rpms/pam/devel 90-nproc.conf, NONE, 1.1 Linux-PAM-0.99.10.0.tar.bz2.sign, NONE, 1.1 .cvsignore, 1.45, 1.46 pam.spec, 1.170, 1.171 sources, 1.47, 1.48 Linux-PAM-0.99.7.1.tar.bz2.sign, 1.1, NONE Linux-PAM-0.99.8.1.tar.bz2.sign, 1.1, NONE pam-0.99.7.1-namespace-homedir.patch, 1.3, NONE pam-0.99.7.1-namespace-temp-logon.patch, 1.2, NONE pam-0.99.8.1-audit-failed.patch, 1.1, NONE pam-0.99.8.1-namespace-init.patch, 1.1, NONE pam-0.99.8.1-selinux-permit.patch, 1.2, NONE pam-0.99.8.1-sepermit-kill-user.patch, 1.1, NONE pam-0.99.8.1-setkeycreatecon.patch, 1.1, NONE pam-0.99.8.1-substack.patch, 1.1, NONE pam-0.99.8.1-succif-in-operator.patch, 1.2, NONE pam-0.99.8.1-tty-audit.patch, 1.1, NONE pam-0.99.8.1-tty-audit2.patch, 1.1, NONE pam-0.99.8.1-unix-hpux-aging.patch, 1.1, NONE pam-0.99.8.1-unix-update-helper.patch, 1.3, NONE pam-0.99.8.1-xauth-no-free.patch, 1.1, NONE
Tomas Mraz (tmraz)
fedora-extras-commits at redhat.com
Fri Feb 15 17:28:43 UTC 2008
- Previous message (by thread): rpms/libffi/devel .cvsignore, NONE, 1.1 Makefile, NONE, 1.1 sources, NONE, 1.1
- Next message (by thread): rpms/koan/F-8 .cvsignore, 1.18, 1.19 koan.spec, 1.26, 1.27 sources, 1.21, 1.22
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: tmraz
Update of /cvs/pkgs/rpms/pam/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv1274
Modified Files:
.cvsignore pam.spec sources
Added Files:
90-nproc.conf Linux-PAM-0.99.10.0.tar.bz2.sign
Removed Files:
Linux-PAM-0.99.7.1.tar.bz2.sign
Linux-PAM-0.99.8.1.tar.bz2.sign
pam-0.99.7.1-namespace-homedir.patch
pam-0.99.7.1-namespace-temp-logon.patch
pam-0.99.8.1-audit-failed.patch
pam-0.99.8.1-namespace-init.patch
pam-0.99.8.1-selinux-permit.patch
pam-0.99.8.1-sepermit-kill-user.patch
pam-0.99.8.1-setkeycreatecon.patch pam-0.99.8.1-substack.patch
pam-0.99.8.1-succif-in-operator.patch
pam-0.99.8.1-tty-audit.patch pam-0.99.8.1-tty-audit2.patch
pam-0.99.8.1-unix-hpux-aging.patch
pam-0.99.8.1-unix-update-helper.patch
pam-0.99.8.1-xauth-no-free.patch
Log Message:
* Fri Feb 15 2008 Tomas Mraz <tmraz at redhat.com> 0.99.10.0-1
- new upstream release
- add default soft limit for nproc of 1024 to prevent
accidental fork bombs (#432903)
