Hello community, here is the log from the commit of package pam-modules for openSUSE:Factory checked in at 2012-11-14 16:52:46 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/pam-modules (Old) and /work/SRC/openSUSE:Factory/.pam-modules.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "pam-modules", Maintainer is "m...@suse.com" Changes: -------- --- /work/SRC/openSUSE:Factory/pam-modules/pam-modules.changes 2012-09-04 01:33:38.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.pam-modules.new/pam-modules.changes 2012-11-14 16:52:48.000000000 +0100 @@ -1,0 +2,6 @@ +Wed Nov 14 14:32:15 CET 2012 - ku...@suse.de + +- Add /etc/default/passwd for pam_unix2.so, was removed with + pwdutils drop. + +------------------------------------------------------------------- New: ---- default.passwd ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ pam-modules.spec ++++++ --- /var/tmp/diff_new_pack.lh6wad/_old 2012-11-14 16:52:50.000000000 +0100 +++ /var/tmp/diff_new_pack.lh6wad/_new 2012-11-14 16:52:50.000000000 +0100 @@ -32,6 +32,7 @@ Source0: pam_unix2-2.9.1.tar.bz2 Source1: pam_pwcheck-3.13.tar.bz2 Source2: pam_homecheck-2.0.tar.bz2 +Source3: default.passwd Source6: baselibs.conf Source21: unix2_chkpwd.c Source41: unix2_chkpwd.8 @@ -116,8 +117,8 @@ cp -fpv ${i} $DOC/modules/README.`dirname ${i}` done install -m 644 $RPM_SOURCE_DIR/unix2_chkpwd.8 $RPM_BUILD_ROOT%{_mandir}/man8/ -# Remove default/passwd file -rm $RPM_BUILD_ROOT/etc/default/passwd +# Replace default/passwd file +install -m 644 %SOURCE3 $RPM_BUILD_ROOT/etc/default/passwd # Find lang files %{find_lang} pam_unix2 %{find_lang} pam_pwcheck pam_unix2.lang @@ -131,7 +132,7 @@ %files -f pam_unix2.lang %defattr(-,root,root,755) %doc %{_defaultdocdir}/pam -#attr(644,root,root) %config(noreplace) /etc/default/passwd +%attr(644,root,root) %config(noreplace) /etc/default/passwd %verify(not mode) %attr(4755,root,shadow) /sbin/unix2_chkpwd %attr(755,root,root) /%{_lib}/security/pam_homecheck.so %attr(755,root,root) /%{_lib}/security/pam_pwcheck.so ++++++ default.passwd ++++++ # This file contains some information about the # hash to use for new or modified passwords. # It is only used by pam_unix2.so. # Define default crypt hash. # CRYPT={des,md5,sha256,sha512} CRYPT= # Use another crypt hash for group passwords. # This is used by gpasswd, fallback is the CRYPT entry. # GROUP_CRYPT=des # We can override the default for a specific service # by appending the service name (FILES, YP, NISPLUS, LDAP) # for local files, use a more secure hash. We # don't need to be portable here: CRYPT_FILES=sha512 # # For NIS, we should prefer DES if we have other UNIX # clients than Linux: # CRYPT_YP=des # We can override the default for a special service # by appending the service name (FILES, YP, NISPLUS, LDAP) # for local files, use a more secure hash. We # don't need to be portable here: CRYPT_FILES=sha512 # sometimes we need to specify special options for a hash (variable # is prepended by the name of the crypt hash). In case of blowfish # and sha* this is the number of rounds # blowfish: 4-31 # BLOWFISH_CRYPT_FILES=5 # sha256/sha512: 1000-9999999 # SHA512_CRYPT_FILES=1000 # In June 2011 it was discovered that the Linux crypt_blowfish # implementation contained a bug that made passwords with non-ASCII # characters easier to crack (CVE-2011-2483). Affected passwords are # also incompatible with the original, correct OpenBSD # implementation. Therefore the $2a hash identifier previously used # for blowfish now is ambiguous as it could mean the hash was # generated with the correct implementation on OpenBSD or the buggy # one on Linux. To avoid the ambiguity two new identifier were # introduced. $2x now explicitly identifies hashes that were # generated with the buggy algorithm while $2y is used for hashes # generated with the correct algorithm. New passwords are now # generated with the $2y identifier. # # Setting the following option to "yes" tells the sytem that $2a # hashes are to be treated as generated with the buggy algorithm. BLOWFISH_2A2X= -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org