Wed Feb 12 05:05:50 UTC 2020

Hey folks! PAM has finally landed in /testing. Some here wanted it to go
right into the main tree immediately, and in a more normal development cycle
I'd have been inclined to agree (it is -current, after all). But it's
probably better for it to appear in /testing first, to make sure we didn't
miss any bugs and also to serve as a warning shot that we'll be shaking up
the tree pretty good over the next few weeks. I'd like to see this merged
into the main tree in a day or two, so any testing is greatly appreciated.
Switching to the PAM packages (or reverting from them) is as easy as
installing all of them with upgradepkg --install-new, and if reverting then
remove the three leftover _pam packages. After reverting, a bit of residue
will remain in /etc/pam.d/ and /etc/security/ which can either be manually
deleted or simply ignored. While there are many more features available in
PAM compared with plain shadow, out of the box about the only noticable
change is the use of cracklib and libpwquality to check the quality of a
user-supplied password. Hopefully having PAM and krb5 will get us on track
to having proper Active Directory integration as well as using code paths
that are likely better audited these days. The attack surface *might* be
bigger, but it's also a lot better scrutinized.
Thanks to Robby Workman and Vincent Batts who did most of the initial heavy
lifting on the core PAM packages as a side project for many years. Thanks
also to Phantom X whose PAM related SlackBuilds were a valuable reference.
And thanks as well to ivandi - I learned a lot from the SlackMATE build
scripts and was even occasionally thankful for the amusing ways you would
kick my ass on LQ. ;-) You're more than welcome to let us know where we've
messed up this time.
The binutils and glibc packages in /testing were removed and are off the
table for now. I'm not seeing much upside to heading down that rabbit hole
at the moment. Next we need to be looking at Xfce 4.14 and Plasma 5.18 LTS
and some other things that have been held back since KDE4 couldn't use them.
Cheers! :-)
a/kernel-generic-5.4.19-x86_64-1.txz:  Upgraded.
a/kernel-huge-5.4.19-x86_64-1.txz:  Upgraded.
a/kernel-modules-5.4.19-x86_64-1.txz:  Upgraded.
a/lvm2-2.03.08-x86_64-1.txz:  Upgraded.
a/shadow-4.8.1-x86_64-2.txz:  Rebuilt.
  Automatically backup /etc/login.defs and install the new version if
  incompatible PAM options are detected.
d/kernel-headers-5.4.19-x86-1.txz:  Upgraded.
k/kernel-source-5.4.19-noarch-1.txz:  Upgraded.
  VALIDATE_FS_PARSER y -> n
xap/mozilla-thunderbird-68.5.0-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/68.5.0/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2020-07/
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6793
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6794
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6795
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6797
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6798
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6792
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6800
  (* Security fix *)
isolinux/initrd.img:  Rebuilt.
kernels/*:  Upgraded.
testing/packages/PAM/ConsoleKit2-1.2.1-x86_64-1_pam.txz:  Added.
testing/packages/PAM/at-3.2.1-x86_64-1_pam.txz:  Added.
testing/packages/PAM/cifs-utils-6.10-x86_64-2_pam.txz:  Added.
testing/packages/PAM/cracklib-2.9.7-x86_64-1_pam.txz:  Added.
testing/packages/PAM/cups-2.3.1-x86_64-1_pam.txz:  Added.
testing/packages/PAM/cyrus-sasl-2.1.27-x86_64-2_pam.txz:  Added.
testing/packages/PAM/dovecot-2.3.9.2-x86_64-1_pam.txz:  Added.
testing/packages/PAM/gnome-keyring-3.34.0-x86_64-1_pam.txz:  Added.
testing/packages/PAM/hplip-3.19.12-x86_64-2_pam.txz:  Added.
testing/packages/PAM/kde-workspace-4.11.22-x86_64-6_pam.txz:  Added.
testing/packages/PAM/libcap-2.31-x86_64-1_pam.txz:  Added.
testing/packages/PAM/libcgroup-0.41-x86_64-5_pam.txz:  Added.
testing/packages/PAM/libpwquality-1.4.2-x86_64-1_pam.txz:  Added.
testing/packages/PAM/mariadb-10.4.12-x86_64-1_pam.txz:  Added.
testing/packages/PAM/netatalk-3.1.12-x86_64-2_pam.txz:  Added.
testing/packages/PAM/netkit-rsh-0.17-x86_64-2_pam.txz:  Added.
testing/packages/PAM/openssh-8.1p1-x86_64-1_pam.txz:  Added.
testing/packages/PAM/openvpn-2.4.8-x86_64-1_pam.txz:  Added.
testing/packages/PAM/pam-1.3.1-x86_64-1_pam.txz:  Added.
testing/packages/PAM/polkit-0.116-x86_64-1_pam.txz:  Added.
testing/packages/PAM/popa3d-1.0.3-x86_64-3_pam.txz:  Added.
testing/packages/PAM/ppp-2.4.7-x86_64-3_pam.txz:  Added.
testing/packages/PAM/proftpd-1.3.6b-x86_64-1_pam.txz:  Added.
testing/packages/PAM/samba-4.11.6-x86_64-1_pam.txz:  Added.
testing/packages/PAM/screen-4.8.0-x86_64-1_pam.txz:  Added.
testing/packages/PAM/shadow-4.8.1-x86_64-2_pam.txz:  Added.
testing/packages/PAM/sudo-1.8.31-x86_64-1_pam.txz:  Added.
testing/packages/PAM/system-config-printer-1.5.12-x86_64-2_pam.txz:  Added.
testing/packages/PAM/util-linux-2.35.1-x86_64-1_pam.txz:  Added.
testing/packages/PAM/vsftpd-3.0.3-x86_64-5_pam.txz:  Added.
testing/packages/PAM/xdm-1.1.11-x86_64-9_pam.txz:  Added.
testing/packages/PAM/xlockmore-5.62-x86_64-1_pam.txz:  Added.
testing/packages/PAM/xscreensaver-5.43-x86_64-1_pam.txz:  Added.
testing/packages/binutils-2.34-x86_64-1.txz:  Removed.
testing/packages/glibc-2.31-x86_64-1.txz:  Removed.
testing/packages/glibc-i18n-2.31-x86_64-1.txz:  Removed.
testing/packages/glibc-profile-2.31-x86_64-1.txz:  Removed.
testing/packages/glibc-solibs-2.31-x86_64-1.txz:  Removed.
usb-and-pxe-installers/usbboot.img:  Rebuilt.
This commit is contained in:
Patrick J Volkerding 2020-02-12 05:05:50 +00:00 committed by Eric Hameleers
parent e1ab44f93f
commit 6a63f41b3b
113 changed files with 4865 additions and 2178 deletions

View file

@ -11,9 +11,113 @@
<description>Tracking Slackware development in git.</description> <description>Tracking Slackware development in git.</description>
<language>en-us</language> <language>en-us</language>
<id xmlns="http://www.w3.org/2005/Atom">urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f</id> <id xmlns="http://www.w3.org/2005/Atom">urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f</id>
<pubDate>Tue, 11 Feb 2020 04:45:36 GMT</pubDate> <pubDate>Wed, 12 Feb 2020 05:05:50 GMT</pubDate>
<lastBuildDate>Tue, 11 Feb 2020 07:59:42 GMT</lastBuildDate> <lastBuildDate>Wed, 12 Feb 2020 16:59:42 GMT</lastBuildDate>
<generator>maintain_current_git.sh v 1.11</generator> <generator>maintain_current_git.sh v 1.11</generator>
<item>
<title>Wed, 12 Feb 2020 05:05:50 GMT</title>
<pubDate>Wed, 12 Feb 2020 05:05:50 GMT</pubDate>
<link>https://git.slackware.nl/current/tag/?h=20200212050550</link>
<guid isPermaLink="false">20200212050550</guid>
<description>
<![CDATA[<pre>
Hey folks! PAM has finally landed in /testing. Some here wanted it to go
right into the main tree immediately, and in a more normal development cycle
I'd have been inclined to agree (it is -current, after all). But it's
probably better for it to appear in /testing first, to make sure we didn't
miss any bugs and also to serve as a warning shot that we'll be shaking up
the tree pretty good over the next few weeks. I'd like to see this merged
into the main tree in a day or two, so any testing is greatly appreciated.
Switching to the PAM packages (or reverting from them) is as easy as
installing all of them with upgradepkg --install-new, and if reverting then
remove the three leftover _pam packages. After reverting, a bit of residue
will remain in /etc/pam.d/ and /etc/security/ which can either be manually
deleted or simply ignored. While there are many more features available in
PAM compared with plain shadow, out of the box about the only noticable
change is the use of cracklib and libpwquality to check the quality of a
user-supplied password. Hopefully having PAM and krb5 will get us on track
to having proper Active Directory integration as well as using code paths
that are likely better audited these days. The attack surface *might* be
bigger, but it's also a lot better scrutinized.
Thanks to Robby Workman and Vincent Batts who did most of the initial heavy
lifting on the core PAM packages as a side project for many years. Thanks
also to Phantom X whose PAM related SlackBuilds were a valuable reference.
And thanks as well to ivandi - I learned a lot from the SlackMATE build
scripts and was even occasionally thankful for the amusing ways you would
kick my ass on LQ. ;-) You're more than welcome to let us know where we've
messed up this time.
The binutils and glibc packages in /testing were removed and are off the
table for now. I'm not seeing much upside to heading down that rabbit hole
at the moment. Next we need to be looking at Xfce 4.14 and Plasma 5.18 LTS
and some other things that have been held back since KDE4 couldn't use them.
Cheers! :-)
a/kernel-generic-5.4.19-x86_64-1.txz: Upgraded.
a/kernel-huge-5.4.19-x86_64-1.txz: Upgraded.
a/kernel-modules-5.4.19-x86_64-1.txz: Upgraded.
a/lvm2-2.03.08-x86_64-1.txz: Upgraded.
a/shadow-4.8.1-x86_64-2.txz: Rebuilt.
Automatically backup /etc/login.defs and install the new version if
incompatible PAM options are detected.
d/kernel-headers-5.4.19-x86-1.txz: Upgraded.
k/kernel-source-5.4.19-noarch-1.txz: Upgraded.
VALIDATE_FS_PARSER y -> n
xap/mozilla-thunderbird-68.5.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/68.5.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2020-07/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6793
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6794
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6795
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6797
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6798
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6792
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6800
(* Security fix *)
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
testing/packages/PAM/ConsoleKit2-1.2.1-x86_64-1_pam.txz: Added.
testing/packages/PAM/at-3.2.1-x86_64-1_pam.txz: Added.
testing/packages/PAM/cifs-utils-6.10-x86_64-2_pam.txz: Added.
testing/packages/PAM/cracklib-2.9.7-x86_64-1_pam.txz: Added.
testing/packages/PAM/cups-2.3.1-x86_64-1_pam.txz: Added.
testing/packages/PAM/cyrus-sasl-2.1.27-x86_64-2_pam.txz: Added.
testing/packages/PAM/dovecot-2.3.9.2-x86_64-1_pam.txz: Added.
testing/packages/PAM/gnome-keyring-3.34.0-x86_64-1_pam.txz: Added.
testing/packages/PAM/hplip-3.19.12-x86_64-2_pam.txz: Added.
testing/packages/PAM/kde-workspace-4.11.22-x86_64-6_pam.txz: Added.
testing/packages/PAM/libcap-2.31-x86_64-1_pam.txz: Added.
testing/packages/PAM/libcgroup-0.41-x86_64-5_pam.txz: Added.
testing/packages/PAM/libpwquality-1.4.2-x86_64-1_pam.txz: Added.
testing/packages/PAM/mariadb-10.4.12-x86_64-1_pam.txz: Added.
testing/packages/PAM/netatalk-3.1.12-x86_64-2_pam.txz: Added.
testing/packages/PAM/netkit-rsh-0.17-x86_64-2_pam.txz: Added.
testing/packages/PAM/openssh-8.1p1-x86_64-1_pam.txz: Added.
testing/packages/PAM/openvpn-2.4.8-x86_64-1_pam.txz: Added.
testing/packages/PAM/pam-1.3.1-x86_64-1_pam.txz: Added.
testing/packages/PAM/polkit-0.116-x86_64-1_pam.txz: Added.
testing/packages/PAM/popa3d-1.0.3-x86_64-3_pam.txz: Added.
testing/packages/PAM/ppp-2.4.7-x86_64-3_pam.txz: Added.
testing/packages/PAM/proftpd-1.3.6b-x86_64-1_pam.txz: Added.
testing/packages/PAM/samba-4.11.6-x86_64-1_pam.txz: Added.
testing/packages/PAM/screen-4.8.0-x86_64-1_pam.txz: Added.
testing/packages/PAM/shadow-4.8.1-x86_64-2_pam.txz: Added.
testing/packages/PAM/sudo-1.8.31-x86_64-1_pam.txz: Added.
testing/packages/PAM/system-config-printer-1.5.12-x86_64-2_pam.txz: Added.
testing/packages/PAM/util-linux-2.35.1-x86_64-1_pam.txz: Added.
testing/packages/PAM/vsftpd-3.0.3-x86_64-5_pam.txz: Added.
testing/packages/PAM/xdm-1.1.11-x86_64-9_pam.txz: Added.
testing/packages/PAM/xlockmore-5.62-x86_64-1_pam.txz: Added.
testing/packages/PAM/xscreensaver-5.43-x86_64-1_pam.txz: Added.
testing/packages/binutils-2.34-x86_64-1.txz: Removed.
testing/packages/glibc-2.31-x86_64-1.txz: Removed.
testing/packages/glibc-i18n-2.31-x86_64-1.txz: Removed.
testing/packages/glibc-profile-2.31-x86_64-1.txz: Removed.
testing/packages/glibc-solibs-2.31-x86_64-1.txz: Removed.
usb-and-pxe-installers/usbboot.img: Rebuilt.
</pre>]]>
</description>
</item>
<item> <item>
<title>Tue, 11 Feb 2020 04:45:36 GMT</title> <title>Tue, 11 Feb 2020 04:45:36 GMT</title>
<pubDate>Tue, 11 Feb 2020 04:45:36 GMT</pubDate> <pubDate>Tue, 11 Feb 2020 04:45:36 GMT</pubDate>
@ -27,9 +131,16 @@ ap/man-pages-5.05-noarch-2.txz: Rebuilt.
d/python-setuptools-45.2.0-x86_64-1.txz: Upgraded. d/python-setuptools-45.2.0-x86_64-1.txz: Upgraded.
n/nfs-utils-2.4.3-x86_64-1.txz: Upgraded. n/nfs-utils-2.4.3-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-68.5.0esr-x86_64-1.txz: Upgraded. xap/mozilla-firefox-68.5.0esr-x86_64-1.txz: Upgraded.
This is a bugfix release. This release contains security fixes and improvements.
For more information, see: For more information, see:
https://www.mozilla.org/en-US/firefox/68.5.0/releasenotes/ https://www.mozilla.org/en-US/firefox/68.5.0/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2020-06/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6796
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6797
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6798
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6799
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6800
(* Security fix *)
</pre>]]> </pre>]]>
</description> </description>
</item> </item>

View file

@ -1,3 +1,99 @@
Wed Feb 12 05:05:50 UTC 2020
Hey folks! PAM has finally landed in /testing. Some here wanted it to go
right into the main tree immediately, and in a more normal development cycle
I'd have been inclined to agree (it is -current, after all). But it's
probably better for it to appear in /testing first, to make sure we didn't
miss any bugs and also to serve as a warning shot that we'll be shaking up
the tree pretty good over the next few weeks. I'd like to see this merged
into the main tree in a day or two, so any testing is greatly appreciated.
Switching to the PAM packages (or reverting from them) is as easy as
installing all of them with upgradepkg --install-new, and if reverting then
remove the three leftover _pam packages. After reverting, a bit of residue
will remain in /etc/pam.d/ and /etc/security/ which can either be manually
deleted or simply ignored. While there are many more features available in
PAM compared with plain shadow, out of the box about the only noticable
change is the use of cracklib and libpwquality to check the quality of a
user-supplied password. Hopefully having PAM and krb5 will get us on track
to having proper Active Directory integration as well as using code paths
that are likely better audited these days. The attack surface *might* be
bigger, but it's also a lot better scrutinized.
Thanks to Robby Workman and Vincent Batts who did most of the initial heavy
lifting on the core PAM packages as a side project for many years. Thanks
also to Phantom X whose PAM related SlackBuilds were a valuable reference.
And thanks as well to ivandi - I learned a lot from the SlackMATE build
scripts and was even occasionally thankful for the amusing ways you would
kick my ass on LQ. ;-) You're more than welcome to let us know where we've
messed up this time.
The binutils and glibc packages in /testing were removed and are off the
table for now. I'm not seeing much upside to heading down that rabbit hole
at the moment. Next we need to be looking at Xfce 4.14 and Plasma 5.18 LTS
and some other things that have been held back since KDE4 couldn't use them.
Cheers! :-)
a/kernel-generic-5.4.19-x86_64-1.txz: Upgraded.
a/kernel-huge-5.4.19-x86_64-1.txz: Upgraded.
a/kernel-modules-5.4.19-x86_64-1.txz: Upgraded.
a/lvm2-2.03.08-x86_64-1.txz: Upgraded.
a/shadow-4.8.1-x86_64-2.txz: Rebuilt.
Automatically backup /etc/login.defs and install the new version if
incompatible PAM options are detected.
d/kernel-headers-5.4.19-x86-1.txz: Upgraded.
k/kernel-source-5.4.19-noarch-1.txz: Upgraded.
VALIDATE_FS_PARSER y -> n
xap/mozilla-thunderbird-68.5.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/68.5.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2020-07/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6793
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6794
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6795
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6797
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6798
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6792
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6800
(* Security fix *)
isolinux/initrd.img: Rebuilt.
kernels/*: Upgraded.
testing/packages/PAM/ConsoleKit2-1.2.1-x86_64-1_pam.txz: Added.
testing/packages/PAM/at-3.2.1-x86_64-1_pam.txz: Added.
testing/packages/PAM/cifs-utils-6.10-x86_64-2_pam.txz: Added.
testing/packages/PAM/cracklib-2.9.7-x86_64-1_pam.txz: Added.
testing/packages/PAM/cups-2.3.1-x86_64-1_pam.txz: Added.
testing/packages/PAM/cyrus-sasl-2.1.27-x86_64-2_pam.txz: Added.
testing/packages/PAM/dovecot-2.3.9.2-x86_64-1_pam.txz: Added.
testing/packages/PAM/gnome-keyring-3.34.0-x86_64-1_pam.txz: Added.
testing/packages/PAM/hplip-3.19.12-x86_64-2_pam.txz: Added.
testing/packages/PAM/kde-workspace-4.11.22-x86_64-6_pam.txz: Added.
testing/packages/PAM/libcap-2.31-x86_64-1_pam.txz: Added.
testing/packages/PAM/libcgroup-0.41-x86_64-5_pam.txz: Added.
testing/packages/PAM/libpwquality-1.4.2-x86_64-1_pam.txz: Added.
testing/packages/PAM/mariadb-10.4.12-x86_64-1_pam.txz: Added.
testing/packages/PAM/netatalk-3.1.12-x86_64-2_pam.txz: Added.
testing/packages/PAM/netkit-rsh-0.17-x86_64-2_pam.txz: Added.
testing/packages/PAM/openssh-8.1p1-x86_64-1_pam.txz: Added.
testing/packages/PAM/openvpn-2.4.8-x86_64-1_pam.txz: Added.
testing/packages/PAM/pam-1.3.1-x86_64-1_pam.txz: Added.
testing/packages/PAM/polkit-0.116-x86_64-1_pam.txz: Added.
testing/packages/PAM/popa3d-1.0.3-x86_64-3_pam.txz: Added.
testing/packages/PAM/ppp-2.4.7-x86_64-3_pam.txz: Added.
testing/packages/PAM/proftpd-1.3.6b-x86_64-1_pam.txz: Added.
testing/packages/PAM/samba-4.11.6-x86_64-1_pam.txz: Added.
testing/packages/PAM/screen-4.8.0-x86_64-1_pam.txz: Added.
testing/packages/PAM/shadow-4.8.1-x86_64-2_pam.txz: Added.
testing/packages/PAM/sudo-1.8.31-x86_64-1_pam.txz: Added.
testing/packages/PAM/system-config-printer-1.5.12-x86_64-2_pam.txz: Added.
testing/packages/PAM/util-linux-2.35.1-x86_64-1_pam.txz: Added.
testing/packages/PAM/vsftpd-3.0.3-x86_64-5_pam.txz: Added.
testing/packages/PAM/xdm-1.1.11-x86_64-9_pam.txz: Added.
testing/packages/PAM/xlockmore-5.62-x86_64-1_pam.txz: Added.
testing/packages/PAM/xscreensaver-5.43-x86_64-1_pam.txz: Added.
testing/packages/binutils-2.34-x86_64-1.txz: Removed.
testing/packages/glibc-2.31-x86_64-1.txz: Removed.
testing/packages/glibc-i18n-2.31-x86_64-1.txz: Removed.
testing/packages/glibc-profile-2.31-x86_64-1.txz: Removed.
testing/packages/glibc-solibs-2.31-x86_64-1.txz: Removed.
usb-and-pxe-installers/usbboot.img: Rebuilt.
+--------------------------+
Tue Feb 11 04:45:36 UTC 2020 Tue Feb 11 04:45:36 UTC 2020
ap/man-pages-5.05-noarch-2.txz: Rebuilt. ap/man-pages-5.05-noarch-2.txz: Rebuilt.
Clean up /usr/man directory moving miscellaneous documentation to Clean up /usr/man directory moving miscellaneous documentation to
@ -5,9 +101,16 @@ ap/man-pages-5.05-noarch-2.txz: Rebuilt.
d/python-setuptools-45.2.0-x86_64-1.txz: Upgraded. d/python-setuptools-45.2.0-x86_64-1.txz: Upgraded.
n/nfs-utils-2.4.3-x86_64-1.txz: Upgraded. n/nfs-utils-2.4.3-x86_64-1.txz: Upgraded.
xap/mozilla-firefox-68.5.0esr-x86_64-1.txz: Upgraded. xap/mozilla-firefox-68.5.0esr-x86_64-1.txz: Upgraded.
This is a bugfix release. This release contains security fixes and improvements.
For more information, see: For more information, see:
https://www.mozilla.org/en-US/firefox/68.5.0/releasenotes/ https://www.mozilla.org/en-US/firefox/68.5.0/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2020-06/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6796
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6797
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6798
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6799
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6800
(* Security fix *)
+--------------------------+ +--------------------------+
Sun Feb 9 23:04:46 UTC 2020 Sun Feb 9 23:04:46 UTC 2020
ap/man-pages-5.05-noarch-1.txz: Upgraded. ap/man-pages-5.05-noarch-1.txz: Upgraded.

