SOURCES: bincimap.pam, conserver.pam, cyrus-sasl.pam, doldaconnect...
baggins
baggins at pld-linux.org
Tue Mar 27 17:43:47 CEST 2007
Author: baggins Date: Tue Mar 27 15:43:47 2007 GMT
Module: SOURCES Tag: HEAD
---- Log message:
- uniformized configs to use system-auth where possible
- sanitized
- uniform blacklist for pop3, imap and smtp services
---- Files affected:
SOURCES:
bincimap.pam (1.1 -> 1.2) , conserver.pam (1.1 -> 1.2) , cyrus-sasl.pam (1.5 -> 1.6) , doldaconnect.pam (1.1 -> 1.2) , fcron.pam (1.1 -> 1.2) , fcrontab.pam (1.1 -> 1.2) , freeradius.pam (1.2 -> 1.3) , kdebase-kdesktop.pam (1.2 -> 1.3) , kdebase-kdm-np.pam (1.2 -> 1.3) , kdebase-kdm.pam (1.7 -> 1.8) , mserver.pam (1.2 -> 1.3) , quagga.pam (1.2 -> 1.3) , sapdb-suse-pam (1.1 -> 1.2) , tac_plus.pam (1.2 -> 1.3) , vixie-cron.pam (1.2 -> 1.3) , zebra.pam (1.2 -> 1.3) , anubis.pamd (1.2 -> 1.3) , chage.pamd (1.5 -> 1.6) , checkpassword.pamd (1.4 -> 1.5) , chfn.pamd (1.7 -> 1.8) , chsh.pamd (1.7 -> 1.8) , courier-imap-pop3.pamd (1.3 -> 1.4) , courier-imap.pamd (1.4 -> 1.5) , cups.pamd (1.3 -> 1.4) , cyrus-imapd-pop.pamd (1.5 -> 1.6) , cyrus-imapd.pamd (1.5 -> 1.6) , dovecot.pamd (1.3 -> 1.4) , exim4-smtp.pamd (1.3 -> 1.4) , ftp.pamd (1.7 -> 1.8) , ftpd-BSD.pamd (1.3 -> 1.4) , gdm-autologin.pamd (1.3 -> 1.4) , gdm.pamd (1.5 -> 1.6) , gnome-screensaver.pamd (1.1 -> 1.2) , gnu-radiu
s.pamd (1.2 -> 1.3) , icradius.pamd (1.2 -> 1.3) , imap-pop.pamd (1.3 -> 1.4) , imap.pamd (1.5 -> 1.6) , login.pamd (1.9 -> 1.10) , mcserv.pamd (1.4 -> 1.5) , netatalk.pamd (1.3 -> 1.4) , opensshd.pamd (1.6 -> 1.7) , passwd.pamd (1.5 -> 1.6) , policycoreutils-newrole.pamd (1.1 -> 1.2) , policycoreutils-run_init.pamd (1.1 -> 1.2) , popa3d.pamd (1.3 -> 1.4) , postfix.pamd (1.3 -> 1.4) , ppp.pamd (1.2 -> 1.3) , pure-ftpd.pamd (1.4 -> 1.5) , qpopper.pamd (1.8 -> 1.9) , radiusd-cistron.pamd (1.2 -> 1.3) , rexec.pamd (1.3 -> 1.4) , rlogin.pamd (1.5 -> 1.6) , rsh.pamd (1.4 -> 1.5) , samba.pamd (1.3 -> 1.4) , screen.pamd (1.2 -> 1.3) , sendmail-smtp.pamd (1.4 -> 1.5) , solid-pop3d.pamd (1.4 -> 1.5) , squid.pamd (1.2 -> 1.3) , su.pamd (1.8 -> 1.9) , sudo.pamd (1.5 -> 1.6) , tpop3d.pamd (1.3 -> 1.4) , useradd.pamd (1.4 -> 1.5) , userdb.pamd (1.4 -> 1.5) , vlock.pamd (1.2 -> 1.3) , vsftpd.pamd (1.3 -> 1.4) , wdm.pamd (1.5 -> 1.6) , xdm.pamd (1.8 -> 1.9) , xlock.pamd (1.2 -> 1.3) , xscr
eensaver.pamd (1.3 -> 1.4)
---- Diffs:
================================================================
Index: SOURCES/bincimap.pam
diff -u SOURCES/bincimap.pam:1.1 SOURCES/bincimap.pam:1.2
--- SOURCES/bincimap.pam:1.1 Thu May 13 18:56:37 2004
+++ SOURCES/bincimap.pam Tue Mar 27 17:43:42 2007
@@ -1,4 +1,5 @@
#%PAM-1.0
-auth required pam_unix.so
-account required pam_unix.so
-session required pam_unix.so
+auth required pam_listfile.so item=user sense=deny file=/etc/security/blacklist.imap onerr=succeed
