Hello community,
here is the log from the commit of package pam for openSUSE:Factory
checked in at Fri Sep 3 12:51:22 CEST 2010.
--------
--- pam/pam.changes 2010-05-10 14:23:45.000000000 +0200
+++ /mounts/work_src_done/STABLE/pam/pam.changes 2010-08-31 13:38:58.000000000 +0200
@@ -1,0 +2,10 @@
+Tue Aug 31 13:38:23 CEST 2010 - kukuk@suse.de
+
+- Update to Linux-PAM 1.1.2
+
+-------------------------------------------------------------------
+Mon Jun 28 06:38:35 UTC 2010 - jengelh@medozas.de
+
+- use %_smp_mflags
+
+-------------------------------------------------------------------
calling whatdependson for head-i586
Old:
----
Linux-PAM-1.1.1.90-docs.tar.bz2
Linux-PAM-1.1.1.90.tar.bz2
New:
----
Linux-PAM-1.1.2-docs.tar.bz2
Linux-PAM-1.1.2.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ pam.spec ++++++
--- /var/tmp/diff_new_pack.vWsgC0/_old 2010-09-03 12:50:59.000000000 +0200
+++ /var/tmp/diff_new_pack.vWsgC0/_new 2010-09-03 12:50:59.000000000 +0200
@@ -1,5 +1,5 @@
#
-# spec file for package pam (Version 1.1.1.90)
+# spec file for package pam (Version 1.1.2)
#
# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
@@ -26,7 +26,7 @@
%if %{enable_selinux}
BuildRequires: libselinux-devel
%endif
-%define libpam_so_version 0.82.2
+%define libpam_so_version 0.82.3
%define libpam_misc_so_version 0.82.0
%define libpamc_so_version 0.82.1
License: Beerware, Cardware, Shareware (not restricted) ; BSD3c ; GPLv2+
@@ -37,7 +37,7 @@
Obsoletes: pam-64bit
%endif
#
-Version: 1.1.1.90
+Version: 1.1.2
Release: 1
Summary: A Security Tool that Provides Authentication for Applications
Source: Linux-PAM-%{version}.tar.bz2
@@ -64,7 +64,7 @@
License: Beerware, Cardware, Shareware (not restricted) ; BSD3c ; GPLv2+
Summary: Documentation for Pluggable Authentication Modules
Group: Documentation/HTML
-BuildArch: noarch
+###BuildArch: noarch
%description doc
PAM (Pluggable Authentication Modules) is a system security tool that
@@ -112,10 +112,10 @@
--libdir=/%{_lib} \
--enable-isadir=../../%{_lib}/security \
--enable-securedir=/%{_lib}/security
-make %{?jobs:-j%jobs};
+make %{?_smp_mflags};
%check
-make %{?jobs:-j%jobs} check
+make %{?_smp_mflags} check
%install
mkdir -p $RPM_BUILD_ROOT/etc/pam.d
++++++ Linux-PAM-1.1.1.90-docs.tar.bz2 -> Linux-PAM-1.1.2-docs.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Linux-PAM-1.1.1.90/doc/adg/html/Linux-PAM_ADG.html new/Linux-PAM-1.1.2/doc/adg/html/Linux-PAM_ADG.html
--- old/Linux-PAM-1.1.1.90/doc/adg/html/Linux-PAM_ADG.html 2010-04-01 17:20:33.000000000 +0200
+++ new/Linux-PAM-1.1.2/doc/adg/html/Linux-PAM_ADG.html 2010-08-31 13:16:39.000000000 +0200
@@ -1,4 +1,4 @@
-<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>The Linux-PAM Application Developers' Guide</title><meta name="generator" content="DocBook XSL Stylesheets V1.74.0"><meta name="description" content="This manual documents what an application developer needs to know about the Linux-PAM library. It describes how an application might use the Linux-PAM library to authenticate users. In addition it contains a description of the functions to be found in libpam_misc library, that can be used in general applications. Finally, it contains some comments on PAM related security issues for the application developer."><link rel="home" href="Linux-PAM_ADG.html" title="The Linux-PAM Application Developers' Guide"><link rel="next" href="adg-introduction.html" title="Chapter�1.�Introduction"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">The Linux-PAM Application Developers' Guide</th></tr><tr><td width="20%" align="left">�</td><th width="60%" align="center">�</th><td width="20%" align="right">�<a accesskey="n" href="adg-introduction.html">Next</a></td></tr></table><hr></div><div class="book" lang="en"><div class="titlepage"><div><div><h1 class="title"><a name="adg"></a>The Linux-PAM Application Developers' Guide</h1></div><div><div class="authorgroup"><div class="author"><h3 class="author"><span class="firstname">Andrew G.