commit yast2-security for openSUSE:Factory

29 Jun 2009

Hello community,

here is the log from the commit of package yast2-security for openSUSE:Factory
checked in at Mon Jun 29 17:20:32 CEST 2009.


--------

--- yast2-security/yast2-security.changes	2008-11-28 13:37:22.000000000 +0100
+++ yast2-security/yast2-security.changes	2009-06-22 07:56:24.000000000 +0200
@@ -1,0 +2,24 @@
+Mon Jun 22 07:55:26 CEST 2009 - coolo@novell.com
+
+- fix uild with automake 1.11
+- 2.18.1
+
+-------------------------------------------------------------------
+Tue Jun  2 22:26:15 CEST 2009 - jsuchome@suse.cz
+
+- pam_pwcheck calls replaced with pam_cracklib/pam_pwhistory,
+  removed obsolete "obscure checks" settings (fate#305468)
+- 2.18.0
+
+-------------------------------------------------------------------
+Mon Feb  9 11:58:17 CET 2009 - lslezak@suse.cz
+
+- added "SuSEfirewall" and "earlysyslog" service to ignore list
+  of extra services in runlevel 3 and 5 (bnc#473345)
+
+-------------------------------------------------------------------
+Wed Jan 21 10:09:02 CET 2009 - jsuchome@suse.cz
+
+- removed progress dialog during read (bnc#447584) 
+
+-------------------------------------------------------------------

calling whatdependson for head-i586


Old:
----
  yast2-security-2.17.12.tar.bz2

New:
----
  yast2-security-2.18.1.tar.bz2

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ yast2-security.spec ++++++
--- /var/tmp/diff_new_pack.p29306/_old	2009-06-29 17:06:03.000000000 +0200
+++ /var/tmp/diff_new_pack.p29306/_new	2009-06-29 17:06:03.000000000 +0200
@@ -1,7 +1,7 @@
 #
-# spec file for package yast2-security (Version 2.17.12)
+# spec file for package yast2-security (Version 2.18.1)
 #
-# Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -19,12 +19,12 @@
 
 
 Name:           yast2-security
-Version:        2.17.12
+Version:        2.18.1
 Release:        1
-License:        GPL v2 or later
+License:        GPL
 Group:          System/YaST
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
-Source0:        yast2-security-2.17.12.tar.bz2
+Source0:        yast2-security-2.18.1.tar.bz2
 Prefix:         /usr
 BuildRequires:  doxygen perl-XML-Writer pkg-config update-desktop-files yast2-devtools yast2-pam yast2-testsuite
 # new Pam.ycp API
@@ -41,15 +41,8 @@
 %description
 The YaST2 component for security settings configuration.
 
-
-
-Authors:
---------
-    Michal Svec <msvec@suse.cz>
-    Jiri Suchomel <jsuchome@suse.cz>
-
 %prep
-%setup -n yast2-security-2.17.12
+%setup -n yast2-security-2.18.1
 
