Hello community, here is the log from the commit of package pam for openSUSE:Factory checked in at 2014-01-30 19:24:25 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/pam (Old) and /work/SRC/openSUSE:Factory/.pam.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "pam" Changes: -------- --- /work/SRC/openSUSE:Factory/pam/pam.changes 2014-01-11 11:12:12.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.pam.new/pam.changes 2014-01-30 19:24:26.000000000 +0100 @@ -1,0 +2,23 @@ +Mon Jan 27 17:05:11 CET 2014 - [email protected] + +- Add pam_loginuid-log_write_errors.diff: log significant loginuid + write errors +- pam_xauth-sigpipe.diff: avoid potential SIGPIPE when writing to + xauth process + +------------------------------------------------------------------- +Mon Jan 27 15:14:34 CET 2014 - [email protected] + +- Update to current git (Linux-PAM-git-20140127.diff), which + obsoletes pam_loginuid-part1.diff, pam_loginuid-part2.diff and + Linux-PAM-git-20140109.diff. + - Fix gratuitous use of strdup and x_strdup + - pam_xauth: log fatal errors preventing xauth process execution + - pam_loginuid: cleanup loginuid buffer initialization + - libpam_misc: fix an inconsistency in handling memory allocation errors + - pam_limits: fix utmp->ut_user handling + - pam_mkhomedir: check and create home directory for the same user + - pam_limits: detect and ignore stale utmp entries +- Disable pam_userdb (remove db-devel from build requires) + +------------------------------------------------------------------- Old: ---- Linux-PAM-git-20140109.diff pam_loginuid-part1.diff pam_loginuid-part2.diff New: ---- Linux-PAM-git-20140127.diff pam_loginuid-log_write_errors.diff pam_xauth-sigpipe.diff ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ pam.spec ++++++ --- /var/tmp/diff_new_pack.fuNH3t/_old 2014-01-30 19:24:27.000000000 +0100 +++ /var/tmp/diff_new_pack.fuNH3t/_new 2014-01-30 19:24:27.000000000 +0100 @@ -24,7 +24,6 @@ BuildRequires: audit-devel BuildRequires: bison BuildRequires: cracklib-devel -BuildRequires: db-devel BuildRequires: flex #BuildRequires: pkgconfig(libtirpc) %if %{enable_selinux} @@ -53,9 +52,9 @@ Source8: etc.environment Source9: baselibs.conf Patch0: fix-man-links.dif -Patch1: Linux-PAM-git-20140109.diff -Patch2: pam_loginuid-part1.diff -Patch3: pam_loginuid-part2.diff +Patch1: Linux-PAM-git-20140127.diff +Patch2: pam_loginuid-log_write_errors.diff +Patch3: pam_xauth-sigpipe.diff BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -275,7 +274,7 @@ /%{_lib}/security/pam_unix_auth.so /%{_lib}/security/pam_unix_passwd.so /%{_lib}/security/pam_unix_session.so -/%{_lib}/security/pam_userdb.so +#/%{_lib}/security/pam_userdb.so /%{_lib}/security/pam_warn.so /%{_lib}/security/pam_wheel.so /%{_lib}/security/pam_xauth.so ++++++ Linux-PAM-git-20140109.diff -> Linux-PAM-git-20140127.diff ++++++ ++++ 992 lines (skipped) ++++ between /work/SRC/openSUSE:Factory/pam/Linux-PAM-git-20140109.diff ++++ and /work/SRC/openSUSE:Factory/.pam.new/Linux-PAM-git-20140127.diff ++++++ pam_loginuid-log_write_errors.diff ++++++ commit 256b50e1fce2f785f1032a1949dd2d1dbc17e250 Author: Dmitry V. Levin <[email protected]> Date: Sun Jan 19 14:12:59 2014 +0000 pam_loginuid: log significant loginuid write errors * modules/pam_loginuid/pam_loginuid.c (set_loginuid): Log those errors during /proc/self/loginuid update that are not ignored. modules/pam_loginuid/pam_loginuid.c | 12 +++++++++--- 1 files changed, 9 insertions(+), 3 deletions(-) --- diff --git a/modules/pam_loginuid/pam_loginuid.c b/modules/pam_loginuid/pam_loginuid.c index c476f7b..73c42f9 100644 --- a/modules/pam_loginuid/pam_loginuid.c +++ b/modules/pam_loginuid/pam_loginuid.c @@ -75,8 +75,8 @@ static int set_loginuid(pam_handle_t *pamh, uid_t uid) rc = PAM_IGNORE; } if (rc != PAM_IGNORE) { - pam_syslog(pamh, LOG_ERR, - "Cannot open /proc/self/loginuid: %m"); + pam_syslog(pamh, LOG_ERR, "Cannot open %s: %m", + "/proc/self/loginuid"); } return rc; } @@ -88,8 +88,14 @@ static int set_loginuid(pam_handle_t *pamh, uid_t uid) goto done; /* already correct */ } if (lseek(fd, 0, SEEK_SET) == 0 && ftruncate(fd, 0) == 0 && - pam_modutil_write(fd, loginuid, count) == count) + pam_modutil_write(fd, loginuid, count) == count) { rc = PAM_SUCCESS; + } else { + if (rc != PAM_IGNORE) { + pam_syslog(pamh, LOG_ERR, "Error writing %s: %m", + "/proc/self/loginuid"); + } + } done: close(fd); return rc; _______________________________________________ linux-pam-commits mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/linux-pam-commits ++++++ pam_xauth-sigpipe.diff ++++++ commit 47db675c910a065fa9602753a904b050b0322f29 Author: Dmitry V. Levin <[email protected]> Date: Fri Jan 24 13:38:38 2014 +0000 pam_xauth: avoid potential SIGPIPE when writing to xauth process Similar issue in pam_unix was fixed by commit Linux-PAM-0-73~8. * modules/pam_xauth/pam_xauth.c (run_coprocess): In the parent process, close the read end of input pipe after writing to its write end. modules/pam_xauth/pam_xauth.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) --- diff --git a/modules/pam_xauth/pam_xauth.c b/modules/pam_xauth/pam_xauth.c index 7075547..c7ce55a 100644 --- a/modules/pam_xauth/pam_xauth.c +++ b/modules/pam_xauth/pam_xauth.c @@ -179,12 +179,12 @@ run_coprocess(pam_handle_t *pamh, const char *input, char **output, } /* We're the parent, so close the other ends of the pipes. */ - close(ipipe[0]); close(opipe[1]); /* Send input to the process (if we have any), then send an EOF. */ if (input) { (void)pam_modutil_write(ipipe[1], input, strlen(input)); } + close(ipipe[0]); /* close here to avoid possible SIGPIPE above */ close(ipipe[1]); /* Read data output until we run out of stuff to read. */ _______________________________________________ linux-pam-commits mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/linux-pam-commits -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
