rpms/pam/devel fingerprint-auth.pamd, NONE, 1.1 password-auth.pamd, NONE, 1.1 smartcard-auth.pamd, NONE, 1.1 pam.spec, 1.195, 1.196 system-auth.5, 1.1, 1.2
Tomáš Mráz
tmraz at fedoraproject.org
Fri Apr 10 16:06:54 UTC 2009
Author: tmraz
Update of /cvs/pkgs/rpms/pam/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv14938
Modified Files:
pam.spec system-auth.5
Added Files:
fingerprint-auth.pamd password-auth.pamd smartcard-auth.pamd
Log Message:
* Fri Apr 10 2009 Tomas Mraz <tmraz at redhat.com> 1.0.91-6
- add password-auth, fingerprint-auth, and smartcard-auth
for applications which can use them namely gdm (#494874)
patch by Ray Strode
--- NEW FILE fingerprint-auth.pamd ---
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required pam_env.so
auth sufficient pam_fprintd.so
auth required pam_deny.so
account required pam_unix.so
account sufficient pam_localuser.so
account sufficient pam_succeed_if.so uid < 500 quiet
account required pam_permit.so
password required pam_deny.so
session optional pam_keyinit.so revoke
session required pam_limits.so
session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
session required pam_unix.so
--- NEW FILE password-auth.pamd ---
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required pam_env.so
auth sufficient pam_unix.so nullok try_first_pass
auth required pam_deny.so
account required pam_unix.so
account sufficient pam_localuser.so
account sufficient pam_succeed_if.so uid < 500 quiet
account required pam_permit.so
password requisite pam_cracklib.so try_first_pass retry=3 type=
password sufficient pam_unix.so nullok try_first_pass use_authtok
password required pam_deny.so
session optional pam_keyinit.so revoke
session required pam_limits.so
session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
session required pam_unix.so
--- NEW FILE smartcard-auth.pamd ---
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required pam_env.so
auth [success=done ignore=ignore default=die] pam_pkcs11.so wait_for_card
auth required pam_deny.so
account required pam_unix.so
account sufficient pam_localuser.so
account sufficient pam_succeed_if.so uid < 500 quiet
account required pam_permit.so
password optional pam_pkcs11.so
password requisite pam_cracklib.so try_first_pass retry=3 type=
session optional pam_keyinit.so revoke
session required pam_limits.so
session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
session required pam_unix.so
Index: pam.spec
===================================================================
RCS file: /cvs/pkgs/rpms/pam/devel/pam.spec,v
retrieving revision 1.195
retrieving revision 1.196
diff -u -r1.195 -r1.196
--- pam.spec 26 Mar 2009 11:26:22 -0000 1.195
+++ pam.spec 10 Apr 2009 16:06:24 -0000 1.196
@@ -3,7 +3,7 @@
Summary: An extensible library which provides authentication for applications
Name: pam
Version: 1.0.91
-Release: 5%{?dist}
+Release: 6%{?dist}
# The library is BSD licensed with option to relicense as GPLv2+ - this option is redundant
# as the BSD license allows that anyway. pam_timestamp and pam_console modules are GPLv2+,
# pam_rhosts_auth module is BSD with advertising
@@ -14,11 +14,14 @@
Source2: https://fedorahosted.org/releases/p/a/pam-redhat/pam-redhat-%{pam_redhat_version}.tar.bz2
