| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
| |
Until before, in this case PAM_AUTH_ERR was returned. This leads to unknown
users being logged with the unknown username.
Now it resembles the behaviour of other modules like pam_unix in this case.
|
|
|
|
|
|
|
|
| |
Allocate the path buffer in check_acl() dynamically using asprintf(),
so there is no need to use a PATH_MAX-fixed size buffer. The fallback
PATH_MAX definition is no more needed, thus is dropped.
Make sure that paths too long still result in PAM_SESSION_ERR.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To support OSes without PATH_MAX (which is optional in POSIX), there are
two code paths for the 'newsource' and 'newdest' variables: one using
a PATH_MAX-sized stack buffer, and one using heap allocation. The second
is even more complicated than needed, doing manual calculations and
allocations.
To simplify the code a bit more, easing its maintenance, unify the two
using asprintf() to allocate 'newsource' and 'newdest': the extra
allocation needed should not be an issue, since this code runs in a
separate helper executable.
As additional change for this simplification, remove the reset to the
two variables to NULL right after their free(), which is not needed
since their scopes end.
|
|
|
|
|
|
|
|
|
|
| |
Even if this module is supported officially on Linux, make sure it can
still build fine on non-Linux OSes, to ease its testing/fixing a bit:
- build parse_kernel_limits() and stuff needed for it only on Linux,
as it is called already only on Linux
- limit the code needed to apply the 'nonewprivs' options to Linux only,
as it uses a Linux-specific way to set it; add a syslog message for
other OSes
|
|
|
|
|
|
| |
termio.h is the old System V version of the interface header, and is
only provided in glibc and dietlibc as far as I can tell.
This fixes it to use the POSIX termios.h instead.
|
|
|
|
|
|
| |
Currently translated at 100.0% (101 of 101 strings).
Translate-URL: https://translate.fedoraproject.org/projects/linux-pam/master/ko/
|
|
|
|
|
|
| |
Currently translated at 76.2% (77 of 101 strings).
Translate-URL: https://translate.fedoraproject.org/projects/linux-pam/master/hu/
|
|
|
|
|
|
|
|
| |
Allow the user to not build the examples through --disable-examples
(enabled by default); this can be useful:
- when cross-compiling, as the examples are not useful
- in distribution builds, not building stuff that is not used in any
way
|
|
|
|
|
|
|
| |
On some systems (e.g. GNU/Hurd), read() succeeds on the fd of a
directory; since the module assumes that read() fails (and thus
pam_modutil_read() as well), manually fail in case the open fd refers
to a directory.
|
|
|
|
|
| |
PATH_MAX is optional in POSIX, and not defined on GNU/Hurd; hence,
in case it is not defined, define BUFLEN directly to LINE_MAX.
|
|
|
|
|
| |
Allocate the buffers dynamically using asprintf(), so there is no need
to use PATH_MAX-fixed size buffers.
|
|
|
|
|
|
| |
PATH_MAX is optional in POSIX, and not defined on GNU/Hurd; since these
sources are tests, it is fine to hardcoded a fallback value that allows
the tests to build and run.
|
|
|
|
|
|
|
|
| |
GCC and Clang only define the macro `linux` when using the GNU dialect
of C (e.g. -std=gnu11 instead of -std=c11). Since `linux` is also not
in a reserved namespace it might be target of collisions.
Use the canonical macro `__linux__` instead (already used in
pam_limits.c).
|
|
|
|
|
|
| |
Regenerate po/Linux-PAM.pot and po/*.po using "make -C po update-po"
command. This essentially updates the project version, line numbers,
and timestamps.
|
|
|
|
|
| |
* configure.ac (AC_INIT): Raise version to 1.5.3.
* NEWS: Update.
|
|
|
|
|
|
| |
Currently translated at 100.0% (101 of 101 strings).
Translate-URL: https://translate.fedoraproject.org/projects/linux-pam/master/ro/
|
|
|
|
|
|
| |
Currently translated at 100.0% (101 of 101 strings).
Translate-URL: https://translate.fedoraproject.org/projects/linux-pam/master/ko/
|
|
|
|
|
|
|
| |
* modules/pam_succeed_if/pam_succeed_if.c (evaluate): Do not use the
result of keyword substitution for keyword match.
Resolves: https://github.com/linux-pam/linux-pam/issues/560
|
|
|
|
| |
Link: https://github.com/linux-pam/linux-pam/pull/550#issuecomment-1490362439
|
|
|
|
|
|
|
| |
* Make.xml.rules.in: Avoid conflicting profile.condition settings.
* configure.ac: Likewise.
Resolves: https://github.com/linux-pam/linux-pam/issues/553
|
|
|
|
|
|
|
| |
* modules/pam_timestamp/Makefile.am: Only build hmacfile target when
openssl isn't enabled.
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
|
|
|
|
|
|
| |
pam_end.3 has additional and important information about PAM_DATA_SILENT,
copy it to pam_set_data.3 since that describes the cleanup callback where
it will be set.
|
| |
|
|
|
|
|
|
| |
configure.ac: Disable NIS if RPC or YP header files are missing
modules/pam_unix/support.c: Use HAVE_NIS to check for header file presence
modules/pam_unix/pam_unix_passwd.c: Use HAVE_NIS, too
|
|
|
|
|
| |
doc/Makefile.am: Replace custom-html.xsl and custom-man.xsl with
custom-html.xsl.in and custom-man.xsl.in EXTRA_DIST
|
|
|
|
| |
This should fix shellcheck warning SC2004.
|
|
|
|
|
|
| |
* pgp.keys.asc: Replace with the key used to sign v1.5.2.
