~ubuntu-branches/ubuntu/intrepid/pam/intrepid-proposed : changes

~ubuntu-branches/ubuntu/intrepid/pam/intrepid-proposed » Changes from revision 46

From Revision 46 to 27

Rev	Summary	Authors	Tags	Date
46	pam-auth-update: trim leading whitespace from multiline fiel... pam-auth-update: trim leading whitespace from multiline fields when parsing PAM profiles. LP: #295441.	Steve Langasek	1.0.1-4ubuntu5.5	15 years ago
45	No-change rebuild because the archive admin (me) copied the ... No-change rebuild because the archive admin (me) copied the package to jaunty too soon.	Steve Langasek	1.0.1-4ubuntu5.2	15 years ago
44	Allow passwords to change on expired accounts, by passing Allow passwords to change on expired accounts, by passing new_authtok_reqd return codes immediately (LP: #291091).	Kees Cook	1.0.1-4ubuntu5.1	15 years ago
43	* debian/libpam0g.postinst: change 'cupsys' to 'cups' in the... * debian/libpam0g.postinst: change 'cupsys' to 'cups' in the list of default desktop services that are ignored in deciding whether to prompt for service restarts on upgrade. Partially addresses LP #278117. * debian/libpam0g.postinst: also filter out samba, which may be installed on the desktop to enable filesharing. * debian/libpam-cracklib.prerm, debian/libpam-runtime.prerm: add the ubiquitous debhelper tokens (currently a no-op) * pam-auth-update: Use -Initial only for the first profile, even when there's no explicit -Initial config for that first profile * fix common-session/common-password to use the same overall stack structure as auth/account, so that we get the correct behavior when all password modules fail. LP: #272232.	Steve Langasek	1.0.1-4ubuntu5	15 years ago
42	Fix a bug in the parser that caused spewing of errors when t... Fix a bug in the parser that caused spewing of errors when there were more lines in the config file following the managed block. LP: #270328.	Steve Langasek	1.0.1-4ubuntu4	15 years ago
41	Fix up the code that saves state to /var/lib/pam, so that it... Fix up the code that saves state to /var/lib/pam, so that it matches what's expected by the code which later compares the saved and active profiles in the case that there are both primary and additional modules present.	Steve Langasek	1.0.1-4ubuntu3	15 years ago
40	Brown paper bag bug: fix a missing comma in pam-auth-update. Brown paper bag bug: fix a missing comma in pam-auth-update.	Steve Langasek	1.0.1-4ubuntu2	15 years ago
39	* Merge from Debian unstable * Merge from Debian unstable * Remaining changes: - debian/libpam-modules.postinst: Add PATH to /etc/environment if it's not present there or in /etc/security/pam_env.conf. (should send to Debian). - debian/libpam0g.postinst: only ask questions during update-manager when there are non-default services running. - debian/patches-applied/series: Ubuntu patches are as below ... - debian/patches-applied/ubuntu-fix_standard_types: Use standard u_int8_t type rather than __u8. - debian/patches-applied/ubuntu-no-error-if-missingok: add a new, magic module option 'missingok' which will suppress logging of errors by libpam if the module is not found. - debian/patches-applied/ubuntu-regression_fix_securetty: prompt for password on bad username. - debian/patches-applied/ubuntu-rlimit_nice_correction: Explicitly initialise RLIMIT_NICE rather than relying on the kernel limits. - debian/patches-applied/ubuntu-user_defined_environment: Look at ~/.pam_environment too, with the same format as /etc/security/pam_env.conf. (Originally patch 100; converted to quilt.) - Change Vcs-Bzr to point at the Ubuntu branch. - debian/local/pam-auth-update (et al): new interface for managing /etc/pam.d/common-, using drop-in config snippets provided by module packages. - debian/local/common-password, debian/pam-configs/unix: switch from "md5" to "sha512" as password crypt default. Bump the version numbers referenced in the config files, again, as pam has revved in Debian and moved the bar. * debian/pam-config/: refine the password profiles to use a 'primary' block, to better parallel the auth structure. Drop '-Final' from the field names in /usr/share/pam-configs, supporting these field names for backwards compatibility only * Bump the dependency version requirement to 1.0.1-4ubuntu1 for the above change	Steve Langasek	1.0.1-4ubuntu1	15 years ago