Source5: other.pamd
Source6: system-auth.pamd
-Source7: config-util.pamd
-Source8: dlopen.sh
-Source9: system-auth.5
-Source10: config-util.5
-Source11: 90-nproc.conf
+Source7: password-auth.pamd
+Source8: fingerprint-auth.pamd
+Source9: smartcard-auth.pamd
+Source10: config-util.pamd
+Source11: dlopen.sh
+Source12: system-auth.5
+Source13: config-util.5
+Source14: 90-nproc.conf
Patch1: pam-1.0.90-redhat-modules.patch
Patch2: pam-1.0.91-std-noclose.patch
@@ -84,6 +87,7 @@
%patch1 -p1 -b .redhat-modules
%patch2 -p1 -b .std-noclose
+libtoolize -f
autoreconf
%build
@@ -126,15 +130,18 @@
install -d -m 755 $RPM_BUILD_ROOT%{_pamconfdir}
install -m 644 %{SOURCE5} $RPM_BUILD_ROOT%{_pamconfdir}/other
install -m 644 %{SOURCE6} $RPM_BUILD_ROOT%{_pamconfdir}/system-auth
-install -m 644 %{SOURCE7} $RPM_BUILD_ROOT%{_pamconfdir}/config-util
-install -m 644 %{SOURCE11} $RPM_BUILD_ROOT%{_secconfdir}/limits.d/90-nproc.conf
+install -m 644 %{SOURCE7} $RPM_BUILD_ROOT%{_pamconfdir}/password-auth
+install -m 644 %{SOURCE8} $RPM_BUILD_ROOT%{_pamconfdir}/fingerprint-auth
+install -m 644 %{SOURCE9} $RPM_BUILD_ROOT%{_pamconfdir}/smartcard-auth
+install -m 644 %{SOURCE10} $RPM_BUILD_ROOT%{_pamconfdir}/config-util
+install -m 644 %{SOURCE14} $RPM_BUILD_ROOT%{_secconfdir}/limits.d/90-nproc.conf
install -m 600 /dev/null $RPM_BUILD_ROOT%{_secconfdir}/opasswd
install -d -m 755 $RPM_BUILD_ROOT/var/log
install -m 600 /dev/null $RPM_BUILD_ROOT/var/log/faillog
install -m 600 /dev/null $RPM_BUILD_ROOT/var/log/tallylog
# Install man pages.
-install -m 644 %{SOURCE9} %{SOURCE10} $RPM_BUILD_ROOT%{_mandir}/man5/
+install -m 644 %{SOURCE12} %{SOURCE13} $RPM_BUILD_ROOT%{_mandir}/man5/
for phase in auth acct passwd session ; do
ln -sf pam_unix.so $RPM_BUILD_ROOT%{_moduledir}/pam_unix_${phase}.so
@@ -179,7 +186,7 @@
/sbin/ldconfig -n $RPM_BUILD_ROOT/%{_lib}
for module in $RPM_BUILD_ROOT%{_moduledir}/pam*.so ; do
if ! env LD_LIBRARY_PATH=$RPM_BUILD_ROOT/%{_lib} \
- %{SOURCE8} -ldl -lpam -L$RPM_BUILD_ROOT/%{_libdir} ${module} ; then
+ %{SOURCE11} -ldl -lpam -L$RPM_BUILD_ROOT/%{_libdir} ${module} ; then
echo ERROR module: ${module} cannot be loaded.
exit 1
fi
@@ -204,6 +211,9 @@
%dir %{_pamconfdir}
%config(noreplace) %{_pamconfdir}/other
%config(noreplace) %{_pamconfdir}/system-auth
+%config(noreplace) %{_pamconfdir}/password-auth
+%config(noreplace) %{_pamconfdir}/fingerprint-auth
+%config(noreplace) %{_pamconfdir}/smartcard-auth
%config(noreplace) %{_pamconfdir}/config-util
%doc Copyright
%doc doc/txts
@@ -315,6 +325,11 @@
%doc doc/adg/*.txt doc/adg/html
%changelog
+* Fri Apr 10 2009 Tomas Mraz <tmraz at redhat.com> 1.0.91-6
+- add password-auth, fingerprint-auth, and smartcard-auth
+ for applications which can use them namely gdm (#494874)
+ patch by Ray Strode
+
* Thu Mar 26 2009 Tomas Mraz <tmraz at redhat.com> 1.0.91-5
- replace also other std descriptors (#491471)
Index: system-auth.5
===================================================================
RCS file: /cvs/pkgs/rpms/pam/devel/system-auth.5,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- system-auth.5 3 Feb 2006 12:41:29 -0000 1.1
+++ system-auth.5 10 Apr 2009 16:06:24 -0000 1.2
@@ -1,25 +1,37 @@
-.TH SYSTEM-AUTH 5 "2006 Feb 3" "Red Hat" "Linux-PAM Manual"
+.TH SYSTEM-AUTH 5 "2009 Apr 10" "Red Hat" "Linux-PAM Manual"
.SH NAME
system-auth \- Common configuration file for PAMified services
.SH SYNOPSIS
.B /etc/pam.d/system-auth
+.B /etc/pam.d/password-auth
+.B /etc/pam.d/fingerprint-auth
+.B /etc/pam.d/smartcard-auth
.sp 2
.SH DESCRIPTION
-The purpose of this configuration file is to provide common
-configuration file for all applications and service daemons
-calling PAM library.
+The purpose of these configuration files are to provide a common
+interface for all applications and service daemons calling into
+the PAM library.
.sp
The
.BR system-auth
-configuration file is included from all individual service configuration
+configuration file is included from nearly all individual service configuration
files with the help of the
.BR include
directive.
+.sp
+The
+.BR password-auth
+.BR fingerprint-auth
+.BR smartcard-auth
+configuration files are for applications which handle authentication from
+different types of devices via simultaneously running individual conversations
+instead of one aggregate conversation.
+
.SH NOTES
There should be no
.BR sufficient
More information about the fedora-extras-commits
mailing list