</span> <span class="surname">Morgan</span></h3><code class="email"><<a class="email" href="mailto:morgan@kernel.org">morgan@kernel.org</a>></code></div><div class="author"><h3 class="author"><span class="firstname">Thorsten</span> <span class="surname">Kukuk</span></h3><code class="email"><<a class="email" href="mailto:kukuk@thkukuk.de">kukuk@thkukuk.de</a>></code></div></div></div><div><p class="releaseinfo">Version 1.1.1, 16. December 2009</p></div><div><div class="abstract"><p class="title"><b>Abstract</b></p><p>
+<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>The Linux-PAM Application Developers' Guide</title><meta name="generator" content="DocBook XSL Stylesheets V1.74.0"><meta name="description" content="This manual documents what an application developer needs to know about the Linux-PAM library. It describes how an application might use the Linux-PAM library to authenticate users. In addition it contains a description of the functions to be found in libpam_misc library, that can be used in general applications. Finally, it contains some comments on PAM related security issues for the application developer."><link rel="home" href="Linux-PAM_ADG.html" title="The Linux-PAM Application Developers' Guide"><link rel="next" href="adg-introduction.html" title="Chapter�1.�Introduction"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">The Linux-PAM Application Developers' Guide</th></tr><tr><td width="20%" align="left">�</td><th width="60%" align="center">�</th><td width="20%" align="right">�<a accesskey="n" href="adg-introduction.html">Next</a></td></tr></table><hr></div><div class="book" lang="en"><div class="titlepage"><div><div><h1 class="title"><a name="adg"></a>The Linux-PAM Application Developers' Guide</h1></div><div><div class="authorgroup"><div class="author"><h3 class="author"><span class="firstname">Andrew G.</span> <span class="surname">Morgan</span></h3><code class="email"><<a class="email" href="mailto:morgan@kernel.org">morgan@kernel.org</a>></code></div><div class="author"><h3 class="author"><span class="firstname">Thorsten</span> <span class="surname">Kukuk</span></h3><code class="email"><<a class="email" href="mailto:kukuk@thkukuk.de">kukuk@thkukuk.de</a>></code></div></div></div><div><p class="releaseinfo">Version 1.1.2, 31. August 2010</p></div><div><div class="abstract"><p class="title"><b>Abstract</b></p><p>
This manual documents what an application developer needs to know
about the <span class="emphasis"><em>Linux-PAM</em></span> library. It
describes how an application might use the
Files old/Linux-PAM-1.1.1.90/doc/adg/Linux-PAM_ADG.pdf and new/Linux-PAM-1.1.2/doc/adg/Linux-PAM_ADG.pdf differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Linux-PAM-1.1.1.90/doc/adg/Linux-PAM_ADG.txt new/Linux-PAM-1.1.2/doc/adg/Linux-PAM_ADG.txt
--- old/Linux-PAM-1.1.1.90/doc/adg/Linux-PAM_ADG.txt 2010-04-01 17:20:19.000000000 +0200
+++ new/Linux-PAM-1.1.2/doc/adg/Linux-PAM_ADG.txt 2010-08-31 13:16:30.000000000 +0200
@@ -8,7 +8,7 @@
-Version 1.1.1, 16. December 2009
+Version 1.1.2, 31. August 2010
Abstract
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Linux-PAM-1.1.1.90/doc/mwg/html/Linux-PAM_MWG.html new/Linux-PAM-1.1.2/doc/mwg/html/Linux-PAM_MWG.html
--- old/Linux-PAM-1.1.1.90/doc/mwg/html/Linux-PAM_MWG.html 2010-04-01 17:21:23.000000000 +0200
+++ new/Linux-PAM-1.1.2/doc/mwg/html/Linux-PAM_MWG.html 2010-08-31 13:17:14.000000000 +0200
@@ -1,4 +1,4 @@
