Hello community,
here is the log from the commit of package pam-modules
checked in at Sat Aug 30 02:53:42 CEST 2008.
--------
--- pam-modules/pam-modules.changes 2008-08-20 14:59:56.000000000 +0200
+++ pam-modules/pam-modules.changes 2008-08-28 17:19:23.000000000 +0200
@@ -1,0 +2,5 @@
+Thu Aug 28 17:19:02 CEST 2008 - kukuk@suse.de
+
+- pam_unix2: make session logging more verbose
+
+-------------------------------------------------------------------
Old:
----
pam_unix2-2.5.1-passwd.dif
pam_unix2-2.5.1.tar.bz2
New:
----
pam_unix2-2.6.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ pam-modules.spec ++++++
--- /var/tmp/diff_new_pack.oZD903/_old 2008-08-30 02:51:49.000000000 +0200
+++ /var/tmp/diff_new_pack.oZD903/_new 2008-08-30 02:51:49.000000000 +0200
@@ -29,9 +29,9 @@
Group: System/Libraries
AutoReqProv: on
Version: 11.0.42
-Release: 17
+Release: 20
Summary: Additional PAM Modules
-Source0: pam_unix2-2.5.1.tar.bz2
+Source0: pam_unix2-2.6.tar.bz2
Source1: pam_pwcheck-3.11.1.tar.bz2
Source2: pam_homecheck-2.0.tar.bz2
Source5: pam_make-1.2.tar.bz2
@@ -39,7 +39,6 @@
Source41: unix2_chkpwd.8
Source50: dlopen.sh
Patch1: pam-modules-10.3-pam_make-fix-open.dif
-Patch2: pam_unix2-2.5.1-passwd.dif
BuildRoot: %{_tmppath}/%{name}-%{version}-build
PreReq: permissions
@@ -56,7 +55,6 @@
%prep
%setup -q -c %{name} -b1 -b2 -b5
%patch1
-%patch2 -p1
%build
for i in * ; do
@@ -127,6 +125,8 @@
%attr(644,root,root) %doc %{_mandir}/man8/unix2_chkpwd.8.gz
%changelog
+* Thu Aug 28 2008 kukuk@suse.de
+- pam_unix2: make session logging more verbose
* Wed Aug 20 2008 prusnak@suse.cz
- enabled SELinux support [Fate#303662]
* Mon Aug 11 2008 mc@suse.de
++++++ pam_unix2-2.5.1.tar.bz2 -> pam_unix2-2.6.tar.bz2 ++++++
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_unix2-2.5.1/ChangeLog new/pam_unix2-2.6/ChangeLog
--- old/pam_unix2-2.5.1/ChangeLog 2008-04-11 10:58:32.000000000 +0200
+++ new/pam_unix2-2.6/ChangeLog 2008-08-28 17:10:56.000000000 +0200
@@ -1,3 +1,20 @@
+2008-08-28 Thorsten Kukuk
+
+ * releae version 2.6
+
+ * src/unix_sess.c: Log tty and hostname if available.
+
+ * src/unix_passwd.c: Compare stored with entered password
+ if PAM_CHANGE_EXPIRED_AUTHTOK flag is set [bnc#414783].
+
+ * po/*.po: Update translations.
+
+2008-05-23 Thorsten Kukuk
+
+ * release version 2.5.1
+
+ * po/*.po: Update translations.
+
2008-04-10 Thorsten Kukuk
* release 2.5.0
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_unix2-2.5.1/configure new/pam_unix2-2.6/configure
--- old/pam_unix2-2.5.1/configure 2008-05-23 15:50:32.000000000 +0200
+++ new/pam_unix2-2.6/configure 2008-08-28 17:01:36.000000000 +0200
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.61 for pam_unix2 2.5.1.
+# Generated by GNU Autoconf 2.61 for pam_unix2 2.6.