 %build
 %{prefix}/bin/y2tool y2autoconf
@@ -83,474 +76,3 @@
 /usr/share/YaST2/schema/autoyast/rnc/security.rnc
 %doc %{prefix}/share/doc/packages/yast2-security
 %changelog
-* Fri Nov 28 2008 ug@suse.de
-- conflict in rnc file fixed
-- 2.17.12
-* Thu Nov 13 2008 ug@suse.de
-- rnc file fixed
-- 2.17.11
-* Mon Nov 10 2008 jsuchome@suse.cz
-- testsuite adapted to previous changes
-- 2.17.10
-* Fri Nov 07 2008 jsuchome@suse.cz
-- fixes for bnc#442552:
-- missing check for `finish
-- check more carefuly pam-config output, correctly remove values
-- remove GROUP_ENRYPTION from levels
-- do not check service values against levels
-- 2.17.9
-* Fri Nov 07 2008 jsuchome@suse.cz
-- fixed testsuite
-- 2.17.8
-* Thu Oct 30 2008 lslezak@suse.cz
-- better check enabled mail services (bnc#437363)
-- do not check "consolekit" service, it's started automatically
-  (bnc#436797), added "boot.clock" as an optional service
-- fixed location of "DISABLE_RESTART_ON_UPDATE" and
-  "DISABLE_STOP_ON_REMOVAL" variables - they are in
-  /etc/sysconfig/services now
-- 2.17.7
-* Fri Oct 24 2008 lslezak@suse.cz
-- Disable "Change Status" button when the current value is
-  "Unknown" (bnc#436796)
-* Mon Oct 13 2008 lslezak@suse.cz
-- fixed the label for option DISPLAYMANAGER_ROOT_LOGIN_REMOTE
-  (bnc#434273)
-- 2.17.6
-* Wed Oct 08 2008 jsuchome@suse.cz
-- unified help texts for IP forwarding (bnc#432186)
-- use Table instead of RichText also for GTK UI (bnc#432446)
-- 2.17.5
-* Fri Sep 26 2008 lslezak@suse.cz
-- fixed the Security Overview dialog in ncurses mode (use a table
-  widget instead of richtext) (bnc#429965)
-- 2.17.4
-* Tue Sep 23 2008 jsrain@suse.cz
-- fixed incorrect tags in helps (bnc #429063)
-* Tue Sep 16 2008 lslezak@suse.cz
-- check enabled services in runlevel 3 and 5, activate changes
-  in Security::Write() (bnc#425864)
-- testsuite update
-- 2.17.3
-* Mon Sep 15 2008 lslezak@suse.cz
-- added new variables to the predefined security levels
-- fixed build: updated the testsuite - added new variables
-- 2.17.2
-* Mon Sep 15 2008 lslezak@suse.cz
-- overview dialog - display a warning in the help popup when the
-  option could not be read
-* Fri Sep 12 2008 lslezak@suse.cz
-- added more options in the security overview dialog, added "Help"
-  links (fate#303598)
-- 2.17.1
-* Tue Aug 12 2008 lslezak@suse.cz
-- added security overview dialog (part of fate#303598)
-- 2.17.0
-* Mon Aug 11 2008 lslezak@suse.cz
-- display tree navigationon on the left side, display only one
-  dialog instead of the long workflow (part of fate#303598)
-* Fri May 16 2008 jsrain@suse.cz
-- added categories Settings and System into desktop file
-  (bnc #382778)
-* Wed Apr 30 2008 jsuchome@suse.cz
-- new defaults in security levels (bnc#385159):
-  CWD_IN_ROOT_PATH, CWD_IN_USER_PATH always "no",
-  ENABLE_SYSRQ "yes" for Home Workstation
-  RUN_UPDATEDB_AS always "nobody"
-  OBSCURE_CHECKS_ENAB, PASSWD_USE_CRACKLIB always "yes"
-- 2.16.1
-* Mon Apr 14 2008 jsuchome@suse.cz
-- 2.16.0
-* Mon Mar 17 2008 jsrain@suse.cz
-- added 'StartupNotify=true' to the desktop file (bnc #304964)
-* Mon Dec 03 2007 jsuchome@suse.cz
-- merged texts from proofread
-* Thu Aug 23 2007 jsuchome@suse.cz
-- check the output of tointeger before using it as integer (#295494)
-- 2.15.1
-* Thu Jun 21 2007 adrian@suse.de
-- fix changelog entry order
-* Fri May 25 2007 jsrain@suse.cz
-- removed outdated translations from .desktop-files (#271209)
-* Wed Jan 17 2007 jsuchome@suse.cz
-- fixed help text to mention GDM (#216915)
-- 2.15.0
-* Thu Oct 26 2006 jsuchome@suse.cz
-- schema file moved from autoyast package (#215249)
-- 2.14.2
-* Thu Sep 21 2006 jsuchome@suse.cz
-- write correct SuSEconfig module for display manager (#205979)
-- 2.14.1
-* Fri Aug 25 2006 jsuchome@suse.cz
-- adapted for pam-config usage (F300956)
-- API of PamSettings module is obsolete
-- 2.14.0
-* Mon Aug 21 2006 jsuchome@suse.cz
-- adapted layout to fit in 80x40 xterm (#200382)
-- 2.13.5
-* Tue Jun 13 2006 jsuchome@suse.cz
-- use DISPLAYMANAGER_SHUTDOWN instead of KDM_SHUTDOWN (#183844)
-- 2.13.4
-* Mon Jun 12 2006 mvidner@suse.cz
-- Moved cfg_security.scr from yast2-security.rpm to yast2.rpm
-- 2.13.3
-* Mon Feb 20 2006 jsuchome@suse.cz
-- reduced BuildRequires
-- 2.13.2
-* Mon Dec 19 2005 jsuchome@suse.cz
-- merged proofread texts
-- 2.13.1
-* Wed Nov 23 2005 jsuchome@suse.cz
-- added option to store user password history (F300154)
-- 2.13.0
-* Thu Jun 09 2005 jsuchome@suse.cz
-- text fixes from proofreader
-- fixed wrong description of PASS_MAX_DAYS, PASS_MIN_DAYS
-- 2.12.2
-* Fri May 13 2005 jsuchome@suse.cz
-- tell init to re-examine the /etc/inittab after modification (#83480)
-- 2.12.1
-* Mon Apr 18 2005 jsuchome@suse.cz
-- removed support for FAILLOG_ENAB (feature 2669)
-- 2.12.0
-* Wed Mar 02 2005 jsuchome@suse.cz
-- merged texts from proofreading
-* Mon Feb 07 2005 jsuchome@suse.cz
-- merged texts from proofreading
-- 2.11.3
-* Fri Jan 21 2005 jsuchome@suse.cz
-- handle both "cracklib" and "use_cracklib" values in pam_pwcheck.conf
-  (#49621)
-- 2.11.2
-* Fri Dec 17 2004 jsuchome@suse.cz
-- removed select's and lookup's
-- 2.11.1
-* Tue Nov 02 2004 jsuchome@suse.cz
-- do not set maximum password length (#29112)
-- 2.11.0
-* Mon Aug 30 2004 nashif@suse.de
-- use modified flag (#43904) in auto clients
-- 2.10.5
-* Thu Aug 19 2004 jsuchome@suse.cz
-- commandline function: "set"
-- 2.10.3
-* Wed Aug 18 2004 jsuchome@suse.cz
-- fix: check correctly which security level is in use
-- fix: read correctly value for password encryption
-- commandline functions: summary, level
-* Tue Jul 27 2004 jsuchome@suse.cz
-- read also group encryption from /etc/default/passwd
-- 2.10.2
-* Mon Jun 28 2004 jsuchome@suse.cz
-- updated to current yast2-pam usage
-  (/etc/default/passwd used for storing password encryption)
-- 2.10.1
-* Tue Jun 15 2004 msvec@suse.cz
-- updated testsuite
-- 2.10.0
-* Sun Apr 04 2004 msvec@suse.cz
-- changed minimum UID from 500 to 1000 (#38181)
-- 2.9.14
-* Fri Apr 02 2004 msvec@suse.cz
-- changed license to GPL
-- 2.9.13
-* Wed Mar 17 2004 jsuchome@suse.cz
-- fixed testsuite (forced by change of PamSettings::Write)
-- 2.9.12
-* Fri Mar 12 2004 jsuchome@suse.cz
-- flush changes of pam configuration (#35721)
-- 2.9.11
-* Thu Mar 11 2004 msvec@suse.cz
-- enabled the testsuite again
-- 2.9.10
-* Wed Mar 10 2004 jsuchome@suse.de
-- disabled testsuite
-- 2.9.9
-* Wed Mar 10 2004 nashif@suse.de
-- Adapted for new wizard
-* Mon Mar 08 2004 msvec@suse.cz
-- set title icons
-- 2.9.8
-* Fri Mar 05 2004 msvec@suse.cz
-- more strict type casts
-- 2.9.7
-* Mon Mar 01 2004 msvec@suse.cz
-- proof-read messages
-- 2.9.6
-* Tue Feb 24 2004 msvec@suse.cz
-- fix enabling of the remote XDM access (#34879)
-- 2.9.5
-* Fri Feb 06 2004 msvec@suse.cz
-- use Sequencer module
-- drop y2cc config file
-- 2.9.4
-* Mon Jan 26 2004 msvec@suse.cz
-- updates for the new interpreter
-- 2.9.3
-* Fri Jan 23 2004 msvec@suse.cz
-- NI updates
-- 2.9.2
-* Wed Oct 22 2003 msvec@suse.cz
-- routines cleanup
-- 2.9.1
-* Fri Sep 26 2003 jsuchome@suse.cz
-- read new settings from /etc/login.defs (SYSTEM_UID_MAX, USERADD_CMD etc.)
-- 2.9.0
-* Thu Sep 11 2003 msvec@suse.cz
-- changed "UNIX system" to "UNIX like system" in helps (#30495)
-- 2.8.6
-* Thu Sep 11 2003 nashif@suse.de
-- #30291: return list of required packages for autoinstallation
-* Tue Sep 09 2003 msvec@suse.cz
-- show correctly the current level (#30320)
-- 2.8.5
-* Fri Sep 05 2003 msvec@suse.cz
-- proof read help texts
-- 2.8.4
-* Thu Aug 21 2003 msvec@suse.cz
-- don't modify files when nothing changed (#28999)
-- 2.8.3
-* Wed Aug 20 2003 jsuchome@suse.de
-- removed redundant "initialization dialog" (#28779)
-- 2.8.2
-* Mon Aug 11 2003 jsuchome@suse.de
-- proofread texts (1st round)
-* Tue Jul 22 2003 msvec@suse.cz
-- simplify autoinstallation client
-- updated testsuite
-- 2.8.1
-* Wed Jul 16 2003 jsuchome@suse.de
-- updated to new Pam/PamSettings interface
-* Sat May 10 2003 msvec@suse.de
-- maximum password length is related to encryption method (#13291)
-- support for enabling of SysRq keys
-- define password lengths (#13291)
-- improved documentation
-- better help texts (#26791)
-- updates for the new wizard functions
-- 2.8.0
-* Mon Mar 03 2003 msvec@suse.de
-- autoinstallation fixes by nashif
-- 2.7.8
-* Sun Feb 16 2003 nashif@suse.de
-- Set modified true when importing
-- 2.7.7
-* Sat Feb 15 2003 nashif@suse.de
-- convert case when importing/exporting in autoinst mode
-- _auto.ycp Result ->Export
-- 2.7.6
-* Mon Feb 10 2003 msvec@suse.de
-- proofread texts
-- 2.7.5
-* Mon Feb 03 2003 msvec@suse.cz
-- autoinst and texts fixes
-- 2.7.4
-* Thu Jan 30 2003 msvec@suse.de
-- proofread texts
-- 2.7.3
-* Wed Jan 22 2003 msvec@suse.cz
-- added missing module to the package
-- 2.7.2
-* Wed Jan 22 2003 nashif@suse.de
-- Added import function to _auto client
-- switch case to lower when exporting/upper when importing
-* Tue Jan 21 2003 msvec@suse.de
-- fixed some error popups (and added some more)
-- fixed the autoinstallation client
-- 2.7.1
-* Tue Oct 22 2002 msvec@suse.cz
-- completely rewritten internals
-- major cleanup, simplification and speedup
-- don't ask for save if nothing was changed
-- support for CWD in user's path (#18274)
-- complete support for blowfish (#12758)
-- 2.7.0
-* Thu Sep 05 2002 msvec@suse.cz
-- fix the Next|Finish behavior (#18937)
-- provide more old translations (y2t_sec)
-- 2.6.10
-* Tue Aug 27 2002 jsuchome@suse.cz
-- provide/obsolete old translation packages (bug #18691)
-* Wed Aug 14 2002 mvidner@suse.cz
-- Merged proofread texts for the second translation round.
-- 2.6.8
-* Mon Jul 29 2002 msvec@suse.cz
-- some general purpose agents moved to yast2
-- blowfish password encryption (#17039) <jsrain@suse.cz>
-- 2.6.7
-* Wed Jul 24 2002 msvec@suse.cz
-- fixed some error messages
-- 2.6.6
-* Mon Jul 22 2002 jsrain@suse.cz
-- merged proofread texts
-- version 2.6.5
-* Mon Jul 15 2002 nashif@suse.de
-- adapted for use with the autoinstallation configuration system
-- security_auto now exports lower case values
-* Fri Jul 12 2002 arvin@suse.de
-- use proper namespace for Args and CallFunction (#16776)
-* Mon Jul 08 2002 msvec@suse.cz
-- use Wizard and other predefined functions
-- drastic reduction and simplification of UI code
-- split adduser dialog
-- 2.6.3
-* Thu Jul 04 2002 arvin@suse.de
-- moved non binary files to /usr/share/YaST2
-* Mon Jul 01 2002 msvec@suse.cz
-- package renamed to yast2-security
-- preliminary autoinstallation support
-- 2.6.1
-* Mon Jun 03 2002 msvec@suse.cz
-- testsuite update
-- shortened label (#15089)
-- removed outdated docs #15875
-- implement CONSOLE SHUTDOWN fully in yast2
-- don't run full SuSEconfig
-- use y2autoconf, create-spe
-- 2.6.0
-* Wed Feb 27 2002 msvec@suse.cz
-- use buildroot (via y2spec)
-- include the locate agent in the package
-- 2.5.11
-* Mon Feb 25 2002 msvec@suse.cz
-- use proper sysconfig files (#13619)
-- minor fix of permissions writing
-- added agent for sysconfig/locate
-- updated testsuite
-- 2.5.10
-* Mon Feb 18 2002 msvec@suse.cz
-- fixed shortcuts
-- fixed permissions reading and writing (#13106)
-- updated testsuite
-- 2.5.9
-* Mon Feb 11 2002 mvidner@suse.cz
-- Fixed login.defs agent to handle quoted values.
-- Fixed test suite.
-- 2.5.8
-* Tue Feb 05 2002 kukuk@suse.de
-- Add support for global pam_unix2 and pam_pwcheck config files
-- Version 2.5.7
-* Sat Jan 26 2002 nashif@suse.de
-- Added agents to file list
-- 2.5.6
-* Wed Jan 16 2002 msvec@suse.cz
-- added pam_unix2 and rlogin|gdm to MD5 settings (md5 is #9543)
-- use_cracklib is now via pam (PASSWD_USE_CRACKLIB)
-- drop telnet for root checkbox (ROOT_LOGIN_REMOTE)
-- added /etc/login.defs agent (using ini agent right now)
-- added /etc/sysconfig/security agent
-- updated testsuite
-- 2.5.5
-* Thu Dec 20 2001 msvec@suse.cz
-- new menuentry file format
-- 2.5.3
-* Tue Dec 04 2001 msvec@suse.cz
-- 3rd params to select
-- 2.5.2
-* Wed Nov 21 2001 msvec@suse.cz
-- added DISPLAYMANAGER_REMOTE_ACCESS setting (#10824)
-- updated testsuite
-- 2.5.1
-* Mon Nov 19 2001 msvec@suse.cz
-- fixed lookup 3rd parameters
-- migration to yast2-devtools
-- minor makefiles fixes
-- 2.5.0
-* Tue Aug 28 2001 msvec@suse.cz
-- enlarge max uid to 32 bit (#9871)
-- parseycp during check
-- version 2.4.5
-* Wed Aug 22 2001 msvec@suse.cz
-- added requires (rcconfig and pam agents, wizard library)
-- version 2.4.4
-* Wed Aug 15 2001 msvec@suse.cz
-- added MD5 password encryption suuport
-- testsuite for the above
-- removed Finish function
-- removed UI(_(...))
-- use of UI:: and SCR::
-- version 2.4.3
-* Thu Aug 09 2001 msvec@suse.cz
-- use common_messages for button labels
-- version 2.4.2
-* Mon Jul 30 2001 msvec@suse.cz
-- new libycp fixes
-- minor variable fixes
-- updated testsuite
-- adapt to the new translator (locale useless)
-- version 2.4.1
-* Tue Jul 10 2001 ro@suse.de
-- removed yast2-core-translator from neededforbuild
-* Tue Jul 03 2001 msvec@suse.cz
-- adapted to the system agent split
-- added missing shortcuts (#9017)
-- version 2.4.0
-* Wed May 02 2001 msvec@suse.cz
-- fix menuentry file
-- version 2.3.5
-* Mon Apr 23 2001 msvec@suse.cz
-- removed isnils
-- no more quick SuSEconfig
-- help fix (#6912)
-- version 2.3.4
-* Fri Apr 13 2001 msvec@suse.cz
-- enabled abuild checking
-- fixed help text (#6190)
-- version 2.3.3
-* Wed Apr 04 2001 msvec@suse.cz
-- updated comments and docs
-- version 2.3.2
-* Fri Mar 30 2001 msvec@suse.cz
-- support for "auto" KDM setting
-- new libycp adaptation
-- autobuild checking
-- removed 7.1 hacks
-- source cleanup
-- version 2.3.1
-* Wed Mar 07 2001 msvec@suse.cz
-- package rename
-- version 2.3.0
-* Mon Jan 15 2001 msvec@suse.cz
-- minimal UID should be 500 (#5643)
-- updated comments for translators
-- Next button translatable and shortcut
-* Fri Jan 12 2001 msvec@suse.de
-- root telnet enabled means disabled and vice versa
-- minor gui update
-- saving fixed
-* Wed Jan 10 2001 msvec@suse.de
-- Translatable strings bugfix
-* Fri Jan 05 2001 kkaempf@suse.de
-- provide keyboard shortcuts for buttons
-* Fri Jan 05 2001 kkaempf@suse.de
-- mark strings as translatable
-* Fri Dec 15 2000 msvec@suse.cz
-- help text for the main screen added (#4619)
-- check the minimum <= maximum (#4682)
-* Wed Dec 13 2000 mike@suse.de
-- new menuentry file
-* Wed Dec 13 2000 msvec@suse.cz
-- menuentry updated
-* Tue Dec 12 2000 msvec@suse.cz
-- helps
-- GUI update
-- version 1.1.3
-* Mon Dec 11 2000 msvec@suse.cz
-- minor GUI update
-- fix the Custom writing
-- ``Something() -> ``(Something())
--  version  1.1.2
-* Sat Dec 09 2000 kukuk@suse.de
-- Add group tag
-* Fri Dec 08 2000 msvec@suse.cz
-- also update the source
-* Fri Dec 08 2000 msvec@suse.cz
-- minor layout and functional updates
-- version 1.1.1
-* Wed Nov 29 2000 msvec@suse.cz
-- new layout
-- version 1.1.0
-* Wed Oct 25 2000 msvec@suse.cz
-- initial version
-* Thu Jan 02 1997 msvec@suse.de
-- bugfixes