+auth include system-auth
+account required pam_nologin.so
+account include system-auth
================================================================
Index: SOURCES/conserver.pam
diff -u SOURCES/conserver.pam:1.1 SOURCES/conserver.pam:1.2
--- SOURCES/conserver.pam:1.1 Sat Jan 20 00:35:01 2007
+++ SOURCES/conserver.pam Tue Mar 27 17:43:42 2007
@@ -1,15 +1,7 @@
#%PAM-1.0
-auth required pam_listfile.so item=user sense=deny file=/etc/security/blacklist onerr=succeed
auth required pam_listfile.so item=user sense=deny file=/etc/security/blacklist.conserver onerr=succeed
auth required pam_securetty.so
-auth required pam_unix.so
-auth required pam_nologin.so
+auth include system-auth
+account required pam_nologin.so
account required pam_access.so
-account required pam_time.so
-account required pam_unix.so
-password required pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 retry=3
-password required pam_unix.so md5 shadow use_authtok
-session required pam_unix.so
-session required pam_limits.so change_uid
-#session required pam_selinux.so
-session optional pam_console.so
+account include system-auth
================================================================
Index: SOURCES/cyrus-sasl.pam
diff -u SOURCES/cyrus-sasl.pam:1.5 SOURCES/cyrus-sasl.pam:1.6
--- SOURCES/cyrus-sasl.pam:1.5 Thu May 12 13:39:07 2005
+++ SOURCES/cyrus-sasl.pam Tue Mar 27 17:43:42 2007
@@ -3,10 +3,7 @@
# example PAM file for saslauthd - place it as /etc/pam.d/<service>
# (e.g. /etc/pam.d/smtp if you want to use saslauthd for SMTP AUTH)
#
-auth required pam_listfile.so item=user sense=deny file=/etc/security/blacklist onerr=succeed
-auth required pam_unix.so
-auth required pam_tally.so deny=0 file=/var/log/faillog onerr=succeed
-auth required pam_nologin.so
-account required pam_tally.so file=/var/log/faillog onerr=succeed
-account required pam_unix.so
-session required pam_unix.so
+auth required pam_listfile.so item=user sense=deny file=/etc/security/blacklist.smtp onerr=succeed
+auth include system-auth
+account required pam_nologin.so
+account include system-auth
================================================================
Index: SOURCES/doldaconnect.pam
diff -u SOURCES/doldaconnect.pam:1.1 SOURCES/doldaconnect.pam:1.2
--- SOURCES/doldaconnect.pam:1.1 Thu Sep 7 22:52:18 2006
+++ SOURCES/doldaconnect.pam Tue Mar 27 17:43:42 2007
@@ -1,12 +1,5 @@
#%PAM-1.0
-auth required pam_listfile.so item=user sense=deny file=/etc/security/blacklist onerr=succeed
-auth required pam_unix.so
-auth required pam_tally.so deny=0 file=/var/log/faillog onerr=succeed
-auth required pam_nologin.so
-account required pam_tally.so file=/var/log/faillog onerr=succeed
-account required pam_unix.so
-password required pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 retry=3
