Linux-PAM 1.5.0 released
Dmitry V. Levin
ldv at altlinux.org
Tue Nov 10 16:35:07 UTC 2020
Hello,
I'm happy to announce that Linux-PAM 1.5.0 has been released.
Noteworthy changes in Linux-PAM 1.5.0:
* Multiple minor bug fixes, portability fixes, and documentation improvements.
* Extended libpam API with pam_modutil_check_user_in_passwd function.
* configure: added --disable-unix option to disable build of pam_unix module.
* pam_faillock: changed /run/faillock/$USER permissions from 0600 to 0660.
* pam_limits: added support for nonewprivs item.
* pam_motd: read motd files with target user credentials skipping unreadable ones.
* pam_pwhistory: added a SELinux helper executable.
* pam_unix, pam_usertype: implemented avoidance of certain timing attacks.
* pam_wheel: implemented PAM_RUSER fallback for the case when getlogin fails.
* Removed deprecated pam_cracklib module, use pam_passwdqc (from passwdqc project)
or pam_pwquality (from libpwquality project) instead.
* Removed deprecated pam_tally and pam_tally2 modules, use pam_faillock instead.
* pam_env: Reading of the user environment is deprecated and will be removed
at some point in the future.
* libpam: pam_modutil_drop_priv() now correctly sets the target user's
supplementary groups, allowing pam_motd to filter messages accordingly.
Release link with the tarballs and their signatures for download:
https://github.com/linux-pam/linux-pam/releases/tag/v1.5.0
Dmitry V. Levin, Tomas Mraz, Thorsten Kukuk
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/pam-list/attachments/20201110/358ef3f2/attachment.sig>
More information about the Pam-list
mailing list