-<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>The Linux-PAM Module Writers' Guide</title><meta name="generator" content="DocBook XSL Stylesheets V1.74.0"><meta name="description" content="This manual documents what a programmer needs to know in order to write a module that conforms to the Linux-PAM standard.It also discusses some security issues from the point of view of the module programmer."><link rel="home" href="Linux-PAM_MWG.html" title="The Linux-PAM Module Writers' Guide"><link rel="next" href="mwg-introduction.html" title="Chapter�1.�Introduction"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">The Linux-PAM Module Writers' Guide</th></tr><tr><td width="20%" align="left">�</td><th width="60%" align="center">�</th><td width="20%" align="right">�<a accesskey="n" href="mwg-introduction.html">Next</a></td></tr></table><hr></div><div class="book" lang="en"><div class="titlepage"><div><div><h1 class="title"><a name="mwg"></a>The Linux-PAM Module Writers' Guide</h1></div><div><div class="authorgroup"><div class="author"><h3 class="author"><span class="firstname">Andrew G.</span> <span class="surname">Morgan</span></h3><code class="email"><<a class="email" href="mailto:morgan@kernel.org">morgan@kernel.org</a>></code></div><div class="author"><h3 class="author"><span class="firstname">Thorsten</span> <span class="surname">Kukuk</span></h3><code class="email"><<a class="email" href="mailto:kukuk@thkukuk.de">kukuk@thkukuk.de</a>></code></div></div></div><div><p class="releaseinfo">Version 1.1.1, 16. December 2009</p></div><div><div class="abstract"><p class="title"><b>Abstract</b></p><p>
+<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>The Linux-PAM Module Writers' Guide</title><meta name="generator" content="DocBook XSL Stylesheets V1.74.0"><meta name="description" content="This manual documents what a programmer needs to know in order to write a module that conforms to the Linux-PAM standard.It also discusses some security issues from the point of view of the module programmer."><link rel="home" href="Linux-PAM_MWG.html" title="The Linux-PAM Module Writers' Guide"><link rel="next" href="mwg-introduction.html" title="Chapter�1.�Introduction"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">The Linux-PAM Module Writers' Guide</th></tr><tr><td width="20%" align="left">�</td><th width="60%" align="center">�</th><td width="20%" align="right">�<a accesskey="n" href="mwg-introduction.html">Next</a></td></tr></table><hr></div><div class="book" lang="en"><div class="titlepage"><div><div><h1 class="title"><a name="mwg"></a>The Linux-PAM Module Writers' Guide</h1></div><div><div class="authorgroup"><div class="author"><h3 class="author"><span class="firstname">Andrew G.</span> <span class="surname">Morgan</span></h3><code class="email"><<a class="email" href="mailto:morgan@kernel.org">morgan@kernel.org</a>></code></div><div class="author"><h3 class="author"><span class="firstname">Thorsten</span> <span class="surname">Kukuk</span></h3><code class="email"><<a class="email" href="mailto:kukuk@thkukuk.de">kukuk@thkukuk.de</a>></code></div></div></div><div><p class="releaseinfo">Version 1.1.2, 31. August 2010</p></div><div><div class="abstract"><p class="title"><b>Abstract</b></p><p>
This manual documents what a programmer needs to know in order
to write a module that conforms to the
<span class="emphasis"><em>Linux-PAM</em></span> standard.It also
Files old/Linux-PAM-1.1.1.90/doc/mwg/Linux-PAM_MWG.pdf and new/Linux-PAM-1.1.2/doc/mwg/Linux-PAM_MWG.pdf differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Linux-PAM-1.1.1.90/doc/mwg/Linux-PAM_MWG.txt new/Linux-PAM-1.1.2/doc/mwg/Linux-PAM_MWG.txt