++++++ yast2-security-2.17.12.tar.bz2 -> yast2-security-2.18.1.tar.bz2 ++++++
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/yast2-security-2.17.12/configure new/yast2-security-2.18.1/configure
--- old/yast2-security-2.17.12/configure	2008-11-28 13:30:35.000000000 +0100
+++ new/yast2-security-2.18.1/configure	2009-06-22 07:56:14.000000000 +0200
@@ -1,6 +1,6 @@
 #! /bin/sh
 # Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.63 for yast2-security 2.17.12.
+# Generated by GNU Autoconf 2.63 for yast2-security 2.18.1.
 #
 # Report bugs to <http://bugs.opensuse.org/>.
 #
@@ -596,8 +596,8 @@
 # Identity of this package.
 PACKAGE_NAME='yast2-security'
 PACKAGE_TARNAME='yast2-security'
-PACKAGE_VERSION='2.17.12'
-PACKAGE_STRING='yast2-security 2.17.12'
+PACKAGE_VERSION='2.18.1'
+PACKAGE_STRING='yast2-security 2.18.1'
 PACKAGE_BUGREPORT='http://bugs.opensuse.org/'
 
 ac_unique_file="RPMNAME"
@@ -1274,7 +1274,7 @@
   # Omit some internal or obsolete options to make the list less imposing.
   # This message is too long to be a string in the A/UX 3.1 sh.
   cat <<_ACEOF
-\`configure' configures yast2-security 2.17.12 to adapt to many kinds of systems.
+\`configure' configures yast2-security 2.18.1 to adapt to many kinds of systems.
 
 Usage: $0 [OPTION]... [VAR=VALUE]...
 
@@ -1345,7 +1345,7 @@
 
 if test -n "$ac_init_help"; then
   case $ac_init_help in
-     short | recursive ) echo "Configuration of yast2-security 2.17.12:";;
+     short | recursive ) echo "Configuration of yast2-security 2.18.1:";;
    esac
   cat <<\_ACEOF
 
@@ -1425,7 +1425,7 @@
 test -n "$ac_init_help" && exit $ac_status
 if $ac_init_version; then
   cat <<\_ACEOF
-yast2-security configure 2.17.12
+yast2-security configure 2.18.1
 generated by GNU Autoconf 2.63
 
 Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001,
@@ -1439,7 +1439,7 @@
 This file contains any messages produced by compilers while
 running configure, to aid debugging if configure makes a mistake.
 