-password required pam_unix.so blowfish shadow use_authtok
-session required pam_unix.so
-session required pam_env.so
-session required pam_limits.so change_uid
+auth include system-auth
+account required pam_nologin.so
+account include system-auth
+session include system-auth
================================================================
Index: SOURCES/fcron.pam
diff -u SOURCES/fcron.pam:1.1 SOURCES/fcron.pam:1.2
--- SOURCES/fcron.pam:1.1 Sat Sep 11 17:16:28 2004
+++ SOURCES/fcron.pam Tue Mar 27 17:43:42 2007
@@ -1,11 +1,5 @@
-#
-# The PAM configuration file for fcron daemon
-#
-
-account required pam_unix.so
+#%PAM-1.0
# Warning : fcron has no way to prompt user for a password !
auth required pam_permit.so
-#auth required pam_unix.so nullok
-#auth required pam_env.so
-session required pam_permit.so
-#session required pam_unix.so
+account include system-auth
+session include system-auth
================================================================
Index: SOURCES/fcrontab.pam
diff -u SOURCES/fcrontab.pam:1.1 SOURCES/fcrontab.pam:1.2
--- SOURCES/fcrontab.pam:1.1 Sat Sep 11 17:16:09 2004
+++ SOURCES/fcrontab.pam Tue Mar 27 17:43:42 2007
@@ -1,18 +1,9 @@
-#
-# The PAM configuration file for fcrontab
-#
-
+#%PAM-1.0
# WARNING : you cannot use every modules here, as some
-# (such as pam_unix_acct.so) require the program to be run
+# (such as pam_unix.so) require the program to be run
# by root or suid root, and fcrontab is *not* suid root.
-
-### By default we do not ask user for a password
auth required pam_permit.so
-#auth required pam_unix.so nullok
-#auth required pam_env.so
-
+#auth include system-auth
account required pam_permit.so
-#account required pam_time.so
-
-session required pam_permit.so
-#session required pam_unix.so
+#account include system-auth
+session include system-auth
================================================================
Index: SOURCES/freeradius.pam
diff -u SOURCES/freeradius.pam:1.2 SOURCES/freeradius.pam:1.3
--- SOURCES/freeradius.pam:1.2 Fri Dec 19 11:13:35 2003
+++ SOURCES/freeradius.pam Tue Mar 27 17:43:42 2007
@@ -1,7 +1,4 @@
#%PAM-1.0
-auth required pam_unix_auth.so shadow nullok
-auth required pam_nologin.so
-account required pam_unix_acct.so
-password required pam_cracklib.so
-password required pam_unix_password.so shadow nullok use_authtok
-session required pam_unix_session.so
+auth include system-auth
+account required pam_nologin.so
+account include system-auth
================================================================
Index: SOURCES/kdebase-kdesktop.pam
diff -u SOURCES/kdebase-kdesktop.pam:1.2 SOURCES/kdebase-kdesktop.pam:1.3
--- SOURCES/kdebase-kdesktop.pam:1.2 Fri Dec 19 11:13:35 2003
+++ SOURCES/kdebase-kdesktop.pam Tue Mar 27 17:43:42 2007
@@ -1,2 +1,3 @@
#%PAM-1.0
-auth required pam_unix.so shadow nullok
+auth include system-auth
+account include system-auth
================================================================
Index: SOURCES/kdebase-kdm-np.pam
diff -u SOURCES/kdebase-kdm-np.pam:1.2 SOURCES/kdebase-kdm-np.pam:1.3
--- SOURCES/kdebase-kdm-np.pam:1.2 Sun Feb 11 14:30:47 2007
+++ SOURCES/kdebase-kdm-np.pam Tue Mar 27 17:43:42 2007
@@ -2,17 +2,12 @@
auth required pam_listfile.so item=user sense=deny file=/etc/security/blacklist onerr=succeed
auth required pam_listfile.so item=user sense=deny file=/etc/security/blacklist.kdm onerr=succeed
auth required pam_tally.so deny=0 file=/var/log/faillog onerr=succeed
-auth required pam_shells.so
-auth required pam_nologin.so
auth required pam_permit.so
-account required pam_tally.so file=/var/log/faillog onerr=succeed
+account required pam_shells.so
+account required pam_nologin.so
account required pam_access.so
-account required pam_time.so
-account required pam_unix.so
-password required pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 retry=3
-password required pam_unix.so md5 shadow use_authtok
-password required pam_exec.so failok seteuid /usr/bin/make -C /var/db
-session required pam_unix.so
-session required pam_env.so
-session required pam_limits.so change_uid
+account include system-auth
+password include system-auth
+session optional pam_keyinit.so force revoke
+session include system-auth
session optional pam_console.so
================================================================
Index: SOURCES/kdebase-kdm.pam
diff -u SOURCES/kdebase-kdm.pam:1.7 SOURCES/kdebase-kdm.pam:1.8
--- SOURCES/kdebase-kdm.pam:1.7 Sun Feb 11 14:30:47 2007
+++ SOURCES/kdebase-kdm.pam Tue Mar 27 17:43:42 2007
@@ -1,19 +1,11 @@
#%PAM-1.0
-auth required pam_listfile.so item=user sense=deny file=/etc/security/blacklist onerr=succeed
auth required pam_listfile.so item=user sense=deny file=/etc/security/blacklist.kdm onerr=succeed
-auth required pam_unix.so
-auth required pam_tally.so deny=0 file=/var/log/faillog onerr=succeed
-auth required pam_shells.so
-auth required pam_nologin.so
-auth optional pam_mail.so
-account required pam_tally.so file=/var/log/faillog onerr=succeed
+auth include system-auth
+account required pam_shells.so
+account required pam_nologin.so
account required pam_access.so
-account required pam_time.so
-account required pam_unix.so
-password required pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 retry=3
