Commit Graph

49 Commits

Author SHA1 Message Date
Stanislav Vovk
da9006ac51 libpam: fix CVE-2024-10963
Upstream-Status: Backport from 940747f88c

(From OE-Core rev: 2be498fd0872d7ccbf0e9b2eb0a1d4879823c968)

Signed-off-by: Stanislav Vovk <stanislav.vovk@est.tech>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2025-09-09 09:08:09 -07:00
Martin Jansa
83fac1162d libpam: re-add missing libgen include
It was added by original commit for CVE-2025-6020-01.patch
475bd60c55 (diff-05f443e6acbe32a148a45648148739bf6f02f13acc5c20c6037bf933223d4d77)
but removed here in the rebase, causing:

../../../Linux-PAM-1.5.3/modules/pam_namespace/pam_namespace.c:326:11: error: call to undeclared function 'dirname'; ISO C99 and later do not support implicit function declarations [-Wimplicit-function-declaration]
  326 |         parent = dirname(buf);
      |                  ^
../../../Linux-PAM-1.5.3/modules/pam_namespace/pam_namespace.c:326:9: error: incompatible integer to pointer conversion assigning to 'char*' from 'int' [-Wint-conversion]
  326 |         parent = dirname(buf);
      |                ^ ~~~~~~~~~~~~

(From OE-Core rev: 6d88a28ac7b6ff61808eb46e5c85dabd17c77f2e)

Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2025-08-20 07:37:19 -07:00
Hitendra Prajapati
cf89d7b3bf libpam: fix CVE-2025-6020
Upstream-Status: Backport from 475bd60c55 && 592d84e126 && 976c200793

(From OE-Core rev: dd5bbac75b1d8f7ebd83d5c9945bd860e397ba07)

Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2025-07-29 07:59:52 -07:00
Shubham Kulkarni
46aa1e0eba libpam: Update fix for CVE-2024-10041
Initially, PAM community fixed CVE-2024-10041 in the version v1.6.0 via commit b3020da.
But not all cases were covered with this fix and issues were reported after the release.
In the v1.6.1 release, PAM community fixed these issues via commit b7b9636.
Backport this commit b7b9636, which
Fixes: b3020da ("pam_unix/passverify: always run the helper to obtain shadow password file entries")

Backport from b7b9636208

(From OE-Core rev: 78a04ce17e7d828c0cf8cae2164882683d46275e)

Signed-off-by: Shubham Kulkarni <skulkarni@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2025-05-02 08:20:11 -07:00
Divya Chellam
a5e0237596 libpam: fix CVE-2024-10041
A vulnerability was found in PAM. The secret information is
stored in memory, where the attacker can trigger the victim
program to execute by sending characters to its standard
input (stdin). As this occurs, the attacker can train the
branch predictor to execute an ROP chain speculatively.
This flaw could result in leaked passwords, such as those
found in /etc/shadow while performing authentications.

References:
https://security-tracker.debian.org/tracker/CVE-2024-10041

Upstream patches:
b3020da7da

(From OE-Core rev: 0e76d9bf150ac3bf96081cc1bda07e03e16fe994)

Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2024-12-13 05:21:54 -08:00
Guðni Már Gilbert
f999c32c8b pam: Fix for CVE-2024-22365
Upstream-Status: Backport from 031bb5a5d0

(From OE-Core rev: 6d4c14e1053089a67a38a8de95625e4ba3fbc32a)

Signed-off-by: Guðni Már Gilbert <gudni.m.g@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2024-08-01 06:08:09 -07:00
Yi Zhao
29621226e2 libpam: fix runtime error in pam_pwhistory moudle
Backport a patch to fix runtime error in pam_pwhistory module when
selinux is enabled:

root@qemux86-64:~# passwd
passwd: System error
passwd: password unchanged

(From OE-Core rev: a985fb71e30d958dcacdcc75f5bbdd0e49f7478a)

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2024-07-09 06:02:55 -07:00
Khem Raj
4fd93a7be4 pam: Fix build with musl
Apply a backported patch

(From OE-Core rev: e4fbb97fda6fe6232df743e655d0488f2353a24e)

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2024-03-18 12:21:45 +00:00
Khem Raj
4c59fc31bf libpam: Fix examples build on musl
This came with latest libpam upgrade

../../Linux-PAM-1.5.3/examples/tty_conv.c:9:10: fatal error: 'termio.h' file not found
         ^~~~~~~~~~
1 error generated.