38	[ Steve Langasek ] [ Steve Langasek ] * Never remove the .pam-old files; just avoid creating them if --force isn't set. * Add a manpage for pam-auth-update. * Automatically upgrade the boilerplate for /etc/pam.d/common-* if we detect that they have not been locally modified. [ Kees Cook ] * debian/local/common-password, debian/pam-configs/unix: switch from "md5" to "sha512" as password crypt default.	Steve Langasek	1.0.1-3ubuntu5	15 years ago
37	If two profiles have the same Priority, sort by the profile ... If two profiles have the same Priority, sort by the profile name to ensure a complete sort so we can filter out all the duplicates from the list and not write out broken configs. LP: #260371.	Steve Langasek	1.0.1-3ubuntu4	15 years ago
36	* s/pam-auth-config/pam-auth-update/ in the source, I can't ... * s/pam-auth-config/pam-auth-update/ in the source, I can't seem to get this name consistent to save my life - I'm starting to think I named it wrong... * Fix the regex used when suppressing jump counts when reading the saved config, so that we don't clobber module options with numbers in them. * If the target doesn't already exist, don't try to copy it. * Filter the config list to exclude configs that no longer exist. LP: #260122. * Avoid unnecessary sort/grep in the case where we already have a sorted list. * Implement pam-auth-update --remove, for use in package prerms when called with "remove".	Steve Langasek	1.0.1-3ubuntu3	15 years ago
35	* debian/local/common-session: the session stack needs to be... * debian/local/common-session: the session stack needs to be handled the same way as the password stack, with the possibility of zero primary modules; required to fix build failures on the Ubuntu buildds due to su not being able to open sessions by default. LP: #259867. * debian/libpam-runtime.postinst: when upgrading from the broken 1.0.1-2ubuntu1 version, manually edit /etc/pam.d/common-session to recover.	Steve Langasek	1.0.1-3ubuntu2	15 years ago
34	* Merge from Debian unstable * Merge from Debian unstable * Remaining changes: - debian/libpam-modules.postinst: Add PATH to /etc/environment if it's not present there or in /etc/security/pam_env.conf. (should send to Debian). - debian/libpam0g.postinst: only ask questions during update-manager when there are non-default services running. - debian/patches-applied/series: Ubuntu patches are as below ... - debian/patches-applied/ubuntu-fix_standard_types: Use standard u_int8_t type rather than __u8. - debian/patches-applied/ubuntu-no-error-if-missingok: add a new, magic module option 'missingok' which will suppress logging of errors by libpam if the module is not found. - debian/patches-applied/ubuntu-regression_fix_securetty: prompt for password on bad username. - debian/patches-applied/ubuntu-rlimit_nice_correction: Explicitly initialise RLIMIT_NICE rather than relying on the kernel limits. - debian/patches-applied/ubuntu-user_defined_environment: Look at ~/.pam_environment too, with the same format as /etc/security/pam_env.conf. (Originally patch 100; converted to quilt.) - Change Vcs-Bzr to point at the Ubuntu branch. - debian/local/pam-auth-update (et al): new interface for managing /etc/pam.d/common-, using drop-in config snippets provided by module packages. Remove spurious 'conflict' with a non-existent module, which was added just as an example	Steve Langasek	1.0.1-3ubuntu1	15 years ago