Resolves: https://github.com/linux-pam/linux-pam/issues/544
|
|
|
|
|
|
|
|
|
|
| |
bcba17939e1b1a568cd4a764534cde74d37078cc started using pam_overwrite_n()
without providing the definition to this function, which causes a build
failure.
modules/pam_timestamp/hmac_openssl_wrapper.c: include pam_inline.h
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
|
|
|
|
|
|
| |
Currently translated at 100.0% (101 of 101 strings).
Translate-URL: https://translate.fedoraproject.org/projects/linux-pam/master/pa/
|
|
|
|
|
|
| |
man/pam_item_types_std.inc.xml: In the past, PAM_TTY was used for tty
devices and $DISPLAY variables for X-based applications. With the
introduction of PAM_DISPLAY PAM_TTY should only be used for devices.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use empty initialization of structs to minimize the memset() usage, to
reduce the amount of calls which are not sensitive.
Non trivial changes:
- pam_env:
* erase environment variables where possible
- pam_exec:
* erase responce on error
* erase auth token
- pam_pwhistory:
* erase buffers containing old passwords
- pam_selinux: skip overwriting data structure consisting of only
pointers to insensitive data, which also gets free'd afterwards (so
it currently does not protect against double-free or use-after-free on
the member pointers)
- pam_unix: erase cipher data in more places
- pam_userdb: erase password hashes
|
| |
|
| |
|
|
|
|
|
|
| |
Non trivial changes:
- erase responses in pam_get_authtok_internal() on error branch
|
|
|
|
|
|
|
|
|
|
| |
Avoid compiler optimizations to elide the memory erasure by using a
secure method: either memset_explicit() [C23], bzero_explicit() [glibc
2.25] or a manual memory barrier.
Since the current helpers _pam_overwrite*() and _pam_drop_reply() are
publicly exported, create new ones in "pam_inline.h" and deprecate the
old ones.
|
|
|
|
|
|
| |
Free the environment variables list via the designated helper
free_string_array() rather than free its elements in a loop, which might
skip some.
|
|
|
|
|
| |
On failure the content of the string pointer passed to asprintf(3) is
undefined. Set to NULL before free'ing the parent array.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The struct utmp from glibc uses on many 64bit architectures a 32bit
time_t for compatibility with a 32bit userland, which means utmp will
not survive the year 2038 (32bit time_t overflow). Use the data from
logind instead of utmp.
* configure.ac: Add option --enable-logind
* modules/pam_issue/Makefile.am: Add CFLAGS/LIBS for logind support
* modules/pam_issue/pam_issue.c: Use sd_get_sessions instead of utmp
* modules/pam_timestamp/Makefile.am: Add CFLAGS/LIBS for logind support
* modules/pam_timestamp/pam_timestamp.c: query logind for login time
|
|
|
|
|
|
| |
Currently translated at 16.8% (17 of 101 strings).
Translate-URL: https://translate.fedoraproject.org/projects/linux-pam/master/sl/
|
|
|
|
|
|
| |
Currently translated at 100.0% (101 of 101 strings).
Translate-URL: https://translate.fedoraproject.org/projects/linux-pam/master/he/
|
|
|
|
|
|
|
|
|
|
| |
Make /usr/lib/pam.d and <vendordir>/pam.d more visible in the standard
manual pages, so that people don't assume there is only /etc/pam.d
* doc/man/pam.8.xml: Don't always speak about /etc/pam.d only
* doc/man/pam.conf-desc.xml: Don't always speak about /etc/pam.d only
* doc/man/pam.conf-dir.xml: Explain search path for pam config files
* doc/man/pam.conf.5.xml: Add filelist with all pam.d directories
|
|
|
|
|
|
|
|
|
|
|
|
| |
pam_lastlog uses utmp, wtmp, btmp and lastlog. None of them is Y2038
safe, even on 64bit architectures. Most 64bit architectures use 32bit
time_t for compat reasons with 32bit userland.
Additionally, all relevant tools for which pam_lastlog would make sense
already have their own support for all four files, so this module will
most likely only create duplicate entries.
* configure.ac: don't build pam_lastlog by default.
* ci/run-build-and-tests.sh: enable pam_lastlog.
|
|
|
|
|
|
|
|
|
| |
utmp uses 32bit time_t for compatibility with 32bit userland on some
64bit systems and is thus not Y2038 safe. Use getlogin() from libc
which avoids using utmp and is more safe than the old utmp-based
implementation by using /proc/self/loginuid.
* libpam/pam_modutil_getlogin.c: Use getlogin() instead of parsing utmp
|
|
|
|
|
|
| |
Currently translated at 100.0% (101 of 101 strings).
Translate-URL: https://translate.fedoraproject.org/projects/linux-pam/master/cs/
|
|
|
|
|
|
| |
Currently translated at 100.0% (101 of 101 strings).
Translate-URL: https://translate.fedoraproject.org/projects/linux-pam/master/ko/
|
|
|
|
|
|
| |
Currently translated at 100.0% (101 of 101 strings).
Translate-URL: https://translate.fedoraproject.org/projects/linux-pam/master/hr/
|
|
|
|
|
|
| |
Currently translated at 100.0% (101 of 101 strings).
Translate-URL: https://translate.fedoraproject.org/projects/linux-pam/master/kk/
|
|
|
|
|
|
| |
Currently translated at 100.0% (101 of 101 strings).
Translate-URL: https://translate.fedoraproject.org/projects/linux-pam/master/de/
|
|
|
|
|
|
| |
Currently translated at 100.0% (101 of 101 strings).
Translate-URL: https://translate.fedoraproject.org/projects/linux-pam/master/sv/
|