(From OE-Core rev: 00b5cbad49ccce7f2886b2e70b93e60e054f8f46)

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2023-07-10 11:36:34 +01:00
Alexander Kanavin
084ef1d41a libpam: update 1.5.2 -> 1.5.3
(From OE-Core rev: ddb5e0f8a2cc7c48e1fb53b665e2fd5ed263bb19)

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2023-06-27 16:23:40 +01:00
Zhixiong Chi
c9205c3bfd libpam: Fix the xtests/tst-pam_motd[1|3] failures
Reproducer:
1.Enable the ptest of libpam and build the image.
2.Boot the rootfs with nfs, then run the following tests as root:
 cd /usr/share/Linux-PAM/xtests
 /usr/share/Linux-PAM/xtests# ./run-xtests.sh . tst-pam_motd1
 /usr/share/Linux-PAM/xtests# ./run-xtests.sh . tst-pam_motd3

After applying this patch, the ptest doesn't be failed.

(From OE-Core rev: 549e54ad6a175359b0a57987ccdab8989df9d3a9)

Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2023-04-14 16:44:24 +01:00
Polampalli, Archana
b5596124ee libpam: fix CVE-2022-28321
The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows
authentication bypass for SSH logins. The pam_access.so module doesn't
correctly restrict login if a user tries to connect from an IP address
that is not resolvable via DNS. In such conditions, a user with denied
access to a machine can still get access. NOTE: the relevance of this
issue is largely limited to openSUSE Tumbleweed and openSUSE Factory;
it does not affect Linux-PAM upstream.

References:
https://nvd.nist.gov/vuln/detail/CVE-2022-28321

Upstream patches:
08992030c5
23393bef92

(From OE-Core rev: b1fd799af0086347de1ec4b72d562b1fb490def1)

Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-11-23 18:27:07 +00:00
Beniamin Sandu
d16bdcd478 libpam: use /run instead of /var/run in systemd tmpfiles
Update the deprecated path to remove the systemd warning:

/etc/tmpfiles.d/pam.conf:2: Line references path below
legacy directory /var/run/, updating /var/run/console
/run/console; please update the tmpfiles.d/

(From OE-Core rev: 7865234fadf01a434d1f7097881b70905c1b8aa2)

Signed-off-by: Beniamin Sandu <beniaminsandu@gmail.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-08-10 08:33:45 +01:00
Ricardo Salveti
43299607cc libpam: use /run instead of /var/run in systemd tmpfiles
/var/run in deprecated by systemd, use /run instead, as suggested by systemd.

This fixes the following systemd boot warning:

systemd-tmpfiles[340]: /etc/tmpfiles.d/pam.conf:1: Line references path
below legacy directory /var/run/, updating /var/run/sepermit →
/run/sepermit; please update the tmpfiles.d/ drop-in file accordingly.

(From OE-Core rev: 09eabeff2168c416c18b1c375e095b472830a9b0)

Signed-off-by: Ricardo Salveti <ricardo@foundries.io>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-03-23 12:13:49 +00:00
Mingli Yu
e6cc1b4245 libpam: Backport ptest fix checking whether files exist
Backport a patch to check whether files exist.

Before the patch:
 # ./run-xtests.sh . tst-pam_access1
 mv: cannot stat '/etc/security/opasswd': No such file or directory
 PASS: tst-pam_access1
 mv: cannot stat '/etc/security/opasswd-pam-xtests': No such file or directory
 ==================
 1 tests passed
 0 tests not run
 ==================

After the patch:
 # ./run-xtests.sh . tst-pam_access1
 PASS: tst-pam_access1
 ==================
 1 tests passed
 0 tests not run
 ==================

(From OE-Core rev: 4903fdbace057df2e39c10aaef3440f89748eed2)

Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-12-12 11:27:23 +00:00
Alexander Kanavin
54bead59d9 libpam: update 1.5.1 -> 1.5.2
Drop patches: issues fixed upstream.

Move .pc files to correct place as libpam is instructed to install them in /lib via
--libdir.

(From OE-Core rev: b2aeaab36d7d46d47301d0729b634d182277cfbd)

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-10-11 18:41:37 +01:00
Khem Raj
7cd4258049 libpam: Provide needed env for tst-pam_start_confdir ptest
tst-pam_start_confdir needs a file called confdir and it should reside
in directory pointed by srcdir env variable, therefore copy confdir into
ptest package and export srcdir before running the ptests

(From OE-Core rev: 149d84b7eba8240737a301d0fd75b69e8a767854)

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-05-02 23:21:42 +01:00
Changqing Li
46edbab0b3 libpam: make volatile files created successfully
(From OE-Core rev: f0de19e31122abd225bd75c6202839094194a36d)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-04-23 10:12:08 +01:00
Mingli Yu
065a23550e libpam: add ptest support
Add ptest support.