--- old/Linux-PAM-1.1.1.90/doc/mwg/Linux-PAM_MWG.txt 2010-04-01 17:21:11.000000000 +0200
+++ new/Linux-PAM-1.1.2/doc/mwg/Linux-PAM_MWG.txt 2010-08-31 13:17:06.000000000 +0200
@@ -8,7 +8,7 @@
-Version 1.1.1, 16. December 2009
+Version 1.1.2, 31. August 2010
Abstract
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Linux-PAM-1.1.1.90/doc/sag/html/Linux-PAM_SAG.html new/Linux-PAM-1.1.2/doc/sag/html/Linux-PAM_SAG.html
--- old/Linux-PAM-1.1.1.90/doc/sag/html/Linux-PAM_SAG.html 2010-05-05 10:10:36.000000000 +0200
+++ new/Linux-PAM-1.1.2/doc/sag/html/Linux-PAM_SAG.html 2010-08-31 13:15:46.000000000 +0200
@@ -1,4 +1,4 @@
-<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>The Linux-PAM System Administrators' Guide</title><meta name="generator" content="DocBook XSL Stylesheets V1.74.0"><meta name="description" content="This manual documents what a system-administrator needs to know about the Linux-PAM library. It covers the correct syntax of the PAM configuration file and discusses strategies for maintaining a secure system."><link rel="home" href="Linux-PAM_SAG.html" title="The Linux-PAM System Administrators' Guide"><link rel="next" href="sag-introduction.html" title="Chapter�1.�Introduction"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">The Linux-PAM System Administrators' Guide</th></tr><tr><td width="20%" align="left">�</td><th width="60%" align="center">�</th><td width="20%" align="right">�<a accesskey="n" href="sag-introduction.html">Next</a></td></tr></table><hr></div><div class="book" lang="en"><div class="titlepage"><div><div><h1 class="title"><a name="sag"></a>The Linux-PAM System Administrators' Guide</h1></div><div><div class="authorgroup"><div class="author"><h3 class="author"><span class="firstname">Andrew G.</span> <span class="surname">Morgan</span></h3><code class="email"><<a class="email" href="mailto:morgan@kernel.org">morgan@kernel.org</a>></code></div><div class="author"><h3 class="author"><span class="firstname">Thorsten</span> <span class="surname">Kukuk</span></h3><code class="email"><<a class="email" href="mailto:kukuk@thkukuk.de">kukuk@thkukuk.de</a>></code></div></div></div><div><p class="releaseinfo">Version 1.1.1, 16. December 2009</p></div><div><div class="abstract"><p class="title"><b>Abstract</b></p><p>
+<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>The Linux-PAM System Administrators' Guide</title><meta name="generator" content="DocBook XSL Stylesheets V1.74.0"><meta name="description" content="This manual documents what a system-administrator needs to know about the Linux-PAM library. It covers the correct syntax of the PAM configuration file and discusses strategies for maintaining a secure system."><link rel="home" href="Linux-PAM_SAG.html" title="The Linux-PAM System Administrators' Guide"><link rel="next" href="sag-introduction.html" title="Chapter�1.�Introduction"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">The Linux-PAM System Administrators' Guide</th></tr><tr><td width="20%" align="left">�</td><th width="60%" align="center">�</th><td width="20%" align="right">�<a accesskey="n" href="sag-introduction.html">Next</a></td></tr></table><hr></div><div class="book" lang="en"><div class="titlepage"><div><div><h1 class="title"><a name="sag"></a>The Linux-PAM System Administrators' Guide</h1></div><div><div class="authorgroup"><div class="author"><h3 class="author"><span class="firstname">Andrew G.</span> <span class="surname">Morgan</span></h3><code class="email"><<a class="email" href="mailto:morgan@kernel.org">morgan@kernel.org</a>></code></div><div class="author"><h3 class="author"><span class="firstname">Thorsten</span> <span class="surname">Kukuk</span></h3><code class="email"><<a class="email" href="mailto:kukuk@thkukuk.de">kukuk@thkukuk.de</a>></code></div></div></div><div><p class="releaseinfo">Version 1.1.2, 31. August 2010</p></div><div><div class="abstract"><p class="title"><b>Abstract</b></p><p>