View file

@ -1,35 +1,35 @@
Tue Feb 11 05:02:21 UTC 2020 Wed Feb 12 05:21:26 UTC 2020
Here is the file list for this directory. If you are using a Here is the file list for this directory. If you are using a
mirror site and find missing or extra files in the disk mirror site and find missing or extra files in the disk
subdirectories, please have the archive administrator refresh subdirectories, please have the archive administrator refresh
the mirror. the mirror.
drwxr-xr-x 12 root root 4096 2020-02-11 04:45 . drwxr-xr-x 12 root root 4096 2020-02-12 05:05 .
-rw-r--r-- 1 root root 10064 2016-06-30 18:39 ./ANNOUNCE.14_2 -rw-r--r-- 1 root root 10064 2016-06-30 18:39 ./ANNOUNCE.14_2
-rw-r--r-- 1 root root 14975 2020-02-08 21:06 ./CHANGES_AND_HINTS.TXT -rw-r--r-- 1 root root 14975 2020-02-08 21:06 ./CHANGES_AND_HINTS.TXT
-rw-r--r-- 1 root root 941648 2020-02-09 23:17 ./CHECKSUMS.md5 -rw-r--r-- 1 root root 941564 2020-02-11 05:02 ./CHECKSUMS.md5
-rw-r--r-- 1 root root 163 2020-02-09 23:17 ./CHECKSUMS.md5.asc -rw-r--r-- 1 root root 163 2020-02-11 05:02 ./CHECKSUMS.md5.asc
-rw-r--r-- 1 root root 17976 1994-06-10 02:28 ./COPYING -rw-r--r-- 1 root root 17976 1994-06-10 02:28 ./COPYING
-rw-r--r-- 1 root root 35147 2007-06-30 04:21 ./COPYING3 -rw-r--r-- 1 root root 35147 2007-06-30 04:21 ./COPYING3
-rw-r--r-- 1 root root 19573 2016-06-23 20:08 ./COPYRIGHT.TXT -rw-r--r-- 1 root root 19573 2016-06-23 20:08 ./COPYRIGHT.TXT
-rw-r--r-- 1 root root 616 2006-10-02 04:37 ./CRYPTO_NOTICE.TXT -rw-r--r-- 1 root root 616 2006-10-02 04:37 ./CRYPTO_NOTICE.TXT
-rw-r--r-- 1 root root 795706 2020-02-11 04:45 ./ChangeLog.txt -rw-r--r-- 1 root root 801922 2020-02-12 05:05 ./ChangeLog.txt
drwxr-xr-x 3 root root 4096 2013-03-20 22:17 ./EFI drwxr-xr-x 3 root root 4096 2013-03-20 22:17 ./EFI
drwxr-xr-x 2 root root 4096 2020-02-06 01:59 ./EFI/BOOT drwxr-xr-x 2 root root 4096 2020-02-12 00:43 ./EFI/BOOT
-rw-r--r-- 1 root root 1417216 2019-07-05 18:54 ./EFI/BOOT/bootx64.efi -rw-r--r-- 1 root root 1417216 2019-07-05 18:54 ./EFI/BOOT/bootx64.efi
-rw-r--r-- 1 root root 78 2013-09-23 20:35 ./EFI/BOOT/grub-embedded.cfg -rw-r--r-- 1 root root 78 2013-09-23 20:35 ./EFI/BOOT/grub-embedded.cfg
-rw-r--r-- 1 root root 893 2018-04-17 21:17 ./EFI/BOOT/grub.cfg -rw-r--r-- 1 root root 893 2018-04-17 21:17 ./EFI/BOOT/grub.cfg
-rw-r--r-- 2 root root 10029440 2020-02-06 00:45 ./EFI/BOOT/huge.s -rw-r--r-- 2 root root 10025344 2020-02-11 20:10 ./EFI/BOOT/huge.s
-rw-r--r-- 2 root root 44163868 2020-02-06 01:58 ./EFI/BOOT/initrd.img -rw-r--r-- 2 root root 44173976 2020-02-12 00:41 ./EFI/BOOT/initrd.img
-rwxr-xr-x 1 root root 2504 2019-07-05 18:54 ./EFI/BOOT/make-grub.sh -rwxr-xr-x 1 root root 2504 2019-07-05 18:54 ./EFI/BOOT/make-grub.sh
-rw-r--r-- 1 root root 10722 2013-09-21 19:02 ./EFI/BOOT/osdetect.cfg -rw-r--r-- 1 root root 10722 2013-09-21 19:02 ./EFI/BOOT/osdetect.cfg
-rw-r--r-- 1 root root 1273 2013-08-12 21:08 ./EFI/BOOT/tools.cfg -rw-r--r-- 1 root root 1273 2013-08-12 21:08 ./EFI/BOOT/tools.cfg
-rw-r--r-- 1 root root 1237754 2020-02-09 23:16 ./FILELIST.TXT -rw-r--r-- 1 root root 1237653 2020-02-11 05:02 ./FILELIST.TXT
-rw-r--r-- 1 root root 1572 2012-08-29 18:27 ./GPG-KEY -rw-r--r-- 1 root root 1572 2012-08-29 18:27 ./GPG-KEY
-rw-r--r-- 1 root root 736339 2020-02-11 05:00 ./PACKAGES.TXT -rw-r--r-- 1 root root 736233 2020-02-12 05:19 ./PACKAGES.TXT
-rw-r--r-- 1 root root 8564 2016-06-28 21:33 ./README.TXT -rw-r--r-- 1 root root 8564 2016-06-28 21:33 ./README.TXT
-rw-r--r-- 1 root root 3629 2020-02-06 01:37 ./README.initrd -rw-r--r-- 1 root root 3629 2020-02-11 23:40 ./README.initrd
-rw-r--r-- 1 root root 34412 2017-12-01 17:44 ./README_CRYPT.TXT -rw-r--r-- 1 root root 34412 2017-12-01 17:44 ./README_CRYPT.TXT
-rw-r--r-- 1 root root 8751 2016-06-28 21:44 ./README_LVM.TXT -rw-r--r-- 1 root root 8751 2016-06-28 21:44 ./README_LVM.TXT
-rw-r--r-- 1 root root 19658 2013-06-18 04:34 ./README_RAID.TXT -rw-r--r-- 1 root root 19658 2013-06-18 04:34 ./README_RAID.TXT
@ -761,16 +761,16 @@ drwxr-xr-x 2 root root 4096 2019-10-18 18:28 ./extra/xv
-rw-r--r-- 1 root root 233 2018-04-13 18:00 ./extra/xv/xv-3.10a-x86_64-9.txt -rw-r--r-- 1 root root 233 2018-04-13 18:00 ./extra/xv/xv-3.10a-x86_64-9.txt
-rw-r--r-- 1 root root 953308 2018-04-13 18:00 ./extra/xv/xv-3.10a-x86_64-9.txz -rw-r--r-- 1 root root 953308 2018-04-13 18:00 ./extra/xv/xv-3.10a-x86_64-9.txz
-rw-r--r-- 1 root root 163 2018-04-13 18:00 ./extra/xv/xv-3.10a-x86_64-9.txz.asc -rw-r--r-- 1 root root 163 2018-04-13 18:00 ./extra/xv/xv-3.10a-x86_64-9.txz.asc
drwxr-xr-x 3 root root 4096 2020-02-06 01:58 ./isolinux drwxr-xr-x 3 root root 4096 2020-02-12 00:42 ./isolinux
-rw-r--r-- 1 root root 6183 2017-11-18 18:47 ./isolinux/README.TXT -rw-r--r-- 1 root root 6183 2017-11-18 18:47 ./isolinux/README.TXT
-rw-r--r-- 1 root root 788 2007-03-17 19:50 ./isolinux/README_SPLIT.TXT -rw-r--r-- 1 root root 788 2007-03-17 19:50 ./isolinux/README_SPLIT.TXT
-rw-r--r-- 1 root root 1474560 2019-07-05 18:54 ./isolinux/efiboot.img -rw-r--r-- 1 root root 1474560 2019-07-05 18:54 ./isolinux/efiboot.img
-rw-r--r-- 1 root root 574 2013-10-24 00:19 ./isolinux/f2.txt -rw-r--r-- 1 root root 574 2013-10-24 00:19 ./isolinux/f2.txt
-rw-r--r-- 2 root root 44163868 2020-02-06 01:58 ./isolinux/initrd.img -rw-r--r-- 2 root root 44173976 2020-02-12 00:41 ./isolinux/initrd.img
-rw-r--r-- 1 root root 50 2003-01-18 00:02 ./isolinux/iso.sort -rw-r--r-- 1 root root 50 2003-01-18 00:02 ./isolinux/iso.sort
-rw-r--r-- 1 root root 24576 2016-05-27 20:36 ./isolinux/isolinux.bin -rw-r--r-- 1 root root 24576 2016-05-27 20:36 ./isolinux/isolinux.bin
-rw-r--r-- 1 root root 578 2013-03-27 03:29 ./isolinux/isolinux.cfg -rw-r--r-- 1 root root 578 2013-03-27 03:29 ./isolinux/isolinux.cfg
-rw-r--r-- 1 root root 682 2020-02-06 01:37 ./isolinux/message.txt -rw-r--r-- 1 root root 682 2020-02-11 23:40 ./isolinux/message.txt
drwxr-xr-x 2 root root 4096 2003-03-17 07:31 ./isolinux/sbootmgr drwxr-xr-x 2 root root 4096 2003-03-17 07:31 ./isolinux/sbootmgr
-rwxr-xr-x 1 root root 36064 1995-05-12 01:23 ./isolinux/sbootmgr/RAWRITE.EXE -rwxr-xr-x 1 root root 36064 1995-05-12 01:23 ./isolinux/sbootmgr/RAWRITE.EXE
-rw-r--r-- 1 root root 2138 1997-12-01 01:21 ./isolinux/sbootmgr/RAWRITE12.DOC -rw-r--r-- 1 root root 2138 1997-12-01 01:21 ./isolinux/sbootmgr/RAWRITE12.DOC
@ -781,12 +781,12 @@ lrwxrwxrwx 1 root root 11 2009-08-23 23:37 ./isolinux/sbootmgr/RAWRITE13
-rw-r--r-- 1 root root 1291 2003-03-17 07:31 ./isolinux/sbootmgr/README.TXT -rw-r--r-- 1 root root 1291 2003-03-17 07:31 ./isolinux/sbootmgr/README.TXT
-rw-r--r-- 1 root root 110592 2003-03-16 08:38 ./isolinux/sbootmgr/sbootmgr.dsk -rw-r--r-- 1 root root 110592 2003-03-16 08:38 ./isolinux/sbootmgr/sbootmgr.dsk
-rw-r--r-- 1 root root 3024 2018-03-03 01:37 ./isolinux/setpkg -rw-r--r-- 1 root root 3024 2018-03-03 01:37 ./isolinux/setpkg
drwxr-xr-x 5 root root 4096 2020-02-06 01:37 ./kernels drwxr-xr-x 5 root root 4096 2020-02-11 23:40 ./kernels
-rw-r--r-- 1 root root 36 2020-02-06 01:37 ./kernels/VERSIONS.TXT -rw-r--r-- 1 root root 36 2020-02-11 23:40 ./kernels/VERSIONS.TXT
drwxr-xr-x 2 root root 4096 2020-02-06 00:45 ./kernels/huge.s drwxr-xr-x 2 root root 4096 2020-02-11 20:10 ./kernels/huge.s
-rw-r--r-- 1 root root 1080808 2020-02-06 00:45 ./kernels/huge.s/System.map.gz -rw-r--r-- 1 root root 1080807 2020-02-11 20:10 ./kernels/huge.s/System.map.gz
-rw-r--r-- 2 root root 10029440 2020-02-06 00:45 ./kernels/huge.s/bzImage -rw-r--r-- 2 root root 10025344 2020-02-11 20:10 ./kernels/huge.s/bzImage
-rw-r--r-- 1 root root 199120 2020-02-05 22:36 ./kernels/huge.s/config -rw-r--r-- 1 root root 199131 2020-02-11 17:59 ./kernels/huge.s/config
drwxr-xr-x 2 root root 4096 2011-03-25 03:15 ./kernels/memtest drwxr-xr-x 2 root root 4096 2011-03-25 03:15 ./kernels/memtest
-rw-r--r-- 1 root root 60 2011-03-24 00:19 ./kernels/memtest/README -rw-r--r-- 1 root root 60 2011-03-24 00:19 ./kernels/memtest/README
-rw-r--r-- 1 root root 150024 2013-10-17 04:15 ./kernels/memtest/memtest -rw-r--r-- 1 root root 150024 2013-10-17 04:15 ./kernels/memtest/memtest
@ -831,13 +831,13 @@ drwxr-xr-x 2 root root 4096 2012-09-20 18:06 ./patches
-rw-r--r-- 1 root root 575 2012-09-20 18:06 ./patches/FILE_LIST -rw-r--r-- 1 root root 575 2012-09-20 18:06 ./patches/FILE_LIST
-rw-r--r-- 1 root root 14 2012-09-20 18:06 ./patches/MANIFEST.bz2 -rw-r--r-- 1 root root 14 2012-09-20 18:06 ./patches/MANIFEST.bz2
-rw-r--r-- 1 root root 224 2012-09-20 18:06 ./patches/PACKAGES.TXT -rw-r--r-- 1 root root 224 2012-09-20 18:06 ./patches/PACKAGES.TXT
drwxr-xr-x 18 root root 4096 2020-02-11 05:00 ./slackware64 drwxr-xr-x 18 root root 4096 2020-02-12 05:19 ./slackware64
-rw-r--r-- 1 root root 291829 2020-02-11 05:00 ./slackware64/CHECKSUMS.md5 -rw-r--r-- 1 root root 291829 2020-02-12 05:19 ./slackware64/CHECKSUMS.md5
-rw-r--r-- 1 root root 163 2020-02-11 05:00 ./slackware64/CHECKSUMS.md5.asc -rw-r--r-- 1 root root 163 2020-02-12 05:19 ./slackware64/CHECKSUMS.md5.asc
-rw-r--r-- 1 root root 363482 2020-02-11 04:57 ./slackware64/FILE_LIST -rw-r--r-- 1 root root 363482 2020-02-12 05:16 ./slackware64/FILE_LIST
-rw-r--r-- 1 root root 3704195 2020-02-11 04:58 ./slackware64/MANIFEST.bz2 -rw-r--r-- 1 root root 3699990 2020-02-12 05:17 ./slackware64/MANIFEST.bz2
lrwxrwxrwx 1 root root 15 2009-08-23 23:34 ./slackware64/PACKAGES.TXT -> ../PACKAGES.TXT lrwxrwxrwx 1 root root 15 2009-08-23 23:34 ./slackware64/PACKAGES.TXT -> ../PACKAGES.TXT
drwxr-xr-x 2 root root 28672 2020-02-08 21:14 ./slackware64/a drwxr-xr-x 2 root root 28672 2020-02-12 05:16 ./slackware64/a
-rw-r--r-- 1 root root 327 2018-06-24 18:44 ./slackware64/a/aaa_base-14.2-x86_64-5.txt -rw-r--r-- 1 root root 327 2018-06-24 18:44 ./slackware64/a/aaa_base-14.2-x86_64-5.txt
-rw-r--r-- 1 root root 10820 2018-06-24 18:44 ./slackware64/a/aaa_base-14.2-x86_64-5.txz -rw-r--r-- 1 root root 10820 2018-06-24 18:44 ./slackware64/a/aaa_base-14.2-x86_64-5.txz
-rw-r--r-- 1 root root 163 2018-06-24 18:44 ./slackware64/a/aaa_base-14.2-x86_64-5.txz.asc -rw-r--r-- 1 root root 163 2018-06-24 18:44 ./slackware64/a/aaa_base-14.2-x86_64-5.txz.asc
@ -990,15 +990,15 @@ drwxr-xr-x 2 root root 28672 2020-02-08 21:14 ./slackware64/a
-rw-r--r-- 1 root root 422 2020-02-08 19:55 ./slackware64/a/kernel-firmware-20200207_6f89735-noarch-1.txt -rw-r--r-- 1 root root 422 2020-02-08 19:55 ./slackware64/a/kernel-firmware-20200207_6f89735-noarch-1.txt
-rw-r--r-- 1 root root 97158700 2020-02-08 19:55 ./slackware64/a/kernel-firmware-20200207_6f89735-noarch-1.txz -rw-r--r-- 1 root root 97158700 2020-02-08 19:55 ./slackware64/a/kernel-firmware-20200207_6f89735-noarch-1.txz
-rw-r--r-- 1 root root 163 2020-02-08 19:55 ./slackware64/a/kernel-firmware-20200207_6f89735-noarch-1.txz.asc -rw-r--r-- 1 root root 163 2020-02-08 19:55 ./slackware64/a/kernel-firmware-20200207_6f89735-noarch-1.txz.asc
-rw-r--r-- 1 root root 624 2020-02-06 00:47 ./slackware64/a/kernel-generic-5.4.18-x86_64-1.txt -rw-r--r-- 1 root root 624 2020-02-11 20:11 ./slackware64/a/kernel-generic-5.4.19-x86_64-1.txt
-rw-r--r-- 1 root root 6912292 2020-02-06 00:47 ./slackware64/a/kernel-generic-5.4.18-x86_64-1.txz -rw-r--r-- 1 root root 6912208 2020-02-11 20:11 ./slackware64/a/kernel-generic-5.4.19-x86_64-1.txz
-rw-r--r-- 1 root root 163 2020-02-06 00:47 ./slackware64/a/kernel-generic-5.4.18-x86_64-1.txz.asc -rw-r--r-- 1 root root 163 2020-02-11 20:11 ./slackware64/a/kernel-generic-5.4.19-x86_64-1.txz.asc
-rw-r--r-- 1 root root 636 2020-02-06 00:45 ./slackware64/a/kernel-huge-5.4.18-x86_64-1.txt -rw-r--r-- 1 root root 636 2020-02-11 20:10 ./slackware64/a/kernel-huge-5.4.19-x86_64-1.txt
-rw-r--r-- 1 root root 10640960 2020-02-06 00:45 ./slackware64/a/kernel-huge-5.4.18-x86_64-1.txz -rw-r--r-- 1 root root 10639480 2020-02-11 20:10 ./slackware64/a/kernel-huge-5.4.19-x86_64-1.txz
-rw-r--r-- 1 root root 163 2020-02-06 00:45 ./slackware64/a/kernel-huge-5.4.18-x86_64-1.txz.asc -rw-r--r-- 1 root root 163 2020-02-11 20:10 ./slackware64/a/kernel-huge-5.4.19-x86_64-1.txz.asc
-rw-r--r-- 1 root root 567 2020-02-06 00:55 ./slackware64/a/kernel-modules-5.4.18-x86_64-1.txt -rw-r--r-- 1 root root 567 2020-02-11 20:20 ./slackware64/a/kernel-modules-5.4.19-x86_64-1.txt
-rw-r--r-- 1 root root 43079608 2020-02-06 00:55 ./slackware64/a/kernel-modules-5.4.18-x86_64-1.txz -rw-r--r-- 1 root root 43074272 2020-02-11 20:20 ./slackware64/a/kernel-modules-5.4.19-x86_64-1.txz
-rw-r--r-- 1 root root 163 2020-02-06 00:55 ./slackware64/a/kernel-modules-5.4.18-x86_64-1.txz.asc -rw-r--r-- 1 root root 163 2020-02-11 20:20 ./slackware64/a/kernel-modules-5.4.19-x86_64-1.txz.asc
-rw-r--r-- 1 root root 508 2019-12-30 18:09 ./slackware64/a/kmod-26-x86_64-3.txt -rw-r--r-- 1 root root 508 2019-12-30 18:09 ./slackware64/a/kmod-26-x86_64-3.txt
-rw-r--r-- 1 root root 108312 2019-12-30 18:09 ./slackware64/a/kmod-26-x86_64-3.txz -rw-r--r-- 1 root root 108312 2019-12-30 18:09 ./slackware64/a/kmod-26-x86_64-3.txz
-rw-r--r-- 1 root root 163 2019-12-30 18:09 ./slackware64/a/kmod-26-x86_64-3.txz.asc -rw-r--r-- 1 root root 163 2019-12-30 18:09 ./slackware64/a/kmod-26-x86_64-3.txz.asc
@ -1026,17 +1026,17 @@ drwxr-xr-x 2 root root 28672 2020-02-08 21:14 ./slackware64/a
-rw-r--r-- 1 root root 445 2018-04-17 07:04 ./slackware64/a/lrzip-0.631-x86_64-2.txt -rw-r--r-- 1 root root 445 2018-04-17 07:04 ./slackware64/a/lrzip-0.631-x86_64-2.txt
-rw-r--r-- 1 root root 214724 2018-04-17 07:04 ./slackware64/a/lrzip-0.631-x86_64-2.txz -rw-r--r-- 1 root root 214724 2018-04-17 07:04 ./slackware64/a/lrzip-0.631-x86_64-2.txz
-rw-r--r-- 1 root root 163 2018-04-17 07:04 ./slackware64/a/lrzip-0.631-x86_64-2.txz.asc -rw-r--r-- 1 root root 163 2018-04-17 07:04 ./slackware64/a/lrzip-0.631-x86_64-2.txz.asc
-rw-r--r-- 1 root root 555 2019-12-02 21:43 ./slackware64/a/lvm2-2.03.07-x86_64-1.txt -rw-r--r-- 1 root root 555 2020-02-11 19:43 ./slackware64/a/lvm2-2.03.08-x86_64-1.txt
-rw-r--r-- 1 root root 1505740 2019-12-02 21:43 ./slackware64/a/lvm2-2.03.07-x86_64-1.txz -rw-r--r-- 1 root root 1511580 2020-02-11 19:43 ./slackware64/a/lvm2-2.03.08-x86_64-1.txz
-rw-r--r-- 1 root root 163 2019-12-02 21:43 ./slackware64/a/lvm2-2.03.07-x86_64-1.txz.asc -rw-r--r-- 1 root root 163 2020-02-11 19:43 ./slackware64/a/lvm2-2.03.08-x86_64-1.txz.asc
-rw-r--r-- 1 root root 441 2019-01-13 19:51 ./slackware64/a/lzip-1.21-x86_64-1.txt -rw-r--r-- 1 root root 441 2019-01-13 19:51 ./slackware64/a/lzip-1.21-x86_64-1.txt
-rw-r--r-- 1 root root 85188 2019-01-13 19:51 ./slackware64/a/lzip-1.21-x86_64-1.txz -rw-r--r-- 1 root root 85188 2019-01-13 19:51 ./slackware64/a/lzip-1.21-x86_64-1.txz
-rw-r--r-- 1 root root 163 2019-01-13 19:51 ./slackware64/a/lzip-1.21-x86_64-1.txz.asc -rw-r--r-- 1 root root 163 2019-01-13 19:51 ./slackware64/a/lzip-1.21-x86_64-1.txz.asc
-rw-r--r-- 1 root root 405 2019-01-11 20:05 ./slackware64/a/lzlib-1.11-x86_64-1.txt -rw-r--r-- 1 root root 405 2019-01-11 20:05 ./slackware64/a/lzlib-1.11-x86_64-1.txt
-rw-r--r-- 1 root root 56396 2019-01-11 20:05 ./slackware64/a/lzlib-1.11-x86_64-1.txz -rw-r--r-- 1 root root 56396 2019-01-11 20:05 ./slackware64/a/lzlib-1.11-x86_64-1.txz
-rw-r--r-- 1 root root 163 2019-01-11 20:05 ./slackware64/a/lzlib-1.11-x86_64-1.txz.asc -rw-r--r-- 1 root root 163 2019-01-11 20:05 ./slackware64/a/lzlib-1.11-x86_64-1.txz.asc
-rw-r--r-- 1 root root 9157 2020-02-06 01:37 ./slackware64/a/maketag -rw-r--r-- 1 root root 9157 2020-02-11 23:40 ./slackware64/a/maketag
-rw-r--r-- 1 root root 9157 2020-02-06 01:37 ./slackware64/a/maketag.ez -rw-r--r-- 1 root root 9157 2020-02-11 23:40 ./slackware64/a/maketag.ez
-rw-r--r-- 1 root root 591 2020-01-11 19:31 ./slackware64/a/mcelog-168-x86_64-1.txt -rw-r--r-- 1 root root 591 2020-01-11 19:31 ./slackware64/a/mcelog-168-x86_64-1.txt
-rw-r--r-- 1 root root 342928 2020-01-11 19:31 ./slackware64/a/mcelog-168-x86_64-1.txz -rw-r--r-- 1 root root 342928 2020-01-11 19:31 ./slackware64/a/mcelog-168-x86_64-1.txz
-rw-r--r-- 1 root root 163 2020-01-11 19:31 ./slackware64/a/mcelog-168-x86_64-1.txz.asc -rw-r--r-- 1 root root 163 2020-01-11 19:31 ./slackware64/a/mcelog-168-x86_64-1.txz.asc
@ -1109,9 +1109,9 @@ drwxr-xr-x 2 root root 28672 2020-02-08 21:14 ./slackware64/a
-rw-r--r-- 1 root root 406 2020-01-15 17:44 ./slackware64/a/sed-4.8-x86_64-1.txt -rw-r--r-- 1 root root 406 2020-01-15 17:44 ./slackware64/a/sed-4.8-x86_64-1.txt
-rw-r--r-- 1 root root 249488 2020-01-15 17:44 ./slackware64/a/sed-4.8-x86_64-1.txz -rw-r--r-- 1 root root 249488 2020-01-15 17:44 ./slackware64/a/sed-4.8-x86_64-1.txz
-rw-r--r-- 1 root root 163 2020-01-15 17:44 ./slackware64/a/sed-4.8-x86_64-1.txz.asc -rw-r--r-- 1 root root 163 2020-01-15 17:44 ./slackware64/a/sed-4.8-x86_64-1.txz.asc
-rw-r--r-- 1 root root 512 2020-01-26 18:48 ./slackware64/a/shadow-4.8.1-x86_64-1.txt -rw-r--r-- 1 root root 422 2020-02-12 02:19 ./slackware64/a/shadow-4.8.1-x86_64-2.txt
-rw-r--r-- 1 root root 1503360 2020-01-26 18:48 ./slackware64/a/shadow-4.8.1-x86_64-1.txz -rw-r--r-- 1 root root 1503668 2020-02-12 02:19 ./slackware64/a/shadow-4.8.1-x86_64-2.txz
-rw-r--r-- 1 root root 163 2020-01-26 18:48 ./slackware64/a/shadow-4.8.1-x86_64-1.txz.asc -rw-r--r-- 1 root root 163 2020-02-12 02:19 ./slackware64/a/shadow-4.8.1-x86_64-2.txz.asc
-rw-r--r-- 1 root root 623 2018-04-13 13:12 ./slackware64/a/sharutils-4.15.2-x86_64-2.txt -rw-r--r-- 1 root root 623 2018-04-13 13:12 ./slackware64/a/sharutils-4.15.2-x86_64-2.txt
-rw-r--r-- 1 root root 264912 2018-04-13 13:12 ./slackware64/a/sharutils-4.15.2-x86_64-2.txz -rw-r--r-- 1 root root 264912 2018-04-13 13:12 ./slackware64/a/sharutils-4.15.2-x86_64-2.txz
-rw-r--r-- 1 root root 163 2018-04-13 13:12 ./slackware64/a/sharutils-4.15.2-x86_64-2.txz.asc -rw-r--r-- 1 root root 163 2018-04-13 13:12 ./slackware64/a/sharutils-4.15.2-x86_64-2.txz.asc
@ -1139,7 +1139,7 @@ drwxr-xr-x 2 root root 28672 2020-02-08 21:14 ./slackware64/a
-rw-r--r-- 1 root root 378 2020-01-13 18:57 ./slackware64/a/sysvinit-scripts-2.1-noarch-28.txt -rw-r--r-- 1 root root 378 2020-01-13 18:57 ./slackware64/a/sysvinit-scripts-2.1-noarch-28.txt
-rw-r--r-- 1 root root 22360 2020-01-13 18:57 ./slackware64/a/sysvinit-scripts-2.1-noarch-28.txz -rw-r--r-- 1 root root 22360 2020-01-13 18:57 ./slackware64/a/sysvinit-scripts-2.1-noarch-28.txz
-rw-r--r-- 1 root root 163 2020-01-13 18:57 ./slackware64/a/sysvinit-scripts-2.1-noarch-28.txz.asc -rw-r--r-- 1 root root 163 2020-01-13 18:57 ./slackware64/a/sysvinit-scripts-2.1-noarch-28.txz.asc
-rw-r--r-- 1 root root 1418 2020-02-06 01:37 ./slackware64/a/tagfile -rw-r--r-- 1 root root 1418 2020-02-11 23:40 ./slackware64/a/tagfile
-rw-r--r-- 1 root root 395 2019-02-23 18:03 ./slackware64/a/tar-1.32-x86_64-1.txt -rw-r--r-- 1 root root 395 2019-02-23 18:03 ./slackware64/a/tar-1.32-x86_64-1.txt
-rw-r--r-- 1 root root 844396 2019-02-23 18:03 ./slackware64/a/tar-1.32-x86_64-1.txz -rw-r--r-- 1 root root 844396 2019-02-23 18:03 ./slackware64/a/tar-1.32-x86_64-1.txz
-rw-r--r-- 1 root root 163 2019-02-23 18:03 ./slackware64/a/tar-1.32-x86_64-1.txz.asc -rw-r--r-- 1 root root 163 2019-02-23 18:03 ./slackware64/a/tar-1.32-x86_64-1.txz.asc
@ -1440,7 +1440,7 @@ drwxr-xr-x 2 root root 20480 2020-02-11 04:57 ./slackware64/ap
-rw-r--r-- 1 root root 506 2020-01-07 20:18 ./slackware64/ap/zsh-5.7.1-x86_64-2.txt -rw-r--r-- 1 root root 506 2020-01-07 20:18 ./slackware64/ap/zsh-5.7.1-x86_64-2.txt
-rw-r--r-- 1 root root 3000108 2020-01-07 20:18 ./slackware64/ap/zsh-5.7.1-x86_64-2.txz -rw-r--r-- 1 root root 3000108 2020-01-07 20:18 ./slackware64/ap/zsh-5.7.1-x86_64-2.txz
-rw-r--r-- 1 root root 163 2020-01-07 20:18 ./slackware64/ap/zsh-5.7.1-x86_64-2.txz.asc -rw-r--r-- 1 root root 163 2020-01-07 20:18 ./slackware64/ap/zsh-5.7.1-x86_64-2.txz.asc
drwxr-xr-x 2 root root 20480 2020-02-11 04:57 ./slackware64/d drwxr-xr-x 2 root root 20480 2020-02-12 05:16 ./slackware64/d
-rw-r--r-- 1 root root 360 2019-12-30 00:49 ./slackware64/d/Cython-0.29.14-x86_64-2.txt -rw-r--r-- 1 root root 360 2019-12-30 00:49 ./slackware64/d/Cython-0.29.14-x86_64-2.txt
-rw-r--r-- 1 root root 3295652 2019-12-30 00:49 ./slackware64/d/Cython-0.29.14-x86_64-2.txz -rw-r--r-- 1 root root 3295652 2019-12-30 00:49 ./slackware64/d/Cython-0.29.14-x86_64-2.txz
-rw-r--r-- 1 root root 163 2019-12-30 00:49 ./slackware64/d/Cython-0.29.14-x86_64-2.txz.asc -rw-r--r-- 1 root root 163 2019-12-30 00:49 ./slackware64/d/Cython-0.29.14-x86_64-2.txz.asc
@ -1542,9 +1542,9 @@ drwxr-xr-x 2 root root 20480 2020-02-11 04:57 ./slackware64/d
-rw-r--r-- 1 root root 279 2018-04-13 13:53 ./slackware64/d/intltool-0.51.0-x86_64-4.txt -rw-r--r-- 1 root root 279 2018-04-13 13:53 ./slackware64/d/intltool-0.51.0-x86_64-4.txt
-rw-r--r-- 1 root root 48112 2018-04-13 13:53 ./slackware64/d/intltool-0.51.0-x86_64-4.txz -rw-r--r-- 1 root root 48112 2018-04-13 13:53 ./slackware64/d/intltool-0.51.0-x86_64-4.txz
-rw-r--r-- 1 root root 163 2018-04-13 13:53 ./slackware64/d/intltool-0.51.0-x86_64-4.txz.asc -rw-r--r-- 1 root root 163 2018-04-13 13:53 ./slackware64/d/intltool-0.51.0-x86_64-4.txz.asc
-rw-r--r-- 1 root root 332 2020-02-06 00:56 ./slackware64/d/kernel-headers-5.4.18-x86-1.txt -rw-r--r-- 1 root root 332 2020-02-11 20:21 ./slackware64/d/kernel-headers-5.4.19-x86-1.txt
-rw-r--r-- 1 root root 964080 2020-02-06 00:56 ./slackware64/d/kernel-headers-5.4.18-x86-1.txz -rw-r--r-- 1 root root 964156 2020-02-11 20:21 ./slackware64/d/kernel-headers-5.4.19-x86-1.txz
-rw-r--r-- 1 root root 163 2020-02-06 00:56 ./slackware64/d/kernel-headers-5.4.18-x86-1.txz.asc -rw-r--r-- 1 root root 163 2020-02-11 20:21 ./slackware64/d/kernel-headers-5.4.19-x86-1.txz.asc
-rw-r--r-- 1 root root 498 2019-09-25 19:06 ./slackware64/d/libtool-2.4.6-x86_64-12.txt -rw-r--r-- 1 root root 498 2019-09-25 19:06 ./slackware64/d/libtool-2.4.6-x86_64-12.txt
-rw-r--r-- 1 root root 428440 2019-09-25 19:06 ./slackware64/d/libtool-2.4.6-x86_64-12.txz -rw-r--r-- 1 root root 428440 2019-09-25 19:06 ./slackware64/d/libtool-2.4.6-x86_64-12.txz
-rw-r--r-- 1 root root 163 2019-09-25 19:06 ./slackware64/d/libtool-2.4.6-x86_64-12.txz.asc -rw-r--r-- 1 root root 163 2019-09-25 19:06 ./slackware64/d/libtool-2.4.6-x86_64-12.txz.asc
@ -1662,15 +1662,15 @@ drwxr-xr-x 2 root root 4096 2016-04-01 21:41 ./slackware64/f
-rw-r--r-- 1 root root 1075 2018-03-01 07:54 ./slackware64/f/maketag -rw-r--r-- 1 root root 1075 2018-03-01 07:54 ./slackware64/f/maketag
-rw-r--r-- 1 root root 1075 2018-03-01 07:54 ./slackware64/f/maketag.ez -rw-r--r-- 1 root root 1075 2018-03-01 07:54 ./slackware64/f/maketag.ez
-rw-r--r-- 1 root root 32 2018-03-01 07:54 ./slackware64/f/tagfile -rw-r--r-- 1 root root 32 2018-03-01 07:54 ./slackware64/f/tagfile
drwxr-xr-x 2 root root 4096 2020-02-06 02:07 ./slackware64/k drwxr-xr-x 2 root root 4096 2020-02-12 05:16 ./slackware64/k
-rwxr-xr-x 1 root root 2897 2009-06-24 22:06 ./slackware64/k/install-packages -rwxr-xr-x 1 root root 2897 2009-06-24 22:06 ./slackware64/k/install-packages
-rw-r--r-- 1 root root 446 2006-09-18 10:41 ./slackware64/k/install.end -rw-r--r-- 1 root root 446 2006-09-18 10:41 ./slackware64/k/install.end
-rw-r--r-- 1 root root 317 2020-02-06 00:40 ./slackware64/k/kernel-source-5.4.18-noarch-1.txt -rw-r--r-- 1 root root 317 2020-02-11 20:05 ./slackware64/k/kernel-source-5.4.19-noarch-1.txt
-rw-r--r-- 1 root root 109861092 2020-02-06 00:40 ./slackware64/k/kernel-source-5.4.18-noarch-1.txz -rw-r--r-- 1 root root 109877148 2020-02-11 20:05 ./slackware64/k/kernel-source-5.4.19-noarch-1.txz
-rw-r--r-- 1 root root 163 2020-02-06 00:40 ./slackware64/k/kernel-source-5.4.18-noarch-1.txz.asc -rw-r--r-- 1 root root 163 2020-02-11 20:05 ./slackware64/k/kernel-source-5.4.19-noarch-1.txz.asc
-rw-r--r-- 1 root root 1170 2020-02-06 01:37 ./slackware64/k/maketag -rw-r--r-- 1 root root 1170 2020-02-11 23:41 ./slackware64/k/maketag
-rw-r--r-- 1 root root 1170 2020-02-06 01:37 ./slackware64/k/maketag.ez -rw-r--r-- 1 root root 1170 2020-02-11 23:41 ./slackware64/k/maketag.ez
-rw-r--r-- 1 root root 18 2020-02-06 01:37 ./slackware64/k/tagfile -rw-r--r-- 1 root root 18 2020-02-11 23:41 ./slackware64/k/tagfile
drwxr-xr-x 2 root root 45056 2020-02-07 22:39 ./slackware64/kde drwxr-xr-x 2 root root 45056 2020-02-07 22:39 ./slackware64/kde
-rw-r--r-- 1 root root 319 2018-06-02 22:05 ./slackware64/kde/amarok-2.9.0-x86_64-3.txt -rw-r--r-- 1 root root 319 2018-06-02 22:05 ./slackware64/kde/amarok-2.9.0-x86_64-3.txt
-rw-r--r-- 1 root root 47003780 2018-06-02 22:05 ./slackware64/kde/amarok-2.9.0-x86_64-3.txz -rw-r--r-- 1 root root 47003780 2018-06-02 22:05 ./slackware64/kde/amarok-2.9.0-x86_64-3.txz
@ -4827,7 +4827,7 @@ drwxr-xr-x 2 root root 65536 2020-02-03 20:54 ./slackware64/x
-rw-r--r-- 1 root root 213 2018-04-13 06:10 ./slackware64/x/xwud-1.0.5-x86_64-2.txt -rw-r--r-- 1 root root 213 2018-04-13 06:10 ./slackware64/x/xwud-1.0.5-x86_64-2.txt
-rw-r--r-- 1 root root 25288 2018-04-13 06:10 ./slackware64/x/xwud-1.0.5-x86_64-2.txz -rw-r--r-- 1 root root 25288 2018-04-13 06:10 ./slackware64/x/xwud-1.0.5-x86_64-2.txz
-rw-r--r-- 1 root root 163 2018-04-13 06:10 ./slackware64/x/xwud-1.0.5-x86_64-2.txz.asc -rw-r--r-- 1 root root 163 2018-04-13 06:10 ./slackware64/x/xwud-1.0.5-x86_64-2.txz.asc
drwxr-xr-x 2 root root 12288 2020-02-11 04:57 ./slackware64/xap drwxr-xr-x 2 root root 12288 2020-02-12 05:16 ./slackware64/xap
-rw-r--r-- 1 root root 625 2020-01-03 18:37 ./slackware64/xap/MPlayer-20200103-x86_64-1.txt -rw-r--r-- 1 root root 625 2020-01-03 18:37 ./slackware64/xap/MPlayer-20200103-x86_64-1.txt
-rw-r--r-- 1 root root 2730320 2020-01-03 18:37 ./slackware64/xap/MPlayer-20200103-x86_64-1.txz -rw-r--r-- 1 root root 2730320 2020-01-03 18:37 ./slackware64/xap/MPlayer-20200103-x86_64-1.txz
-rw-r--r-- 1 root root 163 2020-01-03 18:37 ./slackware64/xap/MPlayer-20200103-x86_64-1.txz.asc -rw-r--r-- 1 root root 163 2020-01-03 18:37 ./slackware64/xap/MPlayer-20200103-x86_64-1.txz.asc
@ -4898,9 +4898,9 @@ drwxr-xr-x 2 root root 12288 2020-02-11 04:57 ./slackware64/xap
-rw-r--r-- 1 root root 483 2020-02-10 19:25 ./slackware64/xap/mozilla-firefox-68.5.0esr-x86_64-1.txt -rw-r--r-- 1 root root 483 2020-02-10 19:25 ./slackware64/xap/mozilla-firefox-68.5.0esr-x86_64-1.txt
-rw-r--r-- 1 root root 51623736 2020-02-10 19:25 ./slackware64/xap/mozilla-firefox-68.5.0esr-x86_64-1.txz -rw-r--r-- 1 root root 51623736 2020-02-10 19:25 ./slackware64/xap/mozilla-firefox-68.5.0esr-x86_64-1.txz
-rw-r--r-- 1 root root 163 2020-02-10 19:25 ./slackware64/xap/mozilla-firefox-68.5.0esr-x86_64-1.txz.asc -rw-r--r-- 1 root root 163 2020-02-10 19:25 ./slackware64/xap/mozilla-firefox-68.5.0esr-x86_64-1.txz.asc
-rw-r--r-- 1 root root 663 2020-01-24 20:04 ./slackware64/xap/mozilla-thunderbird-68.4.2-x86_64-1.txt -rw-r--r-- 1 root root 663 2020-02-11 21:31 ./slackware64/xap/mozilla-thunderbird-68.5.0-x86_64-1.txt
-rw-r--r-- 1 root root 48987048 2020-01-24 20:04 ./slackware64/xap/mozilla-thunderbird-68.4.2-x86_64-1.txz -rw-r--r-- 1 root root 48904560 2020-02-11 21:31 ./slackware64/xap/mozilla-thunderbird-68.5.0-x86_64-1.txz
-rw-r--r-- 1 root root 163 2020-01-24 20:04 ./slackware64/xap/mozilla-thunderbird-68.4.2-x86_64-1.txz.asc -rw-r--r-- 1 root root 163 2020-02-11 21:31 ./slackware64/xap/mozilla-thunderbird-68.5.0-x86_64-1.txz.asc
-rw-r--r-- 1 root root 359 2019-10-09 16:46 ./slackware64/xap/network-manager-applet-1.8.24-x86_64-1.txt -rw-r--r-- 1 root root 359 2019-10-09 16:46 ./slackware64/xap/network-manager-applet-1.8.24-x86_64-1.txt
-rw-r--r-- 1 root root 1055396 2019-10-09 16:46 ./slackware64/xap/network-manager-applet-1.8.24-x86_64-1.txz -rw-r--r-- 1 root root 1055396 2019-10-09 16:46 ./slackware64/xap/network-manager-applet-1.8.24-x86_64-1.txz
-rw-r--r-- 1 root root 163 2019-10-09 16:46 ./slackware64/xap/network-manager-applet-1.8.24-x86_64-1.txz.asc -rw-r--r-- 1 root root 163 2019-10-09 16:46 ./slackware64/xap/network-manager-applet-1.8.24-x86_64-1.txz.asc
@ -5064,11 +5064,11 @@ drwxr-xr-x 2 root root 4096 2019-02-17 23:51 ./slackware64/y
-rw-r--r-- 1 root root 1147 2018-03-01 07:55 ./slackware64/y/maketag -rw-r--r-- 1 root root 1147 2018-03-01 07:55 ./slackware64/y/maketag
-rw-r--r-- 1 root root 1147 2018-03-01 07:55 ./slackware64/y/maketag.ez -rw-r--r-- 1 root root 1147 2018-03-01 07:55 ./slackware64/y/maketag.ez
-rw-r--r-- 1 root root 14 2018-03-01 07:55 ./slackware64/y/tagfile -rw-r--r-- 1 root root 14 2018-03-01 07:55 ./slackware64/y/tagfile
drwxr-xr-x 19 root root 4096 2020-02-11 05:02 ./source drwxr-xr-x 19 root root 4096 2020-02-12 05:20 ./source
-rw-r--r-- 1 root root 480661 2020-02-11 05:02 ./source/CHECKSUMS.md5 -rw-r--r-- 1 root root 480661 2020-02-12 05:20 ./source/CHECKSUMS.md5
-rw-r--r-- 1 root root 163 2020-02-11 05:02 ./source/CHECKSUMS.md5.asc -rw-r--r-- 1 root root 163 2020-02-12 05:20 ./source/CHECKSUMS.md5.asc
-rw-r--r-- 1 root root 677439 2020-02-11 05:01 ./source/FILE_LIST -rw-r--r-- 1 root root 677439 2020-02-12 05:20 ./source/FILE_LIST
-rw-r--r-- 1 root root 18362210 2020-02-11 05:01 ./source/MANIFEST.bz2 -rw-r--r-- 1 root root 18351372 2020-02-12 05:20 ./source/MANIFEST.bz2
-rw-r--r-- 1 root root 1314 2006-10-02 04:40 ./source/README.TXT -rw-r--r-- 1 root root 1314 2006-10-02 04:40 ./source/README.TXT
drwxr-xr-x 112 root root 4096 2020-02-06 23:25 ./source/a drwxr-xr-x 112 root root 4096 2020-02-06 23:25 ./source/a
-rw-r--r-- 1 root root 1034 2019-05-04 17:56 ./source/a/FTBFSlog -rw-r--r-- 1 root root 1034 2019-05-04 17:56 ./source/a/FTBFSlog
@ -5593,8 +5593,8 @@ drwxr-xr-x 2 root root 4096 2019-09-29 23:48 ./source/a/lrzip
-rw-r--r-- 1 root root 422744 2016-10-21 00:46 ./source/a/lrzip/lrzip-0.631.tar.xz -rw-r--r-- 1 root root 422744 2016-10-21 00:46 ./source/a/lrzip/lrzip-0.631.tar.xz
-rwxr-xr-x 1 root root 4477 2019-09-29 23:48 ./source/a/lrzip/lrzip.SlackBuild -rwxr-xr-x 1 root root 4477 2019-09-29 23:48 ./source/a/lrzip/lrzip.SlackBuild
-rw-r--r-- 1 root root 898 2018-02-27 06:13 ./source/a/lrzip/slack-desc -rw-r--r-- 1 root root 898 2018-02-27 06:13 ./source/a/lrzip/slack-desc
drwxr-xr-x 2 root root 4096 2019-12-02 20:41 ./source/a/lvm2 drwxr-xr-x 2 root root 4096 2020-02-11 19:39 ./source/a/lvm2
-rw-r--r-- 1 root root 1645274 2019-11-30 13:57 ./source/a/lvm2/LVM2.2.03.07.tar.lz -rw-r--r-- 1 root root 1648615 2020-02-11 10:00 ./source/a/lvm2/LVM2.2.03.08.tar.lz
-rw-r--r-- 1 root root 302 2014-12-09 04:47 ./source/a/lvm2/create-dm-run-dir.diff.gz -rw-r--r-- 1 root root 302 2014-12-09 04:47 ./source/a/lvm2/create-dm-run-dir.diff.gz
-rw-r--r-- 1 root root 271 2008-10-06 12:21 ./source/a/lvm2/doinst.sh.gz -rw-r--r-- 1 root root 271 2008-10-06 12:21 ./source/a/lvm2/doinst.sh.gz
-rw-r--r-- 1 root root 31 2019-11-02 17:11 ./source/a/lvm2/lvm.url -rw-r--r-- 1 root root 31 2019-11-02 17:11 ./source/a/lvm2/lvm.url
@ -5850,7 +5850,7 @@ drwxr-xr-x 2 root root 4096 2020-01-27 19:30 ./source/a/shadow/pam.d
-rw-r--r-- 1 root root 1611196 2020-01-24 21:43 ./source/a/shadow/shadow-4.8.1.tar.xz -rw-r--r-- 1 root root 1611196 2020-01-24 21:43 ./source/a/shadow/shadow-4.8.1.tar.xz
-rw-r--r-- 1 root root 488 2020-01-24 21:45 ./source/a/shadow/shadow-4.8.1.tar.xz.asc -rw-r--r-- 1 root root 488 2020-01-24 21:45 ./source/a/shadow/shadow-4.8.1.tar.xz.asc
-rw-r--r-- 1 root root 734 2013-12-14 21:05 ./source/a/shadow/shadow.CVE-2005-4890.relax.diff.gz -rw-r--r-- 1 root root 734 2013-12-14 21:05 ./source/a/shadow/shadow.CVE-2005-4890.relax.diff.gz