--- NEW FILE 90-nproc.conf ---
# Default limit for number of user's processes to prevent
# accidental fork bombs.
# See rhbz #432903 for reasoning.
* soft nproc 1024
--- NEW FILE Linux-PAM-0.99.10.0.tar.bz2.sign ---
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: See http://www.kernel.org/signature.html for info
iD8DBQBHtBCvyGugalF9Dw4RAkscAKCAir9EhJ5VxjIog6Vs+N6Sr27n6ACcD0Iy
ycgdOs9Ea8z8pqgPZMmocyY=
=djTw
-----END PGP SIGNATURE-----
Index: .cvsignore
===================================================================
RCS file: /cvs/pkgs/rpms/pam/devel/.cvsignore,v
retrieving revision 1.45
retrieving revision 1.46
diff -u -r1.45 -r1.46
--- .cvsignore 25 Sep 2007 20:15:45 -0000 1.45
+++ .cvsignore 15 Feb 2008 17:27:28 -0000 1.46
@@ -1,5 +1,5 @@
*.src.rpm
*.tar.bz2
pam-redhat-0.99.8-1.tar.bz2
-Linux-PAM-0.99.8.1.tar.bz2
db-4.6.19.tar.gz
+Linux-PAM-0.99.10.0.tar.bz2
Index: pam.spec
===================================================================
RCS file: /cvs/pkgs/rpms/pam/devel/pam.spec,v
retrieving revision 1.170
retrieving revision 1.171
diff -u -r1.170 -r1.171
--- pam.spec 4 Feb 2008 13:06:18 -0000 1.170
+++ pam.spec 15 Feb 2008 17:27:28 -0000 1.171
@@ -4,8 +4,8 @@
Summary: A security tool which provides authentication for applications
Name: pam
-Version: 0.99.8.1
-Release: 18%{?dist}
+Version: 0.99.10.0
+Release: 1%{?dist}
# The library is BSD licensed with option to relicense as GPLv2+ - this option is redundant
# as the BSD license allows that anyway. pam_timestamp and pam_console modules are GPLv2+,
# pam_rhosts_auth module is BSD with advertising
@@ -21,28 +21,15 @@
Source8: dlopen.sh
Source9: system-auth.5
Source10: config-util.5
+Source11: 90-nproc.conf
Patch1: pam-0.99.7.0-redhat-modules.patch
Patch2: db-4.6.18-glibc.patch
Patch4: pam-0.99.8.1-dbpam.patch
Patch5: pam-0.99.8.1-audit-no-log.patch
-Patch24: pam-0.99.8.1-unix-update-helper.patch
-Patch25: pam-0.99.8.1-unix-hpux-aging.patch
Patch31: pam-0.99.3.0-cracklib-try-first-pass.patch
Patch32: pam-0.99.3.0-tally-fail-close.patch
-Patch40: pam-0.99.7.1-namespace-temp-logon.patch
-Patch41: pam-0.99.8.1-namespace-init.patch
Patch42: pam-0.99.8.1-console-hal-handled.patch
Patch43: pam-0.99.8.1-console-mfd-scanners.patch
-Patch44: pam-0.99.7.1-namespace-homedir.patch
-Patch45: pam-0.99.8.1-selinux-permit.patch
-Patch46: pam-0.99.8.1-succif-in-operator.patch
-Patch47: pam-0.99.8.1-xauth-no-free.patch
-Patch48: pam-0.99.8.1-substack.patch
-Patch49: pam-0.99.8.1-tty-audit.patch
-Patch50: pam-0.99.8.1-tty-audit2.patch
-Patch51: pam-0.99.8.1-audit-failed.patch
-Patch52: pam-0.99.8.1-setkeycreatecon.patch
-Patch53: pam-0.99.8.1-sepermit-kill-user.patch
%define _sbindir /sbin
%define _moduledir /%{_lib}/security
@@ -113,24 +100,10 @@
popd
%patch4 -p1 -b .dbpam
%patch5 -p1 -b .no-log
-%patch24 -p1 -b .update-helper
-%patch25 -p1 -b .unix-hpux-aging
%patch31 -p1 -b .try-first-pass
%patch32 -p1 -b .fail-close
-%patch40 -p1 -b .temp-logon
-%patch41 -p1 -b .ns-init
%patch42 -p1 -b .hal-handled
%patch43 -p1 -b .mfd-scanners
-%patch44 -p1 -b .homedir
-%patch45 -p1 -b .permit
-%patch46 -p1 -b .in-operator
-%patch47 -p1 -b .no-free
-%patch48 -p0 -b .substack
-%patch49 -p1 -b .tty-audit
-%patch50 -p1 -b .tty-audit2
-%patch51 -p1 -b .audit-failed
-%patch52 -p1 -b .setkeycreatecon
-%patch53 -p1 -b .kill-user
autoreconf
@@ -191,6 +164,11 @@
# Install the binaries, libraries, and modules.
make install DESTDIR=$RPM_BUILD_ROOT LDCONFIG=:
+%if %{WITH_SELINUX}
+# Temporary compat link