-It was created by yast2-security $as_me 2.17.12, which was
+It was created by yast2-security $as_me 2.18.1, which was
 generated by GNU Autoconf 2.63.  Invocation command line was
 
   $ $0 $@
@@ -2286,7 +2286,7 @@
 
 # Define the identity of the package.
  PACKAGE='yast2-security'
- VERSION='2.17.12'
+ VERSION='2.18.1'
 
 
 cat >>confdefs.h <<_ACEOF
@@ -2510,7 +2510,7 @@
 
 
 
-VERSION="2.17.12"
+VERSION="2.18.1"
 RPMNAME="yast2-security"
 MAINTAINER="Jiri Suchomel <jsuchome@suse.cz>"
 
@@ -3451,7 +3451,7 @@
 # report actual input values of CONFIG_FILES etc. instead of their
 # values after options handling.
 ac_log="
-This file was extended by yast2-security $as_me 2.17.12, which was
+This file was extended by yast2-security $as_me 2.18.1, which was
 generated by GNU Autoconf 2.63.  Invocation command line was
 
   CONFIG_FILES    = $CONFIG_FILES
@@ -3501,7 +3501,7 @@
 _ACEOF
 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
 ac_cs_version="\\
-yast2-security config.status 2.17.12
+yast2-security config.status 2.18.1
 configured by $0, generated by GNU Autoconf 2.63,
   with options \\"`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`\\"
 
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/yast2-security-2.17.12/configure.in new/yast2-security-2.18.1/configure.in
--- old/yast2-security-2.17.12/configure.in	2008-11-28 13:30:27.000000000 +0100
+++ new/yast2-security-2.18.1/configure.in	2009-06-22 07:56:11.000000000 +0200
@@ -1,9 +1,9 @@
 dnl configure.in for yast2-security
 dnl
-dnl -- This file is generated by y2autoconf 2.17.6 - DO NOT EDIT! --
+dnl -- This file is generated by y2autoconf 2.18.5 - DO NOT EDIT! --
 dnl    (edit configure.in.in instead)
 
-AC_INIT(yast2-security, 2.17.12, http://bugs.opensuse.org/, yast2-security)
+AC_INIT(yast2-security, 2.18.1, http://bugs.opensuse.org/, yast2-security)
 dnl Check for presence of file 'RPMNAME'
 AC_CONFIG_SRCDIR([RPMNAME])
 
@@ -18,7 +18,7 @@
 AM_INIT_AUTOMAKE(tar-ustar -Wno-portability)
 
 dnl Important YaST2 variables
-VERSION="2.17.12"
+VERSION="2.18.1"
 RPMNAME="yast2-security"
 MAINTAINER="Jiri Suchomel <jsuchome@suse.cz>"
 
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/yast2-security-2.17.12/doc/Makefile.am new/yast2-security-2.18.1/doc/Makefile.am
--- old/yast2-security-2.17.12/doc/Makefile.am	2007-05-21 12:26:59.000000000 +0200
+++ new/yast2-security-2.18.1/doc/Makefile.am	2009-06-22 07:55:18.000000000 +0200
@@ -22,7 +22,8 @@
 		| sed 's|#\([0-9]\{4,5\}\)|<a href="http://bugzilla.suse.de/show_bug.cgi?id=\1">#\1</a>|g' \
 		> todo.html
 
-html_DATA = index.html $(wildcard *.html) todo.html #workflow.png 
+html_DATA = add.html index.html skel.html structure.html #workflow.png 
 
 CLEANFILES = todo.html
 EXTRA_DIST = Todo.txt $(html_DATA)
+
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/yast2-security-2.17.12/doc/Makefile.in new/yast2-security-2.18.1/doc/Makefile.in
--- old/yast2-security-2.17.12/doc/Makefile.in	2008-11-28 13:30:36.000000000 +0100
+++ new/yast2-security-2.18.1/doc/Makefile.in	2009-06-22 07:56:14.000000000 +0200
@@ -184,7 +184,7 @@
 yncludedir = @yncludedir@
 ystartupdir = @ystartupdir@
 SUBDIRS = autodocs
-html_DATA = index.html $(wildcard *.html) todo.html #workflow.png 
+html_DATA = add.html index.html skel.html structure.html #workflow.png 
 CLEANFILES = todo.html
 EXTRA_DIST = Todo.txt $(html_DATA)
 all: all-recursive
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/yast2-security-2.17.12/doc/todo.html new/yast2-security-2.18.1/doc/todo.html
--- old/yast2-security-2.17.12/doc/todo.html	2008-11-28 13:31:02.000000000 +0100
+++ new/yast2-security-2.18.1/doc/todo.html	1970-01-01 01:00:00.000000000 +0100
@@ -1,51 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
-<html><head>
-<title>Security Configuration: Things To Do</title>
-</head><body bgcolor=#ffffff>
-
-<!-- Author: Michal Svec <msvec@suse.cz> -->
-<!-- $Id: skel.html 18222 2004-07-27 09:54:17Z msvec $ -->
-<a name="top"><p>
-<h1>Security Configuration: Things To Do</h1>
-<hr>
-
-<!-- ##BODY## -->
-
-<pre>
-
-# $Id: Todo.txt 9834 2003-05-14 14:39:02Z msvec $
-
-<h2>Bugs:</h2>
-- maybe better permissions handling (?)
-
-<h2>Documentation:</h2>
-- cleanup comments in all YCP files' headers
-- WIDGETS structure (comment in widgets.ycp)
-- adding new types of widgets
-
-<h2>Enhancements:</h2>
-- SECURITY_LEVEL in Settings during Write: first load the level, the continue
-- better testsuite
-- other settings from login.defs
-- settings from useradd/defaults (<a href="http://bugzilla.suse.de/show_bug.cgi?id=14129">#14129</a>)
-- /proc settings (sysrq, ...)
-- better documentation [index.html (security.txt), user.html, impl.html, ...]
-
-<h2>Future:</h2>
-- limits [limits.conf, ulimit]
-- services [cron, at, lpd]
-- devices [floppy, cdrom, sound, scanner, printer?, ppp?, ...]
-- software [dosemu, sudo, emulators, ppp?, ...]
-
-<h2>Files:</h2>
-- securetty, pam.d/*, security/access.conf, ssh/sshd_config
-- cron.allow, cron.deny, ... 
-- security/limits.conf
-- lilo.conf
-- unsure?: inittab, kdmrc
-
-</pre>
-
-<!-- ##BODY## -->
-
-</body></html>
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/yast2-security-2.17.12/Makefile.am new/yast2-security-2.18.1/Makefile.am
--- old/yast2-security-2.17.12/Makefile.am	2008-11-28 13:30:28.000000000 +0100
+++ new/yast2-security-2.18.1/Makefile.am	2009-06-22 07:56:11.000000000 +0200
@@ -32,10 +32,10 @@
 
 # less strict; prefer bzip2
 AUTOMAKE_OPTIONS = foreign dist-bzip2 no-dist-gzip
-# where devtools instal m4 snippets
+# where devtools install m4 snippets
 # argh, executed literally
 #ACLOCAL_AMFLAGS = -I $(Y2DEVTOOLS_PREFIX)/share/aclocal
-ACLOCAL_AMFLAGS = -I `if test -d ./devtools/admin; then echo ./devtools/admin; else pkg-config --print-errors --variable=datadir yast2-devtools; fi`/aclocal
+ACLOCAL_AMFLAGS = -I . -I `if test -d ./devtools/admin; then echo ./devtools/admin; else pkg-config --print-errors --variable=datadir yast2-devtools; fi`/aclocal
 
 Makefile.am.common: $(DEVTOOLS_DIR)/admin/Makefile.am.common
 	cmp -s $< $@ || cp -f $< $@
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/yast2-security-2.17.12/Makefile.in new/yast2-security-2.18.1/Makefile.in
--- old/yast2-security-2.17.12/Makefile.in	2008-11-28 13:30:37.000000000 +0100
+++ new/yast2-security-2.18.1/Makefile.in	2009-06-22 07:56:15.000000000 +0200
@@ -226,10 +226,10 @@
 