-rwxr-xr-x 1 root root 7609 2020-02-07 07:23 ./source/a/shadow/shadow.SlackBuild -rwxr-xr-x 1 root root 7609 2020-02-12 02:15 ./source/a/shadow/shadow.SlackBuild
-rw-r--r-- 1 root root 522 2020-02-06 23:30 ./source/a/shadow/shadow.login.display.short.hostname.diff.gz -rw-r--r-- 1 root root 522 2020-02-06 23:30 ./source/a/shadow/shadow.login.display.short.hostname.diff.gz
-rw-r--r-- 1 root root 39 2019-06-17 02:57 ./source/a/shadow/shadow.url -rw-r--r-- 1 root root 39 2019-06-17 02:57 ./source/a/shadow/shadow.url
-rw-r--r-- 1 root root 876 2018-11-09 20:31 ./source/a/shadow/slack-desc -rw-r--r-- 1 root root 876 2018-11-09 20:31 ./source/a/shadow/slack-desc
@ -7056,21 +7056,21 @@ drwxr-xr-x 2 root root 4096 2020-02-07 21:59 ./source/installer/sources/n
-rw-r--r-- 1 root root 1520160 2020-02-07 10:24 ./source/installer/sources/nano/nano-4.8.tar.xz -rw-r--r-- 1 root root 1520160 2020-02-07 10:24 ./source/installer/sources/nano/nano-4.8.tar.xz
-rw-r--r-- 1 root root 833 2020-02-07 10:24 ./source/installer/sources/nano/nano-4.8.tar.xz.sig -rw-r--r-- 1 root root 833 2020-02-07 10:24 ./source/installer/sources/nano/nano-4.8.tar.xz.sig
-rw-r--r-- 1 root root 16894 2012-09-03 20:53 ./source/installer/usbimg2disk.sh -rw-r--r-- 1 root root 16894 2012-09-03 20:53 ./source/installer/usbimg2disk.sh
drwxr-xr-x 4 root root 4096 2020-02-05 22:08 ./source/k drwxr-xr-x 4 root root 4096 2020-02-11 18:00 ./source/k
-rwxr-xr-x 1 root root 7861 2019-12-27 22:39 ./source/k/build-all-kernels.sh -rwxr-xr-x 1 root root 7861 2019-12-27 22:39 ./source/k/build-all-kernels.sh
drwxr-xr-x 2 root root 4096 2020-02-05 22:36 ./source/k/kernel-configs drwxr-xr-x 2 root root 4096 2020-02-11 17:59 ./source/k/kernel-configs
-rw-r--r-- 1 root root 197548 2020-02-05 22:34 ./source/k/kernel-configs/config-generic-5.4.18 -rw-r--r-- 1 root root 197559 2020-02-11 17:57 ./source/k/kernel-configs/config-generic-5.4.19
-rw-r--r-- 1 root root 199120 2020-02-05 22:36 ./source/k/kernel-configs/config-generic-5.4.18.x64 -rw-r--r-- 1 root root 199131 2020-02-11 17:59 ./source/k/kernel-configs/config-generic-5.4.19.x64
-rw-r--r-- 1 root root 199225 2020-02-05 22:33 ./source/k/kernel-configs/config-generic-smp-5.4.18-smp -rw-r--r-- 1 root root 199236 2020-02-11 17:56 ./source/k/kernel-configs/config-generic-smp-5.4.19-smp
-rw-r--r-- 1 root root 197548 2020-02-05 22:34 ./source/k/kernel-configs/config-huge-5.4.18 -rw-r--r-- 1 root root 197559 2020-02-11 17:57 ./source/k/kernel-configs/config-huge-5.4.19
-rw-r--r-- 1 root root 199120 2020-02-05 22:36 ./source/k/kernel-configs/config-huge-5.4.18.x64 -rw-r--r-- 1 root root 199131 2020-02-11 17:59 ./source/k/kernel-configs/config-huge-5.4.19.x64
-rw-r--r-- 1 root root 199225 2020-02-05 22:34 ./source/k/kernel-configs/config-huge-smp-5.4.18-smp -rw-r--r-- 1 root root 199236 2020-02-11 17:57 ./source/k/kernel-configs/config-huge-smp-5.4.19-smp
-rwxr-xr-x 1 root root 7416 2019-11-15 20:12 ./source/k/kernel-generic.SlackBuild -rwxr-xr-x 1 root root 7416 2019-11-15 20:12 ./source/k/kernel-generic.SlackBuild
-rwxr-xr-x 1 root root 3779 2019-09-29 23:48 ./source/k/kernel-headers.SlackBuild -rwxr-xr-x 1 root root 3779 2019-09-29 23:48 ./source/k/kernel-headers.SlackBuild
-rwxr-xr-x 1 root root 5979 2019-11-15 20:12 ./source/k/kernel-modules.SlackBuild -rwxr-xr-x 1 root root 5979 2019-11-15 20:12 ./source/k/kernel-modules.SlackBuild
-rwxr-xr-x 1 root root 7952 2019-11-15 18:40 ./source/k/kernel-source.SlackBuild -rwxr-xr-x 1 root root 7952 2019-11-15 18:40 ./source/k/kernel-source.SlackBuild
-rw-r--r-- 1 root root 989 2020-02-05 21:27 ./source/k/linux-5.4.18.tar.sign -rw-r--r-- 1 root root 989 2020-02-11 12:42 ./source/k/linux-5.4.19.tar.sign
-rw-r--r-- 1 root root 109470980 2020-02-05 21:27 ./source/k/linux-5.4.18.tar.xz -rw-r--r-- 1 root root 109480508 2020-02-11 12:42 ./source/k/linux-5.4.19.tar.xz
drwxr-xr-x 2 root root 4096 2018-03-05 18:29 ./source/k/slack-desc drwxr-xr-x 2 root root 4096 2018-03-05 18:29 ./source/k/slack-desc
-rw-r--r-- 1 root root 1138 2018-02-27 06:16 ./source/k/slack-desc/slack-desc.kernel-generic-smp.i686 -rw-r--r-- 1 root root 1138 2018-02-27 06:16 ./source/k/slack-desc/slack-desc.kernel-generic-smp.i686
-rw-r--r-- 1 root root 1041 2018-02-27 06:16 ./source/k/slack-desc/slack-desc.kernel-generic.i586 -rw-r--r-- 1 root root 1041 2018-02-27 06:16 ./source/k/slack-desc/slack-desc.kernel-generic.i586
@ -10433,7 +10433,7 @@ drwxr-xr-x 2 root root 4096 2020-02-08 19:19 ./source/n/libgpg-error
drwxr-xr-x 2 root root 4096 2019-09-29 23:48 ./source/n/libksba drwxr-xr-x 2 root root 4096 2019-09-29 23:48 ./source/n/libksba
-rw-r--r-- 1 root root 620649 2016-08-22 09:57 ./source/n/libksba/libksba-1.3.5.tar.bz2 -rw-r--r-- 1 root root 620649 2016-08-22 09:57 ./source/n/libksba/libksba-1.3.5.tar.bz2
-rw-r--r-- 1 root root 287 2016-08-22 09:58 ./source/n/libksba/libksba-1.3.5.tar.bz2.sig -rw-r--r-- 1 root root 287 2016-08-22 09:58 ./source/n/libksba/libksba-1.3.5.tar.bz2.sig
-rwxr-xr-x 1 root root 3964 2019-09-29 23:48 ./source/n/libksba/libksba.SlackBuild -rwxr-xr-x 1 root root 3963 2020-02-11 19:13 ./source/n/libksba/libksba.SlackBuild
-rw-r--r-- 1 root root 787 2018-02-27 06:13 ./source/n/libksba/slack-desc -rw-r--r-- 1 root root 787 2018-02-27 06:13 ./source/n/libksba/slack-desc
drwxr-xr-x 2 root root 4096 2020-01-16 17:45 ./source/n/libmbim drwxr-xr-x 2 root root 4096 2020-01-16 17:45 ./source/n/libmbim
-rw-r--r-- 1 root root 491708 2020-01-15 16:31 ./source/n/libmbim/libmbim-1.22.0.tar.xz -rw-r--r-- 1 root root 491708 2020-01-15 16:31 ./source/n/libmbim/libmbim-1.22.0.tar.xz
@ -12712,7 +12712,7 @@ drwxr-xr-x 2 root root 4096 2019-08-20 18:07 ./source/xap/mozilla-firefox/
-rw-r--r-- 1 root root 2748 2017-12-04 21:30 ./source/xap/mozilla-firefox/mozilla-firefox.desktop -rw-r--r-- 1 root root 2748 2017-12-04 21:30 ./source/xap/mozilla-firefox/mozilla-firefox.desktop
-rw-r--r-- 1 root root 946 2018-11-03 19:51 ./source/xap/mozilla-firefox/slack-desc -rw-r--r-- 1 root root 946 2018-11-03 19:51 ./source/xap/mozilla-firefox/slack-desc
-rw-r--r-- 1 root root 456 2019-07-08 18:54 ./source/xap/mozilla-firefox/unbreakdocs.diff.gz -rw-r--r-- 1 root root 456 2019-07-08 18:54 ./source/xap/mozilla-firefox/unbreakdocs.diff.gz
drwxr-xr-x 5 root root 4096 2020-01-24 21:24 ./source/xap/mozilla-thunderbird drwxr-xr-x 5 root root 4096 2020-02-11 22:04 ./source/xap/mozilla-thunderbird
drwxr-xr-x 2 root root 4096 2016-07-03 18:05 ./source/xap/mozilla-thunderbird/autoconf drwxr-xr-x 2 root root 4096 2016-07-03 18:05 ./source/xap/mozilla-thunderbird/autoconf
-rw-r--r-- 1 root root 5869 2016-07-03 18:04 ./source/xap/mozilla-thunderbird/autoconf/autoconf-2.13-consolidated_fixes-1.patch.gz -rw-r--r-- 1 root root 5869 2016-07-03 18:04 ./source/xap/mozilla-thunderbird/autoconf/autoconf-2.13-consolidated_fixes-1.patch.gz
-rw-r--r-- 1 root root 300116 1999-01-15 21:03 ./source/xap/mozilla-thunderbird/autoconf/autoconf-2.13.tar.xz -rw-r--r-- 1 root root 300116 1999-01-15 21:03 ./source/xap/mozilla-thunderbird/autoconf/autoconf-2.13.tar.xz
@ -12740,8 +12740,8 @@ lrwxrwxrwx 1 root root 7 2019-08-28 16:40 ./source/xap/mozilla-thunderb
-rw-r--r-- 1 root root 3378 2005-03-08 05:13 ./source/xap/mozilla-thunderbird/mozilla-thunderbird.desktop -rw-r--r-- 1 root root 3378 2005-03-08 05:13 ./source/xap/mozilla-thunderbird/mozilla-thunderbird.desktop
-rw-r--r-- 1 root root 1130 2018-02-27 06:47 ./source/xap/mozilla-thunderbird/slack-desc -rw-r--r-- 1 root root 1130 2018-02-27 06:47 ./source/xap/mozilla-thunderbird/slack-desc
-rw-r--r-- 1 root root 330 2019-08-27 16:35 ./source/xap/mozilla-thunderbird/tb.ui.scrollToClick.diff.gz -rw-r--r-- 1 root root 330 2019-08-27 16:35 ./source/xap/mozilla-thunderbird/tb.ui.scrollToClick.diff.gz
-rw-r--r-- 1 root root 330801416 2020-01-24 16:20 ./source/xap/mozilla-thunderbird/thunderbird-68.4.2.source.tar.xz -rw-r--r-- 1 root root 331328840 2020-02-11 16:45 ./source/xap/mozilla-thunderbird/thunderbird-68.5.0.source.tar.xz
-rw-r--r-- 1 root root 833 2020-01-24 16:21 ./source/xap/mozilla-thunderbird/thunderbird-68.4.2.source.tar.xz.asc -rw-r--r-- 1 root root 833 2020-02-11 16:45 ./source/xap/mozilla-thunderbird/thunderbird-68.5.0.source.tar.xz.asc
-rw-r--r-- 1 root root 456 2019-07-08 18:54 ./source/xap/mozilla-thunderbird/unbreakdocs.diff.gz -rw-r--r-- 1 root root 456 2019-07-08 18:54 ./source/xap/mozilla-thunderbird/unbreakdocs.diff.gz
drwxr-xr-x 2 root root 4096 2019-10-09 16:45 ./source/xap/network-manager-applet drwxr-xr-x 2 root root 4096 2019-10-09 16:45 ./source/xap/network-manager-applet
-rw-r--r-- 1 root root 207 2012-08-10 23:59 ./source/xap/network-manager-applet/doinst.sh.gz -rw-r--r-- 1 root root 207 2012-08-10 23:59 ./source/xap/network-manager-applet/doinst.sh.gz
@ -13123,67 +13123,164 @@ drwxr-xr-x 2 root root 4096 2019-02-17 22:03 ./source/y/bsd-games/patches
-rw-r--r-- 1 root root 313 2019-02-17 22:07 ./source/y/bsd-games/patches/bsd-games.fortunepath.diff.gz -rw-r--r-- 1 root root 313 2019-02-17 22:07 ./source/y/bsd-games/patches/bsd-games.fortunepath.diff.gz
-rw-r--r-- 1 root root 1960 2006-09-09 00:47 ./source/y/bsd-games/patches/bsd-games.pom.diff.gz -rw-r--r-- 1 root root 1960 2006-09-09 00:47 ./source/y/bsd-games/patches/bsd-games.pom.diff.gz
-rw-r--r-- 1 root root 1065 2019-02-17 22:28 ./source/y/bsd-games/slack-desc -rw-r--r-- 1 root root 1065 2019-02-17 22:28 ./source/y/bsd-games/slack-desc
drwxr-xr-x 4 root root 4096 2020-02-02 07:07 ./testing drwxr-xr-x 4 root root 4096 2020-02-12 05:21 ./testing
-rw-r--r-- 1 root root 4083 2020-02-02 07:07 ./testing/CHECKSUMS.md5 -rw-r--r-- 1 root root 12191 2020-02-12 05:21 ./testing/CHECKSUMS.md5
-rw-r--r-- 1 root root 163 2020-02-02 07:07 ./testing/CHECKSUMS.md5.asc -rw-r--r-- 1 root root 163 2020-02-12 05:21 ./testing/CHECKSUMS.md5.asc
-rw-r--r-- 1 root root 5275 2020-02-02 07:07 ./testing/FILE_LIST -rw-r--r-- 1 root root 15081 2020-02-12 05:21 ./testing/FILE_LIST
-rw-r--r-- 1 root root 289825 2020-02-02 07:07 ./testing/MANIFEST.bz2 -rw-r--r-- 1 root root 114187 2020-02-12 05:21 ./testing/MANIFEST.bz2
-rw-r--r-- 1 root root 2852 2020-02-02 07:07 ./testing/PACKAGES.TXT -rw-r--r-- 1 root root 21133 2020-02-12 05:21 ./testing/PACKAGES.TXT
drwxr-xr-x 2 root root 4096 2020-02-02 07:07 ./testing/packages drwxr-xr-x 3 root root 4096 2020-02-12 00:44 ./testing/packages
-rw-r--r-- 1 root root 442 2020-02-02 06:13 ./testing/packages/binutils-2.34-x86_64-1.txt drwxr-xr-x 2 root root 12288 2020-02-12 05:21 ./testing/packages/PAM
-rw-r--r-- 1 root root 4998792 2020-02-02 06:13 ./testing/packages/binutils-2.34-x86_64-1.txz -rw-r--r-- 1 root root 338 2020-02-10 23:10 ./testing/packages/PAM/ConsoleKit2-1.2.1-x86_64-1_pam.txt
-rw-r--r-- 1 root root 163 2020-02-02 06:13 ./testing/packages/binutils-2.34-x86_64-1.txz.asc -rw-r--r-- 1 root root 194968 2020-02-10 23:10 ./testing/packages/PAM/ConsoleKit2-1.2.1-x86_64-1_pam.txz
-rw-r--r-- 1 root root 313 2020-02-02 06:40 ./testing/packages/glibc-2.31-x86_64-1.txt -rw-r--r-- 1 root root 163 2020-02-10 23:10 ./testing/packages/PAM/ConsoleKit2-1.2.1-x86_64-1_pam.txz.asc
-rw-r--r-- 1 root root 5417220 2020-02-02 06:40 ./testing/packages/glibc-2.31-x86_64-1.txz -rw-r--r-- 1 root root 326 2020-02-10 23:33 ./testing/packages/PAM/at-3.2.1-x86_64-1_pam.txt
-rw-r--r-- 1 root root 163 2020-02-02 06:40 ./testing/packages/glibc-2.31-x86_64-1.txz.asc -rw-r--r-- 1 root root 42132 2020-02-10 23:33 ./testing/packages/PAM/at-3.2.1-x86_64-1_pam.txz
-rw-r--r-- 1 root root 353 2020-02-02 06:40 ./testing/packages/glibc-i18n-2.31-x86_64-1.txt -rw-r--r-- 1 root root 163 2020-02-10 23:33 ./testing/packages/PAM/at-3.2.1-x86_64-1_pam.txz.asc
-rw-r--r-- 1 root root 11966424 2020-02-02 06:40 ./testing/packages/glibc-i18n-2.31-x86_64-1.txz -rw-r--r-- 1 root root 603 2020-02-10 23:33 ./testing/packages/PAM/cifs-utils-6.10-x86_64-2_pam.txt
-rw-r--r-- 1 root root 163 2020-02-02 06:40 ./testing/packages/glibc-i18n-2.31-x86_64-1.txz.asc -rw-r--r-- 1 root root 216188 2020-02-10 23:33 ./testing/packages/PAM/cifs-utils-6.10-x86_64-2_pam.txz
-rw-r--r-- 1 root root 507 2020-02-02 06:39 ./testing/packages/glibc-profile-2.31-x86_64-1.txt -rw-r--r-- 1 root root 163 2020-02-10 23:33 ./testing/packages/PAM/cifs-utils-6.10-x86_64-2_pam.txz.asc
-rw-r--r-- 1 root root 1520864 2020-02-02 06:39 ./testing/packages/glibc-profile-2.31-x86_64-1.txz -rw-r--r-- 1 root root 437 2020-02-10 22:57 ./testing/packages/PAM/cracklib-2.9.7-x86_64-1_pam.txt
-rw-r--r-- 1 root root 163 2020-02-02 06:39 ./testing/packages/glibc-profile-2.31-x86_64-1.txz.asc -rw-r--r-- 1 root root 274732 2020-02-10 22:57 ./testing/packages/PAM/cracklib-2.9.7-x86_64-1_pam.txz
-rw-r--r-- 1 root root 323 2020-02-02 06:40 ./testing/packages/glibc-solibs-2.31-x86_64-1.txt -rw-r--r-- 1 root root 163 2020-02-10 22:57 ./testing/packages/PAM/cracklib-2.9.7-x86_64-1_pam.txz.asc
-rw-r--r-- 1 root root 2754768 2020-02-02 06:40 ./testing/packages/glibc-solibs-2.31-x86_64-1.txz -rw-r--r-- 1 root root 642 2020-02-10 23:07 ./testing/packages/PAM/cups-2.3.1-x86_64-1_pam.txt
-rw-r--r-- 1 root root 163 2020-02-02 06:40 ./testing/packages/glibc-solibs-2.31-x86_64-1.txz.asc -rw-r--r-- 1 root root 1446284 2020-02-10 23:07 ./testing/packages/PAM/cups-2.3.1-x86_64-1_pam.txz
drwxr-xr-x 4 root root 4096 2020-02-02 06:14 ./testing/source -rw-r--r-- 1 root root 163 2020-02-10 23:07 ./testing/packages/PAM/cups-2.3.1-x86_64-1_pam.txz.asc
drwxr-xr-x 3 root root 4096 2020-02-01 18:11 ./testing/source/binutils -rw-r--r-- 1 root root 373 2020-02-10 23:32 ./testing/packages/PAM/cyrus-sasl-2.1.27-x86_64-2_pam.txt
-rw-r--r-- 1 root root 21191174 2020-02-01 12:24 ./testing/source/binutils/binutils-2.34.tar.lz -rw-r--r-- 1 root root 970668 2020-02-10 23:32 ./testing/packages/PAM/cyrus-sasl-2.1.27-x86_64-2_pam.txz
-rw-r--r-- 1 root root 801 2020-02-01 12:24 ./testing/source/binutils/binutils-2.34.tar.lz.sig -rw-r--r-- 1 root root 163 2020-02-10 23:32 ./testing/packages/PAM/cyrus-sasl-2.1.27-x86_64-2_pam.txz.asc
-rwxr-xr-x 1 root root 8697 2019-09-29 23:48 ./testing/source/binutils/binutils.SlackBuild -rw-r--r-- 1 root root 450 2020-02-10 23:16 ./testing/packages/PAM/dovecot-2.3.9.2-x86_64-1_pam.txt
drwxr-xr-x 2 root root 4096 2019-02-02 19:51 ./testing/source/binutils/patches -rw-r--r-- 1 root root 3251216 2020-02-10 23:16 ./testing/packages/PAM/dovecot-2.3.9.2-x86_64-1_pam.txz
-rw-r--r-- 1 root root 362 2016-02-29 16:21 ./testing/source/binutils/patches/binutils-2.20.51.0.10-copy-osabi.patch.gz -rw-r--r-- 1 root root 163 2020-02-10 23:16 ./testing/packages/PAM/dovecot-2.3.9.2-x86_64-1_pam.txz.asc
-rw-r--r-- 1 root root 302 2016-02-29 16:21 ./testing/source/binutils/patches/binutils-2.20.51.0.10-sec-merge-emit.patch.gz -rw-r--r-- 1 root root 454 2020-02-10 23:11 ./testing/packages/PAM/gnome-keyring-3.34.0-x86_64-1_pam.txt
-rw-r--r-- 1 root root 1087 2016-02-29 16:21 ./testing/source/binutils/patches/binutils-2.20.51.0.2-libtool-lib64.patch.gz -rw-r--r-- 1 root root 699444 2020-02-10 23:11 ./testing/packages/PAM/gnome-keyring-3.34.0-x86_64-1_pam.txz
-rw-r--r-- 1 root root 649 2016-02-29 16:21 ./testing/source/binutils/patches/binutils-2.24-ldforcele.patch.gz -rw-r--r-- 1 root root 163 2020-02-10 23:11 ./testing/packages/PAM/gnome-keyring-3.34.0-x86_64-1_pam.txz.asc
-rw-r--r-- 1 root root 436 2016-02-29 16:21 ./testing/source/binutils/patches/binutils-2.25-set-long-long.patch.gz -rw-r--r-- 1 root root 459 2020-02-10 23:08 ./testing/packages/PAM/hplip-3.19.12-x86_64-2_pam.txt
-rw-r--r-- 1 root root 626 2016-02-29 16:21 ./testing/source/binutils/patches/binutils-2.25-version.patch.gz -rw-r--r-- 1 root root 19025756 2020-02-10 23:08 ./testing/packages/PAM/hplip-3.19.12-x86_64-2_pam.txz
-rw-r--r-- 1 root root 729 2016-02-29 16:21 ./testing/source/binutils/patches/binutils-2.25.1-cleansweep.patch.gz -rw-r--r-- 1 root root 163 2020-02-10 23:08 ./testing/packages/PAM/hplip-3.19.12-x86_64-2_pam.txz.asc
-rw-r--r-- 1 root root 579 2019-02-02 20:11 ./testing/source/binutils/patches/binutils.export.demangle.h.diff.gz -rw-r--r-- 1 root root 300 2020-02-10 23:55 ./testing/packages/PAM/kde-workspace-4.11.22-x86_64-6_pam.txt
-rw-r--r-- 1 root root 307 2013-04-02 20:57 ./testing/source/binutils/patches/binutils.no-config-h-check.diff.gz -rw-r--r-- 1 root root 16974196 2020-02-10 23:55 ./testing/packages/PAM/kde-workspace-4.11.22-x86_64-6_pam.txz
-rw-r--r-- 1 root root 898 2018-02-27 06:13 ./testing/source/binutils/slack-desc -rw-r--r-- 1 root root 163 2020-02-10 23:55 ./testing/packages/PAM/kde-workspace-4.11.22-x86_64-6_pam.txz.asc
drwxr-xr-x 4 root root 4096 2020-02-01 18:20 ./testing/source/glibc -rw-r--r-- 1 root root 433 2020-02-10 23:32 ./testing/packages/PAM/libcap-2.31-x86_64-1_pam.txt
-rw-r--r-- 1 root root 6055 2018-08-03 19:23 ./testing/source/glibc/doinst.sh-glibc -rw-r--r-- 1 root root 78316 2020-02-10 23:32 ./testing/packages/PAM/libcap-2.31-x86_64-1_pam.txz
-rw-r--r-- 1 root root 5954 2018-08-03 19:23 ./testing/source/glibc/doinst.sh-glibc-solibs -rw-r--r-- 1 root root 163 2020-02-10 23:32 ./testing/packages/PAM/libcap-2.31-x86_64-1_pam.txz.asc
-rw-r--r-- 1 root root 335 2019-02-01 04:36 ./testing/source/glibc/glibc-2.29.en_US.no.am.pm.date.format.diff.gz -rw-r--r-- 1 root root 594 2020-02-10 23:05 ./testing/packages/PAM/libcgroup-0.41-x86_64-5_pam.txt
-rw-r--r-- 1 root root 16676764 2020-02-01 12:26 ./testing/source/glibc/glibc-2.31.tar.xz -rw-r--r-- 1 root root 122556 2020-02-10 23:05 ./testing/packages/PAM/libcgroup-0.41-x86_64-5_pam.txz
-rw-r--r-- 1 root root 488 2020-02-01 12:26 ./testing/source/glibc/glibc-2.31.tar.xz.sig -rw-r--r-- 1 root root 163 2020-02-10 23:05 ./testing/packages/PAM/libcgroup-0.41-x86_64-5_pam.txz.asc
-rw-r--r-- 1 root root 2617 2016-08-08 14:05 ./testing/source/glibc/glibc-c-utf8-locale.patch.gz -rw-r--r-- 1 root root 494 2020-02-10 23:00 ./testing/packages/PAM/libpwquality-1.4.2-x86_64-1_pam.txt
-rwxr-xr-x 1 root root 174 2004-08-09 06:21 ./testing/source/glibc/glibc-cvs-checkout.sh -rw-r--r-- 1 root root 81816 2020-02-10 23:00 ./testing/packages/PAM/libpwquality-1.4.2-x86_64-1_pam.txz
-rwxr-xr-x 1 root root 15786 2020-02-02 06:42 ./testing/source/glibc/glibc.SlackBuild -rw-r--r-- 1 root root 163 2020-02-10 23:00 ./testing/packages/PAM/libpwquality-1.4.2-x86_64-1_pam.txz.asc
-rw-r--r-- 1 root root 312 2019-02-16 20:06 ./testing/source/glibc/glibc.locale.no-archive.diff.gz -rw-r--r-- 1 root root 369 2020-02-10 23:45 ./testing/packages/PAM/mariadb-10.4.12-x86_64-1_pam.txt
-rw-r--r-- 1 root root 213 2006-08-22 06:33 ./testing/source/glibc/glibc.ru_RU.CP1251.diff.gz -rw-r--r-- 1 root root 33277312 2020-02-10 23:45 ./testing/packages/PAM/mariadb-10.4.12-x86_64-1_pam.txz
drwxr-xr-x 2 root root 4096 2020-02-01 18:25 ./testing/source/glibc/patches -rw-r--r-- 1 root root 163 2020-02-10 23:45 ./testing/packages/PAM/mariadb-10.4.12-x86_64-1_pam.txz.asc
drwxr-xr-x 2 root root 4096 2006-09-14 06:32 ./testing/source/glibc/profile.d -rw-r--r-- 1 root root 580 2020-02-10 23:17 ./testing/packages/PAM/netatalk-3.1.12-x86_64-2_pam.txt
-rwxr-xr-x 1 root root 328 2011-03-27 21:19 ./testing/source/glibc/profile.d/glibc.csh.new -rw-r--r-- 1 root root 505036 2020-02-10 23:17 ./testing/packages/PAM/netatalk-3.1.12-x86_64-2_pam.txz
-rwxr-xr-x 1 root root 325 2006-09-14 08:26 ./testing/source/glibc/profile.d/glibc.sh.new -rw-r--r-- 1 root root 163 2020-02-10 23:17 ./testing/packages/PAM/netatalk-3.1.12-x86_64-2_pam.txz.asc
-rw-r--r-- 1 root root 766 2019-02-21 18:35 ./testing/source/glibc/slack-desc.glibc -rw-r--r-- 1 root root 420 2020-02-10 23:33 ./testing/packages/PAM/netkit-rsh-0.17-x86_64-2_pam.txt
-rw-r--r-- 1 root root 1132 2018-02-27 06:12 ./testing/source/glibc/slack-desc.glibc-debug -rw-r--r-- 1 root root 43272 2020-02-10 23:33 ./testing/packages/PAM/netkit-rsh-0.17-x86_64-2_pam.txz
-rw-r--r-- 1 root root 811 2018-02-27 06:12 ./testing/source/glibc/slack-desc.glibc-i18n -rw-r--r-- 1 root root 163 2020-02-10 23:33 ./testing/packages/PAM/netkit-rsh-0.17-x86_64-2_pam.txz.asc
-rw-r--r-- 1 root root 968 2018-02-27 06:12 ./testing/source/glibc/slack-desc.glibc-profile -rw-r--r-- 1 root root 672 2020-02-10 23:18 ./testing/packages/PAM/openssh-8.1p1-x86_64-1_pam.txt
-rw-r--r-- 1 root root 783 2018-02-27 06:12 ./testing/source/glibc/slack-desc.glibc-solibs -rw-r--r-- 1 root root 807744 2020-02-10 23:18 ./testing/packages/PAM/openssh-8.1p1-x86_64-1_pam.txz
drwxr-xr-x 2 root root 4096 2020-02-06 01:58 ./usb-and-pxe-installers -rw-r--r-- 1 root root 163 2020-02-10 23:18 ./testing/packages/PAM/openssh-8.1p1-x86_64-1_pam.txz.asc
-rw-r--r-- 1 root root 430 2020-02-10 23:19 ./testing/packages/PAM/openvpn-2.4.8-x86_64-1_pam.txt
-rw-r--r-- 1 root root 458820 2020-02-10 23:19 ./testing/packages/PAM/openvpn-2.4.8-x86_64-1_pam.txz
-rw-r--r-- 1 root root 163 2020-02-10 23:19 ./testing/packages/PAM/openvpn-2.4.8-x86_64-1_pam.txz.asc
-rw-r--r-- 1 root root 422 2020-02-10 23:00 ./testing/packages/PAM/pam-1.3.1-x86_64-1_pam.txt
-rw-r--r-- 1 root root 472820 2020-02-10 23:00 ./testing/packages/PAM/pam-1.3.1-x86_64-1_pam.txz
-rw-r--r-- 1 root root 163 2020-02-10 23:00 ./testing/packages/PAM/pam-1.3.1-x86_64-1_pam.txz.asc
-rw-r--r-- 1 root root 450 2020-02-10 23:12 ./testing/packages/PAM/polkit-0.116-x86_64-1_pam.txt
-rw-r--r-- 1 root root 403260 2020-02-10 23:12 ./testing/packages/PAM/polkit-0.116-x86_64-1_pam.txz
-rw-r--r-- 1 root root 163 2020-02-10 23:12 ./testing/packages/PAM/polkit-0.116-x86_64-1_pam.txz.asc
-rw-r--r-- 1 root root 543 2020-02-10 23:19 ./testing/packages/PAM/popa3d-1.0.3-x86_64-3_pam.txt
-rw-r--r-- 1 root root 21196 2020-02-10 23:19 ./testing/packages/PAM/popa3d-1.0.3-x86_64-3_pam.txz
-rw-r--r-- 1 root root 163 2020-02-10 23:19 ./testing/packages/PAM/popa3d-1.0.3-x86_64-3_pam.txz.asc
-rw-r--r-- 1 root root 449 2020-02-10 23:20 ./testing/packages/PAM/ppp-2.4.7-x86_64-3_pam.txt
-rw-r--r-- 1 root root 391744 2020-02-10 23:20 ./testing/packages/PAM/ppp-2.4.7-x86_64-3_pam.txz
-rw-r--r-- 1 root root 163 2020-02-10 23:20 ./testing/packages/PAM/ppp-2.4.7-x86_64-3_pam.txz.asc
-rw-r--r-- 1 root root 371 2020-02-10 23:21 ./testing/packages/PAM/proftpd-1.3.6b-x86_64-1_pam.txt
-rw-r--r-- 1 root root 1356028 2020-02-10 23:21 ./testing/packages/PAM/proftpd-1.3.6b-x86_64-1_pam.txz
-rw-r--r-- 1 root root 163 2020-02-10 23:21 ./testing/packages/PAM/proftpd-1.3.6b-x86_64-1_pam.txz.asc
-rw-r--r-- 1 root root 507 2020-02-10 23:31 ./testing/packages/PAM/samba-4.11.6-x86_64-1_pam.txt
-rw-r--r-- 1 root root 12118132 2020-02-10 23:31 ./testing/packages/PAM/samba-4.11.6-x86_64-1_pam.txz
-rw-r--r-- 1 root root 163 2020-02-10 23:31 ./testing/packages/PAM/samba-4.11.6-x86_64-1_pam.txz.asc
-rw-r--r-- 1 root root 653 2020-02-10 23:09 ./testing/packages/PAM/screen-4.8.0-x86_64-1_pam.txt
-rw-r--r-- 1 root root 548028 2020-02-10 23:09 ./testing/packages/PAM/screen-4.8.0-x86_64-1_pam.txz
-rw-r--r-- 1 root root 163 2020-02-10 23:09 ./testing/packages/PAM/screen-4.8.0-x86_64-1_pam.txz.asc
-rw-r--r-- 1 root root 422 2020-02-12 02:30 ./testing/packages/PAM/shadow-4.8.1-x86_64-2_pam.txt
-rw-r--r-- 1 root root 1373800 2020-02-12 02:30 ./testing/packages/PAM/shadow-4.8.1-x86_64-2_pam.txz
-rw-r--r-- 1 root root 163 2020-02-12 02:30 ./testing/packages/PAM/shadow-4.8.1-x86_64-2_pam.txz.asc
-rw-r--r-- 1 root root 442 2020-02-10 23:10 ./testing/packages/PAM/sudo-1.8.31-x86_64-1_pam.txt
-rw-r--r-- 1 root root 774928 2020-02-10 23:10 ./testing/packages/PAM/sudo-1.8.31-x86_64-1_pam.txz
-rw-r--r-- 1 root root 163 2020-02-10 23:10 ./testing/packages/PAM/sudo-1.8.31-x86_64-1_pam.txz.asc
-rw-r--r-- 1 root root 736 2020-02-10 23:12 ./testing/packages/PAM/system-config-printer-1.5.12-x86_64-2_pam.txt
-rw-r--r-- 1 root root 972328 2020-02-10 23:12 ./testing/packages/PAM/system-config-printer-1.5.12-x86_64-2_pam.txz
-rw-r--r-- 1 root root 163 2020-02-10 23:12 ./testing/packages/PAM/system-config-printer-1.5.12-x86_64-2_pam.txz.asc
-rw-r--r-- 1 root root 354 2020-02-10 23:04 ./testing/packages/PAM/util-linux-2.35.1-x86_64-1_pam.txt
-rw-r--r-- 1 root root 2651216 2020-02-10 23:04 ./testing/packages/PAM/util-linux-2.35.1-x86_64-1_pam.txz
-rw-r--r-- 1 root root 163 2020-02-10 23:04 ./testing/packages/PAM/util-linux-2.35.1-x86_64-1_pam.txz.asc
-rw-r--r-- 1 root root 511 2020-02-10 23:31 ./testing/packages/PAM/vsftpd-3.0.3-x86_64-5_pam.txt
-rw-r--r-- 1 root root 127196 2020-02-10 23:31 ./testing/packages/PAM/vsftpd-3.0.3-x86_64-5_pam.txz
-rw-r--r-- 1 root root 163 2020-02-10 23:31 ./testing/packages/PAM/vsftpd-3.0.3-x86_64-5_pam.txz.asc
-rw-r--r-- 1 root root 253 2020-02-10 23:31 ./testing/packages/PAM/xdm-1.1.11-x86_64-9_pam.txt
-rw-r--r-- 1 root root 117976 2020-02-10 23:31 ./testing/packages/PAM/xdm-1.1.11-x86_64-9_pam.txz
-rw-r--r-- 1 root root 163 2020-02-10 23:31 ./testing/packages/PAM/xdm-1.1.11-x86_64-9_pam.txz.asc
-rw-r--r-- 1 root root 508 2020-02-10 23:46 ./testing/packages/PAM/xlockmore-5.62-x86_64-1_pam.txt
-rw-r--r-- 1 root root 1235304 2020-02-10 23:46 ./testing/packages/PAM/xlockmore-5.62-x86_64-1_pam.txz
-rw-r--r-- 1 root root 163 2020-02-10 23:46 ./testing/packages/PAM/xlockmore-5.62-x86_64-1_pam.txz.asc
-rw-r--r-- 1 root root 463 2020-02-10 23:48 ./testing/packages/PAM/xscreensaver-5.43-x86_64-1_pam.txt
-rw-r--r-- 1 root root 6509296 2020-02-10 23:48 ./testing/packages/PAM/xscreensaver-5.43-x86_64-1_pam.txz
-rw-r--r-- 1 root root 163 2020-02-10 23:48 ./testing/packages/PAM/xscreensaver-5.43-x86_64-1_pam.txz.asc
drwxr-xr-x 3 root root 4096 2020-02-12 00:43 ./testing/source
drwxr-xr-x 3 root root 4096 2020-02-08 04:38 ./testing/source/PAM
drwxr-xr-x 5 root root 4096 2020-02-10 20:28 ./testing/source/PAM/a
drwxr-xr-x 2 root root 4096 2020-02-06 19:48 ./testing/source/PAM/a/cracklib
-rw-r--r-- 1 root root 452693 2019-03-03 17:53 ./testing/source/PAM/a/cracklib/cracklib-2.9.7.tar.lz
-rwxr-xr-x 1 root root 4735 2020-02-06 19:47 ./testing/source/PAM/a/cracklib/cracklib.SlackBuild
-rw-r--r-- 1 root root 37 2020-02-06 19:11 ./testing/source/PAM/a/cracklib/cracklib.url
-rw-r--r-- 1 root root 893 2020-02-10 20:28 ./testing/source/PAM/a/cracklib/slack-desc
drwxr-xr-x 2 root root 4096 2020-02-10 20:28 ./testing/source/PAM/a/libpwquality
-rw-r--r-- 1 root root 273 2020-02-09 19:35 ./testing/source/PAM/a/libpwquality/doinst.sh.gz
-rw-r--r-- 1 root root 355266 2019-10-31 12:32 ./testing/source/PAM/a/libpwquality/libpwquality-1.4.2.tar.lz
-rwxr-xr-x 1 root root 4541 2020-02-10 18:49 ./testing/source/PAM/a/libpwquality/libpwquality.SlackBuild
-rw-r--r-- 1 root root 45 2020-02-09 19:24 ./testing/source/PAM/a/libpwquality/libpwquality.url
-rw-r--r-- 1 root root 954 2020-02-09 19:28 ./testing/source/PAM/a/libpwquality/slack-desc
drwxr-xr-x 4 root root 4096 2020-01-02 20:41 ./testing/source/PAM/a/pam
-rw-r--r-- 1 root root 907248 2018-05-18 11:53 ./testing/source/PAM/a/pam/Linux-PAM-1.3.1.tar.lz
-rw-r--r-- 1 root root 252 2014-07-26 06:55 ./testing/source/PAM/a/pam/doinst.sh.gz
drwxr-xr-x 2 root root 4096 2019-07-16 18:13 ./testing/source/PAM/a/pam/fedora-patches
-rw-r--r-- 1 root root 487 2019-02-02 06:05 ./testing/source/PAM/a/pam/fedora-patches/pam-1.1.3-nouserenv.patch.gz
-rw-r--r-- 1 root root 534 2019-02-02 06:05 ./testing/source/PAM/a/pam/fedora-patches/pam-1.1.6-limits-user.patch.gz
-rw-r--r-- 1 root root 541 2019-02-02 06:05 ./testing/source/PAM/a/pam/fedora-patches/pam-1.1.8-audit-user-mgmt.patch.gz
-rw-r--r-- 1 root root 923 2019-02-02 06:05 ./testing/source/PAM/a/pam/fedora-patches/pam-1.1.8-full-relro.patch.gz
-rw-r--r-- 1 root root 6901 2019-02-02 06:05 ./testing/source/PAM/a/pam/fedora-patches/pam-1.3.0-pwhistory-helper.patch.gz
-rw-r--r-- 1 root root 464 2019-02-02 06:05 ./testing/source/PAM/a/pam/fedora-patches/pam-1.3.0-unix-nomsg.patch.gz
-rw-r--r-- 1 root root 2291 2019-02-02 06:05 ./testing/source/PAM/a/pam/fedora-patches/pam-1.3.1-coverity.patch.gz
-rw-r--r-- 1 root root 6056 2019-02-02 06:05 ./testing/source/PAM/a/pam/fedora-patches/pam-1.3.1-motd-multiple-paths.patch.gz
-rw-r--r-- 1 root root 416 2019-02-02 06:05 ./testing/source/PAM/a/pam/fedora-patches/pam-1.3.1-noflex.patch.gz
-rw-r--r-- 1 root root 1153 2019-02-02 06:05 ./testing/source/PAM/a/pam/fedora-patches/pam-1.3.1-redhat-modules.patch.gz
-rw-r--r-- 1 root root 783 2019-02-02 06:05 ./testing/source/PAM/a/pam/fedora-patches/pam-1.3.1-unix-bcrypt_b.patch.gz
-rw-r--r-- 1 root root 1309 2019-02-02 06:05 ./testing/source/PAM/a/pam/fedora-patches/pam-1.3.1-unix-checksalt_syslog.patch.gz
-rw-r--r-- 1 root root 910 2019-02-02 06:05 ./testing/source/PAM/a/pam/fedora-patches/pam-1.3.1-unix-crypt_checksalt.patch.gz
-rw-r--r-- 1 root root 1410 2019-02-02 06:05 ./testing/source/PAM/a/pam/fedora-patches/pam-1.3.1-unix-fix_checksalt_syslog.patch.gz
-rw-r--r-- 1 root root 1373 2019-02-02 06:05 ./testing/source/PAM/a/pam/fedora-patches/pam-1.3.1-unix-gensalt-autoentropy.patch.gz
-rw-r--r-- 1 root root 887 2019-02-02 06:05 ./testing/source/PAM/a/pam/fedora-patches/pam-1.3.1-unix-no-fallback.patch.gz
-rw-r--r-- 1 root root 698 2019-02-02 06:05 ./testing/source/PAM/a/pam/fedora-patches/pam-1.3.1-unix-remove-obsolete-_unix_read_password-prototype.patch.gz
-rw-r--r-- 1 root root 4944 2019-02-02 06:05 ./testing/source/PAM/a/pam/fedora-patches/pam-1.3.1-unix-yescrypt.patch.gz
-rw-rw-r-- 1 root root 44588 2018-12-04 08:15 ./testing/source/PAM/a/pam/pam-redhat-1.0.0.tar.lz
-rwxr-xr-x 1 root root 8740 2020-02-05 06:34 ./testing/source/PAM/a/pam/pam.SlackBuild
-rw-r--r-- 1 root root 106 2019-07-16 18:05 ./testing/source/PAM/a/pam/pam.url
drwxr-xr-x 2 root root 4096 2020-01-02 20:41 ./testing/source/PAM/a/pam/patches
-rw-r--r-- 1 root root 386 2020-01-02 20:41 ./testing/source/PAM/a/pam/patches/pam.etc.environment.better.comments.diff.gz
-rw-r--r-- 1 root root 794 2019-07-16 20:05 ./testing/source/PAM/a/pam/patches/pam.pam_tally2.no.fsync.patch.gz
-rw-r--r-- 1 root root 309 2019-07-16 18:49 ./testing/source/PAM/a/pam/patches/pam.pam_tally2.slackware.diff.gz
-rw-r--r-- 1 root root 873 2019-07-16 20:25 ./testing/source/PAM/a/pam/slack-desc
-rwxr-xr-x 1 root root 324 2020-02-05 06:48 ./testing/source/PAM/build-all-pam-packages.sh
-rw-r--r-- 1 root root 1235 2020-02-10 20:29 ./testing/source/PAM/buildlist
-rwxr-xr-x 1 root root 14025 2018-11-20 03:08 ./testing/source/PAM/make_world.sh
lrwxrwxrwx 1 root root 15 2020-02-05 04:56 ./testing/source/PAM/source -> ../../../source
drwxr-xr-x 2 root root 4096 2020-02-12 00:42 ./usb-and-pxe-installers
-rw-r--r-- 1 root root 31203 2011-03-21 21:21 ./usb-and-pxe-installers/README_PXE.TXT -rw-r--r-- 1 root root 31203 2011-03-21 21:21 ./usb-and-pxe-installers/README_PXE.TXT
-rw-r--r-- 1 root root 9197 2013-09-25 04:33 ./usb-and-pxe-installers/README_USB.TXT -rw-r--r-- 1 root root 9197 2013-09-25 04:33 ./usb-and-pxe-installers/README_USB.TXT
-rw-r--r-- 1 root root 574 2013-03-27 04:59 ./usb-and-pxe-installers/pxelinux.cfg_default -rw-r--r-- 1 root root 574 2013-03-27 04:59 ./usb-and-pxe-installers/pxelinux.cfg_default
-rw-r--r-- 1 root root 55260160 2020-02-06 01:58 ./usb-and-pxe-installers/usbboot.img -rw-r--r-- 1 root root 55264256 2020-02-12 00:41 ./usb-and-pxe-installers/usbboot.img
-rw-r--r-- 1 root root 16042 2019-08-05 07:08 ./usb-and-pxe-installers/usbimg2disk.sh -rw-r--r-- 1 root root 16042 2019-08-05 07:08 ./usb-and-pxe-installers/usbimg2disk.sh