(From OE-Core rev: 016efb82e90a56707995d2a6addd34e6b28b6b99)

Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-01-27 10:17:45 +00:00
Changqing Li
e377c957b1 libpam: support usrmerge
(From OE-Core rev: d7864a46092b8030accbc8c9a1c9055a762d69ba)

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-01-08 10:10:15 +00:00
Khem Raj
d287745d12 libpam: Drop musl patches
These issues are addressed in libpam overtime and no longer needed thusly
in 1.5.x

(From OE-Core rev: 488c554623839d17436333894f9f4b244347de9d)

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-01-01 23:15:13 +00:00
Alexander Kanavin
b0384720a4 libpam: update 1.3.1 -> 1.5.1
Remove crypt_configure.patch, issue fixed upstream.

Remove pam-security-abstract-securetty-handling.patch and
pam-unix-nullok-secure.patch, patches coming from debian,
difficult to rebase, and their purpose is unclear.

Disable doc generation, as libpam messes up native and target
compiler options.

Adjust dependencies and packaging.

(From OE-Core rev: 43e3d014748b1ccff25c232b1e6d9345859c0f29)

Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2020-12-31 11:53:26 +00:00
haiqing
5d1e4b1c55 libpam: Remove option 'obscure' from common-password
libpam does not support 'obscure' checks to password,
there are the same checks in pam_cracklib module.
And this fix can remove the below error message while
updating password with 'passwd':
pam_unix(passwd:chauthtok):unrecognized option[obscure]

(From OE-Core rev: ea761dbac90be77797308666fe1586b05e3df824)

Signed-off-by: Haiqing Bai <Haiqing.Bai@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2020-06-16 23:39:28 +01:00
Ross Burton
ba6d88d8fa libpam: consolidate a patch to a patch
(From OE-Core rev: 6d79a39856c1b325d0ed6f057d8eaef64e31569f)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-12-28 23:25:41 +00:00
Adrian Bunk
707c0830c6 libpam: Upgrade 1.3.0 -> 1.3.1
Remove patch applied upstream.
Upstream tarball location changed.

(From OE-Core rev: 40b1825a4434334f3513f94775b176545f8d2f3a)

Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-06-04 09:09:42 +01:00
Ross Burton
b65741860f libpam: refresh patches
The patch tool will apply patches by default with "fuzz", which is where if the
hunk context isn't present but what is there is close enough, it will force the
patch in.

Whilst this is useful when there's just whitespace changes, when applied to
source it is possible for a patch applied with fuzz to produce broken code which
still compiles (see #10450).  This is obviously bad.

We'd like to eventually have do_patch() rejecting any fuzz on these grounds. For
that to be realistic the existing patches with fuzz need to be rebased and
reviewed.

(From OE-Core rev: 994e43acc67efeb33d859be071609daa844e9b77)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2018-03-09 09:17:03 -08:00
Richard Purdie
eb40fcf627 meta: Drop remnants of uclibc support
uclibc support was removed a while ago and musl works much better. Start to
remove the various overrides and patches related to uclibc which are no longer
needed.

uclibc support in a layer would still be possible. I have strong reasons to
believe nobody is still using uclibc since patches are missing and I doubt
the metadata even parses anymore.

(From OE-Core rev: 653704e9cf325cb494eb23facca19e9f05132ffd)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-06-22 09:16:00 +01:00
Maxin B. John
87f0a82625 libpam: update to 1.3.0
1.2.1 -> 1.3.0

Remove upstreamed patch:
        a) pam-no-innetgr.patch

Refreshed the following patches for 1.3.0:
        a) crypt_configure.patch
        b) pam-unix-nullok-secure.patch

(From OE-Core rev: ac512ff9fbe41428e3d71d3e943aaa871d8b155a)

Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2016-05-30 15:58:12 +01:00
Khem Raj
f1c034be02 libpam: Fix build with musl
Define strndupa if not available in libc additionally fix headers
to explicitly needed include files which glibc was including indirectly

(From OE-Core rev: 24097d8bb481ed1312c45b2e93527a271f56e4be)

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-12-12 23:42:55 +00:00
Khem Raj
d90d3e88e9 libpam: Fix build with uclibc
libpam needs to adjust for posix utmpx
uclibc now disables utmp

Change-Id: Ibcb7cb621527f318eb8b6e2741647ccb4c6bb39c
(From OE-Core rev: e4c8a15d36d05d2b17b1dcf1d4238616c5b814f5)

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-10-27 07:24:26 +00:00
Richard Purdie
c75cefe8a3 libpam: Fix patch broken during upgrade
"0x200" became "0200" during the upgrade to libpam 1.2.1 in:
http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/?id=88dd997d9941b63ae9eead6690ecf2b785c0740c
and this broke the IMAGE_FEATURES like debug-tweaks.

