslog().
+
+2015-09-24 Tomas Mraz <tmraz@fedoraproject.org>
+
+ pam_loginuid: Add syslog message if required auditd is not detected.
+ * modules/pam_loginuid/pam_loginuid.c (_pam_loginuid): Add syslog message
+ if required auditd is not detected.
+
+2015-09-04 Tomas Mraz <tmraz@fedoraproject.org>
+
+ Allow links to be used instead of w3m for documentation regeneration.
+ * configure.ac: If w3m is not found check for links.
+
+ Add missing space in pam_misc_setenv man page.
+ * doc/man/pam_misc_setenv.3.xml: Add a missing space.
+
+2015-08-12 Tomas Mraz <tmraz@fedoraproject.org>
+
+ pam_rootok: use rootok permission instead of passwd permission in SELinux check.
+ * modules/pam_rootok/pam_rootok.c (selinux_check_root): Use rootok instead of
+ passwd permission.
+
+2015-08-05 Amarnath Valluri <amarnath.valluri@intel.com>
+
+ pam_timestamp: Avoid leaking file descriptor.
+ * modules/pam_timestamp/hmacsha1.c(hmac_key_create):
+ close 'keyfd' when failed to own it.
+
+2015-06-22 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ Release version 1.2.1.
+ Security fix: CVE-2015-3238
+
+ If the process executing pam_sm_authenticate or pam_sm_chauthtok method
+ of pam_unix is not privileged enough to check the password, e.g.
+ if selinux is enabled, the _unix_run_helper_binary function is called.
+ When a long enough password is supplied (16 pages or more, i.e. 65536+
+ bytes on a system with 4K pages), this helper function hangs
+ indefinitely, blocked in the write(2) call while writing to a blocking
+ pipe that has a limited capacity.
+ With this fix, the verifiable password length will be limited to
+ PAM_MAX_RESP_SIZE bytes (i.e. 512 bytes) for pam_exec and pam_unix.
+
+ * NEWS: Update
+ * configure.ac: Bump version
+ * modules/pam_exec/pam_exec.8.xml: document limitation of password length
+ * modules/pam_exec/pam_exec.c: limit password length to PAM_MAX_RESP_SIZE
+ * modules/pam_unix/pam_unix.8.xml: document limitation of password length
+ * modules/pam_unix/pam_unix_passwd.c: limit password length
+ * modules/pam_unix/passverify.c: Likewise
+ * modules/pam_unix/passverify.h: Likewise
+ * modules/pam_unix/support.c: Likewise
+
+2015-04-27 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ Update NEWS file.
+
+ Release version 1.2.0.
+ * NEWS: Update
+ * configure.ac: Bump version
+ * libpam/Makefile.am: Bump version of libpam
+ * libpam_misc/Makefile.am: Bump version of libpam_misc
+ * po/*: Regenerate po files
+
+ Fix some grammatical errors in documentation. Patch by Louis Sautier.
+ * doc/adg/Linux-PAM_ADG.xml: Fix gramatical errors.
+ * doc/man/pam.3.xml: Likewise.
+ * doc/man/pam_acct_mgmt.3.xml: Likewise.
+ * doc/man/pam_chauthtok.3.xml: Likewise.
+ * doc/man/pam_sm_chauthtok.3.xml: Likewise.
+ * modules/pam_limits/limits.conf.5.xml: Likewise.
+ * modules/pam_mail/pam_mail.8.xml: Likewise.
+ * modules/pam_rhosts/pam_rhosts.c: Likewise.
+ * modules/pam_shells/pam_shells.8.xml: Likewise.
+ * modules/pam_tally/pam_tally.8.xml: Likewise.
+ * modules/pam_tally2/pam_tally2.8.xml: Likewise.
+ * modules/pam_unix/pam_unix.8.xml: Likewise.
+
+2015-04-23 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ Add "quiet" option to pam_unix to suppress informential info messages from session.
+ * modules/pam_unix/pam_unix.8.xml: Document new option.
+ * modules/pam_unix/support.h: Add quiet option.
+ * modules/pam_unix/pam_unix_sess.c: Don't print LOG_INFO messages if
+ 'quiet' option is set.
+
+2015-04-07 Tomas Mraz <tmraz@fedoraproject.org>
+
+ Use crypt_r if available in pam_userdb and in pam_unix.
+ * modules/pam_unix/passverify.c (create_password_hash): Call crypt_r()
+ instead of crypt() if available.
+ * modules/pam_userdb/pam_userdb.c (user_lookup): Call crypt_r()
+ instead of crypt() if available.
+
+2015-03-25 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ Support alternative "vendor configuration" files as fallback to /etc (Ticket#34, patch from ay Sievers <kay@vrfy.org>)
+ * doc/man/pam.8.xml: document additonal config directory
+ * libpam/pam_handlers.c: add /usr/lib/pam.d as config file fallback directory
+ * libpam/pam_private.h: adjust defines
+
+ pam_env: expand @{HOME} and @{SHELL} and enhance documentation (Ticket#24 and #29)
+ * modules/pam_env/pam_env.c: Replace @{HOME} and @{SHELL} with passwd entries
+ * modules/pam_env/pam_env.conf.5.xml: Document @{HOME} and @{SHELL}
+ * modules/pam_env/pam_env.8.xml: Enhance documentation
+
+2015-03-24 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ Clarify pam_access docs re PAM service names and X $DISPLAY value testing. (Ticket #39)
+ * modules/pam_access/access.conf.5.xml
+ * modules/pam_access/pam_access.8.xml
+
+ Don't use sudo directory, the timestamp format is different (Ticket#32)
+ * modules/pam_timestamp/pam_timestamp.c: Change default timestamp directory.
+
+ Enhance group.conf examples (Ticket#35)
+ * modules/pam_group/group.conf.5.xml: Enhance example by logic group entry.
+
+ Document timestampdir option (Ticket#33)
+ * modules/pam_timestamp/pam_timestamp.8.xml: Add timestampdir option.
+
+ Adjust documentation (Ticket#36)
+ * libpam/pam_delay.c: Change 25% in comment to 50% as used in code.
+ * doc/man/pam_fail_delay.3.xml: Change 25% to 50%
+
+2015-02-18 Tomas Mraz <tmraz@fedoraproject.org>
+
+ Updated translations from Transifex.
+ * po/*.po: Updated translations from Transifex.
+
+2015-01-07 Dmitry V. Levin <ldv@altlinux.org>
+
+ build: raise gettext version requirement.
+ Raise gettext requirement to the latest oldstable version 0.18.3.
+ This fixes the following automake warning:
+
+ configure.ac:581: warning: The 'AM_PROG_MKDIR_P' macro is deprecated, and its use is discouraged.
+ configure.ac:581: You should use the Autoconf-provided 'AC_PROG_MKDIR_P' macro instead,
+ configure.ac:581: and use '$(MKDIR_P)' instead of '$(mkdir_p)'in your Makefile.am files.
+
+ * configure.ac (AM_GNU_GETTEXT_VERSION): Raise from 0.15 to 0.18.3.
+ * po/Makevars: Update from gettext-0.18.3.
+
+2015-01-07 Ronny Chevalier <chevalier.ronny@gmail.com>
+
+ build: adjust automake warning flags.
+ Enable all automake warning flags except for the portability issues,
+ since non portable features are used among the makefiles.
+
+ * configure.ac (AM_INIT_AUTOMAKE): Add -Wall -Wno-portability.
+
+2015-01-07 Dmitry V. Levin <ldv@altlinux.org>
+
+ build: rename configure.in to configure.ac.
+ This fixes the following automake warning:
+ aclocal: warning: autoconf input should be named 'configure.ac', not 'configure.in'
+
+ * configure.in: Rename to configure.ac.
+
+ Remove unmodified GNU gettext files installed by autopoint.
+ These files are part of GNU gettext; we have not modified them, they are
+ installed by autopoint which is called by autoreconf, so they had to be
+ removed from this repository along with ABOUT-NLS, config.rpath, and
+ mkinstalldirs files that were removed by commit
+ Linux-PAM-1_1_5-7-g542ec8b.
+
+ * po/Makefile.in.in: Remove.
+ * po/Rules-quot: Likewise.
+ * po/boldquot.sed: Likewise.
+ * po/en@boldquot.header: Likewise.
+ * po/en@quot.header: Likewise.
+ * po/insert-header.sin: Likewise.
+ * po/quot.sed: Likewise.
+ * po/remove-potcdate.sin: Likewise.
+ * po/.gitignore: Ignore these files.
+
+2015-01-06 Ronny Chevalier <chevalier.ronny@gmail.com>
+
+ Update .gitignore.
+ * .gitignore: Ignore *.log and *.trs files.
+
+2015-01-02 Luke Shumaker <lukeshu@sbcglobal.net>
+
+ libpam: Only print "Password change aborted" when it's true.
+ pam_get_authtok() may be used any time that a password needs to be entered,
+ unlike pam_get_authtok_{no,}verify(), which may only be used when
+ changing a password; yet when the user aborts, it prints "Password change
+ aborted." whether or not that was the operation being performed.
+
+ This bug was non-obvious because none of the modules distributed with
+ Linux-PAM use it for anything but changing passwords; pam_unix has its
+ own utility function that it uses instead. As an example, the
+ nss-pam-ldapd package uses it in pam_sm_authenticate().