View file

@ -1,7 +1,7 @@
Slackware initrd mini HOWTO Slackware initrd mini HOWTO
by Patrick Volkerding, volkerdi@slackware.com by Patrick Volkerding, volkerdi@slackware.com
Thu Feb 6 01:37:10 UTC 2020 Tue Feb 11 23:40:44 UTC 2020
This document describes how to create and install an initrd, which may be This document describes how to create and install an initrd, which may be
required to use the 4.x kernel. Also see "man mkinitrd". required to use the 4.x kernel. Also see "man mkinitrd".
@ -33,15 +33,15 @@ flexible to ship a generic kernel and a set of kernel modules for it.
The easiest way to make the initrd is to use the mkinitrd script included The easiest way to make the initrd is to use the mkinitrd script included
in Slackware's mkinitrd package. We'll walk through the process of in Slackware's mkinitrd package. We'll walk through the process of
upgrading to the generic 5.4.18 Linux kernel using the packages upgrading to the generic 5.4.19 Linux kernel using the packages
found in Slackware's slackware/a/ directory. found in Slackware's slackware/a/ directory.
First, make sure the kernel, kernel modules, and mkinitrd package are First, make sure the kernel, kernel modules, and mkinitrd package are
installed (the current version numbers might be a little different, so installed (the current version numbers might be a little different, so
this is just an example): this is just an example):
installpkg kernel-generic-5.4.18-x86_64-1.txz installpkg kernel-generic-5.4.19-x86_64-1.txz
installpkg kernel-modules-5.4.18-x86_64-1.txz installpkg kernel-modules-5.4.19-x86_64-1.txz
installpkg mkinitrd-1.4.11-x86_64-14.txz installpkg mkinitrd-1.4.11-x86_64-14.txz
Change into the /boot directory: Change into the /boot directory:
@ -52,7 +52,7 @@ Now you'll want to run "mkinitrd". I'm using ext4 for my root filesystem,
and since the disk controller requires no special support the ext4 module and since the disk controller requires no special support the ext4 module
will be the only one I need to load: will be the only one I need to load:
mkinitrd -c -k 5.4.18 -m ext4 mkinitrd -c -k 5.4.19 -m ext4
This should do two things. First, it will create a directory This should do two things. First, it will create a directory
/boot/initrd-tree containing the initrd's filesystem. Then it will /boot/initrd-tree containing the initrd's filesystem. Then it will
@ -61,10 +61,10 @@ you could make some additional changes in /boot/initrd-tree/ and
then run mkinitrd again without options to rebuild the image. That's then run mkinitrd again without options to rebuild the image. That's
optional, though, and only advanced users will need to think about that. optional, though, and only advanced users will need to think about that.
Here's another example: Build an initrd image using Linux 5.4.18 Here's another example: Build an initrd image using Linux 5.4.19
kernel modules for a system with an ext4 root partition on /dev/sdb3: kernel modules for a system with an ext4 root partition on /dev/sdb3:
mkinitrd -c -k 5.4.18 -m ext4 -f ext4 -r /dev/sdb3 mkinitrd -c -k 5.4.19 -m ext4 -f ext4 -r /dev/sdb3
4. Now that I've built an initrd, how do I use it? 4. Now that I've built an initrd, how do I use it?

View file

@ -1,5 +1,5 @@
Welcome to 09Slackware6407 version 15.0 (Linux kernel 5.4.18)! Welcome to 09Slackware6407 version 15.0 (Linux kernel 5.4.19)!
If you need to pass extra parameters to the kernel, enter them at the prompt If you need to pass extra parameters to the kernel, enter them at the prompt
below after the name of the kernel to boot (e.g., huge.s). below after the name of the kernel to boot (e.g., huge.s).

View file

@ -1,3 +1,3 @@
These kernels are version 5.4.18. These kernels are version 5.4.19.