I've converted all the values to octal here to match the original
header file convention and make it clearer.

[YOCTO #8033]

(From OE-Core rev: 588e19058f631a1cc78002e1969a5459cd626afb)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-08-09 15:15:33 -07:00
Amarnath Valluri
88dd997d99 libpam: Upgrade v1.1.6 -> v1.2.1
Dropped upstreamed patches(commit-id):
- add-checks-for-crypt-returning-NULL.patch(8dc056c)
- destdirfix.patch(d7e6b92)
- libpam-fix-for-CVE-2010-4708.patch(4c430f6)

Dropped backported patches(commit-id):
- pam_timestamp-fix-potential-directory-traversal-issu.patch(9dcead8)
- reflect-the-enforce_for_root-semantics-change-in-pam.patch(bd07ad3)

Forward ported patches:
- pam-unix-nullok-secure.patch
- crypt_configure.patch

(From OE-Core rev: 8683206f7ba85f693751415f896a0cc62931e3c4)

Signed-off-by: Amarnath Valluri <amarnath.valluri@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-07-20 10:40:42 +01:00
Khem Raj
554e25546f libpam: Fix wrong crypt library detection
Surfaced when building with musl This details are in patch headers
Enabel innetgr.patch for musl as well

(From OE-Core rev: 6ec229d8dec6a5978ebf6b264c332590c8be0b3a)

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-06-08 17:34:03 +01:00
Wenzong Fan
cf558b4782 libpam / xtests: remove bash dependency
There's not bash specific syntax in the xtests scripts:

  $ cd Linux-PAM-1.1.6/xtests
  # replace /bin/bash to /bin/sh and check the bashisms:
  $ checkbashisms *.sh
  No output

So the runtime dependency to bash could be removed.

(From OE-Core rev: 1917bf7aa74aa1b86756c73c56537db2591115e5)

Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-09-29 12:12:43 +01:00
Yue Tao
9d40ce5dd1 libpam: Security Advisory - CVE-2014-2583
v2 changes:
* update format for commit log
* add Upstream-Status for patch

Multiple directory traversal vulnerabilities in pam_timestamp.c in the
pam_timestamp module for Linux-PAM (aka pam) 1.1.8 allow local users to
create aribitrary files or possibly bypass authentication via a .. (dot
dot) in the (1) PAM_RUSER value to the get_ruser function or (2) PAM_TTY
value to the check_tty funtion, which is used by the
format_timestamp_name function.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2583

(From OE-Core rev: 69255c84ebd99629da8174e1e73fd8c715e49b52)

Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-06-17 10:23:53 +01:00
Ross Burton
fc91e068cc libpam: only use pam_systemd.so if systemd is enabled
So that sysvinit images don't warn on every login only add it to common-session
if systemd is a DISTRO_FEATURE.

[ YOCTO #3805 ]

(From OE-Core rev: 3ccb0855a7a6b147e5025855c6376747ba72986a)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2013-09-22 12:19:42 +01:00
Ming Liu
82ac6aaa29 libpam: deny all services for the OTHER entries
To be secure, change behavior of the OTHER entries to warn and deny
access to everything by stating pam_deny.so on all services.

(From OE-Core rev: 4ca0af699b5b4b3cf95b3e76482651949fd922ac)

Signed-off-by: Ming Liu <ming.liu@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2013-07-31 06:59:58 +01:00
Ming Liu
784d7b7729 libpam: add a new 'nullok_secure' option support to pam_unix
Debian patch to add a new 'nullok_secure' option to pam_unix, which
accepts users with null passwords only when the applicant is connected
from a tty listed in /etc/securetty.

The original pam_unix.so was configured with nullok_secure in
meta/recipes-extended/pam/libpam/pam.d/common-auth, but no such code
exists actually.

The patch set comes from:
http://patch-tracker.debian.org/patch/series/view/pam/1.1.3-7.1/054_pam_security_abstract_securetty_handling
http://patch-tracker.debian.org/patch/series/view/pam/1.1.3-7.1/055_pam_unix_nullok_secure

(From OE-Core rev: 10cdd66fe800cffe3f2cbf5c95550b4f7902a311)

Signed-off-by: Ming Liu <ming.liu@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2013-07-24 11:35:33 +01:00
Wenzong Fan
cc53a1af6f libpam: Fix for CVE-2010-4708
Change default for user_readenv to 0 and document the
new default for user_readenv.