+
+ libpam/pam_get_authtok.c (pam_get_authtok_internal): check that the
+ password is trying to be changed before printing a message about the
+ password change being aborted.
+
+2014-12-10 Dmitry V. Levin <ldv@altlinux.org>
+
+ build: extend cross compiling check to cover CPPFLAGS (ticket #21)
+ Use BUILD_CPPFLAGS variable to override CPPFLAGS where necessary in
+ case of cross compiling, in addition to CC_FOR_BUILD, BUILD_CFLAGS,
+ and BUILD_LDFLAGS variables introduced earlier to override CC,
+ CFLAGS, and LDFLAGS, respectively.
+
+ * configure.in (BUILD_CPPFLAGS): Define.
+ * doc/specs/Makefile.am (CPPFLAGS): Define to @BUILD_CPPFLAGS@.
+
+2014-12-09 Dmitry V. Levin <ldv@altlinux.org>
+
+ Do not use yywrap (ticket #42)
+ Our scanners do not really use yywrap. Explicitly disable yywrap
+ so that no references to yywrap will be generated and no LEXLIB
+ would be needed.
+
+ * conf/pam_conv1/Makefile.am (pam_conv1_LDADD): Remove.
+ * conf/pam_conv1/pam_conv_l.l: Enable noyywrap option.
+ * doc/specs/Makefile.am (padout_LDADD): Remove.
+ * doc/specs/parse_l.l: Enable noyywrap option.
+
+2014-12-09 Kyle Manna <kyle@kylemanna.com>
+
+ doc: fix a trivial typo in pam_authenticate return values (ticket #38)
+ * doc/man/pam_authenticate.3.xml: Fix a typo in PAM_AUTHINFO_UNAVAIL.
+
+2014-12-09 Ronny Chevalier <chevalier.ronny@gmail.com>
+
+ doc: fix typo in pam_authenticate.3.xml.
+ * doc/man/pam_authenticate.3.xml: Fix typo.
+
+2014-10-17 Tomas Mraz <tmraz@fedoraproject.org>
+
+ pam_succeed_if: Fix copy&paste error in rhost and tty values.
+ modules/pam_succeed_if/pam_succeed_if.c (evaluate): Use PAM_RHOST
+ and PAM_TTY properly for the rhost and tty values.
+
+ pam_succeed_if: Use long long type for numeric values.
+ The currently used long with additional conversion to int is
+ too small for uids and gids.
+
+ modules/pam_succeed_if/pam_succeed_if.c (evaluate_num): Replace
+ strtol() with strtoll() and int with long long in the parameters
+ of comparison functions.
+
+2014-09-05 Tomas Mraz <tmraz@fedoraproject.org>
+
+ Add grantor field to audit records of libpam.
+ The grantor field gives audit trail of PAM modules which granted access
+ for successful return from libpam calls. In case of failed return
+ the grantor field is set to '?'.
+ libpam/pam_account.c (pam_acct_mgmt): Remove _pam_auditlog() call.
+ libpam/pam_auth.c (pam_authenticate, pam_setcred): Likewise.
+ libpam/pam_password.c (pam_chauthtok): Likewise.
+ libpam/pam_session.c (pam_open_session, pam_close_session): Likewise.
+ libpam/pam_audit.c (_pam_audit_writelog): Add grantors parameter,
+ add grantor= field to the message if grantors is set.
+ (_pam_list_grantors): New function creating the string with grantors list.
+ (_pam_auditlog): Add struct handler pointer parameter, call _pam_list_grantors()
+ to list the grantors from the handler list.
+ (_pam_audit_end): Add NULL handler parameter to _pam_auditlog() call.
+ (pam_modutil_audit_write): Add NULL grantors parameter to _pam_audit_writelog().
+ libpam/pam_dispatch.c (_pam_dispatch_aux): Set h->grantor where appropriate.
+ (_pam_clear_grantors): New function to clear grantor field of handler.
+ (_pam_dispatch): Call _pam_clear_grantors() before executing the stack.
+ Call _pam_auditlog() when appropriate.
+ libpam/pam_handlers.c (extract_modulename): Do not allow empty module name
+ or just "?" to avoid confusing audit trail.
+ (_pam_add_handler): Test for NULL return from extract_modulename().
+ Clear grantor field of handler.
+ libpam/pam_private.h: Add grantor field to struct handler, add handler pointer
+ parameter to _pam_auditlog().
+
+2014-08-26 Tomas Mraz <tmraz@fedoraproject.org>
+
+ pam_mkhomedir: Drop superfluous stat() call.
+ modules/pam_mkhomedir/mkhomedir_helper.c (create_homedir): Drop superfluous
+ stat() call.
+
+ pam_exec: Do not depend on open() returning STDOUT_FILENO.
+ modules/pam_exec/pam_exec.c (call_exec): Move the descriptor to
+ STDOUT_FILENO if needed.
+
+2014-08-25 Robin Hack <rhack@redhat.com>
+
+ pam_keyinit: Check return value of setregid.
+ modules/pam_keyinit/pam_keyinit.c (pam_sm_open_session): Log if setregid() fails.
+
+ pam_filter: Avoid leaking descriptors when fork() fails.
+ modules/pam_filter/pam_filter.c (set_filter): Close descriptors when fork() fails.
+
+2014-08-14 Robin Hack <rhack@redhat.com>
+
+ pam_echo: Avoid leaking file descriptor.
+ modules/pam_echo/pam_echo.c (pam_echo): Close fd in error cases.
+
+2014-08-13 Robin Hack <rhack@redhat.com>
+
+ pam_tty_audit: Silence Coverity reporting uninitialized use.
+ modules/pam_tty_audit/pam_tty_audit.c (nl_recv): Initialize also
+ msg_flags.
+
+2014-08-13 Tomas Mraz <tmraz@fedoraproject.org>
+
+ pam_tally2: Avoid uninitialized use of fileinfo.
+ Problem found by Robin Hack <rhack@redhat.com>.
+ modules/pam_tally2/pam_tally2.c (get_tally): Do not depend on file size
+ just try to read it.
+
+ pam_access: Avoid uninitialized access of line.
+ * modules/pam_access/pam_access.c (login_access): Reorder condition
+ so line is not accessed when uninitialized.
+
+2014-08-05 Tomas Mraz <tmraz@fedoraproject.org>
+
+ pam_lastlog: Properly clean up last_login structure before use.
+ modules/pam_lastlog/pam_lastlog.c (last_login_write): Properly clean up last_login
+ structure before use.
+
+2014-07-21 Tomas Mraz <tmraz@fedoraproject.org>
+
+ Make pam_pwhistory and pam_unix tolerant of corrupted opasswd file.
+ * modules/pam_pwhistory/opasswd.c (parse_entry): Test for missing fields
+ in opasswd entry and return error.
+ * modules/pam_unix/passverify.c (save_old_password): Test for missing fields
+ in opasswd entry and skip it.
+
+2014-07-01 Dmitry V. Levin <ldv@altlinux.org>
+
+ doc: add missing build dependencies for soelim stubs.
+ * doc/man/Makefile.am [ENABLE_REGENERATE_MAN]: Add dependencies for
+ pam_verror.3, pam_vinfo.3, pam_vprompt.3, and pam_vsyslog.3 soelim stubs.
+
+2014-06-23 Dmitry V. Levin <ldv@altlinux.org>
+
+ doc: fix install in case of out of tree build (ticket #31)
+ * doc/adg/Makefile.am (install-data-local, releasedocs): Fall back
+ to srcdir if documentation files haven't been found in builddir.
+ (releasedocs): Treat missing documentation files as an error.
+ * doc/mwg/Makefile.am: Likewise.
+ * doc/sag/Makefile.am: Likewise.
+
+2014-06-19 Dmitry V. Levin <ldv@altlinux.org>
+
+ doc: fix installation of adg-*.html and mwg-*.html files (ticket #31)
+ Fix a typo due to which sag-*.html files might be installed instead of
+ adg-*.html and mwg-*.html files.
+
+ * doc/adg/Makefile.am (install-data-local): Install adg-*.html instead
+ of sag-*.html.
+ * doc/mwg/Makefile.am (install-data-local): Install mwg-*.html instead
+ of sag-*.html.
+
+ Patch-by: Mike Frysinger <vapier@gentoo.org>
+
+2014-06-19 Tomas Mraz <tmraz@fedoraproject.org>
+
+ pam_limits: nofile refers to file descriptors not files.
+ modules/pam_limits/limits.conf.5.xml: Correct documentation of nofile limit.
+ modules/pam_limits/limits.conf: Likewise.
+
+ pam_limits: clarify documentation of maxlogins and maxsyslogins limits.
+ modules/pam_limits/limits.conf.5.xml: clarify documentation of
+ maxlogins and maxsyslogins limits.
+
+ pam_unix: Check for NULL return from Goodcrypt_md5().
+ modules/pam_unix/pam_unix_passwd.c (check_old_password): Check for
+ NULL return from Goodcrypt_md5().
+
+ pam_unix: check for NULL return from malloc()
+ * modules/pam_unix/md5_crypt.c (crypt_md5): Check for NULL return from malloc().