View file

@ -1257,19 +1257,29 @@ gzip ./source/x/x11/patch/xf86-video-intel/0001-sna-Avoid-clobbering-output-phys
gzip ./source/x/x11/patch/xf86-video-s3virge/xf86-video-s3virge.xorg-server-1.20.x.diff gzip ./source/x/x11/patch/xf86-video-s3virge/xf86-video-s3virge.xorg-server-1.20.x.diff
gzip ./source/x/libglvnd/patches/193.patch gzip ./source/x/libglvnd/patches/193.patch
gzip ./source/x/xcm/xcm.udev.rules.diff gzip ./source/x/xcm/xcm.udev.rules.diff
gzip ./testing/source/glibc/glibc.ru_RU.CP1251.diff gzip ./testing/source/PAM/a/libpwquality/doinst.sh
gzip ./testing/source/glibc/glibc.locale.no-archive.diff gzip ./testing/source/PAM/a/pam/patches/pam.pam_tally2.slackware.diff
gzip ./testing/source/glibc/glibc-2.29.en_US.no.am.pm.date.format.diff gzip ./testing/source/PAM/a/pam/patches/pam.pam_tally2.no.fsync.patch
gzip ./testing/source/glibc/glibc-c-utf8-locale.patch gzip ./testing/source/PAM/a/pam/patches/pam.etc.environment.better.comments.diff
gzip ./testing/source/binutils/patches/binutils-2.20.51.0.10-sec-merge-emit.patch gzip ./testing/source/PAM/a/pam/fedora-patches/pam-1.3.1-unix-gensalt-autoentropy.patch
gzip ./testing/source/binutils/patches/binutils-2.24-ldforcele.patch gzip ./testing/source/PAM/a/pam/fedora-patches/pam-1.3.1-redhat-modules.patch
gzip ./testing/source/binutils/patches/binutils-2.20.51.0.2-libtool-lib64.patch gzip ./testing/source/PAM/a/pam/fedora-patches/pam-1.3.1-unix-no-fallback.patch
gzip ./testing/source/binutils/patches/binutils.export.demangle.h.diff gzip ./testing/source/PAM/a/pam/fedora-patches/pam-1.3.1-motd-multiple-paths.patch
gzip ./testing/source/binutils/patches/binutils-2.25.1-cleansweep.patch gzip ./testing/source/PAM/a/pam/fedora-patches/pam-1.3.1-unix-checksalt_syslog.patch
gzip ./testing/source/binutils/patches/binutils-2.25-set-long-long.patch gzip ./testing/source/PAM/a/pam/fedora-patches/pam-1.1.8-audit-user-mgmt.patch
gzip ./testing/source/binutils/patches/binutils.no-config-h-check.diff gzip ./testing/source/PAM/a/pam/fedora-patches/pam-1.1.8-full-relro.patch
gzip ./testing/source/binutils/patches/binutils-2.20.51.0.10-copy-osabi.patch gzip ./testing/source/PAM/a/pam/fedora-patches/pam-1.1.3-nouserenv.patch
gzip ./testing/source/binutils/patches/binutils-2.25-version.patch gzip ./testing/source/PAM/a/pam/fedora-patches/pam-1.3.1-unix-remove-obsolete-_unix_read_password-prototype.patch
gzip ./testing/source/PAM/a/pam/fedora-patches/pam-1.3.1-unix-crypt_checksalt.patch
gzip ./testing/source/PAM/a/pam/fedora-patches/pam-1.3.1-unix-fix_checksalt_syslog.patch
gzip ./testing/source/PAM/a/pam/fedora-patches/pam-1.3.1-noflex.patch
gzip ./testing/source/PAM/a/pam/fedora-patches/pam-1.3.1-unix-bcrypt_b.patch
gzip ./testing/source/PAM/a/pam/fedora-patches/pam-1.3.1-unix-yescrypt.patch
gzip ./testing/source/PAM/a/pam/fedora-patches/pam-1.3.1-coverity.patch
gzip ./testing/source/PAM/a/pam/fedora-patches/pam-1.1.6-limits-user.patch
gzip ./testing/source/PAM/a/pam/fedora-patches/pam-1.3.0-pwhistory-helper.patch
gzip ./testing/source/PAM/a/pam/fedora-patches/pam-1.3.0-unix-nomsg.patch
gzip ./testing/source/PAM/a/pam/doinst.sh
gzip ./pasture/source/php/php-fpm.conf.diff gzip ./pasture/source/php/php-fpm.conf.diff
gzip ./pasture/source/php/doinst.sh gzip ./pasture/source/php/doinst.sh
gzip ./pasture/source/php/PHP-5.6.31-OpenSSL-1.1.0-compatibility-20170801.patch gzip ./pasture/source/php/PHP-5.6.31-OpenSSL-1.1.0-compatibility-20170801.patch

View file

@ -61,9 +61,9 @@ system. :^) Press ENTER when you are done." 21 76 10 \
"jfsutils" "Utilities for IBM's Journaled Filesystem" "on" \ "jfsutils" "Utilities for IBM's Journaled Filesystem" "on" \
"kbd" "Change keyboard and console mappings" "on" \ "kbd" "Change keyboard and console mappings" "on" \
"kernel-firmware" "Linux kernel firmware -- REQUIRED" "on" \ "kernel-firmware" "Linux kernel firmware -- REQUIRED" "on" \
"kernel-generic" "Generic 5.4.18 kernel (needs an initrd)" "on" \ "kernel-generic" "Generic 5.4.19 kernel (needs an initrd)" "on" \
"kernel-huge" "Loaded 5.4.18 Linux kernel" "on" \ "kernel-huge" "Loaded 5.4.19 Linux kernel" "on" \
"kernel-modules" "Linux 5.4.18 kernel modules -- REQUIRED" "on" \ "kernel-modules" "Linux 5.4.19 kernel modules -- REQUIRED" "on" \
"kmod" "Kernel module utilities -- REQUIRED" "on" \ "kmod" "Kernel module utilities -- REQUIRED" "on" \
"lbzip2" "Parallel bzip2 compressor" "on" \ "lbzip2" "Parallel bzip2 compressor" "on" \
"less" "A text pager utility - REQUIRED" "on" \ "less" "A text pager utility - REQUIRED" "on" \

View file

@ -61,9 +61,9 @@ system. :^) Press ENTER when you are done." 21 76 10 \
"jfsutils" "Utilities for IBM's Journaled Filesystem" "on" \ "jfsutils" "Utilities for IBM's Journaled Filesystem" "on" \
"kbd" "Change keyboard and console mappings" "on" \ "kbd" "Change keyboard and console mappings" "on" \
"kernel-firmware" "Linux kernel firmware -- REQUIRED" "on" \ "kernel-firmware" "Linux kernel firmware -- REQUIRED" "on" \
"kernel-generic" "Generic 5.4.18 kernel (needs an initrd)" "on" \ "kernel-generic" "Generic 5.4.19 kernel (needs an initrd)" "on" \
"kernel-huge" "Loaded 5.4.18 Linux kernel" "on" \ "kernel-huge" "Loaded 5.4.19 Linux kernel" "on" \
"kernel-modules" "Linux 5.4.18 kernel modules -- REQUIRED" "on" \ "kernel-modules" "Linux 5.4.19 kernel modules -- REQUIRED" "on" \
"kmod" "Kernel module utilities -- REQUIRED" "on" \ "kmod" "Kernel module utilities -- REQUIRED" "on" \
"lbzip2" "Parallel bzip2 compressor" "on" \ "lbzip2" "Parallel bzip2 compressor" "on" \
"less" "A text pager utility - REQUIRED" "on" \ "less" "A text pager utility - REQUIRED" "on" \

View file

@ -21,7 +21,7 @@ from series K. Use the UP/DOWN keys to scroll through the list, and \
the SPACE key to deselect any items you don't want to install. \ the SPACE key to deselect any items you don't want to install. \
Press ENTER when you are \ Press ENTER when you are \
done." 11 70 1 \ done." 11 70 1 \
"kernel-source" "Linux 5.4.18 kernel source" "on" \ "kernel-source" "Linux 5.4.19 kernel source" "on" \
2> $TMP/SeTpkgs 2> $TMP/SeTpkgs
if [ $? = 1 -o $? = 255 ]; then if [ $? = 1 -o $? = 255 ]; then
rm -f $TMP/SeTpkgs rm -f $TMP/SeTpkgs

View file

@ -21,7 +21,7 @@ from series K. Use the UP/DOWN keys to scroll through the list, and \
the SPACE key to deselect any items you don't want to install. \ the SPACE key to deselect any items you don't want to install. \
Press ENTER when you are \ Press ENTER when you are \
done." 11 70 1 \ done." 11 70 1 \
"kernel-source" "Linux 5.4.18 kernel source" "on" \ "kernel-source" "Linux 5.4.19 kernel source" "on" \
2> $TMP/SeTpkgs 2> $TMP/SeTpkgs
if [ $? = 1 -o $? = 255 ]; then if [ $? = 1 -o $? = 255 ]; then
rm -f $TMP/SeTpkgs rm -f $TMP/SeTpkgs

View file

@ -24,7 +24,7 @@ cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=shadow PKGNAM=shadow
VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
BUILD=${BUILD:-1} BUILD=${BUILD:-2}
# Automatically determine the architecture we're building on: # Automatically determine the architecture we're building on:
if [ -z "$ARCH" ]; then if [ -z "$ARCH" ]; then

View file

@ -1,6 +1,6 @@
# #
# Automatically generated file; DO NOT EDIT. # Automatically generated file; DO NOT EDIT.
# Linux/x86 5.4.18 Kernel Configuration # Linux/x86 5.4.19 Kernel Configuration
# #
# #
@ -7803,7 +7803,7 @@ CONFIG_PM_OPP=y
# File systems # File systems
# #
CONFIG_DCACHE_WORD_ACCESS=y CONFIG_DCACHE_WORD_ACCESS=y
CONFIG_VALIDATE_FS_PARSER=y # CONFIG_VALIDATE_FS_PARSER is not set
CONFIG_FS_IOMAP=y CONFIG_FS_IOMAP=y
CONFIG_EXT2_FS=m CONFIG_EXT2_FS=m
CONFIG_EXT2_FS_XATTR=y CONFIG_EXT2_FS_XATTR=y

View file

@ -1,6 +1,6 @@
# #
# Automatically generated file; DO NOT EDIT. # Automatically generated file; DO NOT EDIT.
# Linux/x86 5.4.18 Kernel Configuration # Linux/x86 5.4.19 Kernel Configuration
# #
# #
@ -7786,7 +7786,7 @@ CONFIG_PM_OPP=y
# File systems # File systems
# #
CONFIG_DCACHE_WORD_ACCESS=y CONFIG_DCACHE_WORD_ACCESS=y
CONFIG_VALIDATE_FS_PARSER=y # CONFIG_VALIDATE_FS_PARSER is not set
CONFIG_FS_IOMAP=y CONFIG_FS_IOMAP=y
CONFIG_EXT2_FS=m CONFIG_EXT2_FS=m
CONFIG_EXT2_FS_XATTR=y CONFIG_EXT2_FS_XATTR=y

View file

@ -1,6 +1,6 @@
# #
# Automatically generated file; DO NOT EDIT. # Automatically generated file; DO NOT EDIT.
# Linux/x86 5.4.18 Kernel Configuration # Linux/x86 5.4.19 Kernel Configuration
# #
# #
@ -7866,7 +7866,7 @@ CONFIG_PM_OPP=y
# File systems # File systems
# #
CONFIG_DCACHE_WORD_ACCESS=y CONFIG_DCACHE_WORD_ACCESS=y
CONFIG_VALIDATE_FS_PARSER=y # CONFIG_VALIDATE_FS_PARSER is not set
CONFIG_FS_IOMAP=y CONFIG_FS_IOMAP=y
CONFIG_EXT2_FS=m CONFIG_EXT2_FS=m
CONFIG_EXT2_FS_XATTR=y CONFIG_EXT2_FS_XATTR=y

View file

@ -1,6 +1,6 @@
# #
# Automatically generated file; DO NOT EDIT. # Automatically generated file; DO NOT EDIT.
# Linux/x86 5.4.18 Kernel Configuration # Linux/x86 5.4.19 Kernel Configuration
# #
# #
@ -7803,7 +7803,7 @@ CONFIG_PM_OPP=y
# File systems # File systems
# #
CONFIG_DCACHE_WORD_ACCESS=y CONFIG_DCACHE_WORD_ACCESS=y
CONFIG_VALIDATE_FS_PARSER=y # CONFIG_VALIDATE_FS_PARSER is not set
CONFIG_FS_IOMAP=y CONFIG_FS_IOMAP=y
CONFIG_EXT2_FS=y CONFIG_EXT2_FS=y
CONFIG_EXT2_FS_XATTR=y CONFIG_EXT2_FS_XATTR=y

View file

@ -1,6 +1,6 @@
# #
# Automatically generated file; DO NOT EDIT. # Automatically generated file; DO NOT EDIT.
# Linux/x86 5.4.18 Kernel Configuration # Linux/x86 5.4.19 Kernel Configuration
# #
# #
@ -7786,7 +7786,7 @@ CONFIG_PM_OPP=y
# File systems # File systems
# #
CONFIG_DCACHE_WORD_ACCESS=y CONFIG_DCACHE_WORD_ACCESS=y
CONFIG_VALIDATE_FS_PARSER=y # CONFIG_VALIDATE_FS_PARSER is not set
CONFIG_FS_IOMAP=y CONFIG_FS_IOMAP=y
CONFIG_EXT2_FS=y CONFIG_EXT2_FS=y
CONFIG_EXT2_FS_XATTR=y CONFIG_EXT2_FS_XATTR=y

View file

@ -1,6 +1,6 @@
# #
# Automatically generated file; DO NOT EDIT. # Automatically generated file; DO NOT EDIT.
# Linux/x86 5.4.18 Kernel Configuration # Linux/x86 5.4.19 Kernel Configuration
# #
# #
@ -7866,7 +7866,7 @@ CONFIG_PM_OPP=y
# File systems # File systems
# #
CONFIG_DCACHE_WORD_ACCESS=y CONFIG_DCACHE_WORD_ACCESS=y
CONFIG_VALIDATE_FS_PARSER=y # CONFIG_VALIDATE_FS_PARSER is not set
CONFIG_FS_IOMAP=y CONFIG_FS_IOMAP=y
CONFIG_EXT2_FS=y CONFIG_EXT2_FS=y
CONFIG_EXT2_FS_XATTR=y CONFIG_EXT2_FS_XATTR=y

View file

@ -100,7 +100,7 @@ rm -f $PKG/{,usr/}lib${LIBDIRSUFFIX}/*.la
find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \
| cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
find $PKG/usr/man -type -f -exec gzip -9 {} \+ find $PKG/usr/man -type f -exec gzip -9 {} \+
rm -f $PKG/usr/info/dir rm -f $PKG/usr/info/dir
gzip -9 $PKG/usr/info/* gzip -9 $PKG/usr/info/*

View file

@ -0,0 +1,11 @@
ConsoleKit2: ConsoleKit2 (user, login, and seat tracking framework)
ConsoleKit2:
ConsoleKit2: ConsoleKit2 is a framework for defining and tracking users, login
ConsoleKit2: sessions, and seats.
ConsoleKit2:
ConsoleKit2: Homepage: https://github.com/ConsoleKit2/ConsoleKit2
ConsoleKit2:
ConsoleKit2:
ConsoleKit2:
ConsoleKit2:
ConsoleKit2:

View file

@ -0,0 +1,11 @@
at: at (delayed command execution)
at:
at: at and batch read shell commands from standard input (or a specified
at: file) storing them as a job to be scheduled for execution at a later
at: time.
at:
at: The 'at' command was written by David Parsons and Thomas Koenig.
at:
at: Homepage: http://blog.calhariz.com/tag/at
at:
at:

View file

@ -0,0 +1,11 @@
cifs-utils: cifs-utils (CIFS filesystem utilities)
cifs-utils:
cifs-utils: This is the release version of cifs-utils, a package of utilities for
cifs-utils: doing and managing mounts of the Linux CIFS filesystem. The in-kernel
cifs-utils: CIFS filesystem is generally the preferred method for mounting
cifs-utils: SMB/CIFS shares on Linux. This filesystem relies on a set of
cifs-utils: user-space tools that were originally part of Samba, but have now been
cifs-utils: split off into this separate package.
cifs-utils:
cifs-utils: Home page: http://wiki.samba.org/index.php/LinuxCIFS_utils
cifs-utils:

View file

@ -0,0 +1,11 @@
cracklib: cracklib (password checking library)
cracklib:
cracklib: CrackLib is a library which may be used in a passwd-like program to
cracklib: prevent users from choosing passwords that could be easily guessed.
cracklib: This package is an updated and modernized distribution of CrackLib as
cracklib: previously released by Alec Muffett.
cracklib:
cracklib: Homepage: https://github.com/cracklib/cracklib
cracklib:
cracklib:
cracklib:

View file

@ -0,0 +1,11 @@
cups: cups (Common UNIX Printing System)
cups:
cups: The Common UNIX Printing System provides a portable printing layer for
cups: UNIX(R)-like operating systems. It has been developed by Easy Software
cups: Products to promote a standard printing solution for all UNIX vendors
cups: and users. CUPS uses the Internet Printing Protocol ("IPP") as the
cups: basis for managing print jobs and queues. The CUPS package includes
cups: System V and Berkeley command-line interfaces, a PostScript RIP
cups: package for supporting non-PostScript printer drivers, and tools for
cups: creating additional printer drivers and other CUPS services.
cups:

View file

@ -0,0 +1,11 @@
cyrus-sasl: cyrus-sasl (Simple Authentication and Security Layer)
cyrus-sasl:
cyrus-sasl: This is the Cyrus SASL library. Cyrus SASL is used by mail programs
cyrus-sasl: on the client or server side to provide authentication and
cyrus-sasl: authorization services. See RFC 2222 for more information.
cyrus-sasl:
cyrus-sasl:
cyrus-sasl:
cyrus-sasl:
cyrus-sasl:
cyrus-sasl:

View file

@ -0,0 +1,11 @@
dovecot: dovecot (IMAP and POP3 server)
dovecot:
dovecot: Dovecot is an open source IMAP and POP3 server for Linux/UNIX-like
dovecot: systems, written with security foremost in mind.
dovecot:
dovecot: Dovecot can work with standard mbox and Maildir formats and it is
dovecot: fully compatible with UW-IMAP and Courier IMAP servers'
dovecot: implementation of them, as well as mail clients accessing the
dovecot: mailboxes directly.
dovecot:
dovecot:

View file

@ -0,0 +1,11 @@
gnome-keyring: gnome-keyring (a tool to handle security credentials)
gnome-keyring:
gnome-keyring: GNOME Keyring is a program designed to take care of the user's
gnome-keyring: security credentials, such as user names and passwords, in an
gnome-keyring: easy to access manner. The keyring is implemented as a daemon
gnome-keyring: and uses the process name gnome-keyring-daemon.
gnome-keyring:
gnome-keyring:
gnome-keyring:
gnome-keyring:
gnome-keyring:

View file

@ -0,0 +1,11 @@
hplip: hplip (HP print/scan/fax support)
hplip:
hplip: HPLIP is an HP developed solution for printing, scanning, and faxing
hplip: with HP inkjet and laser based printers in Linux. The HPLIP project
hplip: provides printing support for more than 1400 HP printer models,
hplip: including Deskjet, Officejet, Photosmart, PSC (Print Scan Copy),
hplip: Business Inkjet, LaserJet, and LaserJet MFP.
hplip:
hplip: Homepage: http://hplipopensource.com
hplip:
hplip:

View file

@ -0,0 +1,11 @@
kde-workspace: kde-workspace (KDE Plasma Desktop)
kde-workspace:
kde-workspace: This package provides the essential parts of the KDE Plasma Desktop
kde-workspace: that are presented to the user.
kde-workspace:
kde-workspace:
kde-workspace:
kde-workspace:
kde-workspace:
kde-workspace:
kde-workspace:

View file

@ -0,0 +1,11 @@
libcap: libcap (get/set POSIX capabilities)
libcap:
libcap: This is a library for getting and setting POSIX.1e (formerly POSIX 6)
libcap: draft 15 capabilities.
libcap:
libcap: Libcap was written by Andrew G. Morgan; however, it would not
libcap: have been possible without the help of Aleph1, Roland Buresund,
libcap: Andrew Main, and Alexander Kjeldaas.
libcap:
libcap: Homepage: http://sites.google.com/site/fullycapable/
libcap:

View file

@ -0,0 +1,11 @@
libcgroup: libcgroup (library and utilities for kernel control groups)
libcgroup:
libcgroup: Control Groups provide a mechanism for aggregating/partitioning sets of
libcgroup: tasks, and all their future children, into hierarchical groups with
libcgroup: specialized behaviour. It makes use of a filesystem interface.
libcgroup: This package contains a library for developing applications that use
libcgroup: control groups, as well as some basic userspace tools for controlling
libcgroup: and monitoring control groups.
libcgroup:
libcgroup: Homepage: http://libcg.sourceforge.net/
libcgroup:

View file

@ -0,0 +1,11 @@
libpwquality: libpwquality (password quality checking library)
libpwquality:
libpwquality: The libpwquality package provides common functions for password
libpwquality: quality checking and also scoring them based on their apparent
libpwquality: randomness. The library also provides a function for generating
libpwquality: random passwords with good pronounceability.
libpwquality:
libpwquality: Homepage: https://github.com/libpwquality/libpwquality
libpwquality:
libpwquality:
libpwquality:

View file

@ -0,0 +1,11 @@
mariadb: mariadb (Drop-in replacement for the MySQL Database Server)
mariadb:
mariadb: MariaDB is a backward compatible, drop-in replacement branch of the
mariadb: MySQL(R) Database Server. It includes all major open source storage
mariadb: engines, including the Aria storage engine.
mariadb:
mariadb: Homepage: http://mariadb.org/
mariadb:
mariadb:
mariadb:
mariadb:

View file

@ -0,0 +1,11 @@
netatalk: netatalk (Appletalk file and print server)
netatalk:
netatalk: Netatalk is an Appletalk file and print server for Linux. Using
netatalk: Netatalk, Macintosh computers on your local network can mount Linux
netatalk: volumes as if they were standard Appletalk network drives, and can
netatalk: print to the Linux box's printer as if it were a network printer
netatalk: supporting PostScript.
netatalk:
netatalk: Netatalk was originally written by the Research Systems Unix Group at
netatalk: The University of Michigan, and is maintained by the Netatalk Team.
netatalk:

View file

@ -0,0 +1,11 @@
netkit-rsh: netkit-rsh (the BSD rsh/rcp/rlogin clients and daemon)
netkit-rsh:
netkit-rsh: The old BSD rsh suite. Note that none of these programs provide
netkit-rsh: encryption or strong authentication of network connections. As such,
netkit-rsh: their use is discouraged. The "ssh" protocol and package is a
netkit-rsh: cryptographically secure replacement.
netkit-rsh:
netkit-rsh:
netkit-rsh:
netkit-rsh:
netkit-rsh:

View file

@ -0,0 +1,11 @@
openssh: openssh (Secure Shell daemon and clients)
openssh:
openssh: ssh (Secure Shell) is a program for logging into a remote machine and
openssh: for executing commands on a remote machine. It is intended to replace
openssh: rlogin and rsh, and provide secure encrypted communications between
openssh: two untrusted hosts over an insecure network. sshd (SSH Daemon) is
openssh: the daemon program for ssh. OpenSSH is based on the last free version
openssh: of Tatu Ylonen's SSH, further enhanced and cleaned up by Aaron
openssh: Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo de Raadt, and
openssh: Dug Song. It has a homepage at http://www.openssh.com/
openssh:

View file

@ -0,0 +1,11 @@
openvpn: openvpn (secure IP tunnel daemon)
openvpn:
openvpn: OpenVPN is a full-featured SSL VPN which can accommodate a wide range
openvpn: of configurations, including remote access, site-to-site VPNs, WiFi
openvpn: security, and enterprise-scale remote access with load balancing,
openvpn: failover, and fine-grained access-controls.
openvpn:
openvpn: OpenVPN's home on the net is: http://openvpn.net
openvpn:
openvpn:
openvpn:

View file

@ -0,0 +1,11 @@
pam: pam (Pluggable Authentication Modules)
pam:
pam: PAM = Pluggable Authentication Modules. Basically, it is a flexible
pam: mechanism for authenticating users. PAM provides a way to develop
pam: programs that are independent of authentication scheme. However,
pam: these programs will need "authentication modules" (and libpam) at
pam: run-time in order to work.
pam:
pam: Homepage: http://www.linux-pam.org/
pam:
pam:

View file

@ -0,0 +1,11 @@
polkit: polkit (authentication framework)
polkit:
polkit: PolicyKit is an application-level toolkit for defining and handling
polkit: the policy that allows unprivileged processes to speak to privileged
polkit: processes. PolicyKit is specifically targeting applications in rich
polkit: desktop environments on multi-user UNIX-like operating systems.
polkit:
polkit: Homepage: http://www.freedesktop.org/wiki/Software/polkit
polkit:
polkit:
polkit:

View file

@ -0,0 +1,11 @@
popa3d: popa3d (a POP3 daemon)
popa3d:
popa3d: popa3d is a Post Office Protocol version 3 (POP3) server. A POP3
popa3d: server operates on local mailboxes on behalf of its remote users.
popa3d: Users can connect at any time to check their mailbox and fetch the
popa3d: mail that has accumulated. The design goals of this POP3 server are
popa3d: security, reliability, RFC compliance (slightly relaxed to work with
popa3d: real-world POP3 clients), and high performance.
popa3d:
popa3d: The popa3d daemon was written by Solar Designer.
popa3d:

View file

@ -0,0 +1,11 @@
ppp: ppp (Point-to-Point Protocol)
ppp:
ppp: The Point-to-Point Protocol (PPP) provides a method for transmitting
ppp: data over serial links. It's commonly used for connecting to the
ppp: Internet using a modem. This package includes the PPP daemon (pppd),
ppp: which negotiates with the peer to establish the link and sets up the
ppp: ppp network interface, and pppsetup, an easy-to-use utility for
ppp: setting up your PPP daemon.
ppp:
ppp:
ppp:

View file

@ -0,0 +1,11 @@
proftpd: proftpd (FTP server daemon)
proftpd:
proftpd: ProFTPD is the Professional File Transfer Protocol (FTP) server
proftpd: daemon. ProFTPD grew out of the desire to have a secure and
proftpd: configurable FTP server, and out of a significant admiration of the
proftpd: Apache web server.
proftpd:
proftpd: Homepage: http://www.proftpd.org
proftpd:
proftpd:
proftpd:

View file

@ -0,0 +1,11 @@
samba: samba (CIFS file and print server)
samba:
samba: Samba is a CIFS file and print server for CIFS clients. It allows
samba: you to make file space or printers on a Samba host available to CIFS
samba: clients (such as PCs running Windows).
samba:
samba: If you have any Windows file servers, you may be able to replace them
samba: or supplement them with Samba. One of Samba's big strengths is
samba: integration, so you can use it to tie together your Linux hosts and
samba: Windows PC clients.
samba:

View file

@ -0,0 +1,11 @@
screen: screen (screen manager with VT100/ANSI terminal emulation)
screen:
screen: Screen is a full-screen window manager that multiplexes a physical
screen: terminal between several processes (typically interactive shells).
screen: Each virtual terminal provides the functions of a DEC VT100 terminal
screen: and several control functions from the ISO 6492 (ECMA 48, ANSI X3.64)
screen: and ISO 2022 standards (e.g. insert/delete line and support for
screen: multiple character sets). There is a scrollback history buffer for
screen: each virtual terminal and a copy-and-paste mechanism that allows
screen: moving text regions between windows.
screen:

View file

@ -0,0 +1,11 @@
shadow: shadow (shadow password suite)
shadow:
shadow: This package includes the necessary programs for handling account
shadow: information in the shadow password format, plus programs for managing
shadow: user and group accounts. It was written by Julianne Frances Haugh and
shadow: the Linux port is maintained by Tomasz Kloczko.
shadow:
shadow: Homepage: https://github.com/shadow-maint/shadow
shadow:
shadow:
shadow:

View file

@ -0,0 +1,11 @@
sudo: sudo (give limited root privileges to certain users)
sudo:
sudo: 'sudo' is a command that allows users to execute some commands as
sudo: root. The /etc/sudoers file (edited with 'visudo') specifies which
sudo: users have access to sudo and which commands they can run. 'sudo'
sudo: logs all its activities to /var/log/ so the system administrator
sudo: can keep an eye on things.
sudo:
sudo: Homepage: https://www.sudo.ws
sudo:
sudo:

View file

@ -0,0 +1,11 @@
system-config-printer: system-config-printer (CUPS printer administration tool)
system-config-printer:
system-config-printer: The purpose of the tool is to configure a CUPS server (often the local
system-config-printer: machine) using the CUPS API. The tool is written in Python, using
system-config-printer: pygtk for the graphical parts and Python bindings (pycups) for the
system-config-printer: CUPS API. It is largely the same as using the CUPS web interface for
system-config-printer: configuring printers, but has the advantage of being a native
system-config-printer: application rather than a web page.
system-config-printer:
system-config-printer: Home: https://github.com/zdohnal/system-config-printer
system-config-printer:

View file

@ -0,0 +1,11 @@
util-linux: util-linux (a huge collection of essential utilities)
util-linux:
util-linux: The util-linux package is a huge collection of random utilities
util-linux: that are essential to run a Linux system.
util-linux:
util-linux: Homepage: https://www.kernel.org/pub/linux/utils/util-linux/
util-linux:
util-linux:
util-linux:
util-linux:
util-linux:

View file

@ -0,0 +1,11 @@
vsftpd: vsftpd (Very Secure FTP Daemon)
vsftpd:
vsftpd: vsftpd is an FTP server, or daemon. The 'vs' stands for Very Secure.
vsftpd: Obviously this is not a guarantee, but a reflection that the entire
vsftpd: codebase was written with security in mind, and carefully designed to
vsftpd: be resilient to attack (as well as extremely fast and scalable).
vsftpd:
vsftpd: The vsftpd homepage is https://security.appspot.com/vsftpd.html
vsftpd:
vsftpd: The Very Secure FTP Daemon was written by Chris Evans.
vsftpd:

View file

@ -0,0 +1,11 @@
xdm: xdm (X11 display manager)
xdm:
xdm: xdm is part of X11.
xdm:
xdm: For more information about the X.Org Foundation (the providers of the
xdm: X.Org implementation of the X Window System), see their website:
xdm:
xdm: http://www.x.org
xdm:
xdm:
xdm:

View file

@ -0,0 +1,11 @@
xlockmore: xlockmore (screen locker for X)
xlockmore:
xlockmore: Patrick J. Naughton's xlock screensaver/locker for X, with many
xlockmore: more modes added by David A. Bagley.
xlockmore:
xlockmore: The 'Bob' bitmap has been included especially for Slackware, as well
xlockmore: as a Linux penguin logo. (NOTE: the image of J. R. "Bob" Dobbs is a
xlockmore: registered trademark of The Subgenius Foundation, used by permission)
xlockmore:
xlockmore: Homepage: http://sillycycle.com/xlockmore.html
xlockmore:

View file

@ -0,0 +1,11 @@
xscreensaver: xscreensaver (a screen saver and locker for X)
xscreensaver:
xscreensaver: A modular screen saver and locker for the X Window System. Highly
xscreensaver: customizable: allows the use of any program that can draw on the
xscreensaver: root window as a display mode. More than 100 display modes are
xscreensaver: included in this package.
xscreensaver:
xscreensaver: Homepage: http://www.jwz.org/xscreensaver
xscreensaver:
xscreensaver:
xscreensaver:

View file

@ -0,0 +1,149 @@
#!/bin/sh
# Copyright 2010,2011 Vincent Batts, Vienna, VA, USA
# Copyright 2010, 2018 Patrick J. Volkerding, Sebeka, Minnesota, USA
# All rights reserved.
#
# Redistribution and use of this script, with or without modification, is
# permitted provided that the following conditions are met:
#
# 1. Redistributions of this script must retain the above copyright
# notice, this list of conditions and the following disclaimer.
#
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=cracklib
VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
BUILD=${BUILD:-1}
# Automatically determine the architecture we're building on:
if [ -z "$ARCH" ]; then
case "$( uname -m )" in
i?86) export ARCH=i586 ;;
arm*) export ARCH=arm ;;
# Unless $ARCH is already set, use uname -m for all other archs:
*) export ARCH=$( uname -m ) ;;
esac
fi
# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
# the name of the created package would be, and then exit. This information
# could be useful to other scripts.
if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
exit 0
fi
NUMJOBS=${NUMJOBS:-" -j$(expr $(nproc) + 1) "}
TMP=${TMP:-/tmp}
PKG=$TMP/package-$PKGNAM
if [ "$ARCH" = "i586" ]; then
SLKCFLAGS="-O2 -march=i586 -mtune=i686"
LIBDIRSUFFIX=""
elif [ "$ARCH" = "s390" ]; then
SLKCFLAGS="-O2"
LIBDIRSUFFIX=""
elif [ "$ARCH" = "x86_64" ]; then
SLKCFLAGS="-O2 -fPIC"
LIBDIRSUFFIX="64"
else
SLKCFLAGS="-O2"
LIBDIRSUFFIX=""
fi
rm -rf $PKG
mkdir -p $TMP $PKG
cd $TMP
rm -rf $PKGNAM-$VERSION
tar xvf $CWD/$PKGNAM-$VERSION.tar.?z || exit 1
cd $PKGNAM-$VERSION || exit 1
chown -R root:root .
find . \
\( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
-exec chmod 755 {} \+ -o \
\( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
-exec chmod 644 {} \+
CFLAGS="$SLKCFLAGS" \
CXXFLAGS="$SLKCFLAGS" \
./configure \
--prefix=/usr \
--sbindir=/sbin \
--libdir=/usr/lib${LIBDIRSUFFIX} \
--sysconfdir=/etc \
--localstatedir=/var \
--mandir=/usr/man \
--docdir=/usr/doc/$PKGNAM-$VERSION \
--disable-static \
--without-python \
--build=$ARCH-slackware-linux || exit 1
make $NUMJOBS || exit 1
make install DESTDIR=$PKG || exit 1
# Don't ship .la files:
rm -f $PKG/{,usr/}lib${LIBDIRSUFFIX}/*.la
mkdir -p $PKG/usr/share/cracklib
# Fix perms on these first:
chmod 755 ./util/create-cracklib-dict
chmod 755 ./util/cracklib-format
# If there's a large word list in the source directory, uncompress it to "cracklib-words":
if [ -r $CWD/cracklib-words-*.xz ]; then
xz -dc $CWD/cracklib-words-*.xz > cracklib-words
elif [ -r $CWD/cracklib-words-*.bz2 ]; then
bzip2 -dc $CWD/cracklib-words-*.bz2 > cracklib-words
elif [ -r $CWD/cracklib-words-*.gz ]; then
gzip -dc $CWD/cracklib-words-*.gz > cracklib-words
elif [ -r $CWD/cracklib-words-*.lz ]; then
lzip -dc $CWD/cracklib-words-*.lz > cracklib-words
fi
# If cracklib-words exists, add it to the dictionary. Otherwise go with the bundled list.
if [ -r cracklib-words ]; then
PATH=$(pwd)/util:$PATH \
./util/create-cracklib-dict \
-o $PKG/usr/share/cracklib/pw_dict \
dicts/cracklib-small cracklib-words
else
PATH=$(pwd)/util:$PATH \
./util/create-cracklib-dict \
-o $PKG/usr/share/cracklib/pw_dict \
dicts/cracklib-small
fi
mkdir -p $PKG/var/cache/cracklib
( cd $PKG/var/cache/cracklib
ln -s /usr/share/cracklib/pw_dict.pwd cracklib_dict.pwd
ln -s /usr/share/cracklib/pw_dict.pwi cracklib_dict.pwi
)
find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | grep ELF \
| cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true
mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION
cp -a \
AUTHORS COPYING.LIB ChangeLog INSTALL NEWS README* \
$PKG/usr/doc/$PKGNAM-$VERSION
mkdir -p $PKG/install
cat $CWD/slack-desc > $PKG/install/slack-desc
cd $PKG
/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz

View file

@ -0,0 +1 @@
https://github.com/cracklib/cracklib

View file

@ -6,14 +6,14 @@
# customary to leave one space after the ':'. # customary to leave one space after the ':'.
|-----handy-ruler------------------------------------------------------| |-----handy-ruler------------------------------------------------------|
binutils: binutils (GNU binary development tools) cracklib: cracklib (password checking library)
binutils: cracklib:
binutils: Binutils is a collection of binary utilities. It includes "as" (the cracklib: CrackLib is a library which may be used in a passwd-like program to
binutils: portable GNU assembler), "ld" (the GNU linker), and other utilities cracklib: prevent users from choosing passwords that could be easily guessed.
binutils: for creating and working with binary programs. cracklib: This package is an updated and modernized distribution of CrackLib as
binutils: cracklib: previously released by Alec Muffett.
binutils: These utilities are REQUIRED to compile C, C++, Objective-C, Fortran, cracklib:
binutils: and most other programming languages. cracklib: Homepage: https://github.com/cracklib/cracklib
binutils: cracklib:
binutils: cracklib:
binutils: cracklib:

View file

@ -0,0 +1,14 @@
config() {
NEW="$1"
OLD="$(dirname $NEW)/$(basename $NEW .new)"
# If there's no config file by that name, mv it over:
if [ ! -r $OLD ]; then
mv $NEW $OLD
elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then
# toss the redundant copy
rm $NEW
fi
# Otherwise, we leave the .new copy for the admin to consider...
}
config etc/security/pwquality.conf.new

View file

@ -0,0 +1,143 @@
#!/bin/bash
# Copyright 2020 Patrick J. Volkerding, Sebeka, Minnesota, USA
# All rights reserved.
#
# Redistribution and use of this script, with or without modification, is
# permitted provided that the following conditions are met:
#
# 1. Redistributions of this script must retain the above copyright
# notice, this list of conditions and the following disclaimer.
#
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=libpwquality
VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
BUILD=${BUILD:-1}
# Automatically determine the architecture we're building on:
if [ -z "$ARCH" ]; then
case "$(uname -m)" in
i?86) ARCH=i586 ;;
arm*) readelf /usr/bin/file -A | egrep -q "Tag_CPU.*[4,5]" && ARCH=arm || ARCH=armv7hl ;;
# Unless $ARCH is already set, use uname -m for all other archs:
*) ARCH=$(uname -m) ;;
esac
export ARCH
fi
# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
# the name of the created package would be, and then exit. This information
# could be useful to other scripts.
if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
exit 0
fi
NUMJOBS=${NUMJOBS:-" -j$(expr $(nproc) + 1) "}
if [ "$ARCH" = "i586" ]; then
SLKCFLAGS="-O2 -march=i586 -mtune=i686"
LIBDIRSUFFIX=""
elif [ "$ARCH" = "i686" ]; then
SLKCFLAGS="-O2 -march=i686"
LIBDIRSUFFIX=""
elif [ "$ARCH" = "s390" ]; then
SLKCFLAGS="-O2"
LIBDIRSUFFIX=""
elif [ "$ARCH" = "x86_64" ]; then
SLKCFLAGS="-O2 -fPIC"
LIBDIRSUFFIX="64"
elif [ "$ARCH" = "armv7hl" ]; then
SLKCFLAGS="-O3 -march=armv7-a -mfpu=vfpv3-d16"
LIBDIRSUFFIX=""
else
SLKCFLAGS="-O2"
LIBDIRSUFFIX=""
fi
TMP=${TMP:-/tmp}
PKG=$TMP/package-$PKGNAM
rm -rf $PKG
mkdir -p $TMP $PKG
cd $TMP
rm -rf $PKGNAM-$VERSION
tar xvf $CWD/$PKGNAM-$VERSION.tar.?z || exit 1
cd $PKGNAM-$VERSION || exit 1
chown -R root:root .
find . \
\( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
-exec chmod 755 {} \+ -o \
\( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
-exec chmod 644 {} \+
# this typo was driving me crazy
sed -i "s/there defaults/their defaults/g" doc/man/pam_pwquality.8*
# Configure, build, and install:
CFLAGS="$SLKCFLAGS" \
CXXFLAGS="$SLKCFLAGS" \
./configure \
--prefix=/usr \
--libdir=/usr/lib${LIBDIRSUFFIX} \
--sysconfdir=/etc \
--localstatedir=/var \
--docdir=/usr/doc/$PKGNAM-$VERSION \
--mandir=/usr/man \
--infodir=/usr/info \
--disable-static \
--with-securedir=/lib/security \
--with-python-binary=python3 \
--build=$ARCH-slackware-linux || exit 1
make $NUMJOBS || make || exit 1
make install DESTDIR=$PKG || exit 1
# Don't ship .la files:
rm -f $PKG/{,usr/}lib${LIBDIRSUFFIX}/*.la
mv $PKG/etc/security/pwquality.conf $PKG/etc/security/pwquality.conf.new
# Strip binaries:
find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
# Compress manual pages:
find $PKG/usr/man -type f -exec gzip -9 {} \+
for i in $( find $PKG/usr/man -type l ) ; do
ln -s $( readlink $i ).gz $i.gz
rm $i
done
# Add a documentation directory:
mkdir -p $PKG/usr/doc/${PKGNAM}-$VERSION
cp -a \
AUTHORS* ChangeLog COPYING* NEWS* README* \
$PKG/usr/doc/${PKGNAM}-$VERSION
# If there's a ChangeLog, installing at least part of the recent history
# is useful, but don't let it get totally out of control:
if [ -r ChangeLog ]; then
DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION)
cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog
touch -r ChangeLog $DOCSDIR/ChangeLog
fi
mkdir -p $PKG/install
zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh
cat $CWD/slack-desc > $PKG/install/slack-desc
cd $PKG
/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz

View file

@ -0,0 +1 @@
https://github.com/libpwquality/libpwquality

View file

@ -0,0 +1,19 @@
# HOW TO EDIT THIS FILE:
# The "handy ruler" below makes it easier to edit a package description. Line
# up the first '|' above the ':' following the base package name, and the '|'
# on the right side marks the last column you can put a character in. You must
# make exactly 11 lines for the formatting to be correct. It's also
# customary to leave one space after the ':'.
|-----handy-ruler------------------------------------------------------|
libpwquality: libpwquality (password quality checking library)
libpwquality:
libpwquality: The libpwquality package provides common functions for password
libpwquality: quality checking and also scoring them based on their apparent
libpwquality: randomness. The library also provides a function for generating
libpwquality: random passwords with good pronounceability.
libpwquality:
libpwquality: Homepage: https://github.com/libpwquality/libpwquality
libpwquality:
libpwquality:
libpwquality:

View file

@ -0,0 +1,14 @@
config() {
NEW="$1"
OLD="$(dirname $NEW)/$(basename $NEW .new)"
# If there's no config file by that name, mv it over:
if [ ! -r $OLD ]; then
mv $NEW $OLD
elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then
# toss the redundant copy
rm $NEW
fi
# Otherwise, we leave the .new copy for the admin to consider...
}

View file

@ -0,0 +1,27 @@
diff -up pam/modules/pam_env/pam_env.c.nouserenv pam/modules/pam_env/pam_env.c
--- pam/modules/pam_env/pam_env.c.nouserenv 2010-10-20 09:59:30.000000000 +0200
+++ pam/modules/pam_env/pam_env.c 2010-11-01 14:42:01.000000000 +0100
@@ -10,7 +10,7 @@
#define DEFAULT_READ_ENVFILE 1
#define DEFAULT_USER_ENVFILE ".pam_environment"
-#define DEFAULT_USER_READ_ENVFILE 1
+#define DEFAULT_USER_READ_ENVFILE 0
#include "config.h"
diff -up pam/modules/pam_env/pam_env.8.xml.nouserenv pam/modules/pam_env/pam_env.8.xml
--- pam/modules/pam_env/pam_env.8.xml.nouserenv 2010-10-20 09:59:30.000000000 +0200
+++ pam/modules/pam_env/pam_env.8.xml 2010-11-01 14:42:01.000000000 +0100
@@ -147,7 +147,10 @@
<listitem>
<para>
Turns on or off the reading of the user specific environment
- file. 0 is off, 1 is on. By default this option is on.
+ file. 0 is off, 1 is on. By default this option is off as user
+ supplied environment variables in the PAM environment could affect
+ behavior of subsequent modules in the stack without the consent
+ of the system administrator.
</para>
</listitem>
</varlistentry>

View file

@ -0,0 +1,20 @@
diff -up Linux-PAM-1.1.6/modules/pam_limits/limits.conf.limits Linux-PAM-1.1.6/modules/pam_limits/limits.conf
--- Linux-PAM-1.1.6/modules/pam_limits/limits.conf.limits 2012-08-15 13:08:43.000000000 +0200
+++ Linux-PAM-1.1.6/modules/pam_limits/limits.conf 2013-03-14 16:43:37.615087671 +0100
@@ -1,5 +1,16 @@
# /etc/security/limits.conf
#
+#This file sets the resource limits for the users logged in via PAM.
+#It does not affect resource limits of the system services.
+#
+#Also note that configuration files in /etc/security/limits.d directory,
+#which are read in alphabetical order, override the settings in this
+#file in case the domain is the same or more specific.
+#That means for example that setting a limit for wildcard domain here
+#can be overriden with a wildcard setting in a config file in the
+#subdirectory, but a user specific setting here can be overriden only
+#with a user specific setting in the subdirectory.
+#
#Each line describes a limit for a user in the form:
#
#<domain> <type> <item> <value>

View file

@ -0,0 +1,31 @@
diff -up Linux-PAM-1.1.8/modules/pam_tally2/pam_tally2.c.audit-user-mgmt Linux-PAM-1.1.8/modules/pam_tally2/pam_tally2.c
--- Linux-PAM-1.1.8/modules/pam_tally2/pam_tally2.c.audit-user-mgmt 2013-06-18 16:11:21.000000000 +0200
+++ Linux-PAM-1.1.8/modules/pam_tally2/pam_tally2.c 2014-10-17 12:09:12.965490940 +0200
@@ -997,9 +997,9 @@ main( int argc UNUSED, char **argv )
#ifdef HAVE_LIBAUDIT
char buf[64];
int audit_fd = audit_open();
- snprintf(buf, sizeof(buf), "pam_tally2 uid=%u reset=%hu", uid, cline_reset);
- audit_log_user_message(audit_fd, AUDIT_USER_ACCT,
- buf, NULL, NULL, ttyname(STDIN_FILENO), 1);
+ snprintf(buf, sizeof(buf), "pam_tally2 reset=%hu", cline_reset);
+ audit_log_acct_message(audit_fd, AUDIT_USER_MGMT, NULL,
+ buf, NULL, uid, NULL, NULL, ttyname(STDIN_FILENO), 1);
if (audit_fd >=0)
close(audit_fd);
#endif
@@ -1040,11 +1040,10 @@ main( int argc UNUSED, char **argv )
}
else if ( !cline_reset ) {
#ifdef HAVE_LIBAUDIT
- char buf[64];
int audit_fd = audit_open();
- snprintf(buf, sizeof(buf), "pam_tally2 uid=all reset=0");
- audit_log_user_message(audit_fd, AUDIT_USER_ACCT,
- buf, NULL, NULL, ttyname(STDIN_FILENO), 1);
+ audit_log_acct_message(audit_fd, AUDIT_USER_MGMT, NULL,
+ "pam_tally2-reset-all-accts reset=0", "*", -1,
+ NULL, NULL, ttyname(STDIN_FILENO), 1);
if (audit_fd >=0)
close(audit_fd);
#endif

View file

@ -0,0 +1,67 @@
diff -up Linux-PAM-1.1.8/modules/pam_filter/upperLOWER/Makefile.am.relro Linux-PAM-1.1.8/modules/pam_filter/upperLOWER/Makefile.am
--- Linux-PAM-1.1.8/modules/pam_filter/upperLOWER/Makefile.am.relro 2014-09-10 17:17:20.273401344 +0200
+++ Linux-PAM-1.1.8/modules/pam_filter/upperLOWER/Makefile.am 2014-09-10 17:17:07.857115369 +0200
@@ -9,7 +9,7 @@ securelibfilterdir = $(SECUREDIR)/pam_fi
AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include \
-I$(srcdir)/.. @PIE_CFLAGS@
-AM_LDFLAGS = @PIE_LDFLAGS@
+AM_LDFLAGS = -Wl,-z,now @PIE_LDFLAGS@
LDADD = $(top_builddir)/libpam/libpam.la
securelibfilter_PROGRAMS = upperLOWER
diff -up Linux-PAM-1.1.8/modules/pam_mkhomedir/Makefile.am.relro Linux-PAM-1.1.8/modules/pam_mkhomedir/Makefile.am
--- Linux-PAM-1.1.8/modules/pam_mkhomedir/Makefile.am.relro 2013-06-18 16:11:21.000000000 +0200
+++ Linux-PAM-1.1.8/modules/pam_mkhomedir/Makefile.am 2014-09-10 17:18:42.922304935 +0200
@@ -30,6 +30,8 @@ endif
sbin_PROGRAMS = mkhomedir_helper
mkhomedir_helper_SOURCES = mkhomedir_helper.c
+mkhomedir_helper_CFLAGS = $(AM_CFLAGS) @PIE_CFLAGS@
+mkhomedir_helper_LDFLAGS = -Wl,-z,now @PIE_LDFLAGS@
mkhomedir_helper_LDADD = $(top_builddir)/libpam/libpam.la
if ENABLE_REGENERATE_MAN
diff -up Linux-PAM-1.1.8/modules/pam_tally2/Makefile.am.relro Linux-PAM-1.1.8/modules/pam_tally2/Makefile.am
--- Linux-PAM-1.1.8/modules/pam_tally2/Makefile.am.relro 2013-06-18 16:11:21.000000000 +0200
+++ Linux-PAM-1.1.8/modules/pam_tally2/Makefile.am 2014-09-10 17:22:04.339944040 +0200
@@ -26,6 +26,8 @@ if HAVE_VERSIONING
pam_tally2_la_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map
endif
+pam_tally2_CFLAGS = $(AM_CFLAGS) @PIE_CFLAGS@
+pam_tally2_LDFLAGS = -Wl,-z,now @PIE_LDFLAGS@
pam_tally2_LDADD = $(top_builddir)/libpam/libpam.la $(LIBAUDIT)
securelib_LTLIBRARIES = pam_tally2.la
diff -up Linux-PAM-1.1.8/modules/pam_timestamp/Makefile.am.relro Linux-PAM-1.1.8/modules/pam_timestamp/Makefile.am
--- Linux-PAM-1.1.8/modules/pam_timestamp/Makefile.am.relro 2013-06-18 16:11:21.000000000 +0200
+++ Linux-PAM-1.1.8/modules/pam_timestamp/Makefile.am 2014-08-13 16:02:49.906688139 +0200
@@ -36,7 +36,7 @@ pam_timestamp_la_CFLAGS = $(AM_CFLAGS)
pam_timestamp_check_SOURCES = pam_timestamp_check.c
pam_timestamp_check_CFLAGS = $(AM_CFLAGS) @PIE_CFLAGS@
pam_timestamp_check_LDADD = $(top_builddir)/libpam/libpam.la
-pam_timestamp_check_LDFLAGS = @PIE_LDFLAGS@
+pam_timestamp_check_LDFLAGS = -Wl,-z,now @PIE_LDFLAGS@
hmacfile_SOURCES = hmacfile.c hmacsha1.c sha1.c
hmacfile_LDADD = $(top_builddir)/libpam/libpam.la
diff -up Linux-PAM-1.1.8/modules/pam_unix/Makefile.am.relro Linux-PAM-1.1.8/modules/pam_unix/Makefile.am
--- Linux-PAM-1.1.8/modules/pam_unix/Makefile.am.relro 2013-06-18 16:11:21.000000000 +0200
+++ Linux-PAM-1.1.8/modules/pam_unix/Makefile.am 2014-08-13 16:02:49.906688139 +0200
@@ -55,13 +55,13 @@ bigcrypt_LDADD = @LIBCRYPT@
unix_chkpwd_SOURCES = unix_chkpwd.c md5_good.c md5_broken.c bigcrypt.c \
passverify.c
unix_chkpwd_CFLAGS = $(AM_CFLAGS) @PIE_CFLAGS@ -DHELPER_COMPILE=\"unix_chkpwd\"
-unix_chkpwd_LDFLAGS = @PIE_LDFLAGS@
+unix_chkpwd_LDFLAGS = -Wl,-z,now @PIE_LDFLAGS@
unix_chkpwd_LDADD = @LIBCRYPT@ @LIBSELINUX@ @LIBAUDIT@
unix_update_SOURCES = unix_update.c md5_good.c md5_broken.c bigcrypt.c \
passverify.c
unix_update_CFLAGS = $(AM_CFLAGS) @PIE_CFLAGS@ -DHELPER_COMPILE=\"unix_update\"
-unix_update_LDFLAGS = @PIE_LDFLAGS@
+unix_update_LDFLAGS = -Wl,-z,now @PIE_LDFLAGS@
unix_update_LDADD = @LIBCRYPT@ @LIBSELINUX@
if ENABLE_REGENERATE_MAN

View file

@ -0,0 +1,806 @@
diff -up Linux-PAM-1.3.0/modules/pam_pwhistory/Makefile.am.pwhhelper Linux-PAM-1.3.0/modules/pam_pwhistory/Makefile.am
--- Linux-PAM-1.3.0/modules/pam_pwhistory/Makefile.am.pwhhelper 2016-03-24 12:45:42.000000000 +0100
+++ Linux-PAM-1.3.0/modules/pam_pwhistory/Makefile.am 2016-05-06 15:18:42.307637933 +0200
@@ -1,5 +1,6 @@
#
# Copyright (c) 2008, 2009 Thorsten Kukuk <kukuk@suse.de>
+# Copyright (c) 2013 Red Hat, Inc.
#
CLEANFILES = *~
@@ -9,25 +10,34 @@ EXTRA_DIST = README $(MANS) $(XMLS) tst-
TESTS = tst-pam_pwhistory
-man_MANS = pam_pwhistory.8
+man_MANS = pam_pwhistory.8 pwhistory_helper.8
-XMLS = README.xml pam_pwhistory.8.xml
+XMLS = README.xml pam_pwhistory.8.xml pwhistory_helper.8.xml
securelibdir = $(SECUREDIR)
secureconfdir = $(SCONFIGDIR)
-AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
-AM_LDFLAGS = -no-undefined -avoid-version -module
+AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include \
+ -DPWHISTORY_HELPER=\"$(sbindir)/pwhistory_helper\"
+
+pam_pwhistory_la_LDFLAGS = -no-undefined -avoid-version -module
if HAVE_VERSIONING
- AM_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map
+ pam_pwhistory_la_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map
endif
noinst_HEADERS = opasswd.h
securelib_LTLIBRARIES = pam_pwhistory.la
-pam_pwhistory_la_LIBADD = $(top_builddir)/libpam/libpam.la @LIBCRYPT@
+pam_pwhistory_la_CFLAGS = $(AM_CFLAGS)
+pam_pwhistory_la_LIBADD = $(top_builddir)/libpam/libpam.la @LIBCRYPT@ @LIBSELINUX@
pam_pwhistory_la_SOURCES = pam_pwhistory.c opasswd.c
+sbin_PROGRAMS = pwhistory_helper
+pwhistory_helper_CFLAGS = $(AM_CFLAGS) -DHELPER_COMPILE=\"pwhistory_helper\" @PIE_CFLAGS@
+pwhistory_helper_SOURCES = pwhistory_helper.c opasswd.c
+pwhistory_helper_LDFLAGS = -Wl,-z,now @PIE_LDFLAGS@
+pwhistory_helper_LDADD = $(top_builddir)/libpam/libpam.la @LIBCRYPT@
+
if ENABLE_REGENERATE_MAN
noinst_DATA = README
README: pam_pwhistory.8.xml
diff -up Linux-PAM-1.3.0/modules/pam_pwhistory/opasswd.c.pwhhelper Linux-PAM-1.3.0/modules/pam_pwhistory/opasswd.c
--- Linux-PAM-1.3.0/modules/pam_pwhistory/opasswd.c.pwhhelper 2016-03-24 12:45:42.000000000 +0100
+++ Linux-PAM-1.3.0/modules/pam_pwhistory/opasswd.c 2016-05-06 15:18:42.307637933 +0200
@@ -1,5 +1,6 @@
/*
* Copyright (c) 2008 Thorsten Kukuk <kukuk@suse.de>
+ * Copyright (c) 2013 Red Hat, Inc.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -38,6 +39,7 @@
#endif
#include <pwd.h>
+#include <shadow.h>
#include <time.h>
#include <ctype.h>
#include <errno.h>
@@ -47,6 +49,7 @@
#include <string.h>
#include <stdlib.h>
#include <syslog.h>
+#include <stdarg.h>
#include <sys/stat.h>
#if defined (HAVE_XCRYPT_H)
@@ -55,7 +58,14 @@
#include <crypt.h>
#endif
+#ifdef HELPER_COMPILE
+#define pam_modutil_getpwnam(h,n) getpwnam(n)
+#define pam_modutil_getspnam(h,n) getspnam(n)
+#define pam_syslog(h,a,...) helper_log_err(a,__VA_ARGS__)
+#else
+#include <security/pam_modutil.h>
#include <security/pam_ext.h>
+#endif
#include <security/pam_modules.h>
#include "opasswd.h"
@@ -76,6 +86,19 @@ typedef struct {
char *old_passwords;
} opwd;
+#ifdef HELPER_COMPILE
+void
+helper_log_err(int err, const char *format, ...)
+{
+ va_list args;
+
+ va_start(args, format);
+ openlog(HELPER_COMPILE, LOG_CONS | LOG_PID, LOG_AUTHPRIV);
+ vsyslog(err, format, args);
+ va_end(args);
+ closelog();
+}
+#endif
static int
parse_entry (char *line, opwd *data)
@@ -117,8 +140,8 @@ compare_password(const char *newpass, co
}
/* Check, if the new password is already in the opasswd file. */
-int
-check_old_pass (pam_handle_t *pamh, const char *user,
+PAMH_ARG_DECL(int
+check_old_pass, const char *user,
const char *newpass, int debug)
{
int retval = PAM_SUCCESS;
@@ -128,6 +151,11 @@ check_old_pass (pam_handle_t *pamh, cons
opwd entry;
int found = 0;
+#ifndef HELPER_COMPILE
+ if (SELINUX_ENABLED)
+ return PAM_PWHISTORY_RUN_HELPER;
+#endif
+
if ((oldpf = fopen (OLD_PASSWORDS_FILE, "r")) == NULL)
{
if (errno != ENOENT)
@@ -213,9 +241,9 @@ check_old_pass (pam_handle_t *pamh, cons
return retval;
}
-int
-save_old_pass (pam_handle_t *pamh, const char *user, uid_t uid,
- const char *oldpass, int howmany, int debug UNUSED)
+PAMH_ARG_DECL(int
+save_old_pass, const char *user,
+ int howmany, int debug UNUSED)
{
char opasswd_tmp[] = TMP_PASSWORDS_FILE;
struct stat opasswd_stat;
@@ -226,10 +254,35 @@ save_old_pass (pam_handle_t *pamh, const
char *buf = NULL;
size_t buflen = 0;
int found = 0;
+ struct passwd *pwd;
+ const char *oldpass;
+
+ pwd = pam_modutil_getpwnam (pamh, user);
+ if (pwd == NULL)
+ return PAM_USER_UNKNOWN;
if (howmany <= 0)
return PAM_SUCCESS;
+#ifndef HELPER_COMPILE
+ if (SELINUX_ENABLED)
+ return PAM_PWHISTORY_RUN_HELPER;
+#endif
+
+ if ((strcmp(pwd->pw_passwd, "x") == 0) ||
+ ((pwd->pw_passwd[0] == '#') &&
+ (pwd->pw_passwd[1] == '#') &&
+ (strcmp(pwd->pw_name, pwd->pw_passwd + 2) == 0)))
+ {
+ struct spwd *spw = pam_modutil_getspnam (pamh, user);
+
+ if (spw == NULL)
+ return PAM_USER_UNKNOWN;
+ oldpass = spw->sp_pwdp;
+ }
+ else
+ oldpass = pwd->pw_passwd;
+
if (oldpass == NULL || *oldpass == '\0')
return PAM_SUCCESS;
@@ -452,7 +505,7 @@ save_old_pass (pam_handle_t *pamh, const
{
char *out;
- if (asprintf (&out, "%s:%d:1:%s\n", user, uid, oldpass) < 0)
+ if (asprintf (&out, "%s:%d:1:%s\n", user, pwd->pw_uid, oldpass) < 0)
{
retval = PAM_AUTHTOK_ERR;
if (oldpf)
diff -up Linux-PAM-1.3.0/modules/pam_pwhistory/opasswd.h.pwhhelper Linux-PAM-1.3.0/modules/pam_pwhistory/opasswd.h
--- Linux-PAM-1.3.0/modules/pam_pwhistory/opasswd.h.pwhhelper 2016-03-24 12:45:42.000000000 +0100
+++ Linux-PAM-1.3.0/modules/pam_pwhistory/opasswd.h 2016-05-06 15:18:42.307637933 +0200
@@ -1,5 +1,6 @@
/*
* Copyright (c) 2008 Thorsten Kukuk <kukuk@suse.de>
+ * Copyright (c) 2013 Red Hat, Inc.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -36,10 +37,32 @@
#ifndef __OPASSWD_H__
#define __OPASSWD_H__
-extern int check_old_pass (pam_handle_t *pamh, const char *user,
- const char *newpass, int debug);
-extern int save_old_pass (pam_handle_t *pamh, const char *user,
- uid_t uid, const char *oldpass,
- int howmany, int debug);
+#define PAM_PWHISTORY_RUN_HELPER PAM_CRED_INSUFFICIENT
+
+#ifdef WITH_SELINUX
+#include <selinux/selinux.h>
+#define SELINUX_ENABLED is_selinux_enabled()>0
+#else
+#define SELINUX_ENABLED 0
+#endif
+
+#ifdef HELPER_COMPILE
+#define PAMH_ARG_DECL(fname, ...) fname(__VA_ARGS__)
+#define PAMH_ARG(...) __VA_ARGS__
+#else
+#define PAMH_ARG_DECL(fname, ...) fname(pam_handle_t *pamh, __VA_ARGS__)
+#define PAMH_ARG(...) pamh, __VA_ARGS__
+#endif
+
+#ifdef HELPER_COMPILE
+void
+helper_log_err(int err, const char *format, ...);
+#endif
+
+PAMH_ARG_DECL(int
+check_old_pass, const char *user, const char *newpass, int debug);
+
+PAMH_ARG_DECL(int
+save_old_pass, const char *user, int howmany, int debug);
#endif /* __OPASSWD_H__ */
diff -up Linux-PAM-1.3.0/modules/pam_pwhistory/pam_pwhistory.c.pwhhelper Linux-PAM-1.3.0/modules/pam_pwhistory/pam_pwhistory.c
--- Linux-PAM-1.3.0/modules/pam_pwhistory/pam_pwhistory.c.pwhhelper 2016-04-04 11:22:28.000000000 +0200
+++ Linux-PAM-1.3.0/modules/pam_pwhistory/pam_pwhistory.c 2016-05-06 15:19:31.610785512 +0200
@@ -1,6 +1,7 @@
/*
* Copyright (c) 2008, 2012 Thorsten Kukuk
* Author: Thorsten Kukuk <kukuk@thkukuk.de>
+ * Copyright (c) 2013 Red Hat, Inc.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -46,10 +47,14 @@
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
-#include <shadow.h>
#include <syslog.h>
#include <sys/types.h>
#include <sys/stat.h>
+#include <sys/time.h>
+#include <sys/resource.h>
+#include <sys/wait.h>
+#include <signal.h>
+#include <fcntl.h>
#include <security/pam_modules.h>
#include <security/pam_modutil.h>
@@ -59,6 +64,7 @@
#include "opasswd.h"
#define DEFAULT_BUFLEN 2048
+#define MAX_FD_NO 20000
struct options_t {
int debug;
@@ -102,6 +108,184 @@ parse_option (pam_handle_t *pamh, const
pam_syslog (pamh, LOG_ERR, "pam_pwhistory: unknown option: %s", argv);
}
+static int
+run_save_helper(pam_handle_t *pamh, const char *user,
+ int howmany, int debug)
+{
+ int retval, child;
+ struct sigaction newsa, oldsa;
+
+ memset(&newsa, '\0', sizeof(newsa));
+ newsa.sa_handler = SIG_DFL;
+ sigaction(SIGCHLD, &newsa, &oldsa);
+
+ child = fork();
+ if (child == 0)
+ {
+ int i = 0;
+ struct rlimit rlim;
+ int dummyfds[2];
+ static char *envp[] = { NULL };
+ char *args[] = { NULL, NULL, NULL, NULL, NULL, NULL };
+
+ /* replace std file descriptors with a dummy pipe */
+ if (pipe2(dummyfds, O_NONBLOCK) == 0)
+ {
+ dup2(dummyfds[0], STDIN_FILENO);
+ dup2(dummyfds[1], STDOUT_FILENO);
+ dup2(dummyfds[1], STDERR_FILENO);
+ }
+
+ if (getrlimit(RLIMIT_NOFILE,&rlim) == 0)
+ {
+ if (rlim.rlim_max >= MAX_FD_NO)
+ rlim.rlim_max = MAX_FD_NO;
+ for (i = STDERR_FILENO + 1; i < (int)rlim.rlim_max; i++)
+ {
+ if (i != dummyfds[0])
+ close(i);
+ }
+ }
+
+ /* exec binary helper */
+ args[0] = strdup(PWHISTORY_HELPER);
+ args[1] = strdup("save");
+ args[2] = x_strdup(user);
+ asprintf(&args[3], "%d", howmany);
+ asprintf(&args[4], "%d", debug);
+
+ execve(args[0], args, envp);
+
+ _exit(PAM_SYSTEM_ERR);
+ }
+ else if (child > 0)
+ {
+ /* wait for child */
+ int rc = 0;
+ rc = waitpid(child, &retval, 0); /* wait for helper to complete */
+ if (rc < 0)
+ {
+ pam_syslog(pamh, LOG_ERR, "pwhistory_helper save waitpid returned %d: %m", rc);
+ retval = PAM_SYSTEM_ERR;
+ }
+ else if (!WIFEXITED(retval))
+ {
+ pam_syslog(pamh, LOG_ERR, "pwhistory_helper save abnormal exit: %d", retval);
+ retval = PAM_SYSTEM_ERR;
+ }
+ else
+ {
+ retval = WEXITSTATUS(retval);
+ }
+ }
+ else
+ {
+ retval = PAM_SYSTEM_ERR;
+ }
+
+ sigaction(SIGCHLD, &oldsa, NULL); /* restore old signal handler */
+
+ return retval;
+}
+
+static int
+run_check_helper(pam_handle_t *pamh, const char *user,
+ const char *newpass, int debug)
+{
+ int retval, child, fds[2];
+ struct sigaction newsa, oldsa;
+
+ /* create a pipe for the password */
+ if (pipe(fds) != 0)
+ return PAM_SYSTEM_ERR;
+
+ memset(&newsa, '\0', sizeof(newsa));
+ newsa.sa_handler = SIG_DFL;
+ sigaction(SIGCHLD, &newsa, &oldsa);
+
+ child = fork();
+ if (child == 0)
+ {
+ int i = 0;
+ struct rlimit rlim;
+ int dummyfds[2];
+ static char *envp[] = { NULL };
+ char *args[] = { NULL, NULL, NULL, NULL, NULL };
+
+ /* reopen stdin as pipe */
+ dup2(fds[0], STDIN_FILENO);
+
+ /* replace std file descriptors with a dummy pipe */
+ if (pipe2(dummyfds, O_NONBLOCK) == 0)
+ {
+ dup2(dummyfds[1], STDOUT_FILENO);
+ dup2(dummyfds[1], STDERR_FILENO);
+ }
+
+ if (getrlimit(RLIMIT_NOFILE,&rlim) == 0)
+ {
+ if (rlim.rlim_max >= MAX_FD_NO)
+ rlim.rlim_max = MAX_FD_NO;
+ for (i = STDERR_FILENO + 1; i < (int)rlim.rlim_max; i++)
+ {
+ if (i != dummyfds[0])
+ close(i);
+ }
+ }
+
+ /* exec binary helper */
+ args[0] = strdup(PWHISTORY_HELPER);
+ args[1] = strdup("check");
+ args[2] = x_strdup(user);
+ asprintf(&args[3], "%d", debug);
+
+ execve(args[0], args, envp);
+
+ _exit(PAM_SYSTEM_ERR);
+ }
+ else if (child > 0)
+ {
+ /* wait for child */
+ int rc = 0;
+ if (newpass == NULL)
+ newpass = "";
+
+ /* send the password to the child */
+ if (write(fds[1], newpass, strlen(newpass)+1) == -1)
+ {
+ pam_syslog(pamh, LOG_ERR, "Cannot send password to helper: %m");
+ retval = PAM_SYSTEM_ERR;
+ }
+ newpass = NULL;
+ close(fds[0]); /* close here to avoid possible SIGPIPE above */
+ close(fds[1]);
+ rc = waitpid(child, &retval, 0); /* wait for helper to complete */
+ if (rc < 0)
+ {
+ pam_syslog(pamh, LOG_ERR, "pwhistory_helper check waitpid returned %d: %m", rc);
+ retval = PAM_SYSTEM_ERR;
+ }
+ else if (!WIFEXITED(retval))
+ {
+ pam_syslog(pamh, LOG_ERR, "pwhistory_helper check abnormal exit: %d", retval);
+ retval = PAM_SYSTEM_ERR;
+ }
+ else
+ {
+ retval = WEXITSTATUS(retval);
+ }
+ }
+ else
+ {
+ close(fds[0]);
+ close(fds[1]);
+ retval = PAM_SYSTEM_ERR;
+ }
+
+ sigaction(SIGCHLD, &oldsa, NULL); /* restore old signal handler */
+
+ return retval;
+}
/* This module saves the current crypted password in /etc/security/opasswd
and then compares the new password with all entries in this file. */
@@ -109,7 +293,6 @@ parse_option (pam_handle_t *pamh, const
int
pam_sm_chauthtok (pam_handle_t *pamh, int flags, int argc, const char **argv)
{
- struct passwd *pwd;
const char *newpass;
const char *user;
int retval, tries;
@@ -154,31 +337,13 @@ pam_sm_chauthtok (pam_handle_t *pamh, in
return PAM_SUCCESS;
}
- pwd = pam_modutil_getpwnam (pamh, user);
- if (pwd == NULL)
- return PAM_USER_UNKNOWN;
-
- if ((strcmp(pwd->pw_passwd, "x") == 0) ||
- ((pwd->pw_passwd[0] == '#') &&
- (pwd->pw_passwd[1] == '#') &&
- (strcmp(pwd->pw_name, pwd->pw_passwd + 2) == 0)))
- {
- struct spwd *spw = pam_modutil_getspnam (pamh, user);
- if (spw == NULL)
- return PAM_USER_UNKNOWN;
+ retval = save_old_pass (pamh, user, options.remember, options.debug);
- retval = save_old_pass (pamh, user, pwd->pw_uid, spw->sp_pwdp,
- options.remember, options.debug);
- if (retval != PAM_SUCCESS)
- return retval;
- }
- else
- {
- retval = save_old_pass (pamh, user, pwd->pw_uid, pwd->pw_passwd,
- options.remember, options.debug);
- if (retval != PAM_SUCCESS)
- return retval;
- }
+ if (retval == PAM_PWHISTORY_RUN_HELPER)
+ retval = run_save_helper(pamh, user, options.remember, options.debug);
+
+ if (retval != PAM_SUCCESS)
+ return retval;
newpass = NULL;
tries = 0;
@@ -207,8 +372,11 @@ pam_sm_chauthtok (pam_handle_t *pamh, in
if (options.debug)
pam_syslog (pamh, LOG_DEBUG, "check against old password file");
- if (check_old_pass (pamh, user, newpass,
- options.debug) != PAM_SUCCESS)
+ retval = check_old_pass (pamh, user, newpass, options.debug);
+ if (retval == PAM_PWHISTORY_RUN_HELPER)
+ retval = run_check_helper(pamh, user, newpass, options.debug);
+
+ if (retval != PAM_SUCCESS)
{
if (getuid() || options.enforce_for_root ||
(flags & PAM_CHANGE_EXPIRED_AUTHTOK))
diff -up Linux-PAM-1.3.0/modules/pam_pwhistory/pwhistory_helper.c.pwhhelper Linux-PAM-1.3.0/modules/pam_pwhistory/pwhistory_helper.c
--- Linux-PAM-1.3.0/modules/pam_pwhistory/pwhistory_helper.c.pwhhelper 2016-05-06 15:18:42.308637957 +0200
+++ Linux-PAM-1.3.0/modules/pam_pwhistory/pwhistory_helper.c 2016-05-06 15:18:42.308637957 +0200
@@ -0,0 +1,209 @@
+/*
+ * Copyright (c) 2013 Red Hat, Inc.
+ * Author: Tomas Mraz <tmraz@redhat.com>
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, and the entire permission notice in its entirety,
+ * including the disclaimer of warranties.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior
+ * written permission.
+ *
+ * ALTERNATIVELY, this product may be distributed under the terms of
+ * the GNU Public License, in which case the provisions of the GPL are
+ * required INSTEAD OF the above restrictions. (This clause is
+ * necessary due to a potential bad interaction between the GPL and
+ * the restrictions contained in a BSD-style copyright.)
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "config.h"
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <syslog.h>
+#include <errno.h>
+#include <unistd.h>
+#include <signal.h>
+#include <security/_pam_types.h>
+#include <security/_pam_macros.h>
+#include "opasswd.h"
+
+#define MAXPASS 200
+
+static void
+su_sighandler(int sig)
+{
+#ifndef SA_RESETHAND
+ /* emulate the behaviour of the SA_RESETHAND flag */
+ if ( sig == SIGILL || sig == SIGTRAP || sig == SIGBUS || sig = SIGSERV ) {
+ struct sigaction sa;
+ memset(&sa, '\0', sizeof(sa));
+ sa.sa_handler = SIG_DFL;
+ sigaction(sig, &sa, NULL);
+ }
+#endif
+ if (sig > 0) {
+ _exit(sig);
+ }
+}
+
+static void
+setup_signals(void)
+{
+ struct sigaction action; /* posix signal structure */
+
+ /*
+ * Setup signal handlers
+ */
+ (void) memset((void *) &action, 0, sizeof(action));
+ action.sa_handler = su_sighandler;
+#ifdef SA_RESETHAND
+ action.sa_flags = SA_RESETHAND;
+#endif
+ (void) sigaction(SIGILL, &action, NULL);
+ (void) sigaction(SIGTRAP, &action, NULL);
+ (void) sigaction(SIGBUS, &action, NULL);
+ (void) sigaction(SIGSEGV, &action, NULL);
+ action.sa_handler = SIG_IGN;
+ action.sa_flags = 0;
+ (void) sigaction(SIGTERM, &action, NULL);
+ (void) sigaction(SIGHUP, &action, NULL);
+ (void) sigaction(SIGINT, &action, NULL);
+ (void) sigaction(SIGQUIT, &action, NULL);
+}
+
+static int
+read_passwords(int fd, int npass, char **passwords)
+{
+ int rbytes = 0;
+ int offset = 0;
+ int i = 0;
+ char *pptr;
+ while (npass > 0)
+ {
+ rbytes = read(fd, passwords[i]+offset, MAXPASS-offset);
+
+ if (rbytes < 0)
+ {
+ if (errno == EINTR) continue;
+ break;
+ }
+ if (rbytes == 0)
+ break;
+
+ while (npass > 0 && (pptr=memchr(passwords[i]+offset, '\0', rbytes))
+ != NULL)
+ {
+ rbytes -= pptr - (passwords[i]+offset) + 1;
+ i++;
+ offset = 0;
+ npass--;
+ if (rbytes > 0)
+ {
+ if (npass > 0)
+ memcpy(passwords[i], pptr+1, rbytes);
+ memset(pptr+1, '\0', rbytes);
+ }
+ }
+ offset += rbytes;
+ }
+
+ /* clear up */
+ if (offset > 0 && npass > 0)
+ memset(passwords[i], '\0', offset);
+
+ return i;
+}
+
+
+static int
+check_history(const char *user, const char *debug)
+{
+ char pass[MAXPASS + 1];
+ char *passwords[] = { pass };
+ int npass;
+ int dbg = atoi(debug); /* no need to be too fancy here */
+ int retval;
+
+ /* read the password from stdin (a pipe from the pam_pwhistory module) */
+ npass = read_passwords(STDIN_FILENO, 1, passwords);
+
+ if (npass != 1)
+ { /* is it a valid password? */
+ helper_log_err(LOG_DEBUG, "no password supplied");
+ return PAM_AUTHTOK_ERR;
+ }
+
+ retval = check_old_pass(user, pass, dbg);
+
+ memset(pass, '\0', MAXPASS); /* clear memory of the password */
+
+ return retval;
+}
+
+static int
+save_history(const char *user, const char *howmany, const char *debug)
+{
+ int num = atoi(howmany);
+ int dbg = atoi(debug); /* no need to be too fancy here */
+ int retval;
+
+ retval = save_old_pass(user, num, dbg);
+
+ return retval;
+}
+
+int
+main(int argc, char *argv[])
+{
+ const char *option;
+ const char *user;
+
+ /*
+ * Catch or ignore as many signal as possible.
+ */
+ setup_signals();
+
+ /*
+ * we establish that this program is running with non-tty stdin.
+ * this is to discourage casual use.
+ */
+
+ if (isatty(STDIN_FILENO) || argc < 4)
+ {
+ fprintf(stderr,
+ "This binary is not designed for running in this way.\n");
+ sleep(10); /* this should discourage/annoy the user */
+ return PAM_SYSTEM_ERR;
+ }
+
+ option = argv[1];
+ user = argv[2];
+
+ if (strcmp(option, "check") == 0 && argc == 4)
+ return check_history(user, argv[3]);
+ else if (strcmp(option, "save") == 0 && argc == 5)
+ return save_history(user, argv[3], argv[4]);
+
+ return PAM_SYSTEM_ERR;
+}
+
diff -up Linux-PAM-1.3.0/modules/pam_pwhistory/pwhistory_helper.8.xml.pwhhelper Linux-PAM-1.3.0/modules/pam_pwhistory/pwhistory_helper.8.xml
--- Linux-PAM-1.3.0/modules/pam_pwhistory/pwhistory_helper.8.xml.pwhhelper 2016-05-06 15:18:42.308637957 +0200
+++ Linux-PAM-1.3.0/modules/pam_pwhistory/pwhistory_helper.8.xml 2016-05-06 15:18:42.308637957 +0200
@@ -0,0 +1,68 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+ "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
+
+<refentry id="pwhistory_helper">
+
+ <refmeta>
+ <refentrytitle>pwhistory_helper</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pwhistory_helper-name">
+ <refname>pwhistory_helper</refname>
+ <refpurpose>Helper binary that transfers password hashes from passwd or shadow to opasswd</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv>
+ <cmdsynopsis id="pwhistory_helper-cmdsynopsis">
+ <command>pwhistory_helper</command>
+ <arg choice="opt">
+ ...
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id="pwhistory_helper-description">
+
+ <title>DESCRIPTION</title>
+
+ <para>
+ <emphasis>pwhistory_helper</emphasis> is a helper program for the
+ <emphasis>pam_pwhistory</emphasis> module that transfers password hashes
+ from passwd or shadow file to the opasswd file and checks a password
+ supplied by user against the existing hashes in the opasswd file.
+ </para>
+
+ <para>
+ The purpose of the helper is to enable tighter confinement of
+ login and password changing services. The helper is thus called only
+ when SELinux is enabled on the system.
+ </para>
+
+ <para>
+ The interface of the helper - command line options, and input/output
+ data format are internal to the <emphasis>pam_pwhistory</emphasis>
+ module and it should not be called directly from applications.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pwhistory_helper-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam_pwhistory</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pwhistory_helper-author'>
+ <title>AUTHOR</title>
+ <para>
+ Written by Tomas Mraz based on the code originally in
+ <emphasis>pam_pwhistory and pam_unix</emphasis> modules.
+ </para>
+ </refsect1>
+
+</refentry>