This manual documents what a system-administrator needs to know about
the <span class="emphasis"><em>Linux-PAM</em></span> library. It covers the
correct syntax of the PAM configuration file and discusses strategies
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Linux-PAM-1.1.1.90/doc/sag/html/sag-pam_group.html new/Linux-PAM-1.1.2/doc/sag/html/sag-pam_group.html
--- old/Linux-PAM-1.1.1.90/doc/sag/html/sag-pam_group.html 2010-05-05 10:10:32.000000000 +0200
+++ new/Linux-PAM-1.1.2/doc/sag/html/sag-pam_group.html 2010-08-31 13:15:42.000000000 +0200
@@ -46,11 +46,13 @@
field, is a logic list of terminal names that this rule applies to.
</p><p>
The third field, the <em class="replaceable"><code>users</code></em>
- field, is a logic list of users or a netgroup of users to whom this
- rule applies.
+ field, is a logic list of users, or a UNIX group, or a netgroup of
+ users to whom this rule applies. Group names are preceded by a '%'
+ symbol, while netgroup names are preceded by a '@' symbol.
</p><p>
For these items the simple wildcard '*' may be used only once.
- With netgroups no wildcards or logic operators are allowed.
+ With UNIX groups or netgroups no wildcards or logic operators
+ are allowed.
</p><p>
The <em class="replaceable"><code>times</code></em> field is used to indicate "when"
these groups are to be given to the user. The format here is a logic
@@ -98,6 +100,11 @@
</p><pre class="programlisting">
xsh; tty* ;sword;!Wk0900-1800;games, sound
xsh; tty* ;*;Al0900-1800;floppy
- </pre></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="sag-pam_group-authors"></a>6.11.8.�AUTHORS</h3></div></div></div><p>
+ </pre><p>
+ Any member of the group 'admin' running 'xsh' on tty*,
+ is granted access (at any time) to the group 'plugdev'
+ </p><pre class="programlisting">
+xsh; tty* ;%admin;Al0000-2400;plugdev
+ </pre></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="sag-pam_group-authors"></a>6.11.8.�AUTHORS</h3></div></div></div><p>
pam_group was written by Andrew G. Morgan <morgan@kernel.org>.
</p></div></div><div class="navfooter"><hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="sag-pam_ftp.html">Prev</a>�</td><td width="20%" align="center"><a accesskey="u" href="sag-module-reference.html">Up</a></td><td width="40%" align="right">�<a accesskey="n" href="sag-pam_issue.html">Next</a></td></tr><tr><td width="40%" align="left" valign="top">6.10.�pam_ftp - module for anonymous access�</td><td width="20%" align="center"><a accesskey="h" href="Linux-PAM_SAG.html">Home</a></td><td width="40%" align="right" valign="top">�6.12.�pam_issue - add issue file to user prompt</td></tr></table></div></body></html>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Linux-PAM-1.1.1.90/doc/sag/html/sag-pam_nologin.html new/Linux-PAM-1.1.2/doc/sag/html/sag-pam_nologin.html
--- old/Linux-PAM-1.1.1.90/doc/sag/html/sag-pam_nologin.html 2010-05-05 10:10:33.000000000 +0200
+++ new/Linux-PAM-1.1.2/doc/sag/html/sag-pam_nologin.html 2010-08-31 13:15:44.000000000 +0200
@@ -4,14 +4,15 @@
successok
]</p></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="sag-pam_nologin-description"></a>6.23.1.�DESCRIPTION</h3></div></div></div><p>
pam_nologin is a PAM module that prevents users from logging into
- the system when <code class="filename">/etc/nologin</code> exists. The contents
- of the <code class="filename">/etc/nologin</code> file are displayed to the
- user. The pam_nologin module has no effect on the root user's ability
- to log in.