33	* Merge from Debian unstable * Merge from Debian unstable * Remaining changes: - debian/libpam-modules.postinst: Add PATH to /etc/environment if it's not present there or in /etc/security/pam_env.conf. (should send to Debian). - debian/libpam-runtime.postinst, debian/local/common-{auth,password}{,.md5sums}: Use the new 'missingok' option by default for pam_smbpass in case libpam-smbpass is not installed (LP: #216990); must use "requisite" rather than "required" to prevent "pam_smbpass migrate" from firing in the event of an auth failure; md5sums updated accordingly. - debian/libpam0g.postinst: only ask questions during update-manager when there are non-default services running. - debian/patches-applied/series: Ubuntu patches are as below ... - debian/patches-applied/ubuntu-fix_standard_types: Use standard u_int8_t type rather than __u8. - debian/patches-applied/ubuntu-no-error-if-missingok: add a new, magic module option 'missingok' which will suppress logging of errors by libpam if the module is not found. - debian/patches-applied/ubuntu-regression_fix_securetty: prompt for password on bad username. - debian/patches-applied/ubuntu-rlimit_nice_correction: Explicitly initialise RLIMIT_NICE rather than relying on the kernel limits. - debian/patches-applied/ubuntu-user_defined_environment: Look at ~/.pam_environment too, with the same format as /etc/security/pam_env.conf. (Originally patch 100; converted to quilt.) - Change Vcs-Bzr to point at the Ubuntu branch. * debian/local/pam-auth-update (et al): new interface for managing /etc/pam.d/common-*, using drop-in config snippets provided by module packages.	Steve Langasek	1.0.1-2ubuntu1	15 years ago
32	* Merge from Debian unstable * Merge from Debian unstable * Dropped changes: - Linux-PAM/modules/pam_selinux/pam_selinux.8: Ubuntu pam_selinux manpage is 2 years newer than Debian's, contains a number of character escaping fixes plus content updates - debian/patches-applied/ubuntu-pam_selinux_seusers: patch pam_selinux to correctly support seusers (backported from changes in PAM 0.99.8). - debian/rules: install unix_chkpwd setgid shadow instead of setuid root. The nis package handles overriding this as necessary. - debian/patches-applied/ubuntu-rlimit_nice_correction: Bound RLIMIT_NICE from below as well as from above. Fix off-by-one error when converting RLIMIT_NICE to the range of values used by the kernel. * Remaining changes: - debian/libpam-modules.postinst: Add PATH to /etc/environment if it's not present there or in /etc/security/pam_env.conf. (should send to Debian). - debian/libpam-runtime.postinst, debian/local/common-{auth,password}{,.md5sums}: Use the new 'missingok' option by default for pam_smbpass in case libpam-smbpass is not installed (LP: #216990); must use "requisite" rather than "required" to prevent "pam_smbpass migrate" from firing in the event of an auth failure; md5sums updated accordingly. - debian/libpam0g.postinst: only ask questions during update-manager when there are non-default services running. - debian/patches-applied/series: Ubuntu patches are as below ... - debian/patches-applied/ubuntu-fix_standard_types: Use standard u_int8_t type rather than __u8. - debian/patches-applied/ubuntu-no-error-if-missingok: add a new, magic module option 'missingok' which will suppress logging of errors by libpam if the module is not found. - debian/patches-applied/ubuntu-regression_fix_securetty: prompt for password on bad username. - debian/patches-applied/ubuntu-rlimit_nice_correction: Explicitly initialise RLIMIT_NICE rather than relying on the kernel limits. - debian/patches-applied/ubuntu-user_defined_environment: Look at ~/.pam_environment too, with the same format as /etc/security/pam_env.conf. (Originally patch 100; converted to quilt.) * Refresh patch ubuntu-no-error-if-missingok for the new upstream version. * Change Vcs-Bzr to point at the new Ubuntu branch.	Steve Langasek	1.0.1-1ubuntu1	15 years ago
31	debian/libpam-modules.postinst: revert addition of ~/bin to ... debian/libpam-modules.postinst: revert addition of ~/bin to the end of the default PATH set in /etc/environment as it was pointed out by Colin Watson that getenv() does not properly expand '~'	Jamie Strandboge	0.99.7.1-6ubuntu2	15 years ago