+
+2014-05-22 Tomas Mraz <tmraz@fedoraproject.org>
+
+ pam_loginuid: Document one more possible case of PAM_IGNORE return.
+ modules/pam_loginuid/pam_loginuid.8.xml: Document one more possible case
+ of PAM_IGNORE return value.
+
+ pam_loginuid: Document other possible return values.
+ modules/pam_loginuid/pam_loginuid.8.xml: Document the possible return
+ values.
+
+2014-03-26 Dmitry V. Levin <ldv@altlinux.org>
+
+ pam_timestamp: fix potential directory traversal issue (ticket #27)
+ pam_timestamp uses values of PAM_RUSER and PAM_TTY as components of
+ the timestamp pathname it creates, so extra care should be taken to
+ avoid potential directory traversal issues.
+
+ * modules/pam_timestamp/pam_timestamp.c (check_tty): Treat
+ "." and ".." tty values as invalid.
+ (get_ruser): Treat "." and ".." ruser values, as well as any ruser
+ value containing '/', as invalid.
+
+ Fixes CVE-2014-2583.
+
+ Reported-by: Sebastian Krahmer <krahmer@suse.de>
+
+2014-03-20 Tomas Mraz <tmraz@fedoraproject.org>
+
+ pam_userdb: document that .db suffix should not be used.
+ modules/pam_userdb/pam_userdb.8.xml: Document that .db suffix
+ should not be used and correct the example.
+
+2014-03-11 Tomas Mraz <tmraz@fedoraproject.org>
+
+ pam_selinux: canonicalize user name.
+ SELinux expects canonical user name for example without domain component.
+
+ * modules/pam_selinux/pam_selinux.c (compute_exec_context): Canonicalize user name with pam_modutil_getpwnam().
+
+2014-01-28 Dmitry V. Levin <ldv@altlinux.org>
+
+ Change tarball name back to "Linux-PAM"
+ As a side effect of commit Linux-PAM-1_1_8-11-g3fa23ce, tarball name
+ changed accidentally from "Linux-PAM" to "linux-pam".
+ This change brings it back to "Linux-PAM".
+
+ * configure.in (AC_INIT): Explicitly specify TARNAME argument.
+
+2014-01-27 Dmitry V. Levin <ldv@altlinux.org>
+
+ Introduce pam_modutil_sanitize_helper_fds.
+ This change introduces pam_modutil_sanitize_helper_fds - a new function
+ that redirects standard descriptors and closes all other descriptors.
+
+ pam_modutil_sanitize_helper_fds supports three types of input and output
+ redirection:
+ - PAM_MODUTIL_IGNORE_FD: do not redirect at all.
+ - PAM_MODUTIL_PIPE_FD: redirect to a pipe. For stdin, it is implemented
+ by creating a pipe, closing its write end, and redirecting stdin to
+ its read end. Likewise, for stdout/stderr it is implemented by
+ creating a pipe, closing its read end, and redirecting to its write
+ end. Unlike stdin redirection, stdout/stderr redirection to a pipe
+ has a side effect that a process writing to such descriptor should be
+ prepared to handle SIGPIPE appropriately.
+ - PAM_MODUTIL_NULL_FD: redirect to /dev/null. For stdin, it is
+ implemented via PAM_MODUTIL_PIPE_FD because there is no functional
+ difference. For stdout/stderr, it is classic redirection to
+ /dev/null.
+
+ PAM_MODUTIL_PIPE_FD is usually more suitable due to linux kernel
+ security restrictions, but when the helper process might be writing to
+ the corresponding descriptor and termination of the helper process by
+ SIGPIPE is not desirable, one should choose PAM_MODUTIL_NULL_FD.
+
+ * libpam/pam_modutil_sanitize.c: New file.
+ * libpam/Makefile.am (libpam_la_SOURCES): Add it.
+ * libpam/include/security/pam_modutil.h (pam_modutil_redirect_fd,
+ pam_modutil_sanitize_helper_fds): New declarations.
+ * libpam/libpam.map (LIBPAM_MODUTIL_1.1.9): New interface.
+ * modules/pam_exec/pam_exec.c (call_exec): Use
+ pam_modutil_sanitize_helper_fds.
+ * modules/pam_mkhomedir/pam_mkhomedir.c (create_homedir): Likewise.
+ * modules/pam_unix/pam_unix_acct.c (_unix_run_verify_binary): Likewise.
+ * modules/pam_unix/pam_unix_passwd.c (_unix_run_update_binary):
+ Likewise.
+ * modules/pam_unix/support.c (_unix_run_helper_binary): Likewise.
+ * modules/pam_xauth/pam_xauth.c (run_coprocess): Likewise.
+ * modules/pam_unix/support.h (MAX_FD_NO): Remove.
+
+ pam_xauth: avoid potential SIGPIPE when writing to xauth process.
+ Similar issue in pam_unix was fixed by commit Linux-PAM-0-73~8.
+
+ * modules/pam_xauth/pam_xauth.c (run_coprocess): In the parent process,
+ close the read end of input pipe after writing to its write end.
+
+ pam_loginuid: log significant loginuid write errors.
+ * modules/pam_loginuid/pam_loginuid.c (set_loginuid): Log those errors
+ during /proc/self/loginuid update that are not ignored.
+
+ Fix gratuitous use of strdup and x_strdup.
+ There is no need to copy strings passed as arguments to execve,
+ the only potentially noticeable effect of using strdup/x_strdup
+ would be a malformed argument list in case of memory allocation error.
+
+ Also, x_strdup, being a thin wrapper around strdup, is of no benefit
+ when its argument is known to be non-NULL, and should not be used in
+ such cases.
+
+ * modules/pam_cracklib/pam_cracklib.c (password_check): Use strdup
+ instead of x_strdup, the latter is of no benefit in this case.
+ * modules/pam_ftp/pam_ftp.c (lookup): Likewise.
+ * modules/pam_userdb/pam_userdb.c (user_lookup): Likewise.
+ * modules/pam_userdb/pam_userdb.h (x_strdup): Remove.
+ * modules/pam_mkhomedir/pam_mkhomedir.c (create_homedir): Do not use
+ x_strdup for strings passed as arguments to execve.
+ * modules/pam_unix/pam_unix_acct.c (_unix_run_verify_binary): Likewise.
+ * modules/pam_unix/pam_unix_passwd.c (_unix_run_update_binary): Likewise.
+ * modules/pam_unix/support.c (_unix_run_helper_binary): Likewise.
+ (_unix_verify_password): Use strdup instead of x_strdup, the latter
+ is of no benefit in this case.
+ * modules/pam_xauth/pam_xauth.c (run_coprocess): Do not use strdup for
+ strings passed as arguments to execv.
+
+ pam_userdb: fix password hash comparison.
+ Starting with commit Linux-PAM-0-77-28-g0b3e583 that introduced hashed
+ passwords support in pam_userdb, hashes are compared case-insensitively.
+ This bug leads to accepting hashes for completely different passwords in
+ addition to those that should be accepted.
+
+ Additionally, commit Linux-PAM-1_1_6-13-ge2a8187 that added support for
+ modern password hashes with different lengths and settings, did not
+ update the hash comparison accordingly, which leads to accepting
+ computed hashes longer than stored hashes when the latter is a prefix
+ of the former.
+
+ * modules/pam_userdb/pam_userdb.c (user_lookup): Reject the computed
+ hash whose length differs from the stored hash length.
+ Compare computed and stored hashes case-sensitively.
+ Fixes CVE-2013-7041.
+
+ Bug-Debian: http://bugs.debian.org/731368
+
+2014-01-24 Dmitry V. Levin <ldv@altlinux.org>
+
+ pam_xauth: log fatal errors preventing xauth process execution.
+ * modules/pam_xauth/pam_xauth.c (run_coprocess): Log errors from pipe()
+ and fork() calls.
+
+2014-01-22 Dmitry V. Levin <ldv@altlinux.org>
+
+ pam_loginuid: cleanup loginuid buffer initialization.
+ * modules/pam_loginuid/pam_loginuid.c (set_loginuid): Move loginuid
+ buffer initialization closer to its first use.
+
+ libpam_misc: fix an inconsistency in handling memory allocation errors.
+ When misc_conv fails to allocate memory for pam_response array, it
+ returns PAM_CONV_ERR. However, when read_string fails to allocate
+ memory for a response string, it loses the response string and silently
+ ignores the error, with net result as if EOF has been read.
+
+ * libpam_misc/misc_conv.c (read_string): Use strdup instead of x_strdup,
+ the latter is of no benefit in this case.
+ Do not ignore potential memory allocation errors returned by strdup,
+ forward them to misc_conv.
+
+2014-01-20 Dmitry V. Levin <ldv@altlinux.org>
+
+ pam_limits: fix utmp->ut_user handling.
+ ut_user member of struct utmp is a string that is not necessarily
+ null-terminated, so extra care should be taken when using it.
+
+ * modules/pam_limits/pam_limits.c (check_logins): Convert ut->UT_USER to
+ a null-terminated string and consistently use it where a null-terminated
+ string is expected.
