rpms/pam/devel Linux-PAM-0.99.7.1.tar.bz2.sign, NONE, 1.1 pam-0.99.7.0-namespace-unmnt-override.patch, NONE, 1.1 pam.spec, 1.141, 1.142 Linux-PAM-0.99.7.0.tar.bz2.sign, 1.1, NONE pam-0.99.7.0-selinux-build.patch, 1.1, NONE pam-0.99.7.0-unix-minsalt.patch, 1.1, NONE
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Wed Jan 24 11:44:53 UTC 2007
Author: tmraz
Update of /cvs/dist/rpms/pam/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv4605
Modified Files:
pam.spec
Added Files:
Linux-PAM-0.99.7.1.tar.bz2.sign
pam-0.99.7.0-namespace-unmnt-override.patch
Removed Files:
Linux-PAM-0.99.7.0.tar.bz2.sign
pam-0.99.7.0-selinux-build.patch
pam-0.99.7.0-unix-minsalt.patch
Log Message:
* Wed Jan 24 2007 Tomas Mraz <tmraz at redhat.com> 0.99.7.1-1
- upgrade to new upstream version resolving CVE-2007-0003
- pam_namespace: unmount poly dir for override users
--- NEW FILE Linux-PAM-0.99.7.1.tar.bz2.sign ---
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: See http://www.kernel.org/signature.html for info
iD8DBQBFtgDAyGugalF9Dw4RArOyAJ0duc7/WqnlX1+LfjYsUOQsJhICOgCfdWDb
aMzAtzhCqvu+IxJTFwXx/kk=
=I+NT
-----END PGP SIGNATURE-----
pam-0.99.7.0-namespace-unmnt-override.patch:
pam_namespace.c | 60 ++++++++++++++++++++++++++++++++++++++++++--------------
1 files changed, 45 insertions(+), 15 deletions(-)
--- NEW FILE pam-0.99.7.0-namespace-unmnt-override.patch ---
--- Linux-PAM-0.99.7.0/modules/pam_namespace/pam_namespace.c.unmnt-override 2007-01-22 14:06:31.000000000 +0100
+++ Linux-PAM-0.99.7.0/modules/pam_namespace/pam_namespace.c 2007-01-23 16:41:57.000000000 +0100
@@ -417,17 +417,18 @@
* uids for the polyinstantiated directory, polyinstantiation is not
* performed for that user for that directory.
*/
-static int ns_override(struct polydir_s *polyptr, struct instance_data *idata)
+static int ns_override(struct polydir_s *polyptr, struct instance_data *idata,
+ uid_t uid)
{
unsigned int i;
if (idata->flags & PAMNS_DEBUG)
pam_syslog(idata->pamh, LOG_DEBUG,
"Checking for ns override in dir %s for uid %d",
- polyptr->dir, idata->uid);
+ polyptr->dir, uid);
for (i = 0; i < polyptr->num_uids; i++) {
- if (idata->uid == polyptr->uid[i]) {
+ if (uid == polyptr->uid[i]) {
return 1;
}
}
@@ -1013,21 +1014,46 @@
int retval = 0, need_poly = 0, changing_dir = 0;
char *cptr, *fptr, poly_parent[PATH_MAX];
struct polydir_s *pptr;
+ uid_t req_uid;
+ const void *ruser_name;
+ struct passwd *pwd;
if (idata->flags & PAMNS_DEBUG)
pam_syslog(idata->pamh, LOG_DEBUG, "Set up namespace for pid %d",
getpid());
+ retval = pam_get_item(idata->pamh, PAM_RUSER, &ruser_name);
+ if (ruser_name == NULL || retval != PAM_SUCCESS) {
+ retval = PAM_SUCCESS;
+ req_uid = getuid();
+ } else {
+ pwd = pam_modutil_getpwnam(idata->pamh, ruser_name);
+ if (pwd != NULL) {
+ req_uid = pwd->pw_uid;
+ } else {
+ req_uid = getuid();
+ }
+ }
+
/*
* Cycle through all polyinstantiated directory entries to see if
* polyinstantiation is needed at all.
*/
for (pptr = idata->polydirs_ptr; pptr; pptr = pptr->next) {
- if (ns_override(pptr, idata)) {
- if (idata->flags & PAMNS_DEBUG)
- pam_syslog(idata->pamh, LOG_DEBUG,
+ if (ns_override(pptr, idata, idata->uid)) {
+ if (unmnt == NO_UNMNT || ns_override(pptr, idata, req_uid)) {
+ if (idata->flags & PAMNS_DEBUG)
+ pam_syslog(idata->pamh, LOG_DEBUG,
"Overriding poly for user %d for dir %s",
idata->uid, pptr->dir);
+ } else {
+ if (idata->flags & PAMNS_DEBUG)
+ pam_syslog(idata->pamh, LOG_DEBUG,
+ "Need unmount ns for user %d for dir %s",
+ idata->uid, pptr->dir);
+ need_poly = 1;
+ break;
+ }
continue;
} else {
if (idata->flags & PAMNS_DEBUG)
@@ -1057,15 +1083,20 @@
* call ns_setup to setup polyinstantiation for a particular entry.
