rpms/pam/devel pam-0.99.8.1-dbpam.patch, NONE, 1.1 pam-0.99.8.1-unix-update-helper.patch, NONE, 1.1 .cvsignore, 1.42, 1.43 pam.spec, 1.147, 1.148 sources, 1.44, 1.45 pam-0.99.2.1-selinux-nofail.patch, 1.1, NONE pam-0.99.6.2-namespace-dirnames.patch, 1.1, NONE pam-0.99.6.2-namespace-docfix.patch, 1.1, NONE pam-0.99.6.2-namespace-preserve-uid.patch, 1.1, NONE pam-0.99.6.2-selinux-audit-context.patch, 1.1, NONE pam-0.99.6.2-selinux-drop-multiple.patch, 1.1, NONE pam-0.99.6.2-selinux-keycreate.patch, 1.1, NONE pam-0.99.6.2-selinux-select-context.patch, 1.4, NONE pam-0.99.6.2-selinux-use-current-range.patch, 1.1, NONE pam-0.99.7.0-dbpam.patch, 1.1, NONE pam-0.99.7.0-namespace-level.patch, 1.1, NONE pam-0.99.7.0-namespace-no-unmount.patch, 1.1, NONE pam-0.99.7.0-namespace-unmnt-override.patch, 1.1, NONE pam-0.99.7.1-namespace-unknown-user.patch, 1.1, NONE pam-0.99.7.1-unix-allow-pwmodify.patch, 1.1, NONE pam-0.99.7.1-unix-bigcrypt.patch, 1.2, NONE pam-0.99.7.1-unix-update-helper.patch, 1.1, NONE
Tomas Mraz (tmraz)
fedora-extras-commits at redhat.com
Mon Jul 23 18:47:03 UTC 2007
- Previous message (by thread): rpms/gtk2/devel cups-authstring.patch, NONE, 1.1 .cvsignore, 1.72, 1.73 gtk2.spec, 1.244, 1.245 sources, 1.80, 1.81
- Next message (by thread): rpms/pam/devel pam-0.99.7.1-console-decrement.patch, 1.1, NONE pam-0.99.7.1-console-more-displays.patch, 1.1, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: tmraz
Update of /cvs/pkgs/rpms/pam/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv17926
Modified Files:
.cvsignore pam.spec sources
Added Files:
pam-0.99.8.1-dbpam.patch pam-0.99.8.1-unix-update-helper.patch
Removed Files:
pam-0.99.2.1-selinux-nofail.patch
pam-0.99.6.2-namespace-dirnames.patch
pam-0.99.6.2-namespace-docfix.patch
pam-0.99.6.2-namespace-preserve-uid.patch
pam-0.99.6.2-selinux-audit-context.patch
pam-0.99.6.2-selinux-drop-multiple.patch
pam-0.99.6.2-selinux-keycreate.patch
pam-0.99.6.2-selinux-select-context.patch
pam-0.99.6.2-selinux-use-current-range.patch
pam-0.99.7.0-dbpam.patch pam-0.99.7.0-namespace-level.patch
pam-0.99.7.0-namespace-no-unmount.patch
pam-0.99.7.0-namespace-unmnt-override.patch
pam-0.99.7.1-namespace-unknown-user.patch
pam-0.99.7.1-unix-allow-pwmodify.patch
pam-0.99.7.1-unix-bigcrypt.patch
pam-0.99.7.1-unix-update-helper.patch
Log Message:
* Mon Jul 23 2007 Tomas Mraz <tmraz at redhat.com> 0.99.8.1-1
- upgrade to latest upstream version
- add some firewire devices to default console perms (#240770)
pam-0.99.8.1-dbpam.patch:
--- NEW FILE pam-0.99.8.1-dbpam.patch ---
--- Linux-PAM-0.99.8.1/configure.in.dbpam 2007-07-23 13:59:20.000000000 +0200
+++ Linux-PAM-0.99.8.1/configure.in 2007-07-23 14:06:54.000000000 +0200
@@ -355,7 +355,7 @@
AC_HELP_STRING([--with-db-uniquename=extension],[Unique name for db libraries and functions.]))