+
+ pam_mkhomedir: check and create home directory for the same user (ticket #22)
+ Before pam_mkhomedir helper was introduced in commit
+ 7b14630ef39e71f603aeca0c47edf2f384717176, pam_mkhomedir was checking for
+ existance and creating the same directory - the home directory of the
+ user NAME returned by pam_get_item(PAM_USER).
+
+ The change in behaviour accidentally introduced along with
+ mkhomedir_helper is not consistent: while the module still checks for
+ getpwnam(NAME)->pw_dir, the directory created by mkhomedir_helper is
+ getpwnam(getpwnam(NAME)->pw_name)->pw_dir, which is not necessarily
+ the same as the directory being checked.
+
+ This change brings check and creation back in sync, both handling
+ getpwnam(NAME)->pw_dir.
+
+ * modules/pam_mkhomedir/pam_mkhomedir.c (create_homedir): Replace
+ "struct passwd *" argument with user's name and home directory.
+ Pass user's name to MKHOMEDIR_HELPER.
+ (pam_sm_open_session): Update create_homedir call.
+
+2014-01-20 Tomas Mraz <tmraz@fedoraproject.org>
+
+ pam_limits: detect and ignore stale utmp entries.
+ Original idea by Christopher Hailey
+
+ * modules/pam_limits/pam_limits.c (check_logins): Use kill() to
+ detect if pid of the utmp entry is still running and ignore the entry
+ if it is not.
+
+2014-01-19 Stéphane Graber <stgraber@ubuntu.com>
+
+ pam_loginuid: Always return PAM_IGNORE in userns.
+ The previous patch to support user namespaces works fine with containers
+ that are started from a desktop/terminal session but fails when dealing
+ with containers that were started from a remote session such as ssh.
+
+ I haven't looked at the exact reason for that in the kernel but on the
+ userspace side of things, the difference is that containers started from
+ an ssh session will happily let pam open /proc/self/loginuid read-write,
+ will let it read its content but will then fail with EPERM when trying
+ to write to it.
+
+ So to make the userns support bullet proof, this commit moves the userns
+ check earlier in the function (which means a small performance impact as
+ it'll now happen everytime on kernels that have userns support) and will
+ set rc = PAM_IGNORE instead of rc = PAM_ERROR.
+
+ The rest of the code is still executed in the event that PAM is run on a
+ future kernel where we have some kind of audit namespace that includes a
+ working loginuid.
+
+2014-01-15 Steve Langasek <vorlon@debian.org>
+
+ pam_namespace: don't use bashisms in default namespace.init script.
+ * modules/pam_namespace/pam_namespace.c: call setuid() before execing the
+ namespace init script, so that scripts run with maximum privilege regardless
+ of the shell implementation.
+ * modules/pam_namespace/namespace.init: drop the '-p' bashism from the
+ shebang line
+
+ This is not a POSIX standard option, it's a bashism. The bash manpage says
+ that it's used to prevent the effective user id from being reset to the real
+ user id on startup, and to ignore certain unsafe variables from the
+ environment.
+
+ In the case of pam_namespace, the -p is not necessary for environment
+ sanitizing because the PAM module (properly) sanitizes the environment
+ before execing the script.
+
+ The stated reason given in CVS history for passing -p is to "preserve euid
+ when called from setuid apps (su, newrole)." This should be done more
+ portably, by calling setuid() before spawning the shell.
+
+ Bug-Debian: http://bugs.debian.org/624842
+ Bug-Ubuntu: https://bugs.launchpad.net/bugs/1081323
+
+2014-01-10 Stéphane Graber <stgraber@ubuntu.com>
+
+ pam_loginuid: Ignore failure in user namespaces.
+ When running pam_loginuid in a container using the user namespaces, even
+ uid 0 isn't allowed to set the loginuid property.
+
+ This change catches the EACCES from opening loginuid, checks if the user
+ is in the host namespace (by comparing the uid_map with the host's one)
+ and only if that's the case, sets rc to 1.
+
+ Should uid_map not exist or be unreadable for some reason, it'll be
+ assumed that the process is running on the host's namespace.
+
+ The initial reason behind this change was failure to ssh into an
+ unprivileged container (using a 3.13 kernel and current LXC) when using
+ a standard pam profile for sshd (which requires success from
+ pam_loginuid).
+
+ I believe this solution doesn't have any drawback and will allow people
+ to use unprivileged containers normally. An alternative would be to have
+ all distros set pam_loginuid as optional but that'd be bad for any of
+ the other potential failure case which people may care about.
+
+ There has also been some discussions to get some of the audit features
+ tied with the user namespaces but currently none of that has been merged
+ upstream and the currently proposed implementation doesn't cover
+ loginuid (nor is it clear how this should even work when loginuid is set
+ as immutable after initial write).
+
+2014-01-10 Dmitry V. Levin <ldv@altlinux.org>
+
+ pam_loginuid: return PAM_IGNORE when /proc/self/loginuid does not exist.
+ When /proc/self/loginuid does not exist, return PAM_IGNORE instead of
+ PAM_SUCCESS, so that we can distinguish between "loginuid set
+ successfully" and "loginuid not set, but this is expected".
+
+ Suggested by Steve Langasek.
+
+ * modules/pam_loginuid/pam_loginuid.c (set_loginuid): Change return
+ code semantics: return PAM_SUCCESS on success, PAM_IGNORE when loginuid
+ does not exist, PAM_SESSION_ERR in case of any other error.
+ (_pam_loginuid): Forward the PAM error code returned by set_loginuid.
+
+2013-11-20 Dmitry V. Levin <ldv@altlinux.org>
+
+ pam_access: fix debug level logging (ticket #19)
+ * modules/pam_access/pam_access.c (group_match): Log the group token
+ passed to the function, not an uninitialized data on the stack.
+
+ pam_warn: log flags passed to the module (ticket #25)
+ * modules/pam_warn/pam_warn.c (log_items): Take "flags" argument and
+ log it using pam_syslog.
+ (pam_sm_authenticate, pam_sm_setcred, pam_sm_chauthtok,
+ pam_sm_acct_mgmt, pam_sm_open_session, pam_sm_close_session): Pass
+ "flags" argument to log_items.
+
+ Modernize AM_INIT_AUTOMAKE invocation.
+ Before this change, automake complained that two- and three-arguments
+ forms of AM_INIT_AUTOMAKE are deprecated.
+
+ * configure.in: Pass PACKAGE and VERSION arguments to AC_INIT instead
+ of AM_INIT_AUTOMAKE.
+
+ Fix autoconf warnings.
+ Before this change, autoconf complained that AC_COMPILE_IFELSE
+ and AC_RUN_IFELSE was called before AC_USE_SYSTEM_EXTENSIONS.
+
+ * configure.in: Call AC_USE_SYSTEM_EXTENSIONS before LT_INIT.
+
+ pam_securetty: check return value of fgets.
+ Checking return value of fgets not only silences the warning from glibc
+ but also leads to a cleaner code.
+
+ * modules/pam_securetty/pam_securetty.c (securetty_perform_check):
+ Check return value of fgets.
+
+ pam_lastlog: fix format string.
+ gcc -Wformat justly complains:
+ format '%d' expects argument of type 'int', but argument 5 has type 'time_t'
+
+ * modules/pam_lastlog/pam_lastlog.c (pam_sm_authenticate): Fix format
+ string.
+
+2013-11-20 Darren Tucker <dtucker@zip.com.au>
+
+ If the correct loginuid is set already, skip writing it.
+ modules/pam_loginuid/pam_loginuid.c (set_loginuid): Read the current loginuid
+ and skip writing if already correctly set.
+
+2013-11-11 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ Always ask for old password if changing NIS account.
+ * modules/pam_unix/pam_unix_passwd.c (pam_sm_chauthtok): ask
+ for old password if NIS account.
+
+2013-11-08 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ Allow DES as compatibility option for /etc/login.defs.
+ * modules/pam_unix/support.h: Add UNIX_DES
+
+2013-10-14 Tomas Mraz <tmraz@fedoraproject.org>
+
+ Docfix: pam_prompt() and pam_vprompt() return int.
+ doc/man/pam_prompt.3.xml: pam_prompt() and pam_vprompt() return int.
+
+ Make pam_tty_audit work with old kernels not supporting log_passwd.
+ modules/pam_tty_audit/pam_tty_audit.c(nl_recv): Pad result with zeros
+ if message is short from older kernel.
+
+2013-09-25 Tomas Mraz <tmraz@fedoraproject.org>
+
+ Fix pam_tty_audit log_passwd support and regression.
+ modules/pam_tty_audit/pam_tty_audit.c: Add missing "config.h" include.
+ (pam_sm_open_session): Always copy the old status as initialization of new.
+
+2013-09-19 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ Release version 1.1.8.
+
+2013-09-16 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ Check return value of setuid to remove glibc warnings.
+ * modules/pam_unix/pam_unix_acct.c: Check setuid return value.
+ * modules/pam_unix/support.c: Likewise.
+
+2013-09-13 Tomas Mraz <tmraz@fedoraproject.org>
+
+ Write to *rounds only if non-NULL.
+ modules/pam_unix/support.c(_set_ctrl): Write to *rounds only if non-NULL.
+
+ Add missing ')'
+ modules/pam_unix/pam_unix_passwd.c: Add missing ')'..
+
+2013-09-11 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ Release version 1.1.7.