This fix from:
http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/modules/pam_env
/pam_env.c?r1=1.22&r2=1.23&view=patch
http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/modules/pam_env
/pam_env.8.xml?r1=1.7&r2=1.8&view=patch

(From OE-Core rev: 871ae7a6453b3b66610fd8bbaa770c92be850e19)

Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2013-06-19 18:03:34 +01:00
Kai Kang
c1ac96dde1 libpam: backport patches from upstream
Backport patches from linux-pam git repo to fix test case
tst-pam_pwhistory1 failure.

[YOCTO #4107]

(From OE-Core rev: 65e4a9f050ae588ec794808315a206d94ca7a861)

Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2013-04-17 11:41:30 +01:00
Richard Purdie
dbfb8dc7fb pam: Fix case where ${B} != ${S}
(From OE-Core rev: 3d27366f17e597380fee738f14f119d880a77985)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2013-03-22 16:54:35 +00:00
Koen Kooi
e344f3e7d5 libpam: register PAM session with logind
This make screen/tmux/etc work as intended.

(From OE-Core rev: 58731bbdbd4ab4cfd560f14758a65efdfad2e28f)

Signed-off-by: Martin Donnelly <martin.donnelly@ge.com>
Signed-off-by: Koen Kooi <koen@dominion.thruhere.net>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2013-01-20 12:58:56 +00:00
Richard Purdie
91ece5d566 libpam: Fix missing DESTDIR for a mkdir causing build failures
(From OE-Core rev: c39e823138cbf4210e17bdb95ca322ec0a6c8f78)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2012-08-19 13:32:06 +01:00
Khem Raj
973512c32c libpam: Update recipes from 1.1.5 -> 1.1.6
Drop include-sys-resource.patch already fixed upstream
LIC_FILE_CHKSUM change is due to deletion of space in
COPYING file see
http://git.fedorahosted.org/cgit/linux-pam.git/commit/COPYING?id=1814aec611a5f9e03eceee81237ad3a3f51c954a

(From OE-Core rev: 619092b699bfd79e060755fa41645cac7ac4fd0d)

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2012-08-19 10:48:21 +01:00
Khem Raj
19bf330db7 libpam: Fix build with eglibc 2.16
pam_unix_acct.c: In function '_unix_run_verify_binary':
pam_unix_acct.c:97:19: error: storage size of 'rlim' isn't known
pam_unix_acct.c:106:19: error: 'RLIMIT_NOFILE' undeclared (first use in
this function)
pam_unix_acct.c:106:19: note: each undeclared identifier is reported
only once for each function it appears in

(From OE-Core rev: e59a0bac95ce025a6b826be28ccc9e42ca4b5a29)

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2012-07-17 10:54:01 +01:00
Kang Kai
b1a020621c libpam: update to 1.1.4 and add subpackage xtests
Update libpam to 1.1.4, and add dependecy cracklib because run xtexts will
need pam-plugin-cracklib.
There are some additional checks under subdirectory xtests and make it
as a subpackage libpam-xtests.

(From OE-Core rev: f9158bf219479c2da56dd21a13ecee3176cd6f8a)

Signed-off-by: Kang Kai <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2011-07-27 12:02:41 +01:00
Scott Garman
0dbd791e5b recipes: Add Upstream-Status to various recipe patches
Add Upstream-Status tag to patches for the following recipes:

openssh
dbus-glib
expat
opensp
sgml-common
at
cpio (GPLv3 version)
libpam
icu

(From OE-Core rev: 0702602332ad63c2cfaa207516497bb0b75bfdf3)

Signed-off-by: Scott Garman <scott.a.garman@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2011-05-17 15:14:42 +01:00
Khem Raj
45e0eabb3a libpam_1.1.3.bb: Fix compilation on uclibc when innetgr is absent
(From OE-Core rev: a0d441ec7c43fe1b4490c1c9b03a0cf5811109fd)

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2011-04-04 14:09:41 +01:00
Scott Garman
698cef8322 libpam: upgrade to version 1.1.3
* Removed obsolete crossbinary patch
* Added source checksums
* Added LIC_FILES_CHKSUM and SUMMARY entries

Signed-off-by: Scott Garman <scott.a.garman@intel.com>
2010-11-24 13:25:21 -08:00