A Security Tool that Provides Authentication for Applications
PAM (Pluggable Authentication Modules) is a system security tool that
allows system administrators to set authentication policies without
having to recompile programs that do authentication.
- Developed at Linux-PAM
-
6
derived packages
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout openSUSE:Factory/pam && cd $_ - Create Badge
Refresh
Refresh
Source Files
| Filename | Size | Changed |
|---|---|---|
| Linux-PAM-1.5.0-docs.tar.xz | 0000441644 431 KB | |
| Linux-PAM-1.5.0.tar.xz | 0000972228 949 KB | |
| _service | 0000000514 514 Bytes | |
| _servicedata | 0000000221 221 Bytes | |
| baselibs.conf | 0000000039 39 Bytes | |
| common-account.pamd | 0000000380 380 Bytes | |
| common-auth.pamd | 0000000462 462 Bytes | |
| common-password.pamd | 0000000435 435 Bytes | |
| common-session.pamd | 0000000482 482 Bytes | |
| other.pamd | 0000000251 251 Bytes | |
| pam-bsc1177858-dont-free-environment-string.patch | 0000000965 965 Bytes | |
| pam-hostnames-in-access_conf.patch | 0000004623 4.51 KB | |
| pam-limit-nproc.patch | 0000000412 412 Bytes | |
| pam-login_defs-check.sh | 0000001405 1.37 KB | |
| pam-pam_cracklib-add-usersubstr.patch | 0000002249 2.2 KB | |
| pam-xauth_ownership.patch | 0000003385 3.31 KB | |
| pam.changes | 0000066060 64.5 KB | |
| pam.spec | 0000014976 14.6 KB | |
| pam_cracklib-removal.patch | 0000055086 53.8 KB | |
| pam_tally2-removal.patch | 0000041671 40.7 KB | |
| securetty | 0000000161 161 Bytes | |
| unix2_chkpwd.8 | 0000001739 1.7 KB | |
| unix2_chkpwd.c | 0000006885 6.72 KB |
Revision 107 (latest revision is 142)
Dominique Leuenberger (dimstar_suse)
accepted
request 849468
from
Thorsten Kukuk (kukuk)
(revision 107)
- Update to 1.5.0
- obsoletes pam-bsc1178727-initialize-daysleft.patch
- Multiple minor bug fixes, portability fixes, and documentation improvements.
- Extended libpam API with pam_modutil_check_user_in_passwd function.
- pam_faillock: changed /run/faillock/$USER permissions from 0600 to 0660.
- pam_motd: read motd files with target user credentials skipping unreadable ones.
- pam_pwhistory: added a SELinux helper executable.
- pam_unix, pam_usertype: implemented avoidance of certain timing attacks.
- pam_wheel: implemented PAM_RUSER fallback for the case when getlogin fails.
- pam_env: Reading of the user environment is deprecated and will be removed
at some point in the future.
- libpam: pam_modutil_drop_priv() now correctly sets the target user's
supplementary groups, allowing pam_motd to filter messages accordingly
- Refresh pam-xauth_ownership.patch
- pam_tally2-removal.patch: Re-add pam_tally2 for deprecated sub-package
- pam_cracklib-removal.patch: Re-add pam_cracklib for deprecated sub-package
- pam_cracklib: added code to check whether the password contains
a substring of of the user's name of at least <N> characters length
in some form.
This is enabled by the new parameter "usersubstr=<N>"
See https://github.com/libpwquality/libpwquality/commit/bfef79dbe6aa525e9557bf4b0a61e6dde12749c4
[jsc#SLE-16719, jsc#SLE-16720, pam-pam_cracklib-add-usersubstr.patch]
- pam_xauth.c: do not free() a string which has been (successfully)
passed to putenv().
[bsc#1177858, pam-bsc1177858-dont-free-environment-string.patch]
- Initialize pam_unix pam_sm_acct_mgmt() local variable "daysleft"
to avoid spurious (and misleading)
Comments 0