View file

@ -0,0 +1,16 @@
diff -up Linux-PAM-1.3.0/modules/pam_unix/pam_unix_passwd.c.nomsg Linux-PAM-1.3.0/modules/pam_unix/pam_unix_passwd.c
--- Linux-PAM-1.3.0/modules/pam_unix/pam_unix_passwd.c.nomsg 2016-04-11 13:08:47.000000000 +0200
+++ Linux-PAM-1.3.0/modules/pam_unix/pam_unix_passwd.c 2017-04-20 16:51:24.853106709 +0200
@@ -687,12 +687,6 @@ pam_sm_chauthtok(pam_handle_t *pamh, int
return PAM_SUCCESS;
} else if (off(UNIX__IAMROOT, ctrl) ||
(on(UNIX_NIS, ctrl) && _unix_comesfromsource(pamh, user, 0, 1))) {
- /* instruct user what is happening */
- if (off(UNIX__QUIET, ctrl)) {
- retval = pam_info(pamh, _("Changing password for %s."), user);
- if (retval != PAM_SUCCESS)
- return retval;
- }
retval = pam_get_authtok(pamh, PAM_OLDAUTHTOK, &pass_old, NULL);
if (retval != PAM_SUCCESS) {

View file

@ -0,0 +1,185 @@
diff --git a/libpam/pam_handlers.c b/libpam/pam_handlers.c
index 106ef7c..b2e94c7 100644
--- a/libpam/pam_handlers.c
+++ b/libpam/pam_handlers.c
@@ -282,7 +282,6 @@ _pam_open_config_file(pam_handle_t *pamh
{
char *p;
FILE *f;
- int err = 0;
/* Absolute path */
if (service[0] == '/') {
diff --git a/libpam_misc/misc_conv.c b/libpam_misc/misc_conv.c
index be53f34..07dce36 100644
--- a/libpam_misc/misc_conv.c
+++ b/libpam_misc/misc_conv.c
@@ -211,7 +211,7 @@ static int read_string(int echo, const char *prompt, char **retstr)
line[nc] = '\0';
}
*retstr = strdup(line);
- _pam_overwrite(line);
+ _pam_overwrite_n(line, sizeof(line));
if (!*retstr) {
D(("no memory for response string"));
nc = -1;
@@ -244,7 +244,7 @@ static int read_string(int echo, const char *prompt, char **retstr)
D(("the timer appears to have expired"));
*retstr = NULL;
- _pam_overwrite(line);
+ _pam_overwrite_n(line, sizeof(line));
cleanexit:
diff --git a/modules/pam_access/pam_access.c b/modules/pam_access/pam_access.c
index 80d885d..3801862 100644
--- a/modules/pam_access/pam_access.c
+++ b/modules/pam_access/pam_access.c
@@ -806,7 +806,7 @@ pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED,
const char *user=NULL;
const void *void_from=NULL;
const char *from;
- const char const *default_config = PAM_ACCESS_CONFIG;
+ const char * const default_config = PAM_ACCESS_CONFIG;
struct passwd *user_pw;
char hostname[MAXHOSTNAMELEN + 1];
int rv;
diff --git a/modules/pam_limits/pam_limits.c b/modules/pam_limits/pam_limits.c
index 4bc4ae7..f8476b4 100644
--- a/modules/pam_limits/pam_limits.c
+++ b/modules/pam_limits/pam_limits.c
@@ -342,7 +342,7 @@ static const char *lnames[RLIM_NLIMITS] = {
#endif
};
-static int str2rlimit(char *name) {
+static int str2rlimit(const char *name) {
int i;
if (!name || *name == '\0')
return -1;
@@ -352,7 +352,7 @@ static int str2rlimit(char *name) {
return -1;
}
-static rlim_t str2rlim_t(char *value) {
+static rlim_t str2rlim_t(const char *value) {
unsigned long long rlimit = 0;
if (!value) return (rlim_t)rlimit;
@@ -384,7 +384,7 @@ static void parse_kernel_limits(pam_handle_t *pamh, struct pam_limit_s *pl, int
FILE *limitsfile;
const char *proclimits = "/proc/1/limits";
char line[256];
- char *units, *hard, *soft, *name;
+ const char *units, *hard, *soft, *name;
if (!(limitsfile = fopen(proclimits, "r"))) {
pam_syslog(pamh, LOG_WARNING, "Could not read %s (%s), using PAM defaults", proclimits, strerror(errno));
diff --git a/modules/pam_loginuid/pam_loginuid.c b/modules/pam_loginuid/pam_loginuid.c
index 96bfd98..66d202c 100644
--- a/modules/pam_loginuid/pam_loginuid.c
+++ b/modules/pam_loginuid/pam_loginuid.c
@@ -64,7 +64,7 @@ static int set_loginuid(pam_handle_t *pamh, uid_t uid)
fd = open("/proc/self/uid_map", O_RDONLY);
if (fd >= 0) {
count = pam_modutil_read(fd, uid_map, sizeof(uid_map));
- if (strncmp(uid_map, host_uid_map, count) != 0)
+ if (count <= 0 || strncmp(uid_map, host_uid_map, count) != 0)
rc = PAM_IGNORE;
close(fd);
}
diff --git a/modules/pam_mkhomedir/mkhomedir_helper.c b/modules/pam_mkhomedir/mkhomedir_helper.c
index 9e204c1..4b8d6b7 100644
--- a/modules/pam_mkhomedir/mkhomedir_helper.c
+++ b/modules/pam_mkhomedir/mkhomedir_helper.c
@@ -232,6 +232,8 @@ create_homedir(const struct passwd *pwd,
{
pam_syslog(NULL, LOG_DEBUG,
"unable to open or stat src file %s: %m", newsource);
+ if (srcfd >= 0)
+ close(srcfd);
closedir(d);
#ifndef PATH_MAX
diff --git a/modules/pam_namespace/pam_namespace.c b/modules/pam_namespace/pam_namespace.c
index f541f89..85f5efa 100644
--- a/modules/pam_namespace/pam_namespace.c
+++ b/modules/pam_namespace/pam_namespace.c
@@ -1418,6 +1418,7 @@ static int create_instance(struct polydir_s *polyptr, char *ipath, struct stat *
if (fstat(fd, &newstatbuf) < 0) {
pam_syslog(idata->pamh, LOG_ERR, "Error stating %s, %m",
ipath);
+ close(fd);
rmdir(ipath);
return PAM_SESSION_ERR;
}
diff --git a/modules/pam_pwhistory/opasswd.c b/modules/pam_pwhistory/opasswd.c
index e6cf346..813f579 100644
--- a/modules/pam_pwhistory/opasswd.c
+++ b/modules/pam_pwhistory/opasswd.c
@@ -326,6 +326,9 @@ save_old_pass (pam_handle_t *pamh, const char *user, uid_t uid,
n = strlen (buf);
#endif /* HAVE_GETLINE / HAVE_GETDELIM */
+ if (n < 1)
+ break;
+
cp = buf;
save = strdup (buf); /* Copy to write the original data back. */
if (save == NULL)
@@ -336,9 +339,6 @@ save_old_pass (pam_handle_t *pamh, const char *user, uid_t uid,
goto error_opasswd;
}
- if (n < 1)
- break;
-
tmp = strchr (cp, '#'); /* remove comments */
if (tmp)
*tmp = '\0';
diff --git a/modules/pam_rootok/pam_rootok.c b/modules/pam_rootok/pam_rootok.c
index 17baabe..a9d9140 100644
--- a/modules/pam_rootok/pam_rootok.c
+++ b/modules/pam_rootok/pam_rootok.c
@@ -66,14 +66,17 @@ log_callback (int type, const char *fmt, ...)
int audit_fd;
va_list ap;
- va_start(ap, fmt);
#ifdef HAVE_LIBAUDIT
audit_fd = audit_open();
if (audit_fd >= 0) {
char *buf;
+ int ret;
- if (vasprintf (&buf, fmt, ap) < 0)
+ va_start(ap, fmt);
+ ret = vasprintf (&buf, fmt, ap);
+ va_end(ap);
+ if (ret < 0)
return 0;
audit_log_user_avc_message(audit_fd, AUDIT_USER_AVC, buf, NULL, NULL,
NULL, 0);
@@ -83,6 +86,7 @@ log_callback (int type, const char *fmt, ...)
}
#endif
+ va_start(ap, fmt);
vsyslog (LOG_USER | LOG_INFO, fmt, ap);
va_end(ap);
return 0;
diff --git a/modules/pam_sepermit/pam_sepermit.c b/modules/pam_sepermit/pam_sepermit.c
index c653290..f37af0f 100644
--- a/modules/pam_sepermit/pam_sepermit.c
+++ b/modules/pam_sepermit/pam_sepermit.c
@@ -353,7 +353,7 @@ sepermit_match(pam_handle_t *pamh, const char *cfgfile, const char *user,
if (*sense == PAM_SUCCESS) {
if (ignore)
*sense = PAM_IGNORE;
- if (geteuid() == 0 && exclusive && get_loginuid(pamh) == -1)
+ if (geteuid() == 0 && exclusive && get_loginuid(pamh) == (uid_t)-1)
if (sepermit_lock(pamh, user, debug) < 0)
*sense = PAM_AUTH_ERR;
}