 # less strict; prefer bzip2
 AUTOMAKE_OPTIONS = foreign dist-bzip2 no-dist-gzip
-# where devtools instal m4 snippets
+# where devtools install m4 snippets
 # argh, executed literally
 #ACLOCAL_AMFLAGS = -I $(Y2DEVTOOLS_PREFIX)/share/aclocal
-ACLOCAL_AMFLAGS = -I `if test -d ./devtools/admin; then echo ./devtools/admin; else pkg-config --print-errors --variable=datadir yast2-devtools; fi`/aclocal
+ACLOCAL_AMFLAGS = -I . -I `if test -d ./devtools/admin; then echo ./devtools/admin; else pkg-config --print-errors --variable=datadir yast2-devtools; fi`/aclocal
 CLEANFILES = 
 MAINTAINERCLEANFILES = package/$(RPMNAME)-$(VERSION).tar.bz2 package/$(RPMNAME).spec
 POT_DST = $(shell find -type d -name testsuite -prune , \
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/yast2-security-2.17.12/src/complex.ycp new/yast2-security-2.18.1/src/complex.ycp
--- old/yast2-security-2.17.12/src/complex.ycp	2008-11-11 11:04:42.000000000 +0100
+++ new/yast2-security-2.18.1/src/complex.ycp	2009-01-21 10:09:53.000000000 +0100
@@ -4,7 +4,7 @@
  * Summary:	Complex dialogs definitions
  * Authors:	Michal Svec <msvec@suse.cz>
  *
- * $Id: complex.ycp 53071 2008-11-07 14:45:37Z jsuchome $
+ * $Id: complex.ycp 54846 2009-01-21 09:09:53Z jsuchome $
  */
 
 {
@@ -20,18 +20,6 @@
 include "security/routines.ycp";
 include "security/dialogs.ycp";
 
-/**
- * Read settings dialog
- * @return `next if success, else `abort
- */
-define symbol ReadDialog() ``{
-
-    Wizard::RestoreHelp(HELPS["read"]:"");
-//    Security::AbortFunction = ``{return true;};
-    Security::AbortFunction = ``{return Security::PollAbort();};
-    boolean ret = Security::Read();
-    return ret ? `next : `abort;
-}
 
 /**
  * Write settings dialog
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/yast2-security-2.17.12/src/dialogs.ycp new/yast2-security-2.18.1/src/dialogs.ycp
--- old/yast2-security-2.17.12/src/dialogs.ycp	2008-10-31 12:21:04.000000000 +0100
+++ new/yast2-security-2.18.1/src/dialogs.ycp	2009-06-02 22:40:08.000000000 +0200
@@ -4,7 +4,7 @@
  * Summary:	Dialogs definitions
  * Authors:	Michal Svec <msvec@suse.cz>
  *
- * $Id: dialogs.ycp 52746 2008-10-30 14:39:21Z lslezak $
+ * $Id: dialogs.ycp 57402 2009-06-02 20:40:08Z jsuchome $
  */
 
 {
@@ -675,16 +675,14 @@
 	XFrame(0.3,0.15,_("Checks"),`VBox(
 	    settings2widget("PASSWD_USE_CRACKLIB"),
 	    VSeparator(),
-	    settings2widget("OBSCURE_CHECKS_ENAB"),
+	    settings2widget("PASS_MIN_LEN"),
 	    VSeparator(),
 	    settings2widget("PASSWD_REMEMBER_HISTORY"),
-	    VSeparator()
+	    VSeparator ()
 	)),
 	`VSpacing(0.4),
 	settings2widget("PASSWD_ENCRYPTION"),
 	`VSpacing(0.4),
-	settings2widget("PASS_MIN_LEN"),
-	`VSpacing(0.4),
 	/* Frame label */
 	`Frame(_("Password Age"),`HBox(
 	    `HSpacing(0.4),
@@ -708,6 +706,9 @@
     // select the dialog in the tree navigation
     Wizard::SelectTreeItem("password");
 
+    UI::ChangeWidget (`id ("PASS_MIN_LEN"), `Enabled,
+	Security::Settings["PASSWD_USE_CRACKLIB"]:"" == "yes");
+
     any ret = nil;
     while(true) {
 	ret = UI::UserInput();
@@ -720,6 +721,12 @@
 	else if(ret == `back) {
 	    break;
 	}
+	else if (ret == "PASSWD_USE_CRACKLIB")
+	{
+	    // minlen is an option for pam_cracklib
+	    UI::ChangeWidget (`id ("PASS_MIN_LEN"), `Enabled,
+		UI::QueryWidget (`id (ret), `Value) == true);
+	}
 	else if(ret == `next || contains(tree_dialogs, ret)) {
 	    // the current item has been selected, do not change to the same dialog
 	    if (ret == "password")
@@ -751,6 +758,10 @@
 		Security::PasswordMaxLengths[enc]:8));
 		continue;
 	    }
+	    if (min != 5)
+	    {
+		UI::ChangeWidget (`id ("PASSWD_USE_CRACKLIB"), `Value, true);
+	    }
 	    break;
 	}
 	else if (ret != "PASSWD_ENCRYPTION") {
@@ -764,7 +775,6 @@
 	widget2settings("PASS_MAX_DAYS");
 	widget2settings("PASS_MIN_LEN");
 	widget2settings("PASSWD_USE_CRACKLIB");
-	widget2settings("OBSCURE_CHECKS_ENAB");
 	widget2settings("PASS_WARN_AGE");
 	widget2settings("PASSWD_ENCRYPTION");
 	widget2settings("PASSWD_REMEMBER_HISTORY");
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/yast2-security-2.17.12/src/helps.ycp new/yast2-security-2.18.1/src/helps.ycp
--- old/yast2-security-2.17.12/src/helps.ycp	2008-10-09 12:16:25.000000000 +0200
+++ new/yast2-security-2.18.1/src/helps.ycp	2009-06-02 22:40:08.000000000 +0200
@@ -4,7 +4,7 @@
  * Summary:	Helps definition
  * Authors:	Michal Svec <msvec@suse.cz>
  *
- * $Id: helps.ycp 51952 2008-10-08 06:26:15Z jsuchome $
+ * $Id: helps.ycp 57402 2009-06-02 20:40:08Z jsuchome $
  *
  * This file contains all helps for the security module screens.
  * They are in one huge map called HELPS.
@@ -110,11 +110,11 @@
 cannot be found in a dictionary and is not a name or other simple, common word.
 By checking the box, enforce password checking in regard to these rules.</p>") +
 
-    /* Password dialog help 3/8 */
-    _("<p><b>Test for Complicated Passwords</b>: 
-Passwords should be constructed using a mixture of characters. This makes the
-guessing of passwords very difficult. Check this box to enable additional
-checks.</p>") +
+    /* Password dialog help */
+    _("<p><b>Minimum Acceptable Password Length:</b>
+The minimum number of characters in an acceptable password. Attempts to
+assign passwords with fewer characters are rejected. A zero value
+suppresses this check. This option can only be modified when <b>Check New Passwords</b> is set.</p>") +
 
     // Password dialog help 4/8
     _("<p><b>Passwords to Remember</b>:
@@ -139,12 +139,6 @@
 which makes it difficult to crack passwords with the help of a dictionary.</p>")
     +
 