#
# Report bugs to http://www.suse.de/feedback.
#
@@ -574,8 +574,8 @@
# Identity of this package.
PACKAGE_NAME='pam_unix2'
PACKAGE_TARNAME='pam_unix2'
-PACKAGE_VERSION='2.5.1'
-PACKAGE_STRING='pam_unix2 2.5.1'
+PACKAGE_VERSION='2.6'
+PACKAGE_STRING='pam_unix2 2.6'
PACKAGE_BUGREPORT='http://www.suse.de/feedback'
ac_unique_file="src/support.c"
@@ -1232,7 +1232,7 @@
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures pam_unix2 2.5.1 to adapt to many kinds of systems.
+\`configure' configures pam_unix2 2.6 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1302,7 +1302,7 @@
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of pam_unix2 2.5.1:";;
+ short | recursive ) echo "Configuration of pam_unix2 2.6:";;
esac
cat <<\_ACEOF
@@ -1398,7 +1398,7 @@
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-pam_unix2 configure 2.5.1
+pam_unix2 configure 2.6
generated by GNU Autoconf 2.61
Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001,
@@ -1412,7 +1412,7 @@
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by pam_unix2 $as_me 2.5.1, which was
+It was created by pam_unix2 $as_me 2.6, which was
generated by GNU Autoconf 2.61. Invocation command line was
$ $0 $@
@@ -2102,7 +2102,7 @@
# Define the identity of the package.
PACKAGE='pam_unix2'
- VERSION='2.5.1'
+ VERSION='2.6'
cat >>confdefs.h <<_ACEOF
@@ -8198,7 +8198,7 @@
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by pam_unix2 $as_me 2.5.1, which was
+This file was extended by pam_unix2 $as_me 2.6, which was
generated by GNU Autoconf 2.61. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -8251,7 +8251,7 @@
_ACEOF
cat >>$CONFIG_STATUS <<_ACEOF
ac_cs_version="\\
-pam_unix2 config.status 2.5.1
+pam_unix2 config.status 2.6
configured by $0, generated by GNU Autoconf 2.61,
with options \\"`echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`\\"
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_unix2-2.5.1/configure.in new/pam_unix2-2.6/configure.in
--- old/pam_unix2-2.5.1/configure.in 2008-05-23 15:50:25.000000000 +0200
+++ new/pam_unix2-2.6/configure.in 2008-08-28 17:00:31.000000000 +0200
@@ -1,5 +1,5 @@
dnl Process this file with autoconf to produce a configure script.
-AC_INIT(pam_unix2, 2.5.1, http://www.suse.de/feedback, pam_unix2)
+AC_INIT(pam_unix2, 2.6, http://www.suse.de/feedback, pam_unix2)
AM_INIT_AUTOMAKE
AC_CONFIG_SRCDIR([src/support.c])
AM_CONFIG_HEADER(config.h)
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_unix2-2.5.1/NEWS new/pam_unix2-2.6/NEWS
--- old/pam_unix2-2.5.1/NEWS 2008-05-23 15:52:24.000000000 +0200
+++ new/pam_unix2-2.6/NEWS 2008-08-28 17:00:56.000000000 +0200
@@ -5,6 +5,9 @@
Please send bug reports, questions and suggestions to .
