[Lunar-commits] r24086 - in moonbase/trunk/security/Linux-PAM: . pam.d

Stefan Wold ratler at lunar-linux.org
Mon Apr 16 06:58:03 CEST 2007


Author: ratler
Date: 2007-04-16 06:58:02 +0200 (Mon, 16 Apr 2007)
New Revision: 24086

Modified:
   moonbase/trunk/security/Linux-PAM/BUILD
   moonbase/trunk/security/Linux-PAM/DEPENDS
   moonbase/trunk/security/Linux-PAM/DETAILS
   moonbase/trunk/security/Linux-PAM/pam.d/system-auth
Log:
Version bump.
* Now properly compile with automake 1.10 without my patch
* A few bugfixes in Linux-PAM such as allowing username to start with odd characters
* Redhat PAM-modules updated
* system-auth slightly rewritten. For example it will now supress all logins by cron jobs for pam aware cronds
* pam_userdb.so can now be optionally disabled by saying no to "db" as optional_depends, which is recommended.
* Tested on:
	* x86_64: kernel 2.6, glibc 2.3.6, gcc 4.1.2
	* x86: kernel 2.6, glibc 2.3.6, gcc 4.1.2
	* x86: kernel 2.4, glibc 2.3.6, gcc 4.1.2


Modified: moonbase/trunk/security/Linux-PAM/BUILD
===================================================================
--- moonbase/trunk/security/Linux-PAM/BUILD	2007-04-16 02:59:53 UTC (rev 24085)
+++ moonbase/trunk/security/Linux-PAM/BUILD	2007-04-16 04:58:02 UTC (rev 24086)
@@ -15,7 +15,8 @@
   ./configure  --libdir=/lib                            \
                --enable-docdir=/usr/share/doc/Linux-PAM \
                --disable-prelude                        \
-               --mandir=/usr/share/man                  &&
+               --mandir=/usr/share/man                  \
+               $OPTS &&
 
   sedit  "s/examples//"  Makefile              &&
   sedit  "s/read yes//"     conf/install_conf  &&
@@ -30,11 +31,11 @@
   chmod 4711 /sbin/pam_timestamp_check &&
 
   # Module documents are nice
-  if [ ! -d /usr/share/doc/Linux-PAM/text ]; then
-      mkdir -p /usr/share/doc/Linux-PAM/text
+  if [ ! -d /usr/share/doc/Linux-PAM/txt ]; then
+      mkdir -p /usr/share/doc/Linux-PAM/txt
   fi &&
   for i in $SOURCE_DIRECTORY/modules/pam_*/README; do
-      cp -f ${i} /usr/share/doc/Linux-PAM/text/README.$(echo ${i} | awk -F/ '{ print $(NF-1) }')
+      cp -f ${i} /usr/share/doc/Linux-PAM/txt/README.$(echo ${i} | awk -F/ '{ print $(NF-1) }')
   done &&
 
   # More doc

Modified: moonbase/trunk/security/Linux-PAM/DEPENDS
===================================================================
--- moonbase/trunk/security/Linux-PAM/DEPENDS	2007-04-16 02:59:53 UTC (rev 24085)
+++ moonbase/trunk/security/Linux-PAM/DEPENDS	2007-04-16 04:58:02 UTC (rev 24086)
@@ -1,2 +1,4 @@
 depends  automake  &&
-depends  cracklib
+depends  cracklib  &&
+optional_depends "db" "" "--disable-berkdb" "for pam_userdb support (${PROBLEM_COLOR}NOT RECOMMENDED${DEFAULT_COLOR})"
+

Modified: moonbase/trunk/security/Linux-PAM/DETAILS
===================================================================
--- moonbase/trunk/security/Linux-PAM/DETAILS	2007-04-16 02:59:53 UTC (rev 24085)
+++ moonbase/trunk/security/Linux-PAM/DETAILS	2007-04-16 04:58:02 UTC (rev 24086)
@@ -1,18 +1,18 @@
           MODULE=Linux-PAM
-         VERSION=0.99.6.3
-        PVERSION=1.7
-       RHVERSION=0.99.6-1
+         VERSION=0.99.7.1
+        PVERSION=1.8
+       RHVERSION=0.99.7-1
           SOURCE=$MODULE-$VERSION.tar.bz2
          SOURCE2=$MODULE-patches-$PVERSION.tar.bz2
    SOURCE_URL[0]=$KERNEL_URL/pub/linux/libs/pam/pre/library/
    SOURCE_URL[1]=ftp://ftp.kernel.org/pub/linux/libs/pam/pre/library/
      SOURCE2_URL=$PATCH_URL
-      SOURCE_VFY=sha1:984f86b5a767fba1572c7963b8f8c997132fff2b
-     SOURCE2_VFY=sha1:2a48f18b10acd4292ccdb0cc5a6306b1525d8d1b
+      SOURCE_VFY=sha1:40f8ba7280fbd8260cfe2ec06b86f972c79eb9d2
+     SOURCE2_VFY=sha1:fea43efb7fe728c06424ee573f2029269f91c8f6
         WEB_SITE=http://www.us.kernel.org/pub/linux/libs/pam
       MAINTAINER=ratler at lunar-linux.org
          ENTERED=20010922
-         UPDATED=20060910
+         UPDATED=20070415
            SHORT="Flexibile authentication mechanisms."
 PSAFE=no
 cat << EOF

Modified: moonbase/trunk/security/Linux-PAM/pam.d/system-auth
===================================================================
--- moonbase/trunk/security/Linux-PAM/pam.d/system-auth	2007-04-16 02:59:53 UTC (rev 24085)
+++ moonbase/trunk/security/Linux-PAM/pam.d/system-auth	2007-04-16 04:58:02 UTC (rev 24086)
@@ -1,15 +1,14 @@
 #%PAM-1.0
 auth        required      pam_env.so
-auth        sufficient    pam_unix.so likeauth nullok
+auth        sufficient    pam_unix.so try_first_pass nullok
 auth        required      pam_deny.so
 
 account     required      pam_unix.so
-account     sufficient	  pam_succeed_if.so uid < 100 quiet
-account     required      pam_permit.so
 
-password    requisite     pam_cracklib.so retry=3
-password    sufficient    pam_unix.so nullok use_authtok md5 shadow
+password    required      pam_cracklib.so try_first_pass retry=3
+password    sufficient    pam_unix.so try_first_pass use_authtok nullok md5 shadow
 password    required      pam_deny.so
 
 session     required      pam_limits.so
+session     [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
 session     required      pam_unix.so



More information about the Lunar-commits mailing list