-    /* Password dialog help 6/8 */
-    _("<p><b>Minimum Acceptable Password Length:</b>
-The minimum number of characters in an acceptable password. Attempts to
-assign passwords with fewer characters are rejected. A zero value
-suppresses this check.</p>") +
-
     /* Password dialog help 7/8 */
     _("<p><b>Password Age:</b> Set the minimum and
 maximum number of days a password may be used.</p>") +
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/yast2-security-2.17.12/src/levels.ycp new/yast2-security-2.18.1/src/levels.ycp
--- old/yast2-security-2.17.12/src/levels.ycp	2008-11-11 11:04:42.000000000 +0100
+++ new/yast2-security-2.18.1/src/levels.ycp	2009-06-02 22:40:08.000000000 +0200
@@ -4,7 +4,7 @@
  * Summary:	Security settings definitions
  * Authors:	Michal Svec <msvec@suse.cz>
  *
- * $Id: levels.ycp 53071 2008-11-07 14:45:37Z jsuchome $
+ * $Id: levels.ycp 57402 2009-06-02 20:40:08Z jsuchome $
  *
  * This file contains definitions of all security settings.
  * They are in one huge list.
@@ -66,7 +66,6 @@
 	"GID_MIN"			: "1000",
 	"DISPLAYMANAGER_SHUTDOWN"	: "all",
 	"LASTLOG_ENAB"			: "yes",
-	"OBSCURE_CHECKS_ENAB"		: "yes",
 	"PASSWD_ENCRYPTION"		: "blowfish",
 	"PASSWD_USE_CRACKLIB"		: "yes",
 	"PASS_MAX_DAYS"			: "99999",
@@ -109,7 +108,6 @@
 	"GID_MIN"			: "1000",
 	"DISPLAYMANAGER_SHUTDOWN"	: "root",
 	"LASTLOG_ENAB"			: "yes",
-	"OBSCURE_CHECKS_ENAB"		: "yes",
 	"PASSWD_ENCRYPTION"		: "blowfish",
 	"PASSWD_USE_CRACKLIB"		: "yes",
 	"PASS_MAX_DAYS"			: "99999",
@@ -152,7 +150,6 @@
 	"GID_MIN"			: "1000",
 	"DISPLAYMANAGER_SHUTDOWN"	: "root",
 	"LASTLOG_ENAB"			: "yes",
-	"OBSCURE_CHECKS_ENAB"		: "yes",
 	"PASSWD_ENCRYPTION"		: "blowfish",
 	"PASSWD_USE_CRACKLIB"		: "yes",
 	"PASS_MAX_DAYS"			: "99999",
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/yast2-security-2.17.12/src/routines.ycp new/yast2-security-2.18.1/src/routines.ycp
--- old/yast2-security-2.17.12/src/routines.ycp	2007-09-07 16:10:05.000000000 +0200
+++ new/yast2-security-2.18.1/src/routines.ycp	2009-06-02 22:40:08.000000000 +0200
@@ -4,7 +4,7 @@
  * Summary:	Routines
  * Authors:	Michal Svec <msvec@suse.cz>
  *
- * $Id: routines.ycp 40434 2007-08-23 13:29:10Z jsuchome $
+ * $Id: routines.ycp 57402 2009-06-02 20:40:08Z jsuchome $
  *
  * These functions are used for the user interface creation
  * and interaction.
@@ -60,8 +60,11 @@
         boolean enabled = false;
         if(value == "yes")
             enabled = true;
+	term chbox = `CheckBox(`id(ID), label, enabled);
+	if (m["Notify"]:"no" == "yes")
+	    chbox =  `CheckBox(`id(ID), `opt (`notify), label, enabled);
         return `VBox(
-            `Left(`CheckBox(`id(ID), label, enabled)),
+            `Left(chbox),
             VSeparator()
         );
     }
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/yast2-security-2.17.12/src/security.ycp new/yast2-security-2.18.1/src/security.ycp
--- old/yast2-security-2.17.12/src/security.ycp	2007-05-21 12:27:06.000000000 +0200
+++ new/yast2-security-2.18.1/src/security.ycp	2009-06-02 22:40:08.000000000 +0200
@@ -4,7 +4,7 @@
  * Summary:	Main file
  * Authors:	Michal Svec <msvec@suse.cz>
  *
- * $Id: security.ycp 26607 2005-12-19 11:59:18Z jsuchome $
+ * $Id: security.ycp 57402 2009-06-02 20:40:08Z jsuchome $
  *
  * This is a main file of the module. There is in the file
  * only some calls to the basic functions. The settings are
@@ -84,12 +84,6 @@
 	Security::Settings["PASSWD_ENCRYPTION"]	= options["passwd"]:"des";
 	Security::modified = true;
     }
-    if (haskey (options, "obscure") &&
-	options["obscure"]:"" != Security::Settings["OBSCURE_CHECKS_ENAB"]:"")
-    {
-	Security::Settings["OBSCURE_CHECKS_ENAB"] = options["obscure"]:"yes";
-	Security::modified = true;
-    }
     if (haskey (options, "crack") &&
 	options["crack"]:"" != Security::Settings["PASSWD_USE_CRACKLIB"]:"")
     {
@@ -167,12 +161,6 @@
 	    "type"	: "enum",
 	    "typespec"	: [ "des", "md5", "blowfish" ],
 	],
-	"obscure"	: $[
-	    // command line help text for 'set obscure' option
-	    "help"	: _("Test for complicated password"),
-	    "type"	: "enum",
-	    "typespec"	: [ "yes", "no" ],
-	],
 	"crack"	: $[
 	    // command line help text for 'set crack' option
 	    "help"	: _("Check new passwords"),
@@ -194,7 +182,7 @@
     "mappings"		: $[
 	"summary"	: [],
 	"level"		: [ "home", "network", "server" ],//FIXME 1,2,3 aliases
-	"set"		: [ "passwd", "obscure", "crack", "permissions", "remember" ],
+	"set"		: [ "passwd", "crack", "permissions", "remember" ],
     ]
 ];
 
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/yast2-security-2.17.12/src/Security.ycp new/yast2-security-2.18.1/src/Security.ycp
--- old/yast2-security-2.17.12/src/Security.ycp	2008-11-11 11:04:42.000000000 +0100
+++ new/yast2-security-2.18.1/src/Security.ycp	2009-06-02 22:40:08.000000000 +0200
@@ -4,7 +4,7 @@
  * Summary:	Data for the security configuration
  * Authors:	Michal Svec <msvec@suse.cz>
  *
- * $Id: Security.ycp 53073 2008-11-07 15:15:54Z jsuchome $
+ * $Id: Security.ycp 57402 2009-06-02 20:40:08Z jsuchome $
  */
 
 {
@@ -29,7 +29,7 @@
     "consolekit", "haldaemon", "network", "syslog", "auditd", "splash_early", "alsasound",
     "irq_balancer", "kbd", "powersaved", "splash", "sshd", "earlyxdm", "hotkey-setup", "atd", "nscd",
     "smpppd", "xend", "autofs", "libvirtd", "sendmail", "postfix", "xendomains", "cron", "ddclient",
-    "smartd", "stopblktrace", "ntp"
+    "smartd", "stopblktrace", "ntp", "SuSEfirewall", "earlysyslog"
 ];
 // All other services should be turned off
 
@@ -121,7 +121,6 @@
     "GID_MIN"				: "1000",
     "DISPLAYMANAGER_SHUTDOWN"		: "all",
     "LASTLOG_ENAB"			: "yes",
-    "OBSCURE_CHECKS_ENAB"		: "yes",
     "PASSWD_ENCRYPTION"			: "blowfish",
     "GROUP_ENCRYPTION"			: "md5",
     "PASSWD_USE_CRACKLIB"		: "yes",
@@ -327,39 +326,9 @@
  */
 global define boolean Read() {
 
-    /* Security read dialog caption */
-    string caption = _("Initializing Security Configuration");
-    integer steps = 3;
-
-    integer sl = 0*1000;
-    sleep(sl);
-
-    Progress::New( caption, " ", steps, [
-	    /* Progress stage 1/3 */
-	    _("Read security settings"),
-	    /* Progress stage 2/3 */
-	    _("Read inittab settings"),
-	    /* Progress stage 3/3 */
-	    _("Read PAM settings"),
-	], [
-	    /* Progress step 1/4 */
-	    _("Reading security settings..."),
-	    /* Progress step 2/4 */
-	    _("Reading inittab settings..."),
-	    /* Progress step 3/4 */
-	    _("Reading PAM settings..."),
-	    /* Progress step 4/4 */
-	    _("Finished")
-	],
-	""
-    );
-
     Settings = $[];
 
     /* Read security settings */
-    sleep(sl);
-    if(Abort()) return false;
-    Progress::NextStage();
 
     mapmap(string file, list<string> vars, Locations, {
 	maplist(string var, vars, {
@@ -382,11 +351,6 @@
     });
     y2debug("Settings=%1", Settings);
 
-    /* Read inittab settings */
-    sleep(sl);
-    if(Abort()) return false;
-    Progress::NextStage();
-
     list inittab = SCR::Dir(.etc.inittab);
     if(contains(inittab, "ca")) {
 	string ca = (string) SCR::Read(.etc.inittab.ca);
@@ -406,19 +370,13 @@
 
     y2debug("Settings=%1", Settings);
 
-    /* Read pam settings */
-    sleep(sl);
-    if(Abort()) return false;
-    Progress::NextStage();
 
     /* Read runlevel setting */
     ReadServiceSettings();
 
-    /* pam stuff */
-    map pwcheck	= Pam::Query ("pwcheck");
-    list<string> pam_check_settings = pwcheck["password"]:[];
+    /* Read pam settings */
 
-    /* read the password hash settings */
+    // read the password hash settings
     string method = PamSettings::GetDefaultValue ("CRYPT_FILES");
     if (method == nil || method == "" ||
 	!contains (["des","md5","blowfish"],method))
@@ -430,23 +388,26 @@
     Settings["PASSWD_ENCRYPTION"]	= method;
     Settings["GROUP_ENCRYPTION"]	= PamSettings::GetGroupHashMethod ();
 