+Version 2.6
+* Enhance log message for starting/closing a session
+
Version 2.5.1
* Update translations
Files old/pam_unix2-2.5.1/po/el.gmo and new/pam_unix2-2.6/po/el.gmo differ
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_unix2-2.5.1/po/el.po new/pam_unix2-2.6/po/el.po
--- old/pam_unix2-2.5.1/po/el.po 2008-05-23 15:52:27.000000000 +0200
+++ new/pam_unix2-2.6/po/el.po 2008-08-28 17:10:14.000000000 +0200
@@ -1,4 +1,4 @@
-# translation of pam_unix2.el.po to Hellenic
+# translation of pam_unix2.el.po to Ελληνικά
# @TITLE@
# Copyright (C) 2006, SUSE Linux GmbH, Nuremberg
#
@@ -12,9 +12,9 @@
"Project-Id-Version: pam_unix2.el\n"
"Report-Msgid-Bugs-To: kukuk@suse.de\n"
"POT-Creation-Date: 2008-03-31 15:10+0200\n"
-"PO-Revision-Date: 2008-03-31 11:20+0100\n"
+"PO-Revision-Date: 2008-06-06 01:04+0100\n"
"Last-Translator: Vasileios Giannakopoulos \n"
-"Language-Team: Hellenic \n"
+"Language-Team: Ελληνικά \n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
Files old/pam_unix2-2.5.1/po/ko.gmo and new/pam_unix2-2.6/po/ko.gmo differ
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_unix2-2.5.1/po/ko.po new/pam_unix2-2.6/po/ko.po
--- old/pam_unix2-2.5.1/po/ko.po 2008-05-23 15:52:27.000000000 +0200
+++ new/pam_unix2-2.6/po/ko.po 2008-08-28 17:10:14.000000000 +0200
@@ -223,4 +223,4 @@
#: src/unix_passwd.c:1048
msgid "Error while changing the NIS password."
-msgstr "NIS 열쇠글을 변경중 오류"
+msgstr "NIS 열쇠글을 변경 중 오류"
Files old/pam_unix2-2.5.1/po/ro.gmo and new/pam_unix2-2.6/po/ro.gmo differ
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_unix2-2.5.1/po/ro.po new/pam_unix2-2.6/po/ro.po
--- old/pam_unix2-2.5.1/po/ro.po 2008-05-23 15:52:27.000000000 +0200
+++ new/pam_unix2-2.6/po/ro.po 2008-08-26 13:19:58.000000000 +0200
@@ -30,11 +30,11 @@
#: src/unix_acct.c:102 src/unix_acct.c:150
msgid "Your password has expired. Choose a new password."
-msgstr "Parola dvs. a expirat. Alegeţi o nouă parolă."
+msgstr "Parola dvs. a expirat. Alegeți o nouă parolă."
#: src/unix_acct.c:129
msgid "Password change requested. Choose a new password."
-msgstr "Este necesară schimbarea parolei. Alegeţi o nouă parolă."
+msgstr "Este necesară schimbarea parolei. Alegeți o nouă parolă."
#: src/unix_acct.c:288
#, c-format
@@ -65,21 +65,21 @@
#: src/unix_passwd.c:85
msgid "Reenter New Password: "
-msgstr "Reintroduceţi noua parolă: "
+msgstr "Reintroduceți noua parolă: "
#: src/unix_passwd.c:214
msgid "You can only change local passwords."
-msgstr "Puteţi schimba numai parolele locale."
+msgstr "Puteți schimba numai parolele locale."
#: src/unix_passwd.c:284
#, c-format
msgid "Less then %d weeks since the last change."
-msgstr "Au trecut mai puţin de %d săptămâni de la ultima schimbare."
+msgstr "Au trecut mai puțin de %d săptămâni de la ultima schimbare."
#: src/unix_passwd.c:288
#, c-format
msgid "Less then %d days since the last change."
-msgstr "Au trecut mai puţin de %d zile de la ultima schimbare."
+msgstr "Au trecut mai puțin de %d zile de la ultima schimbare."
#: src/unix_passwd.c:340 src/unix_passwd.c:355
msgid "Password change aborted."
@@ -120,11 +120,11 @@
#: src/unix_passwd.c:493
#, c-format
msgid "Unable to obtain entropy from %s"
-msgstr "Nu pot obţine entropia de la %s"
+msgstr "Nu pot obține entropia de la %s"
#: src/unix_passwd.c:508
msgid "Unable to generate a salt. Check your crypt settings."
-msgstr "Nu pot genera salt. Verificaţi setările crypt."
+msgstr "Nu pot genera salt. Verificați setările crypt."
#: src/unix_passwd.c:634
msgid "Cannot create salt for standard crypt"
@@ -152,11 +152,11 @@
#: src/unix_passwd.c:695
msgid "crypt_r() returns NULL pointer"
-msgstr "crypt_r() returns NULL pointer"
+msgstr "c_ryptr()întoarce un pointer NULL"
#: src/unix_passwd.c:718
msgid "Cannot lock password file: already locked."