if test x"$WITH_DB" != xno ; then
if test x"$WITH_DB" = xyes -o x"$WITH_DB" = xdb ; then
- AC_CHECK_LIB([db$with_db_uniquename], [db_create$with_db_uniquename], LIBDB="-ldb$with_db_uniquename", LIBDB="")
+ AC_CHECK_LIB([db], [db_create$with_db_uniquename], LIBDB="-ldb", LIBDB="")
if test -z "$LIBDB" ; then
AC_CHECK_LIB([db$with_db_uniquename], [dbm_store$with_db_uniquename], LIBDB="-ldb$with_db_uniquename", LIBDB="")
fi
pam-0.99.8.1-unix-update-helper.patch:
--- NEW FILE pam-0.99.8.1-unix-update-helper.patch ---
--- /dev/null 2007-07-08 21:11:04.052436262 +0200
+++ Linux-PAM-0.99.8.1/modules/pam_unix/passupdate.c 2007-07-23 13:40:56.000000000 +0200
@@ -0,0 +1,560 @@
+/*
+ * Main coding by Elliot Lee <sopwith at redhat.com>, Red Hat Software.
+ * Copyright (C) 1996.
+ * Copyright (c) Jan Rêkorajski, 1999.
+ * Copyright (c) Red Hat, Inc., 2007
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, and the entire permission notice in its entirety,
+ * including the disclaimer of warranties.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior
+ * written permission.
+ *
+ * ALTERNATIVELY, this product may be distributed under the terms of
+ * the GNU Public License, in which case the provisions of the GPL are
+ * required INSTEAD OF the above restrictions. (This clause is
+ * necessary due to a potential bad interaction between the GPL and
+ * the restrictions contained in a BSD-style copyright.)
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/* this will be included from module and update helper */
+
+#if defined(USE_LCKPWDF) && !defined(HAVE_LCKPWDF)
+# include "./lckpwdf.-c"
+#endif
+
+/* passwd/salt conversion macros */
+
+#define ascii_to_bin(c) ((c)>='a'?(c-59):(c)>='A'?((c)-53):(c)-'.')
+#define bin_to_ascii(c) ((c)>=38?((c)-38+'a'):(c)>=12?((c)-12+'A'):(c)+'.')
+
+#define PW_TMPFILE "/etc/npasswd"
+#define SH_TMPFILE "/etc/nshadow"
+#define OPW_TMPFILE "/etc/security/nopasswd"
+#define OLD_PASSWORDS_FILE "/etc/security/opasswd"
+
+/*
+ * i64c - convert an integer to a radix 64 character
+ */
+static int i64c(int i)
+{
+ if (i < 0)
+ return ('.');
+ else if (i > 63)
+ return ('z');
+ if (i == 0)
+ return ('.');
+ if (i == 1)
+ return ('/');
+ if (i >= 2 && i <= 11)
+ return ('0' - 2 + i);
+ if (i >= 12 && i <= 37)
+ return ('A' - 12 + i);
+ if (i >= 38 && i <= 63)
+ return ('a' - 38 + i);
+ return ('\0');
+}
+
+static char *crypt_md5_wrapper(const char *pass_new)
+{
+ /*
+ * Code lifted from Marek Michalkiewicz's shadow suite. (CG)
+ * removed use of static variables (AGM)
+ */
+
+ struct timeval tv;
+ MD5_CTX ctx;
+ unsigned char result[16];
+ char *cp = (char *) result;
+ unsigned char tmp[16];
+ int i;
+ char *x = NULL;
+
+ GoodMD5Init(&ctx);
+ gettimeofday(&tv, (struct timezone *) 0);
+ GoodMD5Update(&ctx, (void *) &tv, sizeof tv);
+ i = getpid();
+ GoodMD5Update(&ctx, (void *) &i, sizeof i);
+ i = clock();
+ GoodMD5Update(&ctx, (void *) &i, sizeof i);
+ GoodMD5Update(&ctx, result, sizeof result);
+ GoodMD5Final(tmp, &ctx);
+ strcpy(cp, "$1$"); /* magic for the MD5 */
+ cp += strlen(cp);
+ for (i = 0; i < 8; i++)
+ *cp++ = i64c(tmp[i] & 077);
+ *cp = '\0';
+
+ /* no longer need cleartext */
+ x = Goodcrypt_md5(pass_new, (const char *) result);
+
+ return x;
+}
+
+#ifdef USE_LCKPWDF
+static int lock_pwdf(void)
+{
+ int i;
+ int retval;
+
+#ifndef HELPER_COMPILE
+ if (selinux_confined()) {
+ return PAM_SUCCESS;
+ }
+#endif
+ /* These values for the number of attempts and the sleep time
+ are, of course, completely arbitrary.