-    /* obscure checks */
-    boolean obscure = !contains (pam_check_settings, "no_obscure_checks");
-    Settings["OBSCURE_CHECKS_ENAB"] = obscure? "yes":"no";
-
-    /* other pam_pwcheck settings */
+    // cracklib and pwhistory settings
     Settings ["PASS_MIN_LEN"] = "5";
     Settings ["PASSWD_USE_CRACKLIB"] = "no";
     Settings ["PASSWD_REMEMBER_HISTORY"]	= "0";
-    foreach (string val, pam_check_settings, {
+
+    map pam_cracklib	= Pam::Query ("cracklib");
+    if (size (pam_cracklib) > 0)
+	Settings ["PASSWD_USE_CRACKLIB"]	= "yes";
+    foreach (string val, pam_cracklib["password"]:[], {
 	list lval	= splitstring (val, "=");
-	if (issubstring (val, "minlen") && lval[1]:"" != "")
-	    Settings ["PASS_MIN_LEN"] = lval[1]:"5";
-	/* use cracklib? */
-	if (issubstring (val, "cracklib")) {
+	if (issubstring (val, "dictpath=")) {
             Settings ["CRACKLIB_DICT_PATH"] = lval[1]:"/usr/lib/cracklib_dict";
-	    Settings ["PASSWD_USE_CRACKLIB"] = "yes";
 	}
+	if (issubstring (val, "minlen=") && lval[1]:"" != "")
+	    Settings ["PASS_MIN_LEN"] = lval[1]:"5";
+    });
+
+    map pam_history	= Pam::Query ("pwhistory");
+    foreach (string val, pam_history["password"]:[], {
+	list lval	= splitstring (val, "=");
 	if (issubstring (val, "remember=") && lval[1]:"" != "")
 	    Settings ["PASSWD_REMEMBER_HISTORY"] = lval[1]:"0";
     });
@@ -454,9 +415,6 @@
     y2debug("Settings=%1", Settings);
 
     /* Local permissions hack */
-    sleep(sl);
-    if(Abort()) return false;
-    Progress::NextStage();
 
     string perm = Settings["PERMISSION_SECURITY"]:"";
     if(issubstring(perm, "easy")) perm = "easy";
@@ -466,8 +424,6 @@
     Settings["PERMISSION_SECURITY"] = perm;
     y2debug("Settings=%1", Settings);
 
-    sleep(sl);
-    if(Abort()) return false;
     modified = false;
 
     // remeber the read values
@@ -574,33 +530,32 @@
 
     // use cracklib?
     if(Settings["PASSWD_USE_CRACKLIB"]:"no" == "yes") {
-	string crack = "pwcheck-cracklib";
+	Pam::Add ("cracklib");
 	string pth = Settings["CRACKLIB_DICT_PATH"]:"/usr/lib/cracklib_dict";
 	if (pth != "/usr/lib/cracklib_dict")
-	    crack = "pwcheck-cracklib-path=" + pth;
-	Pam::Add (crack);
+	    Pam::Add ("--cracklib-dictpath=" + pth);
     }
     else
-	Pam::Remove ("pwcheck-cracklib");
-
-    // save obscure checks
-    Pam::Set ("pwcheck-no_obscure_checks",
-	Settings["OBSCURE_CHECKS_ENAB"]:"yes" != "yes");
+	Pam::Remove ("cracklib");
 
     // save min pass length
     if (Settings["PASS_MIN_LEN"]:"5" != "5")
-	Pam::Add (sformat ("pwcheck-minlen=%1", Settings["PASS_MIN_LEN"]:"5"));
+    {
+	Pam::Add ("cracklib"); // minlen is part of cracklib
+	Pam::Add (sformat ("cracklib-minlen=%1", Settings["PASS_MIN_LEN"]:"5"));
+    }
     else
-	Pam::Remove ("pwcheck-minlen");
+	Pam::Remove ("cracklib-minlen");
 
     // save "remember" value (number of old user passwords to not allow)
     if (Settings["PASSWD_REMEMBER_HISTORY"]:"0" != "0")
     {
-	Pam::Add (sformat ("pwcheck-remember=%1",
+	Pam::Add ("pwhistory");
+	Pam::Add (sformat ("pwhistory-remember=%1",
 	    Settings["PASSWD_REMEMBER_HISTORY"]:"0"));
     }
     else
-	Pam::Remove ("pwcheck-remember");
+	Pam::Remove ("pwhistory-remember");
 
     PamSettings::Write (false);
 
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/yast2-security-2.17.12/src/widgets.ycp new/yast2-security-2.18.1/src/widgets.ycp
--- old/yast2-security-2.17.12/src/widgets.ycp	2008-01-29 13:36:23.000000000 +0100
+++ new/yast2-security-2.18.1/src/widgets.ycp	2009-06-02 22:40:08.000000000 +0200
@@ -4,7 +4,7 @@
  * Summary:	Security widgets definitions
  * Authors:	Michal Svec <msvec@suse.cz>
  *
- * $Id: widgets.ycp 42606 2007-12-03 14:30:04Z jsuchome $
+ * $Id: widgets.ycp 57402 2009-06-02 20:40:08Z jsuchome $
  *
  * This file contains the definitions of all widgets used by the
  * security module. They are all in one map (function) called
@@ -161,13 +161,6 @@
 	"Value" : "yes"
     ],
 
-    "OBSCURE_CHECKS_ENAB" : $[
-	"Widget" : "CheckBox",
-	/* CheckBox label */
-	"Label" : _("&Test for Complicated Passwords"),
-	"Value" : "yes"
-    ],
-
     "PASSWD_ENCRYPTION" : $[
 	"Widget" : "ComboBox",
 	/* ComboBox label */
@@ -182,6 +175,7 @@
 	"Widget" : "CheckBox",
 	/* CheckBox label */
 	"Label" : _("&Check New Passwords"),
+	"Notify" : "yes",
 	"Value" : "yes"
     ],
 
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/yast2-security-2.17.12/src/wizards.ycp new/yast2-security-2.18.1/src/wizards.ycp
--- old/yast2-security-2.17.12/src/wizards.ycp	2008-11-11 11:04:42.000000000 +0100
+++ new/yast2-security-2.18.1/src/wizards.ycp	2009-01-21 10:09:53.000000000 +0100
@@ -4,7 +4,7 @@
  * Summary:	Wizards definitions
  * Authors:	Michal Svec <msvec@suse.cz>
  *
- * $Id: wizards.ycp 53068 2008-11-07 14:25:14Z jsuchome $
+ * $Id: wizards.ycp 54846 2009-01-21 09:09:53Z jsuchome $
  */
 
 {
@@ -146,17 +146,12 @@
 define any SecuritySequence() ``{
 
     map aliases = $[
-	"read"	: [ ``( ReadDialog() ), true ],
 	"main"	:   ``( TreeDialog() ),
 	"write"	: [ ``( WriteDialog() ), true ]
     ];
 
     map sequence = $[
-	"ws_start" : "read",
-	"read" : $[
-	    `abort	: `abort,
-	    `next	: "main"
-	],
+	"ws_start" : "main",
 	"main" : $[
 	    `abort	: `abort,
 	    `finish	: "write",
@@ -170,6 +165,10 @@
 
     Wizard::CreateDialog();
     Wizard::SetDesktopIcon("security");
+
+    // Read has no progress and returns only true
+    Security::Read();
+
     any ret = Sequencer::Run(aliases, sequence);
 