+ln -sf pam_sepermit.so $RPM_BUILD_ROOT%{_moduledir}/pam_selinux_permit.so
+%endif
+
# RPM uses docs from source tree
rm -rf $RPM_BUILD_ROOT%{_datadir}/doc/Linux-PAM
# Included in setup package
@@ -201,6 +179,7 @@
install -m 644 %{SOURCE5} $RPM_BUILD_ROOT%{_pamconfdir}/other
install -m 644 %{SOURCE6} $RPM_BUILD_ROOT%{_pamconfdir}/system-auth
install -m 644 %{SOURCE7} $RPM_BUILD_ROOT%{_pamconfdir}/config-util
+install -m 644 %{SOURCE11} $RPM_BUILD_ROOT%{_secconfdir}/limits.d/90-nproc.conf
install -m 600 /dev/null $RPM_BUILD_ROOT%{_secconfdir}/opasswd
install -d -m 755 $RPM_BUILD_ROOT/var/log
install -m 600 /dev/null $RPM_BUILD_ROOT/var/log/faillog
@@ -331,12 +310,12 @@
%{_moduledir}/pam_permit.so
%{_moduledir}/pam_postgresok.so
%{_moduledir}/pam_rhosts.so
-%{_moduledir}/pam_rhosts_auth.so
%{_moduledir}/pam_rootok.so
%{_moduledir}/pam_rps.so
%if %{WITH_SELINUX}
%{_moduledir}/pam_selinux.so
%{_moduledir}/pam_selinux_permit.so
+%{_moduledir}/pam_sepermit.so
%endif
%{_moduledir}/pam_securetty.so
%{_moduledir}/pam_shells.so
@@ -365,7 +344,10 @@
%config(noreplace) %{_secconfdir}/console.handlers
%config(noreplace) %{_secconfdir}/group.conf
%config(noreplace) %{_secconfdir}/limits.conf
+%dir %{_secconfdir}/limits.d
+%config(noreplace) %{_secconfdir}/limits.d/90-nproc.conf
%config(noreplace) %{_secconfdir}/namespace.conf
+%dir %{_secconfdir}/namespace.d
%attr(755,root,root) %config(noreplace) %{_secconfdir}/namespace.init
%config(noreplace) %{_secconfdir}/pam_env.conf
%config(noreplace) %{_secconfdir}/sepermit.conf
@@ -392,6 +374,11 @@
%doc doc/adg/*.txt doc/adg/html
%changelog
+* Fri Feb 15 2008 Tomas Mraz <tmraz at redhat.com> 0.99.10.0-1
+- new upstream release
+- add default soft limit for nproc of 1024 to prevent
+ accidental fork bombs (#432903)
+
* Mon Feb 4 2008 Tomas Mraz <tmraz at redhat.com> 0.99.8.1-18
- allow the package to build without SELinux and audit support (#431415)
- macro usage cleanup
Index: sources
===================================================================
RCS file: /cvs/pkgs/rpms/pam/devel/sources,v
retrieving revision 1.47
retrieving revision 1.48
diff -u -r1.47 -r1.48
--- sources 25 Sep 2007 20:15:45 -0000 1.47
+++ sources 15 Feb 2008 17:27:28 -0000 1.48
@@ -1,3 +1,3 @@
2a23dc703b550223206021ff03b1e434 pam-redhat-0.99.8-1.tar.bz2
-a6472db4afe13850cb401922211bba4e Linux-PAM-0.99.8.1.tar.bz2
89c7390ff120d5ebf3eccc5f97249e79 db-4.6.19.tar.gz
+be4dd1d34ac5933408e13e48f3eb710a Linux-PAM-0.99.10.0.tar.bz2
--- Linux-PAM-0.99.7.1.tar.bz2.sign DELETED ---
--- Linux-PAM-0.99.8.1.tar.bz2.sign DELETED ---
--- pam-0.99.7.1-namespace-homedir.patch DELETED ---
--- pam-0.99.7.1-namespace-temp-logon.patch DELETED ---
--- pam-0.99.8.1-audit-failed.patch DELETED ---
--- pam-0.99.8.1-namespace-init.patch DELETED ---
--- pam-0.99.8.1-selinux-permit.patch DELETED ---
--- pam-0.99.8.1-sepermit-kill-user.patch DELETED ---
--- pam-0.99.8.1-setkeycreatecon.patch DELETED ---
--- pam-0.99.8.1-substack.patch DELETED ---
--- pam-0.99.8.1-succif-in-operator.patch DELETED ---
--- pam-0.99.8.1-tty-audit.patch DELETED ---
--- pam-0.99.8.1-tty-audit2.patch DELETED ---
--- pam-0.99.8.1-unix-hpux-aging.patch DELETED ---
--- pam-0.99.8.1-unix-update-helper.patch DELETED ---
--- pam-0.99.8.1-xauth-no-free.patch DELETED ---
- Previous message (by thread): rpms/libffi/devel .cvsignore, NONE, 1.1 Makefile, NONE, 1.1 sources, NONE, 1.1
- Next message (by thread): rpms/koan/F-8 .cvsignore, 1.18, 1.19 koan.spec, 1.26, 1.27 sources, 1.21, 1.22
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list