+ My reading of the PAM docs is that, once pam_chauthtok() has been
+ called with PAM_UPDATE_AUTHTOK, we are obliged to take any
+ reasonable steps to make sure the token is updated; so retrying
+ for 1/10 sec. isn't overdoing it. */
+ i=0;
+ while((retval = lckpwdf()) != 0 && i < 100) {
+ usleep(1000);
+ i++;
+ }
+ if(retval != 0) {
+ return PAM_AUTHTOK_LOCK_BUSY;
+ }
+ return PAM_SUCCESS;
+}
+
+static void unlock_pwdf(void)
+{
+#ifndef HELPER_COMPILE
+ if (selinux_confined()) {
+ return;
+ }
+#endif
+ ulckpwdf();
+}
+#endif
+
+static int
+save_old_password(const char *forwho, const char *oldpass,
+ int howmany)
+{
+ static char buf[16384];
+ static char nbuf[16384];
+ char *s_luser, *s_uid, *s_npas, *s_pas, *pass;
+ int npas;
+ FILE *pwfile, *opwfile;
+ int err = 0;
+ int oldmask;
+ int found = 0;
+ struct passwd *pwd = NULL;
+ struct stat st;
+
+ if (howmany < 0) {
+ return PAM_SUCCESS;
+ }
+
+ if (oldpass == NULL) {
+ return PAM_SUCCESS;
+ }
+
+ oldmask = umask(077);
+
+#ifdef WITH_SELINUX
+ if (SELINUX_ENABLED) {
+ security_context_t passwd_context=NULL;
+ if (getfilecon("/etc/passwd",&passwd_context)<0) {
+ return PAM_AUTHTOK_ERR;
+ };
+ if (getfscreatecon(&prev_context)<0) {
+ freecon(passwd_context);
+ return PAM_AUTHTOK_ERR;
+ }
+ if (setfscreatecon(passwd_context)) {
+ freecon(passwd_context);
+ freecon(prev_context);
+ return PAM_AUTHTOK_ERR;
+ }
+ freecon(passwd_context);
+ }
+#endif
+ pwfile = fopen(OPW_TMPFILE, "w");
+ umask(oldmask);
[...2150 lines suppressed...]
+{
+ struct passwd *pwd = NULL;
+ struct spwd *spwdent = NULL;
+ char *salt = NULL;
+ char *pp = NULL;
+ int retval = PAM_AUTH_ERR;
+ size_t salt_len;
+
+ /* UNIX passwords area */
+ setpwent();
+ pwd = getpwnam(name); /* Get password file entry... */
+ endpwent();
+ if (pwd != NULL) {
+ if (_unix_shadowed(pwd)) {
+ /*
+ * ...and shadow password file entry for this user,
+ * if shadowing is enabled
+ */
+ setspent();
+ spwdent = getspnam(name);
+ endspent();
+ if (spwdent != NULL)
+ salt = x_strdup(spwdent->sp_pwdp);
+ else
+ pwd = NULL;
+ } else {
+ if (strcmp(pwd->pw_passwd, "*NP*") == 0) { /* NIS+ */
+ uid_t save_uid;
+
+ save_uid = geteuid();
+ seteuid(pwd->pw_uid);
+ spwdent = getspnam(name);
+ seteuid(save_uid);
+
+ salt = x_strdup(spwdent->sp_pwdp);
+ } else {
+ salt = x_strdup(pwd->pw_passwd);
+ }
+ }
+ }
+ if (pwd == NULL || salt == NULL) {
+ _log_err(LOG_ALERT, "check pass; user unknown");
+ p = NULL;
+ return PAM_USER_UNKNOWN;
+ }
+
+ salt_len = strlen(salt);
+ if (salt_len == 0) {
+ return (nullok == 0) ? PAM_AUTH_ERR : PAM_SUCCESS;
+ }
+ if (p == NULL || strlen(p) == 0) {
+ _pam_overwrite(salt);
+ _pam_drop(salt);
+ return PAM_AUTHTOK_ERR;
+ }
+
+ /* the moment of truth -- do we agree with the password? */
+ retval = PAM_AUTH_ERR;
+ if (!strncmp(salt, "$1$", 3)) {
+ pp = Goodcrypt_md5(p, salt);
+ if (pp && strcmp(pp, salt) == 0) {
+ retval = PAM_SUCCESS;
+ } else {
+ _pam_overwrite(pp);
+ _pam_drop(pp);
+ pp = Brokencrypt_md5(p, salt);
+ if (pp && strcmp(pp, salt) == 0)
+ retval = PAM_SUCCESS;
+ }
+ } else if (*salt == '$') {
+ /*
+ * Ok, we don't know the crypt algorithm, but maybe
+ * libcrypt nows about it? We should try it.