-password required pam_unix.so md5 shadow use_authtok
-password required pam_exec.so failok seteuid /usr/bin/make -C /var/db
-session required pam_unix.so
-session required pam_env.so
-session required pam_limits.so change_uid
+account include system-auth
+password include system-auth
+session optional pam_keyinit.so force revoke
+session include system-auth
session optional pam_console.so
================================================================
Index: SOURCES/mserver.pam
diff -u SOURCES/mserver.pam:1.2 SOURCES/mserver.pam:1.3
--- SOURCES/mserver.pam:1.2 Fri Dec 19 11:13:35 2003
+++ SOURCES/mserver.pam Tue Mar 27 17:43:42 2007
@@ -1,7 +1,6 @@
#%PAM-1.0
-auth required pam_unix.so shadow nullok
-auth required pam_nologin.so
-account required pam_unix.so
-password required pam_cracklib.so
-password required pam_unix.so shadow nullok use_authtok
-session required pam_unix.so
+auth include system-auth
+account required pam_nologin.so
+account required pam_access.so
+account include system-auth
+session include system-auth
================================================================
Index: SOURCES/quagga.pam
diff -u SOURCES/quagga.pam:1.2 SOURCES/quagga.pam:1.3
--- SOURCES/quagga.pam:1.2 Fri Dec 19 11:13:35 2003
+++ SOURCES/quagga.pam Tue Mar 27 17:43:42 2007
@@ -3,8 +3,9 @@
# Only allow root (and possibly wheel) to use this because enable access
# is unrestricted.
-auth sufficient pam_rootok.so
+auth sufficient pam_rootok.so
# Uncomment the following line to implicitly trust users in the "wheel" group.
-#auth sufficient pam_wheel.so trust use_uid
+#auth sufficient pam_wheel.so trust use_uid
# Uncomment the following line to require a user to be in the "wheel" group.
-#auth required pam_wheel.so use_uid
+#auth required pam_wheel.so use_uid
+account required pam_permit.so
================================================================
Index: SOURCES/sapdb-suse-pam
diff -u SOURCES/sapdb-suse-pam:1.1 SOURCES/sapdb-suse-pam:1.2
--- SOURCES/sapdb-suse-pam:1.1 Wed Apr 23 11:22:07 2003
+++ SOURCES/sapdb-suse-pam Tue Mar 27 17:43:42 2007
@@ -1,2 +1,3 @@
#%PAM-1.0
-auth required pam_unix2.so nullok
+auth include system-auth
+account include system-auth
================================================================
Index: SOURCES/tac_plus.pam
diff -u SOURCES/tac_plus.pam:1.2 SOURCES/tac_plus.pam:1.3
--- SOURCES/tac_plus.pam:1.2 Mon Feb 9 21:31:52 2004
+++ SOURCES/tac_plus.pam Tue Mar 27 17:43:42 2007
@@ -1,5 +1,3 @@
#%PAM-1.0
-auth required pam_unix.so shadow
-account required pam_unix.so
-password required pam_unix.so nullok use_authtok shadow
-session required pam_unix.so
+auth include system-auth
+account include system-auth
================================================================
Index: SOURCES/vixie-cron.pam
diff -u SOURCES/vixie-cron.pam:1.2 SOURCES/vixie-cron.pam:1.3
--- SOURCES/vixie-cron.pam:1.2 Fri Dec 19 11:13:35 2003
+++ SOURCES/vixie-cron.pam Tue Mar 27 17:43:42 2007
@@ -1,8 +1,6 @@
-auth required pam_listfile.so item=user sense=deny file=/etc/cron/cron.deny onerr=succeed
-auth required pam_listfile.so item=group sense=allow file=/etc/cron/cron.allow onerr=fail
-account required pam_unix.so
-auth required pam_unix.so nullok
-auth required pam_env.so
-session required pam_unix.so
-session required pam_limits.so change_uid
-
+#%PAM-1.0
+auth required pam_listfile.so item=user sense=deny file=/etc/cron/cron.deny onerr=succeed
+auth required pam_listfile.so item=group sense=allow file=/etc/cron/cron.allow onerr=fail
+auth include system-auth
+account include system-auth
+session include system-auth
================================================================
Index: SOURCES/zebra.pam
diff -u SOURCES/zebra.pam:1.2 SOURCES/zebra.pam:1.3
--- SOURCES/zebra.pam:1.2 Fri Dec 19 11:13:35 2003
+++ SOURCES/zebra.pam Tue Mar 27 17:43:42 2007
@@ -3,8 +3,9 @@
# Only allow root (and possibly wheel) to use this because enable access
# is unrestricted.
-auth sufficient pam_rootok.so
+auth sufficient pam_rootok.so
# Uncomment the following line to implicitly trust users in the "wheel" group.
-#auth sufficient pam_wheel.so trust use_uid
+#auth sufficient pam_wheel.so trust use_uid
# Uncomment the following line to require a user to be in the "wheel" group.
-#auth required pam_wheel.so use_uid
+#auth required pam_wheel.so use_uid
+account include pam_permit.so
