Hello community, here is the log from the commit of package pam-modules checked in at Sat Aug 30 02:53:42 CEST 2008. -------- --- pam-modules/pam-modules.changes 2008-08-20 14:59:56.000000000 +0200 +++ pam-modules/pam-modules.changes 2008-08-28 17:19:23.000000000 +0200 @@ -1,0 +2,5 @@ +Thu Aug 28 17:19:02 CEST 2008 - kukuk@suse.de + +- pam_unix2: make session logging more verbose + +------------------------------------------------------------------- Old: ---- pam_unix2-2.5.1-passwd.dif pam_unix2-2.5.1.tar.bz2 New: ---- pam_unix2-2.6.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ pam-modules.spec ++++++ --- /var/tmp/diff_new_pack.oZD903/_old 2008-08-30 02:51:49.000000000 +0200 +++ /var/tmp/diff_new_pack.oZD903/_new 2008-08-30 02:51:49.000000000 +0200 @@ -29,9 +29,9 @@ Group: System/Libraries AutoReqProv: on Version: 11.0.42 -Release: 17 +Release: 20 Summary: Additional PAM Modules -Source0: pam_unix2-2.5.1.tar.bz2 +Source0: pam_unix2-2.6.tar.bz2 Source1: pam_pwcheck-3.11.1.tar.bz2 Source2: pam_homecheck-2.0.tar.bz2 Source5: pam_make-1.2.tar.bz2 @@ -39,7 +39,6 @@ Source41: unix2_chkpwd.8 Source50: dlopen.sh Patch1: pam-modules-10.3-pam_make-fix-open.dif -Patch2: pam_unix2-2.5.1-passwd.dif BuildRoot: %{_tmppath}/%{name}-%{version}-build PreReq: permissions @@ -56,7 +55,6 @@ %prep %setup -q -c %{name} -b1 -b2 -b5 %patch1 -%patch2 -p1 %build for i in * ; do @@ -127,6 +125,8 @@ %attr(644,root,root) %doc %{_mandir}/man8/unix2_chkpwd.8.gz %changelog +* Thu Aug 28 2008 kukuk@suse.de +- pam_unix2: make session logging more verbose * Wed Aug 20 2008 prusnak@suse.cz - enabled SELinux support [Fate#303662] * Mon Aug 11 2008 mc@suse.de ++++++ pam_unix2-2.5.1.tar.bz2 -> pam_unix2-2.6.tar.bz2 ++++++ diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_unix2-2.5.1/ChangeLog new/pam_unix2-2.6/ChangeLog --- old/pam_unix2-2.5.1/ChangeLog 2008-04-11 10:58:32.000000000 +0200 +++ new/pam_unix2-2.6/ChangeLog 2008-08-28 17:10:56.000000000 +0200 @@ -1,3 +1,20 @@ +2008-08-28 Thorsten Kukuk <kukuk@suse.de> + + * releae version 2.6 + + * src/unix_sess.c: Log tty and hostname if available. + + * src/unix_passwd.c: Compare stored with entered password + if PAM_CHANGE_EXPIRED_AUTHTOK flag is set [bnc#414783]. + + * po/*.po: Update translations. + +2008-05-23 Thorsten Kukuk <kukuk@suse.de> + + * release version 2.5.1 + + * po/*.po: Update translations. + 2008-04-10 Thorsten Kukuk <kukuk@suse.de> * release 2.5.0 diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_unix2-2.5.1/configure new/pam_unix2-2.6/configure --- old/pam_unix2-2.5.1/configure 2008-05-23 15:50:32.000000000 +0200 +++ new/pam_unix2-2.6/configure 2008-08-28 17:01:36.000000000 +0200 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.61 for pam_unix2 2.5.1. +# Generated by GNU Autoconf 2.61 for pam_unix2 2.6. # # Report bugs to <http://www.suse.de/feedback>. # @@ -574,8 +574,8 @@ # Identity of this package. PACKAGE_NAME='pam_unix2' PACKAGE_TARNAME='pam_unix2' -PACKAGE_VERSION='2.5.1' -PACKAGE_STRING='pam_unix2 2.5.1' +PACKAGE_VERSION='2.6' +PACKAGE_STRING='pam_unix2 2.6' PACKAGE_BUGREPORT='http://www.suse.de/feedback' ac_unique_file="src/support.c" @@ -1232,7 +1232,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures pam_unix2 2.5.1 to adapt to many kinds of systems. +\`configure' configures pam_unix2 2.6 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1302,7 +1302,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of pam_unix2 2.5.1:";; + short | recursive ) echo "Configuration of pam_unix2 2.6:";; esac cat <<\_ACEOF @@ -1398,7 +1398,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -pam_unix2 configure 2.5.1 +pam_unix2 configure 2.6 generated by GNU Autoconf 2.61 Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001, @@ -1412,7 +1412,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by pam_unix2 $as_me 2.5.1, which was +It was created by pam_unix2 $as_me 2.6, which was generated by GNU Autoconf 2.61. Invocation command line was $ $0 $@ @@ -2102,7 +2102,7 @@ # Define the identity of the package. PACKAGE='pam_unix2' - VERSION='2.5.1' + VERSION='2.6' cat >>confdefs.h <<_ACEOF @@ -8198,7 +8198,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by pam_unix2 $as_me 2.5.1, which was +This file was extended by pam_unix2 $as_me 2.6, which was generated by GNU Autoconf 2.61. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -8251,7 +8251,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF ac_cs_version="\\ -pam_unix2 config.status 2.5.1 +pam_unix2 config.status 2.6 configured by $0, generated by GNU Autoconf 2.61, with options \\"`echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`\\" diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_unix2-2.5.1/configure.in new/pam_unix2-2.6/configure.in --- old/pam_unix2-2.5.1/configure.in 2008-05-23 15:50:25.000000000 +0200 +++ new/pam_unix2-2.6/configure.in 2008-08-28 17:00:31.000000000 +0200 @@ -1,5 +1,5 @@ dnl Process this file with autoconf to produce a configure script. -AC_INIT(pam_unix2, 2.5.1, http://www.suse.de/feedback, pam_unix2) +AC_INIT(pam_unix2, 2.6, http://www.suse.de/feedback, pam_unix2) AM_INIT_AUTOMAKE AC_CONFIG_SRCDIR([src/support.c]) AM_CONFIG_HEADER(config.h) diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_unix2-2.5.1/NEWS new/pam_unix2-2.6/NEWS --- old/pam_unix2-2.5.1/NEWS 2008-05-23 15:52:24.000000000 +0200 +++ new/pam_unix2-2.6/NEWS 2008-08-28 17:00:56.000000000 +0200 @@ -5,6 +5,9 @@ Please send bug reports, questions and suggestions to <kukuk@suse.de>. +Version 2.6 +* Enhance log message for starting/closing a session + Version 2.5.1 * Update translations Files old/pam_unix2-2.5.1/po/el.gmo and new/pam_unix2-2.6/po/el.gmo differ diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_unix2-2.5.1/po/el.po new/pam_unix2-2.6/po/el.po --- old/pam_unix2-2.5.1/po/el.po 2008-05-23 15:52:27.000000000 +0200 +++ new/pam_unix2-2.6/po/el.po 2008-08-28 17:10:14.000000000 +0200 @@ -1,4 +1,4 @@ -# translation of pam_unix2.el.po to Hellenic +# translation of pam_unix2.el.po to Ελληνικά # @TITLE@ # Copyright (C) 2006, SUSE Linux GmbH, Nuremberg # @@ -12,9 +12,9 @@ "Project-Id-Version: pam_unix2.el\n" "Report-Msgid-Bugs-To: kukuk@suse.de\n" "POT-Creation-Date: 2008-03-31 15:10+0200\n" -"PO-Revision-Date: 2008-03-31 11:20+0100\n" +"PO-Revision-Date: 2008-06-06 01:04+0100\n" "Last-Translator: Vasileios Giannakopoulos <billg@billg.gr>\n" -"Language-Team: Hellenic <billg@billg.gr>\n" +"Language-Team: Ελληνικά <billg@billg.gr>\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" Files old/pam_unix2-2.5.1/po/ko.gmo and new/pam_unix2-2.6/po/ko.gmo differ diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_unix2-2.5.1/po/ko.po new/pam_unix2-2.6/po/ko.po --- old/pam_unix2-2.5.1/po/ko.po 2008-05-23 15:52:27.000000000 +0200 +++ new/pam_unix2-2.6/po/ko.po 2008-08-28 17:10:14.000000000 +0200 @@ -223,4 +223,4 @@ #: src/unix_passwd.c:1048 msgid "Error while changing the NIS password." -msgstr "NIS 열쇠글을 변경중 오류" +msgstr "NIS 열쇠글을 변경 중 오류" Files old/pam_unix2-2.5.1/po/ro.gmo and new/pam_unix2-2.6/po/ro.gmo differ diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_unix2-2.5.1/po/ro.po new/pam_unix2-2.6/po/ro.po --- old/pam_unix2-2.5.1/po/ro.po 2008-05-23 15:52:27.000000000 +0200 +++ new/pam_unix2-2.6/po/ro.po 2008-08-26 13:19:58.000000000 +0200 @@ -30,11 +30,11 @@ #: src/unix_acct.c:102 src/unix_acct.c:150 msgid "Your password has expired. Choose a new password." -msgstr "Parola dvs. a expirat. Alegeţi o nouă parolă." +msgstr "Parola dvs. a expirat. Alegeți o nouă parolă." #: src/unix_acct.c:129 msgid "Password change requested. Choose a new password." -msgstr "Este necesară schimbarea parolei. Alegeţi o nouă parolă." +msgstr "Este necesară schimbarea parolei. Alegeți