+ */
+ pp = x_strdup (crypt(p, salt));
+ if (pp && strcmp(pp, salt) == 0) {
+ retval = PAM_SUCCESS;
+ }
+ } else if (*salt == '*' || *salt == '!' || salt_len < 13) {
+ retval = PAM_AUTH_ERR;
+ } else {
+ pp = bigcrypt(p, salt);
+ /*
+ * Note, we are comparing the bigcrypt of the password with
+ * the contents of the password field. If the latter was
+ * encrypted with regular crypt (and not bigcrypt) it will
+ * have been truncated for storage relative to the output
+ * of bigcrypt here. As such we need to compare only the
+ * stored string with the subset of bigcrypt's result.
+ * Bug 521314.
+ */
+ if (pp && salt_len == 13 && strlen(pp) > salt_len) {
+ _pam_overwrite(pp+salt_len);
+ }
+
+ if (pp && strcmp(pp, salt) == 0) {
+ retval = PAM_SUCCESS;
+ }
+ }
+ p = NULL; /* no longer needed here */
+
+ /* clean up */
+ _pam_overwrite(pp);
+ _pam_drop(pp);
+
+ return retval;
+}
+
+char *
+getuidname(uid_t uid)
+{
+ struct passwd *pw;
+ static char username[256];
+
+ pw = getpwuid(uid);
+ if (pw == NULL)
+ return NULL;
+
+ strncpy(username, pw->pw_name, sizeof(username));
+ username[sizeof(username) - 1] = '\0';
+
+ return username;
+}
+/*
+ * Copyright (c) Andrew G. Morgan, 1996. All rights reserved
+ * Copyright (c) Red Hat, Inc. 2007. All rights reserved
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, and the entire permission notice in its entirety,
+ * including the disclaimer of warranties.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior
+ * written permission.
+ *
+ * ALTERNATIVELY, this product may be distributed under the terms of
+ * the GNU Public License, in which case the provisions of the GPL are
+ * required INSTEAD OF the above restrictions. (This clause is
+ * necessary due to a potential bad interaction between the GPL and
+ * the restrictions contained in a BSD-style copyright.)
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
--- Linux-PAM-0.99.8.1/modules/pam_unix/Makefile.am.update-helper 2006-12-18 19:50:50.000000000 +0100
+++ Linux-PAM-0.99.8.1/modules/pam_unix/Makefile.am 2007-07-23 13:40:56.000000000 +0200
@@ -16,7 +16,8 @@
secureconfdir = $(SCONFIGDIR)
AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include \
- -DCHKPWD_HELPER=\"$(sbindir)/unix_chkpwd\"
+ -DCHKPWD_HELPER=\"$(sbindir)/unix_chkpwd\" \
+ -DUPDATE_HELPER=\"$(sbindir)/unix_update\"
if HAVE_LIBSELINUX
AM_CFLAGS += -D"WITH_SELINUX"
@@ -34,9 +35,9 @@
securelib_LTLIBRARIES = pam_unix.la
-noinst_HEADERS = md5.h support.h yppasswd.h bigcrypt.h
+noinst_HEADERS = md5.h support.h yppasswd.h bigcrypt.h passverify.h
-sbin_PROGRAMS = unix_chkpwd
+sbin_PROGRAMS = unix_chkpwd unix_update
noinst_PROGRAMS = bigcrypt
@@ -48,11 +49,16 @@
bigcrypt_CFLAGS = $(AM_CFLAGS)
bigcrypt_LDFLAGS = @LIBCRYPT@
-unix_chkpwd_SOURCES = unix_chkpwd.c md5_good.c md5_broken.c bigcrypt.c
+unix_chkpwd_SOURCES = unix_chkpwd.c passverify.c md5_good.c md5_broken.c bigcrypt.c
unix_chkpwd_CFLAGS = $(AM_CFLAGS) @PIE_CFLAGS@
unix_chkpwd_LDFLAGS = @PIE_LDFLAGS@ -L$(top_builddir)/libpam -lpam \
@LIBCRYPT@ @LIBSELINUX@
+unix_update_SOURCES = unix_update.c passverify.c md5_good.c md5_broken.c bigcrypt.c