-msgstr "Nu pot bloca fişierul de parolă: este deja blocat."
+msgstr "Nu pot bloca fișierul de parolă: este deja blocat."
#: src/unix_passwd.c:745 src/unix_passwd.c:806 src/unix_passwd.c:889
#: src/unix_passwd.c:950
@@ -172,7 +172,7 @@
#: src/unix_passwd.c:780 src/unix_passwd.c:924
#, c-format
msgid "Cannot create temp file (%s): %m"
-msgstr "Nu pot crea fişierul temporar (%s): %m"
+msgstr "Nu pot crea fișierul temporar (%s): %m"
#: src/unix_passwd.c:788 src/unix_passwd.c:932
#, c-format
@@ -187,37 +187,37 @@
#: src/unix_passwd.c:836
#, c-format
msgid "Error while writing new shadow file: %m"
-msgstr "Eroare la scrierea noului fişier shadow: %m"
+msgstr "Eroare la scrierea noului fișier shadow: %m"
#: src/unix_passwd.c:846
#, c-format
msgid "Error while closing old shadow file: %m"
-msgstr "Eroare la închiderea vechiului fişier shadow: %m"
+msgstr "Eroare la închiderea vechiului fișier shadow: %m"
#: src/unix_passwd.c:854
#, c-format
msgid "Error while closing temporary shadow file: %m"
-msgstr "Eroare la închiderea fişierului shadow temporar: %m"
+msgstr "Eroare la închiderea fișierului shadow temporar: %m"
#: src/unix_passwd.c:861 src/unix_passwd.c:1001
#, c-format
msgid "Cannot create backup file of %s: %m"
-msgstr "Nu pot crea fişier de backup pentru %s: %m"
+msgstr "Nu pot crea fișier de backup pentru %s: %m"
#: src/unix_passwd.c:976
#, c-format
msgid "Error while writing new password file: %m"
-msgstr "Eroare la scrierea noului fişier password: %m"
+msgstr "Eroare la scrierea noului fișier password: %m"
#: src/unix_passwd.c:986
#, c-format
msgid "Error while closing old password file: %m"
-msgstr "Eroare la închiderea vechiului fişier password: %m"
+msgstr "Eroare la închiderea vechiului fișier password: %m"
#: src/unix_passwd.c:994
#, c-format
msgid "Error while closing temporary password file: %m"
-msgstr "Eroare la închiderea fişierului password temporar: %m"
+msgstr "Eroare la închiderea fișierului password temporar: %m"
#: src/unix_passwd.c:1033
#, c-format
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_unix2-2.5.1/src/unix_passwd.c new/pam_unix2-2.6/src/unix_passwd.c
--- old/pam_unix2-2.5.1/src/unix_passwd.c 2008-04-11 11:37:03.000000000 +0200
+++ new/pam_unix2-2.6/src/unix_passwd.c 2008-08-28 16:33:06.000000000 +0200
@@ -254,7 +254,7 @@
if (flags & PAM_PRELIM_CHECK)
{
/* Check if the old password was correct. */
- if (getuid () && strcmp (data->oldpassword,
+ if ((getuid () || (flags & PAM_CHANGE_EXPIRED_AUTHTOK)) && strcmp (data->oldpassword,
crypt_r (oldpass, data->oldpassword, &output)) != 0)
{
if (options.debug)
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_unix2-2.5.1/src/unix_sess.c new/pam_unix2-2.6/src/unix_sess.c
--- old/pam_unix2-2.5.1/src/unix_sess.c 2006-01-17 13:41:06.000000000 +0100
+++ new/pam_unix2-2.6/src/unix_sess.c 2008-08-28 16:55:30.000000000 +0200
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2006 SUSE Linux Products GmbH Nuernberg,Germany.