================================================================
Index: SOURCES/anubis.pamd
diff -u SOURCES/anubis.pamd:1.2 SOURCES/anubis.pamd:1.3
--- SOURCES/anubis.pamd:1.2 Fri Dec 19 11:13:35 2003
+++ SOURCES/anubis.pamd Tue Mar 27 17:43:42 2007
@@ -1,7 +1,6 @@
#%PAM-1.0
-auth required pam_nologin.so
-auth required pam_env.so
-auth required pam_permit.so
-account required pam_unix.so
-session required pam_limits.so
-session required pam_unix.so
+auth required pam_env.so
+auth required pam_permit.so
+account required pam_nologin.so
+account include system-auth
+session include system-auth
================================================================
Index: SOURCES/chage.pamd
diff -u SOURCES/chage.pamd:1.5 SOURCES/chage.pamd:1.6
--- SOURCES/chage.pamd:1.5 Sun Feb 11 14:30:47 2007
+++ SOURCES/chage.pamd Tue Mar 27 17:43:42 2007
@@ -1,5 +1,6 @@
#%PAM-1.0
auth sufficient pam_rootok.so
-auth required pam_unix.so
+auth required pam_deny.so
account required pam_permit.so
password required pam_exec.so failok seteuid /usr/bin/make -C /var/db
+# password required pam_exec.so failok seteuid /usr/bin/make -C /var/yp
================================================================
Index: SOURCES/checkpassword.pamd
diff -u SOURCES/checkpassword.pamd:1.4 SOURCES/checkpassword.pamd:1.5
--- SOURCES/checkpassword.pamd:1.4 Tue Jun 14 08:56:46 2005
+++ SOURCES/checkpassword.pamd Tue Mar 27 17:43:42 2007
@@ -1,3 +1,3 @@
#%PAM-1.0
-auth required pam_unix.so
-account required pam_unix.so
+auth include system-auth
+account include system-auth
================================================================
Index: SOURCES/chfn.pamd
diff -u SOURCES/chfn.pamd:1.7 SOURCES/chfn.pamd:1.8
--- SOURCES/chfn.pamd:1.7 Sun Feb 11 14:30:47 2007
+++ SOURCES/chfn.pamd Tue Mar 27 17:43:42 2007
@@ -1,9 +1,6 @@
#%PAM-1.0
auth sufficient pam_rootok.so
auth required pam_listfile.so item=user sense=allow file=/etc/security/chfn.allow onerr=fail
-auth required pam_unix.so
-account required pam_unix.so
-password required pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 retry=3
-password required pam_unix.so md5 shadow use_authtok
-password required pam_exec.so failok seteuid /usr/bin/make -C /var/db
-session required pam_unix.so
+auth include system-auth
+account include system-auth
+password include system-auth
================================================================
Index: SOURCES/chsh.pamd
diff -u SOURCES/chsh.pamd:1.7 SOURCES/chsh.pamd:1.8
--- SOURCES/chsh.pamd:1.7 Sun Feb 11 14:30:47 2007
+++ SOURCES/chsh.pamd Tue Mar 27 17:43:42 2007
@@ -1,9 +1,6 @@
#%PAM-1.0
auth sufficient pam_rootok.so
auth required pam_listfile.so item=user sense=allow file=/etc/security/chsh.allow onerr=fail
-auth required pam_unix.so
-account required pam_unix.so
-password required pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 retry=3
-password required pam_unix.so md5 shadow use_authtok
-password required pam_exec.so failok seteuid /usr/bin/make -C /var/db
-session required pam_unix.so
+auth include system-auth
+account include system-auth
+password include system-auth
================================================================
Index: SOURCES/courier-imap-pop3.pamd
diff -u SOURCES/courier-imap-pop3.pamd:1.3 SOURCES/courier-imap-pop3.pamd:1.4
--- SOURCES/courier-imap-pop3.pamd:1.3 Thu May 12 13:39:07 2005
+++ SOURCES/courier-imap-pop3.pamd Tue Mar 27 17:43:42 2007
@@ -1,9 +1,6 @@
#%PAM-1.0
-auth required pam_listfile.so item=user sense=deny file=/etc/security/blacklist onerr=succeed
auth required pam_listfile.so item=user sense=deny file=/etc/security/blacklist.pop3 onerr=succeed
-auth required pam_unix.so
-auth required pam_tally.so deny=0 file=/var/log/faillog onerr=succeed
-auth required pam_nologin.so
-account required pam_tally.so file=/var/log/faillog onerr=succeed
-account required pam_unix.so
-session required pam_unix.so
+auth include system-auth
+account required pam_nologin.so
+account include system-auth
+session include system-auth
================================================================
Index: SOURCES/courier-imap.pamd
diff -u SOURCES/courier-imap.pamd:1.4 SOURCES/courier-imap.pamd:1.5
--- SOURCES/courier-imap.pamd:1.4 Thu May 12 13:39:07 2005
+++ SOURCES/courier-imap.pamd Tue Mar 27 17:43:42 2007
@@ -1,9 +1,6 @@
#%PAM-1.0