30	* Merge from debian unstable * Merge from debian unstable * Dropped changes: - Linux-PAM/modules/pam_limits/README, Linux-PAM/modules/pam_selinux/README: Ubuntu versions had some insignificant character differences, dropping in favor of Debian versions; pam_selinux documentation has dropped "multiple", and added "select_context", and "use_current_range" as options. - debian/control, debian/local/common-session{,md5sums}: use libpam-foreground for session management. - Build using db4.5 instead of db4.6. * Remaining changes: - Linux-PAM/modules/pam_selinux/pam_selinux.8: Ubuntu pam_selinux manpage is 2 years newer than Debian's, contains a number of character escaping fixes plus content updates; (should send to Debian). - debian/control: Maintainer updated. - debian/libpam-modules.postinst: Add PATH to /etc/environment if it's not present there or in /etc/security/pam_env.conf; add ~/bin to PATH (LP: #64064); (should send to Debian). - debian/libpam-runtime.postinst, debian/local/common-{auth,password}{,.md5sums}: Use the new 'missingok' option by default for pam_smbpass in case libpam-smbpass is not installed (LP: #216990); must use "requisite" rather than "required" to prevent "pam_smbpass migrate" from firing in the event of an auth failure; md5sums updated accordingly. - debian/libpam0g.postinst: only ask questions during update-manager when there are non-default services running (LP: #141309). - debian/applied/series: Ubuntu patches are as below ... - debian/patches-applied/ubuntu-fix_standard_types: Use standard u_int8_t type rather than __u8. - debian/patches-applied/ubuntu-no-error-if-missingok: add a new, magic module option 'missingok' which will suppress logging of errors by libpam if the module is not found. - debian/patches-applied/ubuntu-pam_selinux_seusers: patch pam_selinux to correctly support seusers (backported from changes in PAM 0.99.8). Without this patch login will not get correct security context when using libselinux >= 1.27.2 (LP: #187822). - debian/patches-applied/ubuntu-regression_fix_securetty: securetty's earlier behavior would correctly prompt for password on bad usernames (LP: #139075). - debian/patches-applied/ubuntu-rlimit_nice_correction: Explicitly initialise RLIMIT_NICE rather than relying on the kernel limits. Bound RLIMIT_NICE from below as well as from above. Fix off-by-one error when converting RLIMIT_NICE to the range of values used by the kernel. - debian/patches-applied/ubuntu-user_defined_environment: Look at ~/.pam_environment too, with the same format as /etc/security/pam_env.conf. (Originally patch 100; converted to quilt.) - debian/rules: install unix_chkpwd setgid shadow instead of setuid root. The nis package handles overriding this as necessary. * Alphabetized this merge changelog entry by filename (easier reading against Ubuntu patch).	Dustin Kirkland	0.99.7.1-6ubuntu1	15 years ago
29	debian/libpam-modules.postinst: Add ~/bin to the end of the ... debian/libpam-modules.postinst: Add ~/bin to the end of the default PATH set in /etc/environment (LP: #64064).	Dustin Kirkland	0.99.7.1-5ubuntu8	15 years ago
28	* debian/patches-applied/ubuntu-no-error-if-missingok: add a... * debian/patches-applied/ubuntu-no-error-if-missingok: add a new, magic module option 'missingok' which will suppress logging of errors by libpam if the module is not found. * debian/local/common-{auth,password}, debian/libpam-runtime.postinst: Use the new 'missingok' option by default for pam_smbpass, to correct the problem of very loud logging introduced in the previous upload when libpam-smbpass is not installed. LP: #216990.	Steve Langasek	0.99.7.1-5ubuntu7	16 years ago
27	debian/local/common-{auth,password}, debian/libpam-runtime.p... debian/local/common-{auth,password}, debian/libpam-runtime.postinst: Add pam_smbpass as an optional module in the stack, to keep NTLM passwords (for filesharing) in sync with the main system passwords on a best-effort basis. LP: #208419.	Steve Langasek	0.99.7.1-5ubuntu6	16 years ago

Older »