+
+2013-09-11 Tomas Mraz <tmraz@fedoraproject.org>
+
+ Updated translations from Transifex.
+ po/*.po: Updated translations from Transifex.
+
+2013-09-04 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ Extend pam_exec by stdout and type= options (ticket #8):
+ * modules/pam_exec/pam_exec.c: Add stdout and type= option
+ * modules/pam_exec/pam_exec.8.xml: Document new options
+
+2013-08-30 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ Fix compile error.
+ * modules/pam_unix/pam_unix_acct.c: fix last change
+
+2013-08-29 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ Restart waitpid if it returns with EINTR (ticket #17)
+ * modules/pam_unix/pam_unix_acct.c: run waitpid in a while loop.
+ * modules/pam_unix/pam_unix_passwd.c: Likewise.
+ * modules/pam_unix/support.c: Likewise.
+
+2013-08-28 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ misc_conv.3: Fix documentation of misc_conv.
+ doc/man/misc_conv.3.xml: Fix return value of misc_conv
+
+2013-08-23 Tomas Mraz <tmraz@fedoraproject.org>
+
+ Apply the exclusive check in pam_sepermit only when loginuid not set.
+ * modules/pam_sepermit/pam_sepermit.c(get_loginuid): Read loginuid from
+ /proc
+ (sepermit_match): Apply the exclusive check only when loginuid not set.
+
+2013-08-22 Tomas Mraz <tmraz@fedoraproject.org>
+
+ Updated translations from Transifex.
+ * po/*.po: Updated translations from Transifex.
+
+2013-07-02 Dmitry V. Levin <ldv@altlinux.org>
+
+ pam_rootok: fix linking in --enable-audit mode.
+ pam_rootok.c explicitly uses functions from libaudit, so the module has
+ to be linked with the library.
+
+ * modules/pam_rootok/Makefile.am (pam_rootok_la_LIBADD): Add @LIBAUDIT@.
+
+2013-07-01 Richard Guy Briggs <rgb@redhat.com>
+
+ pam_tty_audit: fix a typo that crept in during patch review.
+ * modules/pam_tty_audit/pam_tty_audit.c (pam_sm_open_session): Replace
+ all occurrences of HAVE_AUDIT_TTY_STATUS_LOG_PASSWD with
+ HAVE_STRUCT_AUDIT_TTY_STATUS_LOG_PASSWD.
+ * configure.in (HAVE_AUDIT_TTY_STATUS_LOG_PASSWD): Remove.
+
+2013-06-21 Richard Guy Briggs <rgb@redhat.com>
+
+ pam_tty_audit: add an option to control logging of passwords: log_passwd
+ Most commands are entered one line at a time and processed as complete lines
+ in non-canonical mode. Commands that interactively require a password, enter
+ canonical mode with echo set to off to do this. This feature (icanon and
+ !echo) can be used to avoid logging passwords by audit while still logging the
+ rest of the command. Adding a member to the struct audit_tty_status passed in
+ by pam_tty_audit allows control of logging passwords per task.
+
+ * configure.in: autoconf bits to conditionally add support at compile time
+ depending on struct audit_tty_status kernel header version.
+ * modules/pam_tty_audit/pam_tty_audit.8.xml: Document new pam_tty_audit module
+ log_passwd option.
+ * modules/pam_tty_audit/pam_tty_audit.c: (pam_sm_open_session): Added
+ "log_passwd" option parsing.
+
+2013-06-20 Tomas Mraz <tmraz@fedoraproject.org>
+
+ Man page fix - unix_update runs in the permissive mode as well.
+ modules/pam_unix/unix_update.8.xml: unix_update helper runs in the
+ permissive mode as well.
+
+2013-06-18 Thorsten Kukuk <kukuk@orinoco.thkukuk.de>
+
+ Use hash from /etc/login.defs as default if no other one is specified as argument.
+ * modules/pam_unix/support.c: Add search_key, call from __set_ctrl
+ * modules/pam_unix/support.h: Add define for /etc/login.defs
+ * modules/pam_unix/pam_unix.8.xml: Document new behavior.
+ * modules/pam_umask/pam_umask.c: Add missing NULL pointer check
+
+2013-04-12 Tomas Mraz <tmraz@fedoraproject.org>
+
+ pam_access: better not change the default function used to get domain name.
+ modules/pam_access/pam_access.c (netgroup_match): As we did not use
+ yp_get_default_domain() in the 1.1 branch due to typo in ifdef
+ we should use it only as fallback.
+
+2013-03-28 Tomas Mraz <tmraz@fedoraproject.org>
+
+ Fix strict aliasing issue in MD5 implementations.
+ modules/pam_namespace/md5.c (MD5Final): Use memcpy instead of assignment.
+ modules/pam_unix/md5.c (MD5Final): Use memcpy instead of assignment.
+
+2013-03-22 Tomas Mraz <tmraz@fedoraproject.org>
+
+ pam_lastlog: Do not fail on short read if btmp is corrupted.
+ modules/pam_lastlog/pam_lastlog.c (last_login_failed): Just warn, not fail
+ on short read or read error.
+
+ pam_rootok: Allow proper logging of the user AVC if access disallowed by SELinux
+ modules/pam_rootok/pam_rootok.c (log_callback, selinux_check_root): New functions.
+ (check_for_root): Use the selinux_check_root() instead of checkPasswdAccess.
+
+2013-02-08 Tomas Mraz <tmraz@fedoraproject.org>
+
+ Add checks for crypt() returning NULL.
+ modules/pam_pwhistory/opasswd.c (compare_password): Add check for crypt() NULL return.
+ modules/pam_unix/bigcrypt.c (bigcrypt): Likewise.
+
+2013-02-07 Tomas Mraz <tmraz@fedoraproject.org>
+
+ pam_userdb: Allow also modern password hashes supported by crypt().
+ modules/pam_userdb/pam_userdb.c (user_lookup): Allow password hashes
+ longer than 13 characters and long salt.
+
+2013-01-18 Walter de Jong <walter.dejong@surfsara.nl>
+
+ pam_access: fix typo in ifdef.
+ modules/pam_access/pam_access.c (netgroup_match): Fix typo
+ in #ifdef HAVE_YP_GET_DEFAULT_DOMAIN.
+
+2012-12-20 Tomas Mraz <tmraz@fedoraproject.org>
+
+ pam_cracklib: Mention checks that are not run for root.
+ modules/pam_cracklib/pam_cracklib.8.xml: Add note about checks
+ when run as root.
+
+ Update also the POT file.
+ po/Linux-PAM.pot: Update to reflect current sources.
+
+2012-12-12 Tomas Mraz <tmraz@fedoraproject.org>
+
+ Updated translations from Transifex, added new languages.
+ po/LINGUAS: Added new languages.
+ po/*.po: Updated translations from Transifex including new languages.
+
+2012-11-30 Tomas Mraz <tmraz@fedoraproject.org>
+
+ pam_selinux: Drop obsolete and unsupported manual context selection.
+ modules/pam_selinux/pam_selinux.c (manual_context): Drop function.
+ (compute_exec_context): Drop manual_context() call.
+
+2012-11-23 Tomas Mraz <tmraz@fedoraproject.org>
+
+ pam_limits: fix grammatical mistake.
+ modules/pam_limits/limits.conf: Fix grammatical mistake.
+
+2012-11-13 Tomas Mraz <tmraz@fedoraproject.org>
+
+ Reflect the enforce_for_root semantics change in pam_pwhistory xtest.
+ xtests/tst-pam_pwhistory1.pamd: Use enforce_for_root as the test is
+ running with real uid == 0.
+
+2012-10-10 Dmitry V. Levin <ldv@altlinux.org>
+
+ pam_unix: fix build in --enable-selinux mode.
+ glibc's <sys/wait.h> starting with commit
+ http://sourceware.org/git/?p=glibc.git;a=commitdiff;h=glibc-2.15-231-gd94a467
+ does not include <sys/resource.h> for POSIX 2008 conformance reasons, so
+ when pam is being built with SELinux support enabled, pam_unix_passwd.c
+ uses getrlimit(2) and therefore should include <sys/resource.h> without
+ relying on other headers.
+
+ * modules/pam_unix/pam_unix_passwd.c: Include <sys/resource.h>.
+
+ Reported-by: Guido Trentalancia <guido@trentalancia.com>
+ Reported-by: "Jory A. Pratt" <anarchy@gentoo.org>
+ Reported-by: Diego Elio Pettenò <flameeyes@flameeyes.eu>
+
+2012-10-10 Tomas Mraz <tmraz@fedoraproject.org>
+
+ pam_namespace: add mntopts flag for tmpfs mount options.
+ modules/pam_namespace/pam_namespace.h: Add mount_opts member to polydir
+ structure.
+ modules/pam_namespace/pam_namespace.c (del_polydir): Free the mount_opts.
+ (parse_method): Parse the mntopts flag.
+ (ns_setup): Pass the mount_opts to mount().
+ modules/pam_namespace/namespace.conf.5.xml: Document the mntopts flag.
+
+2012-09-06 Tomas Mraz <tmraz@fedoraproject.org>
+
+ pam_selinux, pam_tally2: Add tty and rhost to audit data.