-auth required pam_listfile.so item=user sense=deny file=/etc/security/blacklist onerr=succeed
auth required pam_listfile.so item=user sense=deny file=/etc/security/blacklist.imap onerr=succeed
-auth required pam_unix.so
-auth required pam_tally.so deny=0 file=/var/log/faillog onerr=succeed
-auth required pam_nologin.so
-account required pam_tally.so file=/var/log/faillog onerr=succeed
-account required pam_unix.so
-session required pam_unix.so
+auth include system-auth
+account required pam_nologin.so
+account include system-auth
+session include system-auth
================================================================
Index: SOURCES/cups.pamd
diff -u SOURCES/cups.pamd:1.3 SOURCES/cups.pamd:1.4
--- SOURCES/cups.pamd:1.3 Fri Dec 19 11:13:35 2003
+++ SOURCES/cups.pamd Tue Mar 27 17:43:42 2007
@@ -1,4 +1,4 @@
-auth required pam_listfile.so item=user sense=deny file=/etc/security/blacklist onerr=succeed
+#%PAM-1.0
auth required pam_listfile.so item=user sense=deny file=/etc/security/blacklist.cups onerr=succeed
-auth required pam_unix.so nullok
-account required pam_unix.so
+auth include system-auth
+account include system-auth
================================================================
Index: SOURCES/cyrus-imapd-pop.pamd
diff -u SOURCES/cyrus-imapd-pop.pamd:1.5 SOURCES/cyrus-imapd-pop.pamd:1.6
--- SOURCES/cyrus-imapd-pop.pamd:1.5 Thu May 12 13:39:07 2005
+++ SOURCES/cyrus-imapd-pop.pamd Tue Mar 27 17:43:42 2007
@@ -1,9 +1,5 @@
#%PAM-1.0
-auth required pam_listfile.so item=user sense=deny file=/etc/security/blacklist onerr=succeed
-auth required pam_listfile.so item=user sense=deny file=/etc/security/blacklist.pop onerr=succeed
-auth required pam_unix.so
-auth required pam_tally.so deny=0 file=/var/lib/imap/faillog onerr=succeed
-auth required pam_nologin.so
-account required pam_tally.so file=/var/lib/imap/faillog onerr=succeed
-#account required pam_access.so
-account required pam_unix.so
+auth required pam_listfile.so item=user sense=deny file=/etc/security/blacklist.pop3 onerr=succeed
+auth include system-auth
+account required pam_nologin.so
+account include system-auth
================================================================
Index: SOURCES/cyrus-imapd.pamd
diff -u SOURCES/cyrus-imapd.pamd:1.5 SOURCES/cyrus-imapd.pamd:1.6
--- SOURCES/cyrus-imapd.pamd:1.5 Thu May 12 13:39:07 2005
+++ SOURCES/cyrus-imapd.pamd Tue Mar 27 17:43:42 2007
@@ -1,9 +1,5 @@
#%PAM-1.0
-auth required pam_listfile.so item=user sense=deny file=/etc/security/blacklist onerr=succeed
auth required pam_listfile.so item=user sense=deny file=/etc/security/blacklist.imap onerr=succeed
-auth required pam_unix.so
-auth required pam_tally.so deny=0 file=/var/lib/imap/faillog onerr=succeed
-auth required pam_nologin.so
-account required pam_tally.so file=/var/lib/imap/faillog onerr=succeed
-#account required pam_access.so
-account required pam_unix.so
+auth include system-auth
+account required pam_nologin.so
+account include system-auth
================================================================
Index: SOURCES/dovecot.pamd
diff -u SOURCES/dovecot.pamd:1.3 SOURCES/dovecot.pamd:1.4
--- SOURCES/dovecot.pamd:1.3 Thu May 12 13:39:07 2005
+++ SOURCES/dovecot.pamd Tue Mar 27 17:43:42 2007
@@ -1,9 +1,6 @@
#%PAM-1.0
-auth required pam_listfile.so item=user sense=deny file=/etc/security/blacklist onerr=succeed
auth required pam_listfile.so item=user sense=deny file=/etc/security/blacklist.imap onerr=succeed
-auth required pam_unix.so
-auth required pam_tally.so deny=0 file=/var/log/faillog onerr=succeed
-auth required pam_nologin.so
-account required pam_tally.so file=/var/log/faillog onerr=succeed
-account required pam_unix.so
-session required pam_unix.so
+auth include system-auth
+account required pam_nologin.so
+account include system-auth
+session include system-auth
================================================================
Index: SOURCES/exim4-smtp.pamd
diff -u SOURCES/exim4-smtp.pamd:1.3 SOURCES/exim4-smtp.pamd:1.4
--- SOURCES/exim4-smtp.pamd:1.3 Thu May 12 13:39:07 2005
+++ SOURCES/exim4-smtp.pamd Tue Mar 27 17:43:42 2007
@@ -3,10 +3,7 @@
# example PAM file for saslauthd - place it as /etc/pam.d/<service>
# (e.g. /etc/pam.d/smtp if you want to use saslauthd for SMTP AUTH)
#
-auth required pam_listfile.so item=user sense=deny file=/etc/security/blacklist onerr=succeed