+unix_update_CFLAGS = $(AM_CFLAGS) @PIE_CFLAGS@
+unix_update_LDFLAGS = @PIE_LDFLAGS@ -L$(top_builddir)/libpam -lpam \
+ @LIBCRYPT@ @LIBSELINUX@
+
if ENABLE_REGENERATE_MAN
noinst_DATA = README
README: pam_unix.8.xml
Index: .cvsignore
===================================================================
RCS file: /cvs/pkgs/rpms/pam/devel/.cvsignore,v
retrieving revision 1.42
retrieving revision 1.43
diff -u -r1.42 -r1.43
--- .cvsignore 24 Jan 2007 12:14:29 -0000 1.42
+++ .cvsignore 23 Jul 2007 18:46:31 -0000 1.43
@@ -1,5 +1,5 @@
db-4.5.20.tar.gz
*.src.rpm
*.tar.bz2
-pam-redhat-0.99.7-1.tar.bz2
-Linux-PAM-0.99.7.1.tar.bz2
+pam-redhat-0.99.8-1.tar.bz2
+Linux-PAM-0.99.8.1.tar.bz2
Index: pam.spec
===================================================================
RCS file: /cvs/pkgs/rpms/pam/devel/pam.spec,v
retrieving revision 1.147
retrieving revision 1.148
diff -u -r1.147 -r1.148
--- pam.spec 4 Jun 2007 14:22:15 -0000 1.147
+++ pam.spec 23 Jul 2007 18:46:31 -0000 1.148
@@ -6,12 +6,12 @@
%define pwdb_version 0.62
%define db_version 4.5.20
%define db_conflicting_version 4.6.0
-%define pam_redhat_version 0.99.7-1
+%define pam_redhat_version 0.99.8-1
Summary: A security tool which provides authentication for applications
Name: pam
-Version: 0.99.7.1
-Release: 6%{?dist}
+Version: 0.99.8.1
+Release: 1%{?dist}
License: GPL or BSD
Group: System Environment/Base
Source0: http://ftp.us.kernel.org/pub/linux/libs/pam/pre/library/Linux-PAM-%{version}.tar.bz2
@@ -27,27 +27,12 @@
Patch1: pam-0.99.7.0-redhat-modules.patch
Patch2: pam-0.99.7.1-console-more-displays.patch
Patch3: pam-0.99.7.1-console-decrement.patch
-Patch22: pam-0.99.7.1-unix-allow-pwmodify.patch
-Patch23: pam-0.99.7.1-unix-bigcrypt.patch
-Patch24: pam-0.99.7.1-unix-update-helper.patch
+Patch4: pam-0.99.8.1-dbpam.patch
+Patch24: pam-0.99.8.1-unix-update-helper.patch
Patch25: pam-0.99.7.1-unix-hpux-aging.patch
-Patch34: pam-0.99.7.0-dbpam.patch
-Patch70: pam-0.99.2.1-selinux-nofail.patch
-Patch80: pam-0.99.6.2-selinux-drop-multiple.patch
-Patch81: pam-0.99.3.0-cracklib-try-first-pass.patch
-Patch82: pam-0.99.3.0-tally-fail-close.patch
-Patch84: pam-0.99.6.2-selinux-keycreate.patch
-Patch86: pam-0.99.7.0-namespace-no-unmount.patch
-Patch87: pam-0.99.6.2-namespace-preserve-uid.patch
-Patch92: pam-0.99.6.2-selinux-select-context.patch
-Patch93: pam-0.99.7.0-namespace-level.patch
-Patch94: pam-0.99.7.0-namespace-unmnt-override.patch
-Patch95: pam-0.99.6.2-selinux-use-current-range.patch
-Patch96: pam-0.99.6.2-namespace-dirnames.patch
-Patch97: pam-0.99.7.1-namespace-unknown-user.patch
-Patch98: pam-0.99.6.2-selinux-audit-context.patch
-Patch99: pam-0.99.6.2-namespace-docfix.patch
-Patch100: pam-0.99.7.1-namespace-temp-logon.patch
+Patch31: pam-0.99.3.0-cracklib-try-first-pass.patch
+Patch32: pam-0.99.3.0-tally-fail-close.patch
+Patch40: pam-0.99.7.1-namespace-temp-logon.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
Requires: cracklib, cracklib-dicts >= 2.8
@@ -103,27 +88,12 @@
%patch1 -p1 -b .redhat-modules
%patch2 -p1 -b .displays
%patch3 -p1 -b .decrement
-%patch22 -p1 -b .pwmodify
-%patch23 -p1 -b .bigcrypt
+%patch4 -p1 -b .dbpam
%patch24 -p1 -b .update-helper