+ modules/pam_selinux/pam_selinux.c (send_audit_message): Obtain tty and
+ rhost from PAM items and pass them to audit.
+ modules/pam_tally2/pam_tally2.c (tally_check): Obtain tty and
+ rhost from PAM items and pass them to audit.
+ (main): Obtain tty name of stdin and pass it to audit.
+
+ Update configure.in to use more recent interfaces.
+ configure.in: Use LT_INIT instead of AC_PROG_LIBTOOL and AS_HELP_STRING instead
+ of AC_HELP_STRING.
+
+2012-08-17 Tomas Mraz <tmraz@fedoraproject.org>
+
+ Add missing $(DESTDIR) when making directories on install.
+ modules/pam_namespace/Makefile.am: Add missing $(DESTDIR) when making
+ $(namespaceddir) on install.
+ modules/pam_sepermit/Makefile.am: Add missing $(DESTDIR) when making
+ $(sepermitlockdir) on install.
+
+2012-08-17 Thorsten Kukuk <kukuk@orinoco.thkukuk.de>
+
+ release version 1.1.6.
+ configure.in: Bump version to 1.1.6
+ NEWS: Document changes
+ po/*.po: Regenerate *.po files
+
+2012-08-16 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ Small documentation and define fixes.
+ modules/pam_limits/limits.conf.5.xml: Document race of maxlogins [#10]
+ modules/pam_namespace/pam_namespace.h: Define MS_SLAVE if necessary
+ modules/pam_pwhistory/pam_pwhistory.c: Document how the module works
+ modules/pam_unix/pam_unix.8.xml: Document remember option obsoleted by pam_pwhistory [#6]
+
+2012-08-13 Tomas Mraz <tmraz@fedoraproject.org>
+
+ Respect PAM_AUTHTOK_TYPE in pam_get_authtok_verify().
+ libpam/pam_get_authtok.c (pam_get_authtok_internal): Set the PAM_AUTHTOK_TYPE
+ item when obtained from module options.
+ (pam_get_authtok_verify): Use the PAM_AUTHTOK_TYPE item when prompting.
+
+2012-08-09 Tomas Mraz <tmraz@fedoraproject.org>
+
+ Document limits.d also in the limits.conf manpage.
+ modules/pam_limits/limits.conf.5.xml: Document the limits.d existence.
+
+2012-07-23 Tomas Mraz <tmraz@fedoraproject.org>
+
+ New autotools do not create empty directories on install.
+ modules/pam_namespace/Makefile.am: Add install-data-local target to create
+ namespaceddir.
+ modules/pam_sepermit/Makefile.am: Add install-data-local target to create
+ sepermitlockdir.
+
+2012-07-09 Stevan Bajić <stevan@bajic.ch>
+
+ RLIMIT_* variables are no longer defined unless you explicitly include sys/resource.h.
+
+ modules/pam_unix/pam_unix_acct.c: Include sys/resource.h.
+
+2012-06-27 Tomas Mraz <tmraz@fedoraproject.org>
+
+ pam_umask: correct the documentation of GECOS field parsing.
+ modules/pam_umask/pam_umask.8.xml: Correct the documentation of GECOS field
+ parsing.
+
+2012-06-22 Tomas Mraz <tmraz@fedoraproject.org>
+
+ pam_cracklib: Add monotonic character sequence checking.
+ modules/pam_cracklib/pam_cracklib.c (_pam_parse): Parse the maxsequence option.
+ (sequence): New function to check for too long monotonic sequence of characters.
+ (password_check): Call the sequence().
+ modules/pam_cracklib/pam_cracklib.8.xml: Document the maxsequence check.
+
+2012-06-01 Tomas Mraz <tmraz@fedoraproject.org>
+
+ pam_timestamp: Fix copy&paste error in manpage.
+ modules/pam_timestamp/pam_timestamp.8.xml: Fix AUTHOR section.
+
+2012-05-28 Tomas Mraz <tmraz@fedoraproject.org>
+
+ Pulled new translations from Transifex.
+ po/*.po: Updated translations.
+
+ pam_pwhistory: Always record the old password even when root changes it.
+ modules/pam_pwhistory/pam_pwhistory.c (pam_sm_chauthtok): Use the UID of
+ the process instead of the target user UID (same as in pam_cracklib) to
+ check for root. Always record old password.
+
+2012-05-24 Tomas Mraz <tmraz@fedoraproject.org>
+
+ pam_cracklib: Add enforce_for_root option.
+ modules/pam_cracklib/pam_cracklib.c (_pam_parse): Recognize the enforce_for_root option.
+ (pam_sm_chauthtok): Enforce errors for root with the option.
+ modules/pam_cracklib/pam_cracklib.8.xml: Document the enforce_for_root option.
+
+2012-04-30 Tomas Mraz <tmraz@fedoraproject.org>
+
+ pam_cracklib: Add maxclassrepeat, gecoscheck checks and remove unused difignore.
+ modules/pam_cracklib/pam_cracklib.c (_pam_parse): Recognize the maxclassrepeat, gecoscheck options. Ignore difignore option.
+ (simple): Add the check for the same class repetition.
+ (usercheck): Refactor into wordcheck().
+ (gecoscheck): New test for words from the GECOS field.
+ (password_check): Call the gecoscheck().
+ (pam_sm_chauthtok): Drop the diff_ignore from options struct.
+ modules/pam_cracklib/pam_cracklib.8.xml: Document the maxclassrepeat and gecoscheck checks, update the documentation of the difok test.
+
+ pam_lastlog: Never lock out the root account.
+ modules/pam_lastlog/pam_lastlog.c (pam_sm_authenticate): Return PAM_SUCCESS if
+ uid==0.
+ modules/pam_lastlog/pam_lastlog.8.xml: Improve documentation.
+
+2012-04-17 Tomas Mraz <tmraz@fedoraproject.org>
+
+ pam_lastlog: add possibility to lock out inactive users in auth or account
+ * modules/pam_lastlog/pam_lastlog.8.xml: Document the new functionality and
+ option.
+ * modules/pam_lastlog/pam_lastlog.c: Add the inactive user lock out.
+ (_pam_session_parse): Renamed from _pam_parse.
+ (_pam_auth_parse): New function to parse auth arguments.
+ (_last_login_open): Factor out opening of the lastlog file.
+ (_last_login_read): Factor out opening of the lastlog file.
+ (pam_sm_authenticate): Implement the lockout functionality.
+ (pam_sm_setcred): Just return PAM_SUCCESS.
+ (pam_sm_acct_mgmt): Call pam_sm_authenticate().
+
+2012-04-11 Paul Wouters <pwouters@redhat.com>
+
+ Check for crypt() failure returning NULL.
+ * modules/pam_unix/pam_unix_passwd.c (pam_sm_chauthtok): Adjust syslog message.
+ * modules/pam_unix/passverify.c (create_password_hash): Check for crypt()
+ returning NULL.
+
+2012-02-03 Dmitry V. Levin <ldv@altlinux.org>
+
+ pam_unix: make configuration consistent in --enable-static-modules mode.
+ In --enable-static-modules mode, it was not possible to use "pam_unix"
+ in PAM config files. Instead, different names had to be used for each
+ management group: pam_unix_auth, pam_unix_acct, pam_unix_passwd and
+ pam_unix_session. This change makes pam_unix configuration consistent
+ with other PAM modules.
+
+ * README: Remove the paragraph describing pam_unix distinctions in
+ --enable-static-modules mode.
+ * libpam/pam_static_modules.h (_pam_unix_acct_modstruct,
+ _pam_unix_auth_modstruct, _pam_unix_passwd_modstruct,
+ _pam_unix_session_modstruct): Remove.
+ (_pam_unix_modstruct): New pam_module declaration.
+ * modules/pam_unix/pam_unix_static.h: New file.
+ * modules/pam_unix/pam_unix_static.c: Likewise.
+ * modules/pam_unix/Makefile.am (noinst_HEADERS): Add pam_unix_static.h
+ (pam_unix_la_SOURCES) [STATIC_MODULES]: Add pam_unix_static.c
+ * modules/pam_unix/pam_unix_acct.c [PAM_STATIC]: Include
+ pam_unix_static.h
+ [PAM_STATIC] (_pam_unix_acct_modstruct): Remove.
+ * modules/pam_unix/pam_unix_auth.c [PAM_STATIC]: Include
+ pam_unix_static.h
+ [PAM_STATIC] (_pam_unix_auth_modstruct): Remove.
+ * modules/pam_unix/pam_unix_passwd.c [PAM_STATIC]: Include
+ pam_unix_static.h
+ [PAM_STATIC] (_pam_unix_passwd_modstruct): Remove.
+ * modules/pam_unix/pam_unix_sess.c [PAM_STATIC]: Include
+ pam_unix_static.h
+ [PAM_STATIC] (_pam_unix_session_modstruct): Remove.
+
+ Suggested-by: Matveychikov Ilya <i.matveychikov@securitycode.ru>
+
+2012-01-27 Dmitry V. Levin <ldv@altlinux.org>
+
+ Make --disable-cracklib compatible with --enable-static-modules mode.
+ * configure.in: Define HAVE_LIBCRACK when cracklib is enabled.
+ * libpam/pam_static_modules.h (static_modules): Guard the use of
+ _pam_cracklib_modstruct by HAVE_LIBCRACK macro.