-auth required pam_unix.so
-auth required pam_tally.so deny=0 file=/var/log/faillog onerr=succeed
-auth required pam_nologin.so
-account required pam_tally.so file=/var/log/faillog onerr=succeed
-account required pam_unix.so
-session required pam_unix.so
+auth required pam_listfile.so item=user sense=deny file=/etc/security/blacklist.smtp onerr=succeed
+auth include system-auth
+account required pam_nologin.so
+account include system-auth
================================================================
Index: SOURCES/ftp.pamd
diff -u SOURCES/ftp.pamd:1.7 SOURCES/ftp.pamd:1.8
--- SOURCES/ftp.pamd:1.7 Thu May 12 13:39:07 2005
+++ SOURCES/ftp.pamd Tue Mar 27 17:43:42 2007
@@ -1,10 +1,5 @@
#%PAM-1.0
-auth required pam_listfile.so item=user sense=deny file=/etc/security/blacklist onerr=succeed
-auth required pam_listfile.so item=user sense=deny file=/etc/security/blacklist.ftp onerr=succeed
-auth required pam_unix.so
-auth required pam_tally.so deny=0 file=/var/log/faillog onerr=succeed
-auth required pam_shells.so
-auth required pam_nologin.so
-account required pam_tally.so file=/var/log/faillog onerr=succeed
-account required pam_unix.so
-session required pam_unix.so
+auth required pam_listfile.so item=user sense=deny file=/etc/ftpd/ftpusers onerr=succeed
+auth include system-auth
+account required pam_nologin.so
+account include system-auth
================================================================
Index: SOURCES/ftpd-BSD.pamd
diff -u SOURCES/ftpd-BSD.pamd:1.3 SOURCES/ftpd-BSD.pamd:1.4
--- SOURCES/ftpd-BSD.pamd:1.3 Fri Dec 19 11:13:36 2003
+++ SOURCES/ftpd-BSD.pamd Tue Mar 27 17:43:42 2007
@@ -1,6 +1,5 @@
#%PAM-1.0
-auth required pam_listfile.so item=user sense=deny file=/etc/ftpd/ftpusers onerr=succeed
-auth required pam_unix.so
-auth required pam_shells.so
-account required pam_unix.so
-session required pam_unix.so
+auth required pam_listfile.so item=user sense=deny file=/etc/ftpd/ftpusers onerr=succeed
+auth include system-auth
+account required pam_nologin.so
+account include system-auth
================================================================
Index: SOURCES/gdm-autologin.pamd
diff -u SOURCES/gdm-autologin.pamd:1.3 SOURCES/gdm-autologin.pamd:1.4
--- SOURCES/gdm-autologin.pamd:1.3 Sun Feb 11 14:30:47 2007
+++ SOURCES/gdm-autologin.pamd Tue Mar 27 17:43:42 2007
@@ -2,17 +2,12 @@
auth required pam_listfile.so item=user sense=deny file=/etc/security/blacklist onerr=succeed
auth required pam_listfile.so item=user sense=deny file=/etc/security/blacklist.gdm onerr=succeed
auth required pam_tally.so deny=0 file=/var/log/faillog onerr=succeed
-auth required pam_shells.so
-auth required pam_nologin.so
auth required pam_permit.so
-account required pam_tally.so file=/var/log/faillog onerr=succeed
+account required pam_shells.so
+account required pam_nologin.so
account required pam_access.so
-account required pam_time.so
-account required pam_unix.so
-password required pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 retry=3
-password required pam_unix.so md5 shadow use_authtok
-password required pam_exec.so failok seteuid /usr/bin/make -C /var/db
-session required pam_unix.so
-session required pam_env.so
-session required pam_limits.so change_uid
+account include system-auth
+password include system-auth
+session optional pam_keyinit.so force revoke
+session include system-auth
session optional pam_console.so
================================================================
Index: SOURCES/gdm.pamd
diff -u SOURCES/gdm.pamd:1.5 SOURCES/gdm.pamd:1.6
--- SOURCES/gdm.pamd:1.5 Sun Feb 11 14:30:47 2007
+++ SOURCES/gdm.pamd Tue Mar 27 17:43:42 2007
@@ -1,18 +1,11 @@
#%PAM-1.0
-auth required pam_listfile.so item=user sense=deny file=/etc/security/blacklist onerr=succeed
auth required pam_listfile.so item=user sense=deny file=/etc/security/blacklist.gdm onerr=succeed
-auth required pam_unix.so
-auth required pam_tally.so deny=0 file=/var/log/faillog onerr=succeed
-auth required pam_shells.so
-auth required pam_nologin.so
-account required pam_tally.so file=/var/log/faillog onerr=succeed
<<Diff was trimmed, longer than 597 lines>>
---- CVS-web:
http://cvs.pld-linux.org/SOURCES/bincimap.pam?r1=1.1&r2=1.2&f=u
http://cvs.pld-linux.org/SOURCES/conserver.pam?r1=1.1&r2=1.2&f=u
http://cvs.pld-linux.org/SOURCES/cyrus-sasl.pam?r1=1.5&r2=1.6&f=u