o nouă parolă." #: src/unix_acct.c:288 #, c-format @@ -65,21 +65,21 @@ #: src/unix_passwd.c:85 msgid "Reenter New Password: " -msgstr "Reintroduceţi noua parolă: " +msgstr "Reintroduceți noua parolă: " #: src/unix_passwd.c:214 msgid "You can only change local passwords." -msgstr "Puteţi schimba numai parolele locale." +msgstr "Puteți schimba numai parolele locale." #: src/unix_passwd.c:284 #, c-format msgid "Less then %d weeks since the last change." -msgstr "Au trecut mai puţin de %d săptămâni de la ultima schimbare." +msgstr "Au trecut mai puțin de %d săptămâni de la ultima schimbare." #: src/unix_passwd.c:288 #, c-format msgid "Less then %d days since the last change." -msgstr "Au trecut mai puţin de %d zile de la ultima schimbare." +msgstr "Au trecut mai puțin de %d zile de la ultima schimbare." #: src/unix_passwd.c:340 src/unix_passwd.c:355 msgid "Password change aborted." @@ -120,11 +120,11 @@ #: src/unix_passwd.c:493 #, c-format msgid "Unable to obtain entropy from %s" -msgstr "Nu pot obţine entropia de la %s" +msgstr "Nu pot obține entropia de la %s" #: src/unix_passwd.c:508 msgid "Unable to generate a salt. Check your crypt settings." -msgstr "Nu pot genera salt. Verificaţi setările crypt." +msgstr "Nu pot genera salt. Verificați setările crypt." #: src/unix_passwd.c:634 msgid "Cannot create salt for standard crypt" @@ -152,11 +152,11 @@ #: src/unix_passwd.c:695 msgid "crypt_r() returns NULL pointer" -msgstr "crypt_r() returns NULL pointer" +msgstr "c_ryptr()întoarce un pointer NULL" #: src/unix_passwd.c:718 msgid "Cannot lock password file: already locked." -msgstr "Nu pot bloca fişierul de parolă: este deja blocat." +msgstr "Nu pot bloca fișierul de parolă: este deja blocat." #: src/unix_passwd.c:745 src/unix_passwd.c:806 src/unix_passwd.c:889 #: src/unix_passwd.c:950 @@ -172,7 +172,7 @@ #: src/unix_passwd.c:780 src/unix_passwd.c:924 #, c-format msgid "Cannot create temp file (%s): %m" -msgstr "Nu pot crea fişierul temporar (%s): %m" +msgstr "Nu pot crea fișierul temporar (%s): %m" #: src/unix_passwd.c:788 src/unix_passwd.c:932 #, c-format @@ -187,37 +187,37 @@ #: src/unix_passwd.c:836 #, c-format msgid "Error while writing new shadow file: %m" -msgstr "Eroare la scrierea noului fişier shadow: %m" +msgstr "Eroare la scrierea noului fișier shadow: %m" #: src/unix_passwd.c:846 #, c-format msgid "Error while closing old shadow file: %m" -msgstr "Eroare la închiderea vechiului fişier shadow: %m" +msgstr "Eroare la închiderea vechiului fișier shadow: %m" #: src/unix_passwd.c:854 #, c-format msgid "Error while closing temporary shadow file: %m" -msgstr "Eroare la închiderea fişierului shadow temporar: %m" +msgstr "Eroare la închiderea fișierului shadow temporar: %m" #: src/unix_passwd.c:861 src/unix_passwd.c:1001 #, c-format msgid "Cannot create backup file of %s: %m" -msgstr "Nu pot crea fişier de backup pentru %s: %m" +msgstr "Nu pot crea fișier de backup pentru %s: %m" #: src/unix_passwd.c:976 #, c-format msgid "Error while writing new password file: %m" -msgstr "Eroare la scrierea noului fişier password: %m" +msgstr "Eroare la scrierea noului fișier password: %m" #: src/unix_passwd.c:986 #, c-format msgid "Error while closing old password file: %m" -msgstr "Eroare la închiderea vechiului fişier password: %m" +msgstr "Eroare la închiderea vechiului fișier password: %m" #: src/unix_passwd.c:994 #, c-format msgid "Error while closing temporary password file: %m" -msgstr "Eroare la închiderea fişierului password temporar: %m" +msgstr "Eroare la închiderea fișierului password temporar: %m" #: src/unix_passwd.c:1033 #, c-format diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_unix2-2.5.1/src/unix_passwd.c new/pam_unix2-2.6/src/unix_passwd.c --- old/pam_unix2-2.5.1/src/unix_passwd.c 2008-04-11 11:37:03.000000000 +0200 +++ new/pam_unix2-2.6/src/unix_passwd.c 2008-08-28 16:33:06.000000000 +0200 @@ -254,7 +254,7 @@ if (flags & PAM_PRELIM_CHECK) { /* Check if the old password was correct. */ - if (getuid () && strcmp (data->oldpassword, + if ((getuid () || (flags & PAM_CHANGE_EXPIRED_AUTHTOK)) && strcmp (data->oldpassword, crypt_r (oldpass, data->oldpassword, &output)) != 0) { if (options.debug) diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/pam_unix2-2.5.1/src/unix_sess.c new/pam_unix2-2.6/src/unix_sess.c --- old/pam_unix2-2.5.1/src/unix_sess.c 2006-01-17 13:41:06.000000000 +0100 +++ new/pam_unix2-2.6/src/unix_sess.c 2008-08-28 16:55:30.000000000 +0200 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2006 SUSE Linux Products GmbH Nuernberg,Germany. + * Copyright (c) 2006, 2008 SUSE Linux Products GmbH Nuernberg,Germany. * Copyright (c) 1999, 2000, 2002, 2003, 2004 SuSE GmbH Nuernberg, Germany. * Author: Thorsten Kukuk <kukuk@suse.de> * @@ -52,14 +52,15 @@ #include "public.h" -int -pam_sm_open_session (pam_handle_t *pamh, int flags, int argc, - const char **argv) +static int +pam_log_session (pam_handle_t *pamh, int flags, int argc, + const char **argv, const char *kind) { int retval; const char *name; - char *service; + char *service, *tty, *rhost; options_t options; + char *logmsg = NULL; memset (&options, 0, sizeof (options)); options.log_level = -1; /* Initialize to default "none". */ @@ -88,52 +89,57 @@ if (service == NULL) return PAM_CONV_ERR; - pam_syslog (pamh, options.log_level, - "session started for user %s, service %s\n", - name, service); - - return PAM_SUCCESS; -} - -int -pam_sm_close_session (pam_handle_t * pamh, int flags, - int argc, const char **argv) -{ - int retval; - const char *name; - char *service; - options_t options; + retval = pam_get_item(pamh, PAM_TTY, (void *) &tty); + if (retval !=PAM_SUCCESS) + return retval; - memset (&options, 0, sizeof (options)); - options.log_level = -1; /* Initialize to default "none". */ + retval = pam_get_item(pamh, PAM_RHOST, (void *) &rhost); + if (retval !=PAM_SUCCESS) + return retval; - if (get_options (pamh, &options, "session", argc, argv) < 0) + if (tty && !rhost) { - pam_syslog (pamh, LOG_ERR, "cannot get options"); - return PAM_SYSTEM_ERR; + if (asprintf (&logmsg, "session %s for user %s: service=%s, tty=%s", + kind, name, service, tty) == -1) + return PAM_SESSION_ERR; + } + else if (!tty && rhost) + { + if (asprintf (&logmsg, + "session %s for user %s: service=%s, rhost=%s", + kind, name, service, rhost) == -1) + return PAM_SESSION_ERR; + } + else if (tty && rhost) + { + if (asprintf (&logmsg, + "session %s for user %s: service=%s, tty=%s, rhost=%s", + kind, name, service, tty, rhost) == -1) + return PAM_SESSION_ERR; + } + else + { + if (asprintf (&logmsg, "session %s for user %s: service=%s", + kind, name, service) == -1) + return PAM_SESSION_ERR; } - /* get the user name */ - if ((retval = pam_get_user (pamh, &name, NULL)) != PAM_SUCCESS) - return retval; - - if (name == NULL || name[0] == '\0') - return PAM_SESSION_ERR; - - /* Move this after getting the user name, else PAM test suite - will not pass ... */ - if (options.log_level == -1) - return PAM_SUCCESS; + pam_syslog (pamh, options.log_level, logmsg); + free (logmsg); - retval = pam_get_item (pamh, PAM_SERVICE, (void *) &service); - if (retval != PAM_SUCCESS) - return retval; - if (service == NULL) - return PAM_CONV_ERR; + return PAM_SUCCESS; +} - pam_syslog (pamh, options.log_level, - "session finished for user %s, service %s\n", - name, service); +int +pam_sm_open_session (pam_handle_t *pamh, int flags, int argc, + const char **argv) +{ + return pam_log_session (pamh, flags, argc, argv, "started"); +} - return PAM_SUCCESS; +int +pam_sm_close_session (pam_handle_t * pamh, int flags, + int argc, const char **argv) +{ + return pam_log_session (pamh, flags, argc, argv, "finished"); } ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org