*/
for (pptr = idata->polydirs_ptr; pptr; pptr = pptr->next) {
- if (ns_override(pptr, idata))
- continue;
- else {
- if (idata->flags & PAMNS_DEBUG)
+ enum unmnt_op dir_unmnt = unmnt;
+ if (ns_override(pptr, idata, idata->uid)) {
+ if (unmnt == NO_UNMNT || ns_override(pptr, idata, req_uid)) {
+ continue;
+ } else {
+ dir_unmnt = UNMNT_ONLY;
+ }
+ }
+ if (idata->flags & PAMNS_DEBUG)
pam_syslog(idata->pamh, LOG_DEBUG,
"Setting poly ns for user %d for dir %s",
idata->uid, pptr->dir);
- if ((unmnt == UNMNT_REMNT) || (unmnt == UNMNT_ONLY)) {
+ if ((dir_unmnt == UNMNT_REMNT) || (dir_unmnt == UNMNT_ONLY)) {
/*
* Check to see if process current directory is in the
* bind mounted instance_parent directory that we are trying to
@@ -1105,13 +1136,12 @@
} else if (idata->flags & PAMNS_DEBUG)
pam_syslog(idata->pamh, LOG_DEBUG, "Umount succeeded %s",
pptr->dir);
- }
+ }
- if (unmnt != UNMNT_ONLY) {
+ if (dir_unmnt != UNMNT_ONLY) {
retval = ns_setup(pptr, idata);
if (retval != PAM_SUCCESS)
break;
- }
}
}
@@ -1138,7 +1168,7 @@
* appropriate polyinstantiated instance directories.
*/
for (pptr = idata->polydirs_ptr; pptr; pptr = pptr->next) {
- if (ns_override(pptr, idata))
+ if (ns_override(pptr, idata, idata->uid))
continue;
else {
if (idata->flags & PAMNS_DEBUG)
Index: pam.spec
===================================================================
RCS file: /cvs/dist/rpms/pam/devel/pam.spec,v
retrieving revision 1.141
retrieving revision 1.142
diff -u -r1.141 -r1.142
--- pam.spec 22 Jan 2007 13:11:10 -0000 1.141
+++ pam.spec 24 Jan 2007 11:44:51 -0000 1.142
@@ -10,8 +10,8 @@
Summary: A security tool which provides authentication for applications
Name: pam
-Version: 0.99.7.0
-Release: 2%{?dist}
+Version: 0.99.7.1
+Release: 1%{?dist}
License: GPL or BSD
Group: System Environment/Base
Source0: http://ftp.us.kernel.org/pub/linux/libs/pam/pre/library/Linux-PAM-%{version}.tar.bz2
@@ -25,9 +25,7 @@
Source9: system-auth.5
Source10: config-util.5
Patch1: pam-0.99.7.0-redhat-modules.patch
-Patch2: pam-0.99.7.0-selinux-build.patch
Patch21: pam-0.78-unix-hpux-aging.patch
-Patch22: pam-0.99.7.0-unix-minsalt.patch
Patch34: pam-0.99.7.0-dbpam.patch
Patch70: pam-0.99.2.1-selinux-nofail.patch
Patch80: pam-0.99.6.2-selinux-drop-multiple.patch
@@ -38,6 +36,7 @@
Patch87: pam-0.99.6.2-namespace-preserve-uid.patch
Patch92: pam-0.99.6.2-selinux-select-context.patch
Patch93: pam-0.99.7.0-namespace-level.patch
+Patch94: pam-0.99.7.0-namespace-unmnt-override.patch
Patch95: pam-0.99.6.2-selinux-use-current-range.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -92,9 +91,7 @@
cp %{SOURCE7} .
%patch1 -p1 -b .redhat-modules
-%patch2 -p1 -b .build
%patch21 -p1 -b .unix-hpux-aging
-%patch22 -p1 -b .minsalt
%patch34 -p1 -b .dbpam
%patch70 -p1 -b .nofail
%patch80 -p1 -b .drop-multiple
@@ -105,6 +102,7 @@
%patch87 -p1 -b .preserve-uid
%patch92 -p1 -b .select-context
%patch93 -p1 -b .level
+%patch94 -p1 -b .unmnt-override
%patch95 -p1 -b .range
autoreconf
@@ -397,9 +395,13 @@
%doc doc/adg/*.txt doc/adg/html
%changelog
+* Wed Jan 24 2007 Tomas Mraz <tmraz at redhat.com> 0.99.7.1-1
+- upgrade to new upstream version resolving CVE-2007-0003
+- pam_namespace: unmount poly dir for override users
+
* Mon Jan 22 2007 Tomas Mraz <tmraz at redhat.com> 0.99.7.0-2
- add back min salt length requirement which was erroneously removed
- upstream
+ upstream (CVE-2007-0003)
* Fri Jan 19 2007 Tomas Mraz <tmraz at redhat.com> 0.99.7.0-1
- upgrade to new upstream version
--- Linux-PAM-0.99.7.0.tar.bz2.sign DELETED ---
--- pam-0.99.7.0-selinux-build.patch DELETED ---
--- pam-0.99.7.0-unix-minsalt.patch DELETED ---
More information about the fedora-cvs-commits
mailing list