http://cvs.pld-linux.org/SOURCES/doldaconnect.pam?r1=1.1&r2=1.2&f=u
http://cvs.pld-linux.org/SOURCES/fcron.pam?r1=1.1&r2=1.2&f=u
http://cvs.pld-linux.org/SOURCES/fcrontab.pam?r1=1.1&r2=1.2&f=u
http://cvs.pld-linux.org/SOURCES/freeradius.pam?r1=1.2&r2=1.3&f=u
http://cvs.pld-linux.org/SOURCES/kdebase-kdesktop.pam?r1=1.2&r2=1.3&f=u
http://cvs.pld-linux.org/SOURCES/kdebase-kdm-np.pam?r1=1.2&r2=1.3&f=u
http://cvs.pld-linux.org/SOURCES/kdebase-kdm.pam?r1=1.7&r2=1.8&f=u
http://cvs.pld-linux.org/SOURCES/mserver.pam?r1=1.2&r2=1.3&f=u
http://cvs.pld-linux.org/SOURCES/quagga.pam?r1=1.2&r2=1.3&f=u
http://cvs.pld-linux.org/SOURCES/sapdb-suse-pam?r1=1.1&r2=1.2&f=u
http://cvs.pld-linux.org/SOURCES/tac_plus.pam?r1=1.2&r2=1.3&f=u
http://cvs.pld-linux.org/SOURCES/vixie-cron.pam?r1=1.2&r2=1.3&f=u
http://cvs.pld-linux.org/SOURCES/zebra.pam?r1=1.2&r2=1.3&f=u
http://cvs.pld-linux.org/SOURCES/anubis.pamd?r1=1.2&r2=1.3&f=u
http://cvs.pld-linux.org/SOURCES/chage.pamd?r1=1.5&r2=1.6&f=u
http://cvs.pld-linux.org/SOURCES/checkpassword.pamd?r1=1.4&r2=1.5&f=u
http://cvs.pld-linux.org/SOURCES/chfn.pamd?r1=1.7&r2=1.8&f=u
http://cvs.pld-linux.org/SOURCES/chsh.pamd?r1=1.7&r2=1.8&f=u
http://cvs.pld-linux.org/SOURCES/courier-imap-pop3.pamd?r1=1.3&r2=1.4&f=u
http://cvs.pld-linux.org/SOURCES/courier-imap.pamd?r1=1.4&r2=1.5&f=u
http://cvs.pld-linux.org/SOURCES/cups.pamd?r1=1.3&r2=1.4&f=u
http://cvs.pld-linux.org/SOURCES/cyrus-imapd-pop.pamd?r1=1.5&r2=1.6&f=u
http://cvs.pld-linux.org/SOURCES/cyrus-imapd.pamd?r1=1.5&r2=1.6&f=u
http://cvs.pld-linux.org/SOURCES/dovecot.pamd?r1=1.3&r2=1.4&f=u
http://cvs.pld-linux.org/SOURCES/exim4-smtp.pamd?r1=1.3&r2=1.4&f=u
http://cvs.pld-linux.org/SOURCES/ftp.pamd?r1=1.7&r2=1.8&f=u
http://cvs.pld-linux.org/SOURCES/ftpd-BSD.pamd?r1=1.3&r2=1.4&f=u
http://cvs.pld-linux.org/SOURCES/gdm-autologin.pamd?r1=1.3&r2=1.4&f=u
http://cvs.pld-linux.org/SOURCES/gdm.pamd?r1=1.5&r2=1.6&f=u
http://cvs.pld-linux.org/SOURCES/gnome-screensaver.pamd?r1=1.1&r2=1.2&f=u
http://cvs.pld-linux.org/SOURCES/gnu-radius.pamd?r1=1.2&r2=1.3&f=u
http://cvs.pld-linux.org/SOURCES/icradius.pamd?r1=1.2&r2=1.3&f=u
http://cvs.pld-linux.org/SOURCES/imap-pop.pamd?r1=1.3&r2=1.4&f=u
http://cvs.pld-linux.org/SOURCES/imap.pamd?r1=1.5&r2=1.6&f=u
http://cvs.pld-linux.org/SOURCES/login.pamd?r1=1.9&r2=1.10&f=u
http://cvs.pld-linux.org/SOURCES/mcserv.pamd?r1=1.4&r2=1.5&f=u
http://cvs.pld-linux.org/SOURCES/netatalk.pamd?r1=1.3&r2=1.4&f=u
http://cvs.pld-linux.org/SOURCES/opensshd.pamd?r1=1.6&r2=1.7&f=u
http://cvs.pld-linux.org/SOURCES/passwd.pamd?r1=1.5&r2=1.6&f=u
http://cvs.pld-linux.org/SOURCES/policycoreutils-newrole.pamd?r1=1.1&r2=1.2&f=u
http://cvs.pld-linux.org/SOURCES/policycoreutils-run_init.pamd?r1=1.1&r2=1.2&f=u
http://cvs.pld-linux.org/SOURCES/popa3d.pamd?r1=1.3&r2=1.4&f=u
http://cvs.pld-linux.org/SOURCES/postfix.pamd?r1=1.3&r2=1.4&f=u
http://cvs.pld-linux.org/SOURCES/ppp.pamd?r1=1.2&r2=1.3&f=u
http://cvs.pld-linux.org/SOURCES/pure-ftpd.pamd?r1=1.4&r2=1.5&f=u
http://cvs.pld-linux.org/SOURCES/qpopper.pamd?r1=1.8&r2=1.9&f=u
http://cvs.pld-linux.org/SOURCES/radiusd-cistron.pamd?r1=1.2&r2=1.3&f=u
http://cvs.pld-linux.org/SOURCES/rexec.pamd?r1=1.3&r2=1.4&f=u
http://cvs.pld-linux.org/SOURCES/rlogin.pamd?r1=1.5&r2=1.6&f=u
http://cvs.pld-linux.org/SOURCES/rsh.pamd?r1=1.4&r2=1.5&f=u
http://cvs.pld-linux.org/SOURCES/samba.pamd?r1=1.3&r2=1.4&f=u
http://cvs.pld-linux.org/SOURCES/screen.pamd?r1=1.2&r2=1.3&f=u
http://cvs.pld-linux.org/SOURCES/sendmail-smtp.pamd?r1=1.4&r2=1.5&f=u
http://cvs.pld-linux.org/SOURCES/solid-pop3d.pamd?r1=1.4&r2=1.5&f=u
http://cvs.pld-linux.org/SOURCES/squid.pamd?r1=1.2&r2=1.3&f=u
http://cvs.pld-linux.org/SOURCES/su.pamd?r1=1.8&r2=1.9&f=u
http://cvs.pld-linux.org/SOURCES/sudo.pamd?r1=1.5&r2=1.6&f=u
http://cvs.pld-linux.org/SOURCES/tpop3d.pamd?r1=1.3&r2=1.4&f=u
http://cvs.pld-linux.org/SOURCES/useradd.pamd?r1=1.4&r2=1.5&f=u
http://cvs.pld-linux.org/SOURCES/userdb.pamd?r1=1.4&r2=1.5&f=u
http://cvs.pld-linux.org/SOURCES/vlock.pamd?r1=1.2&r2=1.3&f=u
http://cvs.pld-linux.org/SOURCES/vsftpd.pamd?r1=1.3&r2=1.4&f=u
http://cvs.pld-linux.org/SOURCES/wdm.pamd?r1=1.5&r2=1.6&f=u
http://cvs.pld-linux.org/SOURCES/xdm.pamd?r1=1.8&r2=1.9&f=u
http://cvs.pld-linux.org/SOURCES/xlock.pamd?r1=1.2&r2=1.3&f=u
http://cvs.pld-linux.org/SOURCES/xscreensaver.pamd?r1=1.3&r2=1.4&f=u
More information about the pld-cvs-commit
mailing list