+ the system when <code class="filename">/var/run/nologin</code> or
+ <code class="filename">/etc/nologin</code>exists. The contents
+ of the file are displayed to the user. The pam_nologin module
+ has no effect on the root user's ability to log in.
</p></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="sag-pam_nologin-options"></a>6.23.2.�OPTIONS</h3></div></div></div><div class="variablelist"><dl><dt><span class="term">
<code class="option">file=<em class="replaceable"><code>/path/nologin</code></em></code>
</span></dt><dd><p>
Use this file instead the default
+ <code class="filename">/var/run/nologin</code> or
<code class="filename">/etc/nologin</code>.
</p></dd><dt><span class="term">
<code class="option">successok</code>
@@ -27,7 +28,7 @@
This is the default return value.
</p></dd><dt><span class="term">PAM_SUCCESS</span></dt><dd><p>
Success: either the user is root or the
- <code class="filename">/etc/nologin</code> file does not exist.
+ nologin file does not exist.
</p></dd><dt><span class="term">PAM_USER_UNKNOWN</span></dt><dd><p>
User not known to the underlying authentication module.
</p></dd></dl></div></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="sag-pam_nologin-examples"></a>6.23.5.�EXAMPLES</h3></div></div></div><p>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Linux-PAM-1.1.1.90/doc/sag/html/sag-pam_succeed_if.html new/Linux-PAM-1.1.2/doc/sag/html/sag-pam_succeed_if.html
--- old/Linux-PAM-1.1.1.90/doc/sag/html/sag-pam_succeed_if.html 2010-05-05 10:10:34.000000000 +0200
+++ new/Linux-PAM-1.1.2/doc/sag/html/sag-pam_succeed_if.html 2010-08-31 13:15:45.000000000 +0200
@@ -16,6 +16,8 @@
Don't log failure to the system log.
</p></dd><dt><span class="term"><code class="option">quiet_success</code></span></dt><dd><p>
Don't log success to the system log.
+ </p></dd><dt><span class="term"><code class="option">audit</code></span></dt><dd><p>
+ Log unknown users to the system log.
</p></dd></dl></div><p>
<span class="emphasis"><em>Condition</em></span>s are three words: a field, a test,
and a value to test for.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Linux-PAM-1.1.1.90/doc/sag/html/sag-pam_tally.html new/Linux-PAM-1.1.2/doc/sag/html/sag-pam_tally.html
--- old/Linux-PAM-1.1.1.90/doc/sag/html/sag-pam_tally.html 2010-05-05 10:10:34.000000000 +0200
+++ new/Linux-PAM-1.1.2/doc/sag/html/sag-pam_tally.html 2010-08-31 13:15:45.000000000 +0200
@@ -34,7 +34,12 @@
--quiet
]</p></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="sag-pam_tally-description"></a>6.32.1.�DESCRIPTION</h3></div></div></div><p>
This module maintains a count of attempted accesses, can
- reset count on success, can deny access if too many attempts fail.
+ reset count on success, can deny access if too many attempts
+ fail.
+ </p><p>
+ pam_tally has several limitations, which are solved with
+ pam_tally2. For this reason pam_tally is deprecated and
+ will be removed in a future release.
