Opened 9 months ago

Closed 9 months ago

#14231 closed enhancement (fixed)

Linux-PAM-1.5.0

Reported by: Bruce Dubbs Owned by: blfs-book
Priority: normal Milestone: 10.1
Component: BOOK Version: SVN
Severity: normal Keywords:
Cc:

Description

New minor version.

Change History (2)

comment:1 by Bruce Dubbs, 9 months ago

Release 1.5.0

  • Multiple minor bug fixes, portability fixes, and documentation improvements.
  • Extended libpam API with pam_modutil_check_user_in_passwd function.
  • configure: added --disable-unix option to disable build of pam_unix module.
  • pam_faillock: changed /run/faillock/$USER permissions from 0600 to 0660.
  • pam_limits: added support for nonewprivs item.
  • pam_motd: read motd files with target user credentials skipping unreadable ones.
  • pam_pwhistory: added a SELinux helper executable.
  • pam_unix, pam_usertype: implemented avoidance of certain timing attacks.
  • pam_wheel: implemented PAM_RUSER fallback for the case when getlogin fails.
  • Removed deprecated pam_cracklib module, use pam_passwdqc (from passwdqc project) or pam_pwquality (from libpwquality project) instead.
  • Removed deprecated pam_tally and pam_tally2 modules, use pam_faillock instead.
  • pam_env: Reading of the user environment is deprecated and will be removed at some point in the future.
  • libpam: pam_modutil_drop_priv() now correctly sets the target user's supplementary groups, allowing pam_motd to filter messages accordingly

comment:2 by Bruce Dubbs, 9 months ago

Resolution: fixed
Status: newclosed

Fixed at revision 23888.

Note: See TracTickets for help on using tickets.