+
+2012-02-10 Tomas Mraz <tmraz@fedoraproject.org>
+
+ Add missing includes for types used in the pam_modutil.h.
+ * libpam/include/security/pam_modutil.h: Add missing includes for used types.
+
+2012-01-27 Matveychikov Ilya <i.matveychikov@securitycode.ru>
+
+ Fix compile time errors in --enable-static-modules mode.
+ * libpam/pam_static_modules.h (_pam_rhosts_auth_modstruct): Remove
+ obsolete declaration.
+ (static_modules): Remove undefined reference to
+ _pam_rhosts_auth_modstruct.
+ * modules/pam_pwhistory/opasswd.h: Rename {save,check}_old_password to
+ {save,check}_old_pass in order to avoid conflicts with pam_unix.
+ * modules/pam_pwhistory/opasswd.c: Likewise.
+ * modules/pam_pwhistory/pam_pwhistory.c: Likewise.
+ * modules/pam_tally2/pam_tally2.c: Rename _pam_tally_modstruct to
+ _pam_tally2_modstruct.
+
+2012-01-26 Dmitry V. Levin <ldv@altlinux.org>
+
+ Fix SUBDIRS for --enable-static-modules mode.
+ There is no way to build "modules" subdirectory before "libpam" anyway.
+ In STATIC_MODULES mode, "libpam" subdirectory must be built twice to
+ produce a usable libpam.a without undefined references to multiple
+ _pam_*_modstruct symbols.
+
+ * Makefile.am: Use default SUBDIRS in STATIC_MODULES mode.
+
+2012-01-26 Matveychikov Ilya <i.matveychikov@securitycode.ru>
+
+ configure: fix typo in --disable-nis help string.
+ * configure.in: Change '-disable-nis' to '--disable-nis'.
+
+2012-01-26 Tomas Mraz <tmraz@fedoraproject.org>
+
+ Do not unmount anything by default in pam_namespace close session call.
+ * modules/pam_namespace/pam_namespace.c (pam_sm_close_session): Recognize
+ the unmount_on_close option and make the default to be to not unmount.
+ * modules/pam_namespace/pam_namespace.h: Rename PAMNS_NO_UNMOUNT_ON_CLOSE to
+ PAMNS_UNMOUNT_ON_CLOSE.
+ * modules/pam_namespace/pam_namespace.8.xml: Document the change.
+
+2012-01-24 Tomas Mraz <tmraz@fedoraproject.org>
+
+ Make / mount as rslave instead of bind mounting polydirs.
+ * modules/pam_namespace/pam_namespace.c (protect_dir): Drop the always argument.
+ (check_inst_parent): Drop the always argument from protect_dir().
+ (create_polydir): Likewise.
+ (ns_setup): Likewise and do not mark the polydir with MS_PRIVATE.
+ (setup_namespace): Mark the / with MS_SLAVE|MS_REC.
+ * modules/pam_namespace/pam_namespace.8.xml: Reflect the change in docs.
+
+2012-01-13 Tomas Mraz <tmraz@fedoraproject.org>
+
+ Add possibility to match ruser, rhost, and tty in pam_succeed_if.
+ * modules/pam_succeed_if/pam_succeed_if.c (evaluate): Match ruser,
+ rhost, and tty as left operand.
+ * modules/pam_succeed_if/pam_succeed_if.8.xml: Document the new
+ possible left operands.
+
+2012-01-03 Tomas Mraz <tmraz@fedoraproject.org>
+
+ Merge branch 'master' of ssh://git.fedorahosted.org/git/linux-pam.
+
+ Fix matching of usernames in the pam_unix remember feature.
+ * modules/pam_unix/pam_unix_passwd.c (check_old_password): Make
+ sure we match only the whole username in opasswd entry.
+ * modules/pam_unix/passverify.c (save_old_password): Likewise make
+ sure we match only the whole username in opasswd entry.
+
+2011-12-26 Dmitry V. Levin <ldv@altlinux.org>
+
+ pam_start: fix memory leak on error path.
+ * libpam/pam_start.c (pam_start): If _pam_make_env() or
+ _pam_init_handlers() returned an error, release the memory allocated
+ for pam_conv structure.
+
+ Patch-by: cancel <suntsu@yandex.ru>.
+
+2011-11-03 Dmitry V. Levin <ldv@altlinux.org>
+
+ pam_selinux.8.xml: update.
+ * modules/pam_selinux/pam_selinux.8.xml (pam_selinux-cmdsynopsis):
+ Reorder options, add new "restore" option.
+ pam_selinux-description): Rewrite.
+ (pam_selinux-options): Reorder options, describe new "restore" option.
+ (pam_selinux-return_values): Remove PAM_AUTH_ERR, PAM_SESSION_ERR
+ and PAM_BUF_ERR.
+ (pam_selinux-see_also): Remove pam.conf(5). Add execve(2), tty(4)
+ and selinux(8).
+
+ pam_selinux.c: add "restore" option.
+ * modules/pam_selinux/pam_selinux.c (pam_sm_open_session): Add new
+ "restore" option.
+
+ pam_selinux.c: rewrite using pam_get_data/pam_set_data.
+ * modules/pam_selinux/pam_selinux.c (security_restorelabel_tty,
+ security_label_tty): Remove old functions.
+ (module_data_t): New structure.
+ (free_module_data, cleanup, get_module_data, get_item,
+ set_exec_context, set_file_context, compute_exec_context,
+ compute_tty_context, restore_context, set_context,
+ create_context): New functions.
+ (pam_sm_authenticate, pam_sm_setcred, pam_sm_open_session,
+ pam_sm_close_session): Use them.
+
+2011-10-28 Dmitry V. Levin <ldv@altlinux.org>
+
+ Use libpam.la/libpam_misc.la to link with -lpam/-lpam_misc.
+ GNU automake documentation recommends to avoid using -l options in
+ LDADD or LIBADD when referring to libraries built by the package.
+ Instead, it recommends to write the file name of the library explicitly,
+ and use -l option only to list third-party libraries. As result, the
+ default value of *_DEPENDENCIES will list all local libraries and omit
+ the other ones.
+ * modules/pam_access/Makefile.am (pam_access_la_LIBADD): Replace
+ "-L$(top_builddir)/libpam -lpam" with
+ "$(top_builddir)/libpam/libpam.la", to follow GNU automake
+ recommendations.
+ * modules/pam_cracklib/Makefile.am (pam_cracklib_la_LIBADD): Likewise.
+ * modules/pam_debug/Makefile.am (pam_debug_la_LIBADD): Likewise.
+ * modules/pam_deny/Makefile.am (pam_deny_la_LIBADD): Likewise.
+ * modules/pam_echo/Makefile.am (pam_echo_la_LIBADD): Likewise.
+ * modules/pam_env/Makefile.am (pam_env_la_LIBADD): Likewise.
+ * modules/pam_exec/Makefile.am (pam_exec_la_LIBADD): Likewise.
+ * modules/pam_faildelay/Makefile.am (pam_faildelay_la_LIBADD): Likewise.
+ * modules/pam_filter/Makefile.am (pam_filter_la_LIBADD): Likewise.
+ * modules/pam_filter/upperLOWER/Makefile.am (LDADD): Likewise.
+ * modules/pam_ftp/Makefile.am (pam_ftp_la_LIBADD): Likewise.
+ * modules/pam_group/Makefile.am (pam_group_la_LIBADD): Likewise.
+ * modules/pam_issue/Makefile.am (pam_issue_la_LIBADD): Likewise.
+ * modules/pam_keyinit/Makefile.am (pam_keyinit_la_LIBADD): Likewise.
+ * modules/pam_lastlog/Makefile.am (pam_lastlog_la_LIBADD): Likewise.
+ * modules/pam_limits/Makefile.am (pam_limits_la_LIBADD): Likewise.
+ * modules/pam_listfile/Makefile.am (pam_listfile_la_LIBADD): Likewise.
+ * modules/pam_localuser/Makefile.am (pam_localuser_la_LIBADD): Likewise.
+ * modules/pam_loginuid/Makefile.am (pam_loginuid_la_LIBADD): Likewise.
+ * modules/pam_mail/Makefile.am (pam_mail_la_LIBADD): Likewise.
+ * modules/pam_mkhomedir/Makefile.am (pam_mkhomedir_la_LIBADD,
+ mkhomedir_helper_LDADD): Likewise.
+ * modules/pam_motd/Makefile.am (pam_motd_la_LIBADD): Likewise.
+ * modules/pam_namespace/Makefile.am (pam_namespace_la_LIBADD): Likewise.
+ * modules/pam_nologin/Makefile.am (pam_nologin_la_LIBADD): Likewise.
+ * modules/pam_permit/Makefile.am (pam_permit_la_LIBADD): Likewise.
+ * modules/pam_pwhistory/Makefile.am (pam_pwhistory_la_LIBADD): Likewise.
+ * modules/pam_rhosts/Makefile.am (pam_rhosts_la_LIBADD): Likewise.
+ * modules/pam_rootok/Makefile.am (pam_rootok_la_LIBADD): Likewise.
+ * modules/pam_securetty/Makefile.am (pam_securetty_la_LIBADD): Likewise.