</p><p>
pam_tally comes in two parts:
<span class="emphasis"><em>pam_tally.so</em></span> and
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Linux-PAM-1.1.1.90/doc/sag/html/sag-pam_umask.html new/Linux-PAM-1.1.2/doc/sag/html/sag-pam_umask.html
--- old/Linux-PAM-1.1.1.90/doc/sag/html/sag-pam_umask.html 2010-05-05 10:10:35.000000000 +0200
+++ new/Linux-PAM-1.1.2/doc/sag/html/sag-pam_umask.html 2010-08-31 13:15:46.000000000 +0200
@@ -38,10 +38,9 @@
</p></dd><dt><span class="term">
<code class="option">usergroups</code>
</span></dt><dd><p>
- If the user is not root, and the user ID is equal to the
- group ID, and the username is the same as primary group name,
- the umask group bits are set to be the same as
- owner bits (examples: 022 -> 002, 077 -> 007).
+ If the user is not root and the username is the same as
+ primary group name, the umask group bits are set to be the
+ same as owner bits (examples: 022 -> 002, 077 -> 007).
</p></dd><dt><span class="term">
<code class="option">umask=<em class="replaceable"><code>mask</code></em></code>
</span></dt><dd><p>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Linux-PAM-1.1.1.90/doc/sag/html/sag-pam_unix.html new/Linux-PAM-1.1.2/doc/sag/html/sag-pam_unix.html
--- old/Linux-PAM-1.1.1.90/doc/sag/html/sag-pam_unix.html 2010-05-05 10:10:35.000000000 +0200
+++ new/Linux-PAM-1.1.2/doc/sag/html/sag-pam_unix.html 2010-08-31 13:15:46.000000000 +0200
@@ -153,6 +153,12 @@
</span></dt><dd><p>
Ignore errors reading shadow information for
users in the account management module.
+ </p></dd><dt><span class="term">
+ <code class="option">minlen=<em class="replaceable"><code>n</code></em></code>
+ </span></dt><dd><p>
+ Set a minimum password length of <em class="replaceable"><code>n</code></em>
+ characters. The max. for DES crypt based passwords are 8
+ characters.
</p></dd></dl></div><p>
Invalid arguments are logged with <span class="citerefentry"><span class="refentrytitle">syslog</span>(3)</span>.
</p></div><div class="section" lang="en"><div class="titlepage"><div><div><h3 class="title"><a name="sag-pam_unix-types"></a>6.37.3.�MODULE TYPES PROVIDED</h3></div></div></div><p>
Files old/Linux-PAM-1.1.1.90/doc/sag/Linux-PAM_SAG.pdf and new/Linux-PAM-1.1.2/doc/sag/Linux-PAM_SAG.pdf differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Linux-PAM-1.1.1.90/doc/sag/Linux-PAM_SAG.txt new/Linux-PAM-1.1.2/doc/sag/Linux-PAM_SAG.txt
--- old/Linux-PAM-1.1.1.90/doc/sag/Linux-PAM_SAG.txt 2010-05-05 10:10:11.000000000 +0200
+++ new/Linux-PAM-1.1.2/doc/sag/Linux-PAM_SAG.txt 2010-08-31 13:15:21.000000000 +0200
@@ -8,7 +8,7 @@
-Version 1.1.1, 16. December 2009
+Version 1.1.2, 31. August 2010
Abstract
@@ -1759,11 +1759,12 @@
The second field, the tty field, is a logic list of terminal names that this
rule applies to.
-The third field, the users field, is a logic list of users or a netgroup of
-users to whom this rule applies.
+The third field, the users field, is a logic list of users, or a UNIX group, or
+a netgroup of users to whom this rule applies. Group names are preceded by a
+'%' symbol, while netgroup names are preceded by a '@' symbol.
-For these items the simple wildcard '*' may be used only once. With netgroups
-no wildcards or logic operators are allowed.
+For these items the simple wildcard '*' may be used only once. With UNIX groups
+or netgroups no wildcards or logic operators are allowed.
