summaryrefslogtreecommitdiff
path: root/meta/recipes-extended/pam/libpam
AgeCommit message (Collapse)AuthorFiles
2016-05-30libpam: update to 1.3.0Maxin B. John3
1.2.1 -> 1.3.0 Remove upstreamed patch: a) pam-no-innetgr.patch Refreshed the following patches for 1.3.0: a) crypt_configure.patch b) pam-unix-nullok-secure.patch Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2015-12-12libpam: Fix build with muslKhem Raj2
Define strndupa if not available in libc additionally fix headers to explicitly needed include files which glibc was including indirectly Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2015-10-24libpam: Fix build with uclibcKhem Raj1
libpam needs to adjust for posix utmpx uclibc now disables utmp Change-Id: Ibcb7cb621527f318eb8b6e2741647ccb4c6bb39c Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2015-08-09libpam: Fix patch broken during upgradeRichard Purdie1
"0x200" became "0200" during the upgrade to libpam 1.2.1 in: http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/?id=88dd997d9941b63ae9eead6690ecf2b785c0740c and this broke the IMAGE_FEATURES like debug-tweaks. I've converted all the values to octal here to match the original header file convention and make it clearer. [YOCTO #8033] Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-07-20libpam: Upgrade v1.1.6 -> v1.2.1Amarnath Valluri7
Dropped upstreamed patches(commit-id): - add-checks-for-crypt-returning-NULL.patch(8dc056c) - destdirfix.patch(d7e6b92) - libpam-fix-for-CVE-2010-4708.patch(4c430f6) Dropped backported patches(commit-id): - pam_timestamp-fix-potential-directory-traversal-issu.patch(9dcead8) - reflect-the-enforce_for_root-semantics-change-in-pam.patch(bd07ad3) Forward ported patches: - pam-unix-nullok-secure.patch - crypt_configure.patch Signed-off-by: Amarnath Valluri <amarnath.valluri@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2015-06-08libpam: Fix wrong crypt library detectionKhem Raj1
Surfaced when building with musl This details are in patch headers Enabel innetgr.patch for musl as well Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2014-09-29libpam / xtests: remove bash dependencyWenzong Fan1
There's not bash specific syntax in the xtests scripts: $ cd Linux-PAM-1.1.6/xtests # replace /bin/bash to /bin/sh and check the bashisms: $ checkbashisms *.sh No output So the runtime dependency to bash could be removed. Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2014-06-17libpam: Security Advisory - CVE-2014-2583Yue Tao1
v2 changes: * update format for commit log * add Upstream-Status for patch Multiple directory traversal vulnerabilities in pam_timestamp.c in the pam_timestamp module for Linux-PAM (aka pam) 1.1.8 allow local users to create aribitrary files or possibly bypass authentication via a .. (dot dot) in the (1) PAM_RUSER value to the get_ruser function or (2) PAM_TTY value to the check_tty funtion, which is used by the format_timestamp_name function. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2583 Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2013-09-20libpam: only use pam_systemd.so if systemd is enabledRoss Burton1
So that sysvinit images don't warn on every login only add it to common-session if systemd is a DISTRO_FEATURE. [ YOCTO #3805 ] Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2013-07-31libpam: deny all services for the OTHER entriesMing Liu1
To be secure, change behavior of the OTHER entries to warn and deny access to everything by stating pam_deny.so on all services. Signed-off-by: Ming Liu <ming.liu@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
2013-07-22libpam: add a new 'nullok_secure' option support to pam_unixMing Liu2
Debian patch to add a new 'nullok_secure' option to pam_unix, which accepts users with null passwords only when the applicant is connected from a tty listed in /etc/securetty. The original pam_unix.so was configured with nullok_secure in meta/recipes-extended/pam/libpam/pam.d/common-auth, but no such code exists actually. The patch set comes from: http://patch-tracker.debian.org/patch/series/view/pam/1.1.3-7.1/054_pam_security_abstract_securetty_handling http://patch-tracker.debian.org/patch/series/view/pam/1.1.3-7.1/055_pam_unix_nullok_secure Signed-off-by: Ming Liu <ming.liu@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
2013-06-19libpam: Fix for CVE-2010-4708Wenzong Fan1
Change default for user_readenv to 0 and document the new default for user_readenv. This fix from: http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/modules/pam_env /pam_env.c?r1=1.22&r2=1.23&view=patch http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/modules/pam_env /pam_env.8.xml?r1=1.7&r2=1.8&view=patch Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2013-04-17libpam: backport patches from upstreamKai Kang2
Backport patches from linux-pam git repo to fix test case tst-pam_pwhistory1 failure. [YOCTO #4107] Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2013-03-21pam: Fix case where ${B} != ${S}Richard Purdie1
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2013-01-20libpam: register PAM session with logindKoen Kooi1
This make screen/tmux/etc work as intended. Signed-off-by: Martin Donnelly <martin.donnelly@ge.com> Signed-off-by: Koen Kooi <koen@dominion.thruhere.net> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2012-08-19libpam: Fix missing DESTDIR for a mkdir causing build failuresRichard Purdie1
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2012-08-19libpam: Update recipes from 1.1.5 -> 1.1.6Khem Raj1
Drop include-sys-resource.patch already fixed upstream LIC_FILE_CHKSUM change is due to deletion of space in COPYING file see http://git.fedorahosted.org/cgit/linux-pam.git/commit/COPYING?id=1814aec611a5f9e03eceee81237ad3a3f51c954a Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2012-07-17libpam: Fix build with eglibc 2.16Khem Raj1
pam_unix_acct.c: In function '_unix_run_verify_binary': pam_unix_acct.c:97:19: error: storage size of 'rlim' isn't known pam_unix_acct.c:106:19: error: 'RLIMIT_NOFILE' undeclared (first use in this function) pam_unix_acct.c:106:19: note: each undeclared identifier is reported only once for each function it appears in Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2011-07-27libpam: update to 1.1.4 and add subpackage xtestsKang Kai1
Update libpam to 1.1.4, and add dependecy cracklib because run xtexts will need pam-plugin-cracklib. There are some additional checks under subdirectory xtests and make it as a subpackage libpam-xtests. Signed-off-by: Kang Kai <kai.kang@windriver.com>
2011-05-17recipes: Add Upstream-Status to various recipe patchesScott Garman1
Add Upstream-Status tag to patches for the following recipes: openssh dbus-glib expat opensp sgml-common at cpio (GPLv3 version) libpam icu Signed-off-by: Scott Garman <scott.a.garman@intel.com>
2011-04-04libpam_1.1.3.bb: Fix compilation on uclibc when innetgr is absentKhem Raj1
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2010-11-24libpam: upgrade to version 1.1.3Scott Garman7
* Removed obsolete crossbinary patch * Added source checksums * Added LIC_FILES_CHKSUM and SUMMARY entries Signed-off-by: Scott Garman <scott.a.garman@intel.com>
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-19 13:42:40 +0000