+ * modules/pam_sepermit/Makefile.am (pam_sepermit_la_LIBADD): Likewise.
+ * modules/pam_shells/Makefile.am (pam_shells_la_LIBADD): Likewise.
+ * modules/pam_stress/Makefile.am (pam_stress_la_LIBADD): Likewise.
+ * modules/pam_succeed_if/Makefile.am (pam_succeed_if_la_LIBADD):
+ Likewise.
+ * modules/pam_tally/Makefile.am (pam_tally_la_LIBADD): Likewise.
+ * modules/pam_tally2/Makefile.am (pam_tally2_la_LIBADD,
+ pam_tally2_LDADD): Likewise.
+ * modules/pam_time/Makefile.am (pam_time_la_LIBADD): Likewise.
+ * modules/pam_timestamp/Makefile.am (pam_timestamp_la_LIBADD,
+ pam_timestamp_check_LDADD, hmacfile_LDADD): Likewise.
+ * modules/pam_tty_audit/Makefile.am (pam_tty_audit_la_LIBADD): Likewise.
+ * modules/pam_umask/Makefile.am (pam_umask_la_LIBADD): Likewise.
+ * modules/pam_unix/Makefile.am (pam_unix_la_LIBADD): Likewise.
+ * modules/pam_userdb/Makefile.am (pam_userdb_la_LIBADD): Likewise.
+ * modules/pam_warn/Makefile.am (pam_warn_la_LIBADD): Likewise.
+ * modules/pam_wheel/Makefile.am (pam_wheel_la_LIBADD): Likewise.
+ * modules/pam_xauth/Makefile.am (pam_xauth_la_LIBADD): Likewise.
+ * tests/Makefile.am (LDADD): Likewise.
+ * examples/Makefile.am (LDADD): Replace "-L$(top_builddir)/libpam -lpam"
+ with "$(top_builddir)/libpam/libpam.la", and
+ "-L$(top_builddir)/libpam_misc -lpam_misc" with
+ "$(top_builddir)/libpam_misc/libpam_misc.la", to follow GNU automake
+ recommendations.
+ * xtests/Makefile.am (LDADD): Likewise.
+ * modules/pam_selinux/Makefile.am (pam_selinux_la_LIBADD): Likewise.
+
+ Fix usage of LIBADD, LDADD and LDFLAGS.
+ * modules/pam_selinux/Makefile.am: Rename pam_selinux_check_LDFLAGS to
+ pam_selinux_check_LDADD.
+ * modules/pam_userdb/Makefile.am: Split out pam_userdb_la_LIBADD from
+ AM_LDFLAGS.
+ * modules/pam_warn/Makefile.am: Split out pam_warn_la_LIBADD from
+ AM_LDFLAGS.
+ * modules/pam_wheel/Makefile.am: Split out pam_wheel_la_LIBADD from
+ AM_LDFLAGS.
+ * modules/pam_xauth/Makefile.am: split out pam_xauth_la_LIBADD from
+ AM_LDFLAGS.
+ * xtests/Makefile.am: Rename AM_LDFLAGS to LDADD.
+
+2011-10-27 Dmitry V. Levin <ldv@altlinux.org>
+
+ Update .gitignore files.
+ * .gitignore: Add common ignore patterns.
+ * m4/.gitignore: Unignore local m4 files.
+ * dynamic/.gitignore: Unignore Makefile.
+ * libpamc/test/modules/.gitignore: Likewise.
+ * libpamc/test/regress/.gitignore: Likewise.
+ * po/.gitignore: Add Makevars.template.
+ * conf/.gitignore: Remove common ignore patterns.
+ * conf/pam_conv1/.gitignore: Likewise.
+ * doc/.gitignore: Likewise.
+ * doc/specs/.gitignore: Likewise.
+ * doc/specs/formatter/.gitignore: Likewise.
+ * examples/.gitignore: Likewise.
+ * modules/pam_filter/upperLOWER/.gitignore: Likewise.
+ * modules/pam_mkhomedir/.gitignore: Likewise.
+ * modules/pam_selinux/.gitignore: Likewise.
+ * modules/pam_stress/.gitignore: Likewise.
+ * modules/pam_tally/.gitignore: Likewise.
+ * modules/pam_tally2/.gitignore: Likewise.
+ * modules/pam_timestamp/.gitignore: Likewise.
+ * modules/pam_unix/.gitignore: Likewise.
+ * tests/.gitignore: Likewise.
+ * xtests/.gitignore: Likewise.
+ * doc/adg/.gitignore: Remove.
+ * doc/man/.gitignore: Remove.
+ * doc/mwg/.gitignore: Remove.
+ * doc/sag/.gitignore: Remove.
+ * libpamc/.gitignore: Remove.
+ * libpamc/test/.gitignore: Remove.
+ * libpam/.gitignore: Remove.
+ * libpam_misc/.gitignore: Remove.
+ * modules/.gitignore: Remove.
+ * modules/pam_access/.gitignore: Remove.
+ * modules/pam_cracklib/.gitignore: Remove.
+ * modules/pam_debug/.gitignore: Remove.
+ * modules/pam_deny/.gitignore: Remove.
+ * modules/pam_echo/.gitignore: Remove.
+ * modules/pam_env/.gitignore: Remove.
+ * modules/pam_exec/.gitignore: Remove.
+ * modules/pam_faildelay/.gitignore: Remove.
+ * modules/pam_filter/.gitignore: Remove.
+ * modules/pam_ftp/.gitignore: Remove.
+ * modules/pam_group/.gitignore: Remove.
+ * modules/pam_issue/.gitignore: Remove.
+ * modules/pam_keyinit/.gitignore: Remove.
+ * modules/pam_lastlog/.gitignore: Remove.
+ * modules/pam_limits/.gitignore: Remove.
+ * modules/pam_listfile/.gitignore: Remove.
+ * modules/pam_localuser/.gitignore: Remove.
+ * modules/pam_loginuid/.gitignore: Remove.
+ * modules/pam_mail/.gitignore: Remove.
+ * modules/pam_motd/.gitignore: Remove.
+ * modules/pam_namespace/.gitignore: Remove.
+ * modules/pam_nologin/.gitignore: Remove.
+ * modules/pam_permit/.gitignore: Remove.
+ * modules/pam_pwhistory/.gitignore: Remove.
+ * modules/pam_rhosts/.gitignore: Remove.
+ * modules/pam_rootok/.gitignore: Remove.
+ * modules/pam_securetty/.gitignore: Remove.
+ * modules/pam_sepermit/.gitignore: Remove.
+ * modules/pam_shells/.gitignore: Remove.
+ * modules/pam_succeed_if/.gitignore: Remove.
+ * modules/pam_time/.gitignore: Remove.
+ * modules/pam_tty_audit/.gitignore: Remove.
+ * modules/pam_umask/.gitignore: Remove.
+ * modules/pam_userdb/.gitignore: Remove.
+ * modules/pam_warn/.gitignore: Remove.
+ * modules/pam_wheel/.gitignore: Remove.
+ * modules/pam_xauth/.gitignore: Remove.
+
+ Move generated auxiliary files to build-aux directory.
+ * configure.in: Add AC_CONFIG_AUX_DIR([build-aux]).
+
+ Remove generated files.
+ * ABOUT-NLS: Remove.
+ * INSTALL: Remove.
+ * config.rpath: Remove.
+ * install-sh: Remove.
+ * mkinstalldirs: Remove.
+ * Makefile.am (EXTRA_DIST): Remove config.rpath and mkinstalldirs.
+ * .gitignore: Add ABOUT-NLS and INSTALL.
+
+ Create release tarballs using safe ownership and permissions.
+ * Makefile.am: Define and export TAR_OPTIONS.
+
+ Generate ChangeLog from git log.
+ * .gitignore: Add ChangeLog
+ * ChangeLog: Rename to ChangeLog-CVS.
+ * Makefile.am (gen-changelog): New rule.
+ (dist-hook, .PHONY): Depend on it.
+ (EXTRA_DIST): Add ChangeLog-CVS.
+ * README-hacking: New file.
+ * gitlog-to-changelog: Import from gnulib.
+ * autogen.sh: Create empty ChangeLog file to make automake strictness
+ check happy. Use automated "autoreconf -fiv" instead of manual
+ invocations of various autotools.
+
+ Fix "make distcheck"
+ There is no use to distribute m4 files manually, because automake does
+ the right thing, while manual distribution is not only redundant but
+ also very fragile.
+ * Makefile.am (M4_FILES): Remove.
+ (EXTRA_DIST): Remove M4_FILES.
+
+ Remove modules/pam_timestamp/hmacfile from distribution.
+ * modules/pam_timestamp/Makefile.am (dist_TESTS): Add tst-pam_timestamp.
+ (nodist_TESTS): Add hmacfile.
+ (EXTRA_DIST): Replace TESTS with dist_TESTS.
+
+ Rename all .cvsignore files to .gitignore.
+
+ Fix whitespace issues.
+ Cleanup trailing whitespaces, indentation that uses spaces before tabs,
+ and blank lines at EOF. Make the project free of warnings reported by
+ git diff --check 4b825dc642cb6eb9a060e54bf8d69288fbee4904 HEAD
+
+
+See ChangeLog-CVS for earlier changes.