The times field is used to indicate "when" these groups are to be given to the
user. The format here is a logic list of day/time-range entries. The days are
@@ -1842,6 +1843,12 @@
xsh; tty* ;*;Al0900-1800;floppy
+Any member of the group 'admin' running 'xsh' on tty*, is granted access (at
+any time) to the group 'plugdev'
+
+xsh; tty* ;%admin;Al0000-2400;plugdev
+
+
6.11.8. AUTHORS
pam_group was written by Andrew G. Morgan .
@@ -3080,15 +3087,15 @@
6.23.1. DESCRIPTION
pam_nologin is a PAM module that prevents users from logging into the system
-when /etc/nologin exists. The contents of the /etc/nologin file are displayed
-to the user. The pam_nologin module has no effect on the root user's ability to
-log in.
+when /var/run/nologin or /etc/nologinexists. The contents of the file are
+displayed to the user. The pam_nologin module has no effect on the root user's
+ability to log in.
6.23.2. OPTIONS
file=/path/nologin
- Use this file instead the default /etc/nologin.
+ Use this file instead the default /var/run/nologin or /etc/nologin.
successok
@@ -3115,7 +3122,7 @@
PAM_SUCCESS
- Success: either the user is root or the /etc/nologin file does not exist.
+ Success: either the user is root or the nologin file does not exist.
PAM_USER_UNKNOWN
@@ -3627,6 +3634,10 @@
Don't log success to the system log.
+audit
+
+ Log unknown users to the system log.
+
Conditions are three words: a field, a test, and a value to test for.
Available fields are user, uid, gid, shell, home and service:
@@ -3745,6 +3756,9 @@
This module maintains a count of attempted accesses, can reset count on
success, can deny access if too many attempts fail.
+pam_tally has several limitations, which are solved with pam_tally2. For this
+reason pam_tally is deprecated and will be removed in a future release.
+
pam_tally comes in two parts: pam_tally.so and pam_tally. The former is the PAM
module and the latter, a stand-alone program. pam_tally is an (optional)
application which can be used to interrogate and manipulate the counter file.
@@ -4326,9 +4340,9 @@
usergroups
- If the user is not root, and the user ID is equal to the group ID, and the
- username is the same as primary group name, the umask group bits are set to
- be the same as owner bits (examples: 022 -> 002, 077 -> 007).
+ If the user is not root and the username is the same as primary group name,
+ the umask group bits are set to be the same as owner bits (examples: 022 ->
+ 002, 077 -> 007).
umask=mask
@@ -4509,6 +4523,11 @@
Ignore errors reading shadow information for users in the account
management module.
+minlen=n
+
+ Set a minimum password length of n characters. The max. for DES crypt based
+ passwords are 8 characters.
+
Invalid arguments are logged with syslog(3).
6.37.3. MODULE TYPES PROVIDED
++++++ Linux-PAM-1.1.1.90-docs.tar.bz2 -> Linux-PAM-1.1.2.tar.bz2 ++++++
++++ 257680 lines of diff (skipped)
++++++ pam_tally-deprecated.diff ++++++
--- /var/tmp/diff_new_pack.vWsgC0/_old 2010-09-03 12:51:00.000000000 +0200
+++ /var/tmp/diff_new_pack.vWsgC0/_new 2010-09-03 12:51:00.000000000 +0200
@@ -1,20 +1,3 @@
---- modules/pam_tally/pam_tally.8.xml
-+++ modules/pam_tally/pam_tally.8.xml 2009/03/27 10:49:17
-@@ -81,7 +81,13 @@
-
- <para>
- This module maintains a count of attempted accesses, can
-- reset count on success, can deny access if too many attempts fail.
-+ reset count on success, can deny access if too many attempts
-+ fail.
-+ </para>
-+ <para>
-+ pam_tally has several limitations, which are solved with
-+ pam_tally2. For this reason pam_tally is deprecated and
-+ will be removed in a future release.
- </para>
- <para>
- pam_tally comes in two parts:
--- modules/pam_tally/pam_tally.c
+++ modules/pam_tally/pam_tally.c 2009/03/27 10:52:56
@@ -630,6 +630,8 @@
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-commit+help@opensuse.org