%patch25 -p1 -b .unix-hpux-aging
-%patch34 -p1 -b .dbpam
-%patch70 -p1 -b .nofail
-%patch80 -p1 -b .drop-multiple
-%patch81 -p1 -b .try-first-pass
-%patch82 -p1 -b .fail-close
-%patch84 -p1 -b .keycreate
-%patch86 -p1 -b .no-unmount
-%patch87 -p1 -b .preserve-uid
-%patch92 -p1 -b .select-context
-%patch93 -p1 -b .level
-%patch94 -p1 -b .unmnt-override
-%patch95 -p1 -b .range
-%patch96 -p1 -b .dirnames
-%patch97 -p1 -b .unknown-user
-%patch98 -p1 -b .audit-context
-%patch99 -p1 -b .docfix
-%patch100 -p1 -b .temp-logon
+%patch31 -p1 -b .try-first-pass
+%patch32 -p1 -b .fail-close
+%patch40 -p1 -b .temp-logon
autoreconf
@@ -162,7 +132,8 @@
%configure \
--libdir=/%{_lib} \
--includedir=%{_includedir}/security \
- --enable-isadir=../../%{_lib}/security
+ --enable-isadir=../../%{_lib}/security \
+ --with-db-uniquename=_pam
make
%install
@@ -413,6 +384,10 @@
%doc doc/adg/*.txt doc/adg/html
%changelog
+* Mon Jul 23 2007 Tomas Mraz <tmraz at redhat.com> 0.99.8.1-1
+- upgrade to latest upstream version
+- add some firewire devices to default console perms (#240770)
+
* Thu Apr 26 2007 Tomas Mraz <tmraz at redhat.com> 0.99.7.1-6
- pam_namespace: better document behavior on failure (#237249)
- pam_unix: split out passwd change to a new helper binary (#236316)
Index: sources
===================================================================
RCS file: /cvs/pkgs/rpms/pam/devel/sources,v
retrieving revision 1.44
retrieving revision 1.45
diff -u -r1.44 -r1.45
--- sources 24 Jan 2007 12:14:29 -0000 1.44
+++ sources 23 Jul 2007 18:46:31 -0000 1.45
@@ -1,3 +1,3 @@
b0f1c777708cb8e9d37fb47e7ed3312d db-4.5.20.tar.gz
-66845048120c71205bd3363264f2bfe7 pam-redhat-0.99.7-1.tar.bz2
-385458dfb4633071594e255a6ebec9da Linux-PAM-0.99.7.1.tar.bz2
+2a23dc703b550223206021ff03b1e434 pam-redhat-0.99.8-1.tar.bz2
+a6472db4afe13850cb401922211bba4e Linux-PAM-0.99.8.1.tar.bz2
--- pam-0.99.2.1-selinux-nofail.patch DELETED ---
--- pam-0.99.6.2-namespace-dirnames.patch DELETED ---
--- pam-0.99.6.2-namespace-docfix.patch DELETED ---
--- pam-0.99.6.2-namespace-preserve-uid.patch DELETED ---
--- pam-0.99.6.2-selinux-audit-context.patch DELETED ---
--- pam-0.99.6.2-selinux-drop-multiple.patch DELETED ---
--- pam-0.99.6.2-selinux-keycreate.patch DELETED ---
--- pam-0.99.6.2-selinux-select-context.patch DELETED ---
--- pam-0.99.6.2-selinux-use-current-range.patch DELETED ---
--- pam-0.99.7.0-dbpam.patch DELETED ---
--- pam-0.99.7.0-namespace-level.patch DELETED ---
--- pam-0.99.7.0-namespace-no-unmount.patch DELETED ---
--- pam-0.99.7.0-namespace-unmnt-override.patch DELETED ---
--- pam-0.99.7.1-namespace-unknown-user.patch DELETED ---
--- pam-0.99.7.1-unix-allow-pwmodify.patch DELETED ---
--- pam-0.99.7.1-unix-bigcrypt.patch DELETED ---
--- pam-0.99.7.1-unix-update-helper.patch DELETED ---
- Previous message (by thread): rpms/gtk2/devel cups-authstring.patch, NONE, 1.1 .cvsignore, 1.72, 1.73 gtk2.spec, 1.244, 1.245 sources, 1.80, 1.81
- Next message (by thread): rpms/pam/devel pam-0.99.7.1-console-decrement.patch, 1.1, NONE pam-0.99.7.1-console-more-displays.patch, 1.1, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list