+ * Copyright (c) 2006, 2008 SUSE Linux Products GmbH Nuernberg,Germany.
* Copyright (c) 1999, 2000, 2002, 2003, 2004 SuSE GmbH Nuernberg, Germany.
* Author: Thorsten Kukuk
*
@@ -52,14 +52,15 @@
#include "public.h"
-int
-pam_sm_open_session (pam_handle_t *pamh, int flags, int argc,
- const char **argv)
+static int
+pam_log_session (pam_handle_t *pamh, int flags, int argc,
+ const char **argv, const char *kind)
{
int retval;
const char *name;
- char *service;
+ char *service, *tty, *rhost;
options_t options;
+ char *logmsg = NULL;
memset (&options, 0, sizeof (options));
options.log_level = -1; /* Initialize to default "none". */
@@ -88,52 +89,57 @@
if (service == NULL)
return PAM_CONV_ERR;
- pam_syslog (pamh, options.log_level,
- "session started for user %s, service %s\n",
- name, service);
-
- return PAM_SUCCESS;
-}
-
-int
-pam_sm_close_session (pam_handle_t * pamh, int flags,
- int argc, const char **argv)
-{
- int retval;
- const char *name;
- char *service;
- options_t options;
+ retval = pam_get_item(pamh, PAM_TTY, (void *) &tty);
+ if (retval !=PAM_SUCCESS)
+ return retval;
- memset (&options, 0, sizeof (options));
- options.log_level = -1; /* Initialize to default "none". */
+ retval = pam_get_item(pamh, PAM_RHOST, (void *) &rhost);
+ if (retval !=PAM_SUCCESS)
+ return retval;
- if (get_options (pamh, &options, "session", argc, argv) < 0)
+ if (tty && !rhost)
{
- pam_syslog (pamh, LOG_ERR, "cannot get options");
- return PAM_SYSTEM_ERR;
+ if (asprintf (&logmsg, "session %s for user %s: service=%s, tty=%s",
+ kind, name, service, tty) == -1)
+ return PAM_SESSION_ERR;
+ }
+ else if (!tty && rhost)
+ {
+ if (asprintf (&logmsg,
+ "session %s for user %s: service=%s, rhost=%s",
+ kind, name, service, rhost) == -1)
+ return PAM_SESSION_ERR;
+ }
+ else if (tty && rhost)
+ {
+ if (asprintf (&logmsg,
+ "session %s for user %s: service=%s, tty=%s, rhost=%s",
+ kind, name, service, tty, rhost) == -1)
+ return PAM_SESSION_ERR;
+ }
+ else
+ {
+ if (asprintf (&logmsg, "session %s for user %s: service=%s",
+ kind, name, service) == -1)
+ return PAM_SESSION_ERR;
}
- /* get the user name */
- if ((retval = pam_get_user (pamh, &name, NULL)) != PAM_SUCCESS)
- return retval;
-
- if (name == NULL || name[0] == '\0')
- return PAM_SESSION_ERR;
-
- /* Move this after getting the user name, else PAM test suite
- will not pass ... */
- if (options.log_level == -1)
- return PAM_SUCCESS;
+ pam_syslog (pamh, options.log_level, logmsg);
+ free (logmsg);
- retval = pam_get_item (pamh, PAM_SERVICE, (void *) &service);
- if (retval != PAM_SUCCESS)
- return retval;
- if (service == NULL)
- return PAM_CONV_ERR;
+ return PAM_SUCCESS;
+}
- pam_syslog (pamh, options.log_level,
- "session finished for user %s, service %s\n",
- name, service);
+int
+pam_sm_open_session (pam_handle_t *pamh, int flags, int argc,
+ const char **argv)
+{
+ return pam_log_session (pamh, flags, argc, argv, "started");
+}
- return PAM_SUCCESS;
+int
+pam_sm_close_session (pam_handle_t * pamh, int flags,
+ int argc, const char **argv)
+{
+ return pam_log_session (pamh, flags, argc, argv, "finished");
}
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-commit+help@opensuse.org