     UI::CloseDialog();
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/yast2-security-2.17.12/testsuite/tests/Level1.out new/yast2-security-2.18.1/testsuite/tests/Level1.out
--- old/yast2-security-2.17.12/testsuite/tests/Level1.out	2008-11-11 11:04:42.000000000 +0100
+++ new/yast2-security-2.18.1/testsuite/tests/Level1.out	2009-06-02 22:40:08.000000000 +0200
@@ -79,10 +79,9 @@
 Execute	.target.bash "/sbin/telinit q" 0
 Read	.etc.default.passwd."CRYPT_FILES" nil
 Write	.etc.default.passwd."CRYPT_FILES" "blowfish" true
-Execute	.target.bash_output "pam-config -a --pwcheck-cracklib" $[]
-Execute	.target.bash_output "pam-config -d --pwcheck-no_obscure_checks" $[]
-Execute	.target.bash_output "pam-config -d --pwcheck-minlen" $[]
-Execute	.target.bash_output "pam-config -d --pwcheck-remember" $[]
+Execute	.target.bash_output "pam-config -a --cracklib" $[]
+Execute	.target.bash_output "pam-config -d --cracklib-minlen" $[]
+Execute	.target.bash_output "pam-config -d --pwhistory-remember" $[]
 Write	.etc.default.passwd nil true
 Execute	.target.bash "echo 1 > /proc/sys/kernel/sysrq" 0
 Read	.sysconfig.displaymanager.DISPLAYMANAGER ""
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/yast2-security-2.17.12/testsuite/tests/Level2.out new/yast2-security-2.18.1/testsuite/tests/Level2.out
--- old/yast2-security-2.17.12/testsuite/tests/Level2.out	2008-11-11 11:04:42.000000000 +0100
+++ new/yast2-security-2.18.1/testsuite/tests/Level2.out	2009-06-02 22:40:08.000000000 +0200
@@ -79,10 +79,9 @@
 Execute	.target.bash "/sbin/telinit q" 0
 Read	.etc.default.passwd."CRYPT_FILES" nil
 Write	.etc.default.passwd."CRYPT_FILES" "blowfish" true
-Execute	.target.bash_output "pam-config -a --pwcheck-cracklib" $[]
-Execute	.target.bash_output "pam-config -d --pwcheck-no_obscure_checks" $[]
-Execute	.target.bash_output "pam-config -d --pwcheck-minlen" $[]
-Execute	.target.bash_output "pam-config -d --pwcheck-remember" $[]
+Execute	.target.bash_output "pam-config -a --cracklib" $[]
+Execute	.target.bash_output "pam-config -d --cracklib-minlen" $[]
+Execute	.target.bash_output "pam-config -d --pwhistory-remember" $[]
 Write	.etc.default.passwd nil true
 Execute	.target.bash "echo 0 > /proc/sys/kernel/sysrq" 0
 Read	.sysconfig.displaymanager.DISPLAYMANAGER ""
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/yast2-security-2.17.12/testsuite/tests/Level3.out new/yast2-security-2.18.1/testsuite/tests/Level3.out
--- old/yast2-security-2.17.12/testsuite/tests/Level3.out	2008-11-11 11:04:42.000000000 +0100
+++ new/yast2-security-2.18.1/testsuite/tests/Level3.out	2009-06-02 22:40:08.000000000 +0200
@@ -79,10 +79,10 @@
 Execute	.target.bash "/sbin/telinit q" 0
 Read	.etc.default.passwd."CRYPT_FILES" nil
 Write	.etc.default.passwd."CRYPT_FILES" "blowfish" true
-Execute	.target.bash_output "pam-config -a --pwcheck-cracklib" $[]
-Execute	.target.bash_output "pam-config -d --pwcheck-no_obscure_checks" $[]
-Execute	.target.bash_output "pam-config -a --pwcheck-minlen=6" $[]
-Execute	.target.bash_output "pam-config -d --pwcheck-remember" $[]
+Execute	.target.bash_output "pam-config -a --cracklib" $[]
+Execute	.target.bash_output "pam-config -a --cracklib" $[]
+Execute	.target.bash_output "pam-config -a --cracklib-minlen=6" $[]
+Execute	.target.bash_output "pam-config -d --pwhistory-remember" $[]
 Write	.etc.default.passwd nil true
 Execute	.target.bash "echo 0 > /proc/sys/kernel/sysrq" 0
 Read	.sysconfig.displaymanager.DISPLAYMANAGER ""
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/yast2-security-2.17.12/testsuite/tests/Read.out new/yast2-security-2.18.1/testsuite/tests/Read.out
--- old/yast2-security-2.17.12/testsuite/tests/Read.out	2008-11-11 11:04:42.000000000 +0100
+++ new/yast2-security-2.18.1/testsuite/tests/Read.out	2009-06-02 22:40:08.000000000 +0200
@@ -50,8 +50,9 @@
 Read	.sysconfig.sysctl.IPV6_FORWARD "r11"
 Dir	.etc.inittab: ["ca"]
 Read	.etc.inittab.ca ":ctrlaltdel:/sbin/shutdown -r -t 4 now"
-Execute	.target.bash_output "pam-config -q --pwcheck" $[]
 Read	.etc.default.passwd."CRYPT_FILES" "blowfish"
 Read	.etc.default.passwd.group_crypt nil
 Read	.etc.default.passwd.crypt "md5"
+Execute	.target.bash_output "pam-config -q --cracklib" $[]
+Execute	.target.bash_output "pam-config -q --pwhistory" $[]
 Return	true
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/yast2-security-2.17.12/testsuite/tests/Read.ycp new/yast2-security-2.18.1/testsuite/tests/Read.ycp
--- old/yast2-security-2.17.12/testsuite/tests/Read.ycp	2008-09-24 14:13:57.000000000 +0200
+++ new/yast2-security-2.18.1/testsuite/tests/Read.ycp	2009-06-02 22:40:08.000000000 +0200
@@ -7,7 +7,7 @@
  * Authors:
  *   Michal Svec <msvec@suse.cz>
  *
- * $Id: Read.ycp 51159 2008-09-15 14:15:47Z lslezak $
+ * $Id: Read.ycp 57402 2009-06-02 20:40:08Z jsuchome $
  *
  * testedfiles: Security.ycp PamSettings.ycp Pam.ycp
  */
@@ -59,7 +59,6 @@
 	    "GID_MAX"			:	"l3",
 	    "GID_MIN"			:	"l4",
 	    "LASTLOG_ENAB"		:	"l5",
-	    "OBSCURE_CHECKS_ENAB"	:	"l6",
 	    "PASS_MAX_DAYS"		:	"l7",
 	    "PASS_MIN_DAYS"		:	"l9",
 	    "PASS_MIN_LEN"		:	"l10",
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/yast2-security-2.17.12/testsuite/tests/Write.out new/yast2-security-2.18.1/testsuite/tests/Write.out
--- old/yast2-security-2.17.12/testsuite/tests/Write.out	2008-11-11 11:04:42.000000000 +0100
+++ new/yast2-security-2.18.1/testsuite/tests/Write.out	2009-06-02 22:40:08.000000000 +0200
@@ -79,10 +79,10 @@
 Execute	.target.bash "/sbin/telinit q" 0
 Read	.etc.default.passwd."CRYPT_FILES" nil
 Write	.etc.default.passwd."CRYPT_FILES" "blowfish" true
-Execute	.target.bash_output "pam-config -d --pwcheck-cracklib" $[]
-Execute	.target.bash_output "pam-config -a --pwcheck-no_obscure_checks" $[]
-Execute	.target.bash_output "pam-config -a --pwcheck-minlen=l10" $[]
-Execute	.target.bash_output "pam-config -d --pwcheck-remember" $[]
+Execute	.target.bash_output "pam-config -d --cracklib" $[]
+Execute	.target.bash_output "pam-config -a --cracklib" $[]
+Execute	.target.bash_output "pam-config -a --cracklib-minlen=l10" $[]
+Execute	.target.bash_output "pam-config -d --pwhistory-remember" $[]
 Write	.etc.default.passwd nil true
 Execute	.target.bash "echo 1 > /proc/sys/kernel/sysrq" 0
 Read	.sysconfig.displaymanager.DISPLAYMANAGER ""
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/yast2-security-2.17.12/testsuite/tests/Write.ycp new/yast2-security-2.18.1/testsuite/tests/Write.ycp
--- old/yast2-security-2.17.12/testsuite/tests/Write.ycp	2008-09-24 14:13:57.000000000 +0200
+++ new/yast2-security-2.18.1/testsuite/tests/Write.ycp	2009-06-02 22:40:08.000000000 +0200
@@ -7,7 +7,7 @@
  * Authors:
  *   Michal Svec <msvec@suse.cz>
  *
- * $Id: Write.ycp 51200 2008-09-17 07:29:33Z lslezak $
+ * $Id: Write.ycp 57402 2009-06-02 20:40:08Z jsuchome $
  *
  * testedfiles: Security.ycp PamSettings.ycp Pam.ycp
  */
@@ -30,7 +30,6 @@
     "GID_MIN"			:	"l4",
     "DISPLAYMANAGER_SHUTDOWN"	:	"r3",
     "LASTLOG_ENAB"		:	"l5",
-    "OBSCURE_CHECKS_ENAB"	:	"l6",
     "PASS_MAX_DAYS"		:	"l7",
     "PASS_MIN_DAYS"		:	"l9",
     "PASS_MIN_LEN"		:	"l10",
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/yast2-security-2.17.12/VERSION new/yast2-security-2.18.1/VERSION
--- old/yast2-security-2.17.12/VERSION	2008-11-28 13:30:04.000000000 +0100
+++ new/yast2-security-2.18.1/VERSION	2009-06-22 07:56:00.000000000 +0200
@@ -1 +1 @@
-2.17.12
+2.18.1


++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++



Remember to have fun...

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-commit+help@opensuse.org

    

root＠Hilbert.suse.de

tags

participants (1)