View file

@ -0,0 +1,755 @@
diff --git a/modules/pam_motd/pam_motd.8.xml b/modules/pam_motd/pam_motd.8.xml
index 906c4ed..4e2110c 100644
--- a/modules/pam_motd/pam_motd.8.xml
+++ b/modules/pam_motd/pam_motd.8.xml
@@ -21,6 +21,9 @@
<arg choice="opt">
motd=<replaceable>/path/filename</replaceable>
</arg>
+ <arg choice="opt">
+ motd_dir=<replaceable>/path/dirname.d</replaceable>
+ </arg>
</cmdsynopsis>
</refsynopsisdiv>
@@ -31,10 +34,49 @@
<para>
pam_motd is a PAM module that can be used to display
arbitrary motd (message of the day) files after a successful
- login. By default the <filename>/etc/motd</filename> file is
- shown. The message size is limited to 64KB.
+ login. By default, pam_motd shows files in the
+ following locations:
+ </para>
+ <para>
+ <simplelist type='vert'>
+ <member><filename>/etc/motd</filename></member>
+ <member><filename>/run/motd</filename></member>
+ <member><filename>/usr/lib/motd</filename></member>
+ <member><filename>/etc/motd.d/</filename></member>
+ <member><filename>/run/motd.d/</filename></member>
+ <member><filename>/usr/lib/motd.d/</filename></member>
+ </simplelist>
+ </para>
+ <para>
+ Each message size is limited to 64KB.
+ </para>
+ <para>
+ If <filename>/etc/motd</filename> does not exist,
+ then <filename>/run/motd</filename> is shown. If
+ <filename>/run/motd</filename> does not exist, then
+ <filename>/usr/lib/motd</filename> is shown.
+ </para>
+ <para>
+ Similar overriding behavior applies to the directories.
+ Files in <filename>/etc/motd.d/</filename> override files
+ with the same name in <filename>/run/motd.d/</filename> and
+ <filename>/usr/lib/motd.d/</filename>. Files in <filename>/run/motd.d/</filename>
+ override files with the same name in <filename>/usr/lib/motd.d/</filename>.
+ </para>
+ <para>
+ Files the in the directories listed above are displayed in
+ lexicographic order by name.
+ </para>
+ <para>
+ To silence a message,
+ a symbolic link with target <filename>/dev/null</filename>
+ may be placed in <filename>/etc/motd.d</filename> with
+ the same filename as the message to be silenced. Example:
+ Creating a symbolic link as follows silences <filename>/usr/lib/motd.d/my_motd</filename>.
+ </para>
+ <para>
+ <command>ln -s /dev/null /etc/motd.d/my_motd</command>
</para>
-
</refsect1>
<refsect1 id="pam_motd-options">
@@ -47,8 +89,10 @@
</term>
<listitem>
<para>
- The <filename>/path/filename</filename> file is displayed
- as message of the day.
+ The <filename>/path/filename</filename> file is displayed
+ as message of the day. Multiple paths to try can be
+ specified as a colon-separated list. By default this option
+ is set to <filename>/etc/motd:/run/motd:/usr/lib/motd</filename>.
</para>
</listitem>
</varlistentry>
@@ -59,16 +103,17 @@
<listitem>
<para>
The <filename>/path/dirname.d</filename> directory is scanned
- and each file contained inside of it is displayed.
+ and each file contained inside of it is displayed. Multiple
+ directories to scan can be specified as a colon-separated list.
+ By default this option is set to <filename>/etc/motd.d:/run/motd.d:/usr/lib/motd.d</filename>.
</para>
</listitem>
</varlistentry>
</variablelist>
<para>
- When no options are given, the default is to display both
- <filename>/etc/motd</filename> and the contents of
- <filename>/etc/motd.d</filename>. Specifying either option (or both)
- will disable this default behavior.
+ When no options are given, the default behavior applies for both
+ options. Specifying either option (or both) will disable the
+ default behavior for both options.
</para>
</refsect1>
diff --git a/modules/pam_motd/pam_motd.c b/modules/pam_motd/pam_motd.c
index cc828d7..ec3ebd5 100644
--- a/modules/pam_motd/pam_motd.c
+++ b/modules/pam_motd/pam_motd.c
@@ -33,8 +33,8 @@
*/
#define PAM_SM_SESSION
-#define DEFAULT_MOTD "/etc/motd"
-#define DEFAULT_MOTD_D "/etc/motd.d"
+#define DEFAULT_MOTD "/etc/motd:/run/motd:/usr/lib/motd"
+#define DEFAULT_MOTD_D "/etc/motd.d:/run/motd.d:/usr/lib/motd.d"
#include <security/pam_modules.h>
#include <security/pam_modutil.h>
@@ -97,12 +97,234 @@ static void try_to_display_directory(pam_handle_t *pamh, const char *dirname)
}
}
+/*
+ * Split a DELIM-separated string ARG into an array.
+ * Outputs a newly allocated array of strings OUT_ARG_SPLIT
+ * and the number of strings OUT_NUM_STRS.
+ * Returns 0 in case of error, 1 in case of success.
+ */
+static int pam_split_string(const pam_handle_t *pamh, char *arg, char delim,
+ char ***out_arg_split, uint *out_num_strs)
+{
+ char *arg_extracted = NULL;
+ const char *arg_ptr = arg;
+ char **arg_split = NULL;
+ char delim_str[2];
+ int i = 0;
+ uint num_strs = 0;
+ int retval = 0;
+
+ delim_str[0] = delim;
+ delim_str[1] = '\0';
+
+ if (arg == NULL) {
+ goto out;
+ }
+
+ while (arg_ptr != NULL) {
+ num_strs++;
+ arg_ptr = strchr(arg_ptr + sizeof(const char), delim);
+ }
+
+ arg_split = (char **)calloc(num_strs, sizeof(char *));
+ if (arg_split == NULL) {
+ pam_syslog(pamh, LOG_CRIT, "pam_motd: failed to allocate string array");
+ goto out;
+ }
+
+ arg_extracted = strtok_r(arg, delim_str, &arg);
+ while (arg_extracted != NULL && i < num_strs) {
+ arg_split[i++] = arg_extracted;
+ arg_extracted = strtok_r(NULL, delim_str, &arg);
+ }
+
+ retval = 1;
+
+ out:
+ *out_num_strs = num_strs;
+ *out_arg_split = arg_split;
+
+ return retval;
+}
+
+/* Join A_STR and B_STR, inserting a "/" between them if one is not already trailing
+ * in A_STR or beginning B_STR. A pointer to a newly allocated string holding the
+ * joined string is returned in STRP_OUT.
+ * Returns -1 in case of error, or the number of bytes in the joined string in
+ * case of success. */
+static int join_dir_strings(char **strp_out, const char *a_str, const char *b_str)
+{
+ int has_sep = 0;
+ int retval = -1;
+ char *join_strp = NULL;
+
+ if (strp_out == NULL || a_str == NULL || b_str == NULL) {
+ goto out;
+ }
+ if (strlen(a_str) == 0) {
+ goto out;
+ }
+
+ has_sep = (a_str[strlen(a_str) - 1] == '/') || (b_str[0] == '/');
+
+ retval = asprintf(&join_strp, "%s%s%s", a_str,
+ (has_sep == 1) ? "" : "/", b_str);
+
+ if (retval < 0) {
+ goto out;
+ }
+
+ *strp_out = join_strp;
+
+ out:
+ return retval;
+}
+
+static int compare_strings(const void * a, const void * b)
+{
+ const char *a_str = *(char **)a;
+ const char *b_str = *(char **)b;
+
+ if (a_str == NULL && b_str == NULL) {
+ return 0;
+ }
+ else if (a_str == NULL) {
+ return -1;
+ }
+ else if (b_str == NULL) {
+ return 1;
+ }
+ else {
+ return strcmp(a_str, b_str);
+ }
+}
+
+static int filter_dirents(const struct dirent *d)
+{
+ return (d->d_type == DT_REG || d->d_type == DT_LNK);
+}
+
+static void try_to_display_directories_with_overrides(pam_handle_t *pamh,
+ char **motd_dir_path_split, int num_motd_dirs)
+{
+ struct dirent ***dirscans = NULL;
+ int *dirscans_sizes = NULL;
+ int dirscans_size_total = 0;
+ char **dirnames_all = NULL;
+ int i;
+ int i_dirnames = 0;
+
+ if (pamh == NULL || motd_dir_path_split == NULL) {
+ goto out;
+ }
+ if (num_motd_dirs < 1) {
+ goto out;
+ }
+
+ if ((dirscans = (struct dirent ***)calloc(num_motd_dirs,
+ sizeof(struct dirent **))) == NULL) {
+ pam_syslog(pamh, LOG_CRIT, "pam_motd: failed to allocate dirent arrays");
+ goto out;
+ }
+ if ((dirscans_sizes = (int *)calloc(num_motd_dirs, sizeof(int))) == NULL) {
+ pam_syslog(pamh, LOG_CRIT, "pam_motd: failed to allocate dirent array sizes");
+ goto out;
+ }
+
+ for (i = 0; i < num_motd_dirs; i++) {
+ dirscans_sizes[i] = scandir(motd_dir_path_split[i], &(dirscans[i]),
+ filter_dirents, alphasort);
+ if (dirscans_sizes[i] < 0) {
+ pam_syslog(pamh, LOG_ERR, "pam_motd: error scanning directory %s", motd_dir_path_split[i]);
+ dirscans_sizes[i] = 0;
+ }
+ dirscans_size_total += dirscans_sizes[i];
+ }
+
+ /* Allocate space for all file names found in the directories, including duplicates. */
+ if ((dirnames_all = (char **)calloc(dirscans_size_total,
+ sizeof(char *))) == NULL) {
+ pam_syslog(pamh, LOG_CRIT, "pam_motd: failed to allocate dirname array");
+ goto out;
+ }
+
+ for (i = 0; i < dirscans_size_total; i++) {
+ dirnames_all[i] = NULL;
+ }
+
+ for (i = 0; i < num_motd_dirs; i++) {
+ int j;
+
+ for (j = 0; j < dirscans_sizes[i]; j++) {
+ dirnames_all[i_dirnames] = dirscans[i][j]->d_name;
+ i_dirnames++;
+ }
+ }
+
+ qsort(dirnames_all, dirscans_size_total,
+ sizeof(const char *), compare_strings);
+
+ for (i = 0; i < dirscans_size_total; i++) {
+ int j;
+
+ if (dirnames_all[i] == NULL) {
+ continue;
+ }
+
+ /* Skip duplicate file names. */
+ if (i > 0 && strcmp(dirnames_all[i], dirnames_all[i - 1]) == 0) {
+ continue;
+ }
+
+ for (j = 0; j < num_motd_dirs; j++) {
+ char *abs_path = NULL;
+
+ if (join_dir_strings(&abs_path, motd_dir_path_split[j],
+ dirnames_all[i]) < 0) {
+ continue;
+ }
+
+ if (abs_path != NULL) {
+ int fd = open(abs_path, O_RDONLY, 0);
+ if (fd >= 0) {
+ try_to_display_fd(pamh, fd);
+ close(fd);
+
+ /* We displayed a file, skip to the next file name. */
+ break;
+ }
+ }
+ _pam_drop(abs_path);
+ }
+ }
+
+ out:
+ _pam_drop(dirnames_all);
+ for (i = 0; i < num_motd_dirs; i++) {
+ int j;
+ for (j = 0; j < dirscans_sizes[i]; j++) {
+ _pam_drop(dirscans[i][j]);
+ }
+ _pam_drop(dirscans[i]);
+ }
+ _pam_drop(dirscans_sizes);
+ _pam_drop(dirscans);
+
+ return;
+}
+
int pam_sm_open_session(pam_handle_t *pamh, int flags,
int argc, const char **argv)
{
int retval = PAM_IGNORE;
const char *motd_path = NULL;
+ char *motd_path_copy = NULL;
+ int num_motd_paths = 0;
+ char **motd_path_split = NULL;
const char *motd_dir_path = NULL;
+ char *motd_dir_path_copy = NULL;
+ int num_motd_dir_paths = 0;
+ char **motd_dir_path_split = NULL;
if (flags & PAM_SILENT) {
return retval;
@@ -141,16 +363,52 @@ int pam_sm_open_session(pam_handle_t *pamh, int flags,
}
if (motd_path != NULL) {
- int fd = open(motd_path, O_RDONLY, 0);
+ motd_path_copy = strdup(motd_path);
+ }
+
+ if (motd_path_copy != NULL) {
+ if (pam_split_string(pamh, motd_path_copy, ':',
+ &motd_path_split, &num_motd_paths) == 0) {
+ goto out;
+ }
+ }
+
+ if (motd_dir_path != NULL) {
+ motd_dir_path_copy = strdup(motd_dir_path);
+ }
- if (fd >= 0) {
- try_to_display_fd(pamh, fd);
- close(fd);
+ if (motd_dir_path_copy != NULL) {
+ if (pam_split_string(pamh, motd_dir_path_copy, ':',
+ &motd_dir_path_split, &num_motd_dir_paths) == 0) {
+ goto out;
}
}
- if (motd_dir_path != NULL)
- try_to_display_directory(pamh, motd_dir_path);
+ if (motd_path_split != NULL) {
+ int i;
+
+ for (i = 0; i < num_motd_paths; i++) {
+ int fd = open(motd_path_split[i], O_RDONLY, 0);
+
+ if (fd >= 0) {
+ try_to_display_fd(pamh, fd);
+ close(fd);
+
+ /* We found and displayed a file, move onto next filename. */
+ break;
+ }
+ }
+ }
+
+ if (motd_dir_path_split != NULL)
+ try_to_display_directories_with_overrides(pamh, motd_dir_path_split,
+ num_motd_dir_paths);
+
+ out:
+ _pam_drop(motd_path_copy);
+ _pam_drop(motd_path_split);
+ _pam_drop(motd_dir_path_copy);
+ _pam_drop(motd_dir_path_split);
return retval;
}
diff --git a/xtests/Makefile.am b/xtests/Makefile.am
index a6d6f8d..4d5aba3 100644
--- a/xtests/Makefile.am
+++ b/xtests/Makefile.am
@@ -32,7 +32,10 @@ EXTRA_DIST = run-xtests.sh tst-pam_dispatch1.pamd tst-pam_dispatch2.pamd \
tst-pam_substack5.pamd tst-pam_substack5a.pamd tst-pam_substack5.sh \
tst-pam_assemble_line1.pamd tst-pam_assemble_line1.sh \
tst-pam_pwhistory1.pamd tst-pam_pwhistory1.sh \
- tst-pam_time1.pamd time.conf
+ tst-pam_time1.pamd time.conf \
+ tst-pam_motd.sh tst-pam_motd1.sh tst-pam_motd2.sh \
+ tst-pam_motd3.sh tst-pam_motd4.sh tst-pam_motd1.pamd \
+ tst-pam_motd2.pamd tst-pam_motd3.pamd tst-pam_motd4.pamd
XTESTS = tst-pam_dispatch1 tst-pam_dispatch2 tst-pam_dispatch3 \
tst-pam_dispatch4 tst-pam_dispatch5 \
@@ -41,7 +44,7 @@ XTESTS = tst-pam_dispatch1 tst-pam_dispatch2 tst-pam_dispatch3 \
tst-pam_access1 tst-pam_access2 tst-pam_access3 \
tst-pam_access4 tst-pam_limits1 tst-pam_succeed_if1 \
tst-pam_group1 tst-pam_authfail tst-pam_authsucceed \
- tst-pam_pwhistory1 tst-pam_time1
+ tst-pam_pwhistory1 tst-pam_time1 tst-pam_motd
NOSRCTESTS = tst-pam_substack1 tst-pam_substack2 tst-pam_substack3 \
tst-pam_substack4 tst-pam_substack5 tst-pam_assemble_line1
diff --git a/xtests/tst-pam_motd.c b/xtests/tst-pam_motd.c
new file mode 100644
index 0000000..bba2f9d
--- /dev/null
+++ b/xtests/tst-pam_motd.c
@@ -0,0 +1,69 @@
+/*
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, and the entire permission notice in its entirety,
+ * including the disclaimer of warranties.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior
+ * written permission.
+ *
+ * ALTERNATIVELY, this product may be distributed under the terms of
+ * the GNU Public License, in which case the provisions of the GPL are
+ * required INSTEAD OF the above restrictions. (This clause is
+ * necessary due to a potential bad interaction between the GPL and
+ * the restrictions contained in a BSD-style copyright.)
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <security/pam_appl.h>
+#include <security/pam_misc.h>
+
+static struct pam_conv conv = {
+ misc_conv,
+ NULL
+};
+
+int main(int argc, char *argv[])
+{
+ pam_handle_t *pamh=NULL;
+ char *tst_arg = NULL;
+ int retval;
+
+ if (argc > 1)
+ tst_arg = argv[1];
+
+ retval = pam_start(tst_arg, NULL, &conv, &pamh);
+
+ retval = pam_open_session(pamh, 0);
+
+ retval = pam_close_session(pamh, 0);
+
+ if (pam_end(pamh,retval) != PAM_SUCCESS) { /* close Linux-PAM */
+ pamh = NULL;
+ exit(1);
+ }
+
+ return ( retval == PAM_SUCCESS ? 0:1 ); /* indicate success */
+}
diff --git a/xtests/tst-pam_motd.sh b/xtests/tst-pam_motd.sh
new file mode 100755
index 0000000..9080128
--- /dev/null
+++ b/xtests/tst-pam_motd.sh
@@ -0,0 +1,8 @@
+#!/bin/bash
+
+set -e
+
+./tst-pam_motd1.sh
+./tst-pam_motd2.sh
+./tst-pam_motd3.sh
+./tst-pam_motd4.sh
diff --git a/xtests/tst-pam_motd1.pamd b/xtests/tst-pam_motd1.pamd
new file mode 100644
index 0000000..ddea82c
--- /dev/null
+++ b/xtests/tst-pam_motd1.pamd
@@ -0,0 +1,3 @@
+#%PAM-1.0
+session required pam_permit.so
+session optional pam_motd.so motd=tst-pam_motd1.d/etc/motd motd_dir=tst-pam_motd1.d/etc/motd.d
diff --git a/xtests/tst-pam_motd1.sh b/xtests/tst-pam_motd1.sh
new file mode 100755
index 0000000..cc88854
--- /dev/null
+++ b/xtests/tst-pam_motd1.sh
@@ -0,0 +1,36 @@
+#!/bin/bash
+
+TST_DIR="tst-pam_motd1.d"
+
+function tst_cleanup() {
+ rm -rf "${TST_DIR}"
+ rm -f tst-pam_motd1.out
+}
+
+mkdir -p ${TST_DIR}
+mkdir -p ${TST_DIR}/etc/motd.d
+
+# Verify the case of single motd and motd.d directory works
+echo "motd: /etc/motd" > ${TST_DIR}/etc/motd
+echo "motd: /etc/motd.d/test" > ${TST_DIR}/etc/motd.d/test
+
+./tst-pam_motd tst-pam_motd1 > tst-pam_motd1.out
+
+RET=$?
+
+motd_to_show_output=$(cat tst-pam_motd1.out | grep "motd: /etc/motd")
+if [ -z "${motd_to_show_output}" ];
+then
+ tst_cleanup
+ exit 1
+fi
+
+motd_dir_to_show_output=$(cat tst-pam_motd1.out | grep "motd: /etc/motd.d/test")
+if [ -z "${motd_dir_to_show_output}" ];
+then
+ tst_cleanup
+ exit 1
+fi
+
+tst_cleanup
+exit $RET
diff --git a/xtests/tst-pam_motd2.pamd b/xtests/tst-pam_motd2.pamd
new file mode 100644
index 0000000..8200191
--- /dev/null
+++ b/xtests/tst-pam_motd2.pamd
@@ -0,0 +1,3 @@
+#%PAM-1.0
+session required pam_permit.so
+session optional pam_motd.so motd=tst-pam_motd2.d/etc/motd:tst-pam_motd2.d/run/motd:tst-pam_motd2.d/usr/lib/motd motd_dir=tst-pam_motd2.d/etc/motd.d:tst-pam_motd2.d/run/motd.d:tst-pam_motd2.d/usr/lib/motd.d
diff --git a/xtests/tst-pam_motd2.sh b/xtests/tst-pam_motd2.sh
new file mode 100755
index 0000000..d26ea92
--- /dev/null
+++ b/xtests/tst-pam_motd2.sh
@@ -0,0 +1,53 @@
+#!/bin/bash
+
+TST_DIR="tst-pam_motd2.d"
+
+function tst_cleanup() {
+ rm -rf "${TST_DIR}"
+ rm -f tst-pam_motd2.out
+}
+
+mkdir -p ${TST_DIR}
+mkdir -p ${TST_DIR}/etc/motd.d
+mkdir -p ${TST_DIR}/run/motd.d
+mkdir -p ${TST_DIR}/usr/lib/motd.d
+
+echo "motd: /etc/motd" > ${TST_DIR}/etc/motd
+echo "motd: /run/motd" > ${TST_DIR}/run/motd
+echo "motd: /usr/lib/motd" > ${TST_DIR}/usr/lib/motd
+
+# Drop a motd file in test directories such that every overriding
+# condition (for 3 directories in this case) will be seen.
+echo "motd: e0r0u1 in usr/lib - will show" > ${TST_DIR}/usr/lib/motd.d/e0r0u1.motd
+echo "motd: e0r1u0 in run - will show" > ${TST_DIR}/run/motd.d/e0r1u0.motd
+echo "motd: e0r1u1 in usr/lib - not show" > ${TST_DIR}/usr/lib/motd.d/e0r1u1.motd
+echo "motd: e0r1u1 in run - will show" > ${TST_DIR}/run/motd.d/e0r1u1.motd
+echo "motd: e1r0u0 in etc - will show" > ${TST_DIR}/etc/motd.d/e1r0u0.motd
+echo "motd: e1r0u1 in usr/lib - not show" > ${TST_DIR}/usr/lib/motd.d/e1r0u1.motd
+echo "motd: e1r0u1 in etc - will show" > ${TST_DIR}/etc/motd.d/e1r0u1.motd
+echo "motd: e1r1u0 in run - not show" > ${TST_DIR}/run/motd.d/e1r1u0.motd
+echo "motd: e1r1u0 in etc - will show" > ${TST_DIR}/etc/motd.d/e1r1u0.motd
+echo "motd: e1r1u1 in usr/lib - not show" > ${TST_DIR}/usr/lib/motd.d/e1r1u1.motd
+echo "motd: e1r1u1 in run - not show" > ${TST_DIR}/run/motd.d/e1r1u1.motd
+echo "motd: e1r1u1 in etc - will show" > ${TST_DIR}/etc/motd.d/e1r1u1.motd
+
+./tst-pam_motd tst-pam_motd2 > tst-pam_motd2.out
+
+RET=$?
+
+motd_to_show_output=$(cat tst-pam_motd2.out | grep "motd: /etc/motd")
+if [ -z "${motd_to_show_output}" ];
+then
+ tst_cleanup
+ exit 1
+fi
+
+motd_dir_not_show_output=$(cat tst-pam_motd2.out | grep "not show")
+if [ -n "${motd_dir_not_show_output}" ];
+then
+ tst_cleanup
+ exit 1
+fi
+
+tst_cleanup
+exit $RET
diff --git a/xtests/tst-pam_motd3.pamd b/xtests/tst-pam_motd3.pamd
new file mode 100644
index 0000000..a8b8cbf
--- /dev/null
+++ b/xtests/tst-pam_motd3.pamd
@@ -0,0 +1,3 @@
+#%PAM-1.0
+session required pam_permit.so
+session optional pam_motd.so motd=tst-pam_motd3.d/etc/motd:tst-pam_motd3.d/run/motd:tst-pam_motd3.d/usr/lib/motd motd_dir=tst-pam_motd3.d/etc/motd.d:tst-pam_motd3.d/run/motd.d:tst-pam_motd3.d/usr/lib/motd.d
diff --git a/xtests/tst-pam_motd3.sh b/xtests/tst-pam_motd3.sh
new file mode 100755
index 0000000..e18856b
--- /dev/null
+++ b/xtests/tst-pam_motd3.sh
@@ -0,0 +1,53 @@
+#!/bin/bash
+
+TST_DIR="tst-pam_motd3.d"
+
+function tst_cleanup() {
+ rm -rf "${TST_DIR}"
+ rm -f tst-pam_motd3.out
+}
+
+mkdir -p ${TST_DIR}
+mkdir -p ${TST_DIR}/etc/motd.d
+mkdir -p ${TST_DIR}/run/motd.d
+mkdir -p ${TST_DIR}/usr/lib/motd.d
+
+# Verify motd is still displayed when not overridden
+echo "motd: test-show in run - show" > ${TST_DIR}/run/motd.d/test-show.motd
+
+# Test overridden by a symlink to a file that isn't /dev/null; symlink target should show
+echo "motd: hidden-by-symlink in usr/lib - not show" > ${TST_DIR}/usr/lib/motd.d/hidden-by-symlink.motd
+echo "motd: test-from-symlink - show" > ${TST_DIR}/test-from-symlink.motd
+ln -sr ${TST_DIR}/test-from-symlink.motd ${TST_DIR}/run/motd.d/hidden-by-symlink.motd
+
+# Test hidden by a null symlink
+echo "motd: hidden-by-null-symlink in run - not show" > ${TST_DIR}/run/motd.d/hidden-by-null-symlink.motd
+ln -s /dev/null ${TST_DIR}/etc/motd.d/hidden-by-null-symlink.motd
+
+./tst-pam_motd tst-pam_motd3 > tst-pam_motd3.out
+
+RET=$?
+
+motd_dir_not_show_output=$(cat tst-pam_motd3.out | grep "not show")
+if [ -n "${motd_dir_not_show_output}" ];
+then
+ tst_cleanup
+ exit 1
+fi
+
+motd_test_show_output=$(cat tst-pam_motd3.out | grep "test-show.*- show")
+if [ -z "${motd_test_show_output}" ];
+then
+ tst_cleanup
+ exit 1
+fi
+
+motd_general_symlink_show_output=$(cat tst-pam_motd3.out | grep "test-from-symlink.*- show")
+if [ -z "${motd_general_symlink_show_output}" ];
+then
+ tst_cleanup
+ exit 1
+fi
+
+tst_cleanup
+exit $RET
diff --git a/xtests/tst-pam_motd4.pamd b/xtests/tst-pam_motd4.pamd
new file mode 100644
index 0000000..9dc311a
--- /dev/null
+++ b/xtests/tst-pam_motd4.pamd
@@ -0,0 +1,3 @@
+#%PAM-1.0
+session required pam_permit.so
+session optional pam_motd.so motd=tst-pam_motd4.d/etc/motd
diff --git a/xtests/tst-pam_motd4.sh b/xtests/tst-pam_motd4.sh
new file mode 100755
index 0000000..6022177
--- /dev/null
+++ b/xtests/tst-pam_motd4.sh
@@ -0,0 +1,27 @@
+#!/bin/bash
+
+TST_DIR="tst-pam_motd4.d"
+
+function tst_cleanup() {
+ rm -rf "${TST_DIR}"
+ rm -f tst-pam_motd4.out
+}
+
+mkdir -p ${TST_DIR}/etc
+
+# Verify the case of single motd with no motd_dir given in tst-pam_motd4.pamd
+echo "motd: /etc/motd" > ${TST_DIR}/etc/motd
+
+./tst-pam_motd tst-pam_motd4 > tst-pam_motd4.out
+
+RET=$?
+
+motd_to_show_output=$(cat tst-pam_motd4.out | grep "motd: /etc/motd")
+if [ -z "${motd_to_show_output}" ];
+then
+ tst_cleanup
+ exit 1
+fi
+
+tst_cleanup
+exit $RET

View file

@ -0,0 +1,24 @@
diff -up Linux-PAM-1.3.1/doc/Makefile.am.noflex Linux-PAM-1.3.1/doc/Makefile.am
--- Linux-PAM-1.3.1/doc/Makefile.am.noflex 2017-02-10 11:10:15.000000000 +0100
+++ Linux-PAM-1.3.1/doc/Makefile.am 2018-05-18 14:53:50.300997606 +0200
@@ -2,7 +2,7 @@
# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
#
-SUBDIRS = man specs sag adg mwg
+SUBDIRS = man sag adg mwg
CLEANFILES = *~
diff -up Linux-PAM-1.3.1/Makefile.am.noflex Linux-PAM-1.3.1/Makefile.am
--- Linux-PAM-1.3.1/Makefile.am.noflex 2018-05-18 14:53:50.301997629 +0200
+++ Linux-PAM-1.3.1/Makefile.am 2018-05-18 14:55:31.576353800 +0200
@@ -4,7 +4,7 @@
AUTOMAKE_OPTIONS = 1.9 gnu dist-bzip2 dist-xz check-news
-SUBDIRS = libpam tests libpamc libpam_misc modules po conf doc examples xtests
+SUBDIRS = libpam tests libpamc libpam_misc modules po doc examples xtests
CLEANFILES = *~

View file

@ -0,0 +1,78 @@
diff -up Linux-PAM-1.3.1/configure.ac.redhat-modules Linux-PAM-1.3.1/configure.ac
--- Linux-PAM-1.3.1/configure.ac.redhat-modules 2018-05-18 12:57:57.000000000 +0200
+++ Linux-PAM-1.3.1/configure.ac 2018-11-26 12:58:14.623545121 +0100
@@ -611,10 +611,12 @@ AC_CONFIG_FILES([Makefile libpam/Makefil
libpam_misc/Makefile conf/Makefile conf/pam_conv1/Makefile \
po/Makefile.in \
modules/Makefile \
+ modules/pam_chroot/Makefile modules/pam_console/Makefile \
+ modules/pam_postgresok/Makefile \
modules/pam_access/Makefile modules/pam_cracklib/Makefile \
modules/pam_debug/Makefile modules/pam_deny/Makefile \
modules/pam_echo/Makefile modules/pam_env/Makefile \
- modules/pam_faildelay/Makefile \
+ modules/pam_faildelay/Makefile modules/pam_faillock/Makefile \
modules/pam_filter/Makefile modules/pam_filter/upperLOWER/Makefile \
modules/pam_ftp/Makefile modules/pam_group/Makefile \
modules/pam_issue/Makefile modules/pam_keyinit/Makefile \
diff -up Linux-PAM-1.3.1/doc/sag/pam_faillock.xml.redhat-modules Linux-PAM-1.3.1/doc/sag/pam_faillock.xml
--- Linux-PAM-1.3.1/doc/sag/pam_faillock.xml.redhat-modules 2018-11-26 12:58:14.623545121 +0100
+++ Linux-PAM-1.3.1/doc/sag/pam_faillock.xml 2018-11-26 12:58:14.623545121 +0100
@@ -0,0 +1,38 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
+<section id='sag-pam_faillock'>
+ <title>pam_faillock - temporarily locking access based on failed authentication attempts during an interval</title>
+ <cmdsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_faillock/pam_faillock.8.xml" xpointer='xpointer(//cmdsynopsis[@id = "pam_faillock-cmdsynopsisauth"]/*)'/>
+ </cmdsynopsis>
+ <cmdsynopsis>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_faillock/pam_faillock.8.xml" xpointer='xpointer(//cmdsynopsis[@id = "pam_faillock-cmdsynopsisacct"]/*)'/>
+ </cmdsynopsis>
+ <section id='sag-pam_faillock-description'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_faillock/pam_faillock.8.xml" xpointer='xpointer(//refsect1[@id = "pam_faillock-description"]/*)'/>
+ </section>
+ <section id='sag-pam_faillock-options'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_faillock/pam_faillock.8.xml" xpointer='xpointer(//refsect1[@id = "pam_faillock-options"]/*)'/>
+ </section>
+ <section id='sag-pam_faillock-types'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_faillock/pam_faillock.8.xml" xpointer='xpointer(//refsect1[@id = "pam_faillock-types"]/*)'/>
+ </section>
+ <section id='sag-pam_faillock-return_values'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_faillock/pam_faillock.8.xml" xpointer='xpointer(//refsect1[@id = "pam_faillock-return_values"]/*)'/>
+ </section>
+ <section id='sag-pam_faillock-examples'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_faillock/pam_faillock.8.xml" xpointer='xpointer(//refsect1[@id = "pam_faillock-examples"]/*)'/>
+ </section>
+ <section id='sag-pam_faillock-author'>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="../../modules/pam_faillock/pam_faillock.8.xml" xpointer='xpointer(//refsect1[@id = "pam_faillock-author"]/*)'/>
+ </section>
+</section>
diff -up Linux-PAM-1.3.1/modules/Makefile.am.redhat-modules Linux-PAM-1.3.1/modules/Makefile.am
--- Linux-PAM-1.3.1/modules/Makefile.am.redhat-modules 2017-02-10 11:10:15.000000000 +0100
+++ Linux-PAM-1.3.1/modules/Makefile.am 2018-11-26 12:58:14.623545121 +0100
@@ -3,13 +3,14 @@
#
SUBDIRS = pam_access pam_cracklib pam_debug pam_deny pam_echo \
+ pam_chroot pam_console pam_postgresok pam_faillock \
pam_env pam_exec pam_faildelay pam_filter pam_ftp \
pam_group pam_issue pam_keyinit pam_lastlog pam_limits \
pam_listfile pam_localuser pam_loginuid pam_mail \
pam_mkhomedir pam_motd pam_namespace pam_nologin \
pam_permit pam_pwhistory pam_rhosts pam_rootok pam_securetty \
pam_selinux pam_sepermit pam_shells pam_stress \
- pam_succeed_if pam_tally pam_tally2 pam_time pam_timestamp \
+ pam_succeed_if pam_time pam_timestamp \
pam_tty_audit pam_umask \
pam_unix pam_userdb pam_warn pam_wheel pam_xauth

View file

@ -0,0 +1,34 @@
From f7abb8c1ef3aa31e6c2564a8aaf69683a77c2016 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bj=C3=B6rn=20Esser?= <besser82@fedoraproject.org>
Date: Thu, 15 Nov 2018 15:01:57 +0100
Subject: [PATCH] pam_unix: Use bcrypt b-variant for computing new hashes.
Bcrypt hashes used the "$2a$" prefix since 1997.
However, in 2011 an implementation bug was discovered in bcrypt
affecting the handling of characters in passphrases with the 8th
bit set.
Besides fixing the bug, OpenBSD 5.5 introduced the "$2b$" prefix
for a behavior that exactly matches crypt_blowfish's "$2y$", and
the crypt_blowfish implementation supports it as well since v1.1.
That said new computed bcrypt hashes should use the "$2b$" prefix.
* modules/pam_unix/passverify.c: Use bcrypt b-variant.
---
modules/pam_unix/passverify.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/modules/pam_unix/passverify.c b/modules/pam_unix/passverify.c
index 9c1771e2..1f433b3a 100644
--- a/modules/pam_unix/passverify.c
+++ b/modules/pam_unix/passverify.c
@@ -385,7 +385,7 @@ PAMH_ARG_DECL(char * create_password_hash,
/* algoid = "$1" */
return crypt_md5_wrapper(password);
} else if (on(UNIX_BLOWFISH_PASS, ctrl)) {
- algoid = "$2a$";
+ algoid = "$2b$";
} else if (on(UNIX_SHA256_PASS, ctrl)) {
algoid = "$5$";
} else if (on(UNIX_SHA512_PASS, ctrl)) {

View file

@ -0,0 +1,73 @@
From 86eed7ca01864b9fd17099e57f10f2b9b6b568a1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bj=C3=B6rn=20Esser?= <besser82@fedoraproject.org>
Date: Mon, 26 Nov 2018 22:33:17 +0100
Subject: [PATCH] pam_unix: Report unusable hashes found by checksalt to
syslog.
libxcrypt can be build-time configured to support (or not support)
various hashing methods. Future versions will also have support for
runtime configuration by the system's vendor and/or administrator.
For that reason adminstrator should be notified by pam if users cannot
log into their account anymore because of such a change in the system's
configuration of libxcrypt.
Also check for malformed hashes, like descrypt hashes starting with
"$2...", which might have been generated by unsafe base64 encoding
functions as used in glibc <= 2.16.
Such hashes are likely to be rejected by many recent implementations
of libcrypt.
* modules/pam_unix/passverify.c (verify_pwd_hash): Report unusable
hashes found by checksalt to syslog.
---
modules/pam_unix/passverify.c | 36 +++++++++++++++++++++++++++++++++++
1 file changed, 36 insertions(+)
diff --git a/modules/pam_unix/passverify.c b/modules/pam_unix/passverify.c
index eb2444bb..2c808eb5 100644
--- a/modules/pam_unix/passverify.c
+++ b/modules/pam_unix/passverify.c
@@ -103,6 +103,42 @@ verify_pwd_hash(const char *p, char *hash, unsigned int nullok)
* Ok, we don't know the crypt algorithm, but maybe
* libcrypt knows about it? We should try it.
*/
+#if defined(CRYPT_CHECKSALT_AVAILABLE) && CRYPT_CHECKSALT_AVAILABLE
+ /* Get the status of the hash from checksalt */
+ int retval_checksalt = crypt_checksalt(hash);
+
+ /*
+ * Check for hashing methods that are disabled by
+ * libcrypt configuration and/or system preset.
+ */
+ if (retval_checksalt == CRYPT_SALT_METHOD_DISABLED) {
+ /*
+ * pam_syslog() needs a pam handle,
+ * but that's not available here.
+ */
+ helper_log_err(LOG_ERR,
+ "pam_unix(verify_pwd_hash): The method "
+ "for computing the hash \"%.6s\" has been "
+ "disabled in libcrypt by the preset from "
+ "the system's vendor and/or administrator.",
+ hash);
+ }
+ /*
+ * Check for malformed hashes, like descrypt hashes
+ * starting with "$2...", which might have been
+ * generated by unsafe base64 encoding functions
+ * as used in glibc <= 2.16.
+ * Such hashes are likely to be rejected by many
+ * recent implementations of libcrypt.
+ */
+ if (retval_checksalt == CRYPT_SALT_INVALID) {
+ helper_log_err(LOG_ERR,
+ "pam_unix(verify_pwd_hash): The hash \"%.6s\""
+ "does not use a method known by the version "
+ "of libcrypt this system is supplied with.",
+ hash);
+ }
+#endif
#ifdef HAVE_CRYPT_R
struct crypt_data *cdata;
cdata = malloc(sizeof(*cdata));

View file

@ -0,0 +1,40 @@
From 62425bf2a0c72d0e23139d0b285547a7add26251 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bj=C3=B6rn=20Esser?= <besser82@fedoraproject.org>
Date: Thu, 15 Nov 2018 19:49:44 +0100
Subject: [PATCH] pam_unix: Add support for crypt_checksalt, if libcrypt
supports it.
libxcrypt v4.3 has added the crypt_checksalt function to whether
the prefix at the begining of a given hash string refers to a
supported hashing method.
Future revisions of this function will add support to check whether
the hashing method, the prefix refers to, was disabled or considered
deprecated by the system's factory presets or system administrator.
Furthermore it will be able to detect whether the parameters, which
are used by the corresponding hashing method, being encoded in the
hash string are not considered to be strong enough anymore.
*modules/pam_unix/passverify.c: Add support for crypt_checksalt.
---
modules/pam_unix/passverify.c | 15 +++++++++++++++
1 file changed, 15 insertions(+)
diff --git a/modules/pam_unix/passverify.c b/modules/pam_unix/passverify.c
index 1f433b3a..6132130a 100644
--- a/modules/pam_unix/passverify.c
+++ b/modules/pam_unix/passverify.c
@@ -244,7 +244,13 @@ PAMH_ARG_DECL(int check_shadow_expiry,
D(("account expired"));
return PAM_ACCT_EXPIRED;
}
+#if defined(CRYPT_CHECKSALT_AVAILABLE) && CRYPT_CHECKSALT_AVAILABLE
+ if (spent->sp_lstchg == 0 ||
+ crypt_checksalt(spent->sp_pwdp) == CRYPT_SALT_METHOD_LEGACY ||
+ crypt_checksalt(spent->sp_pwdp) == CRYPT_SALT_TOO_CHEAP) {
+#else
if (spent->sp_lstchg == 0) {
+#endif
D(("need a new password"));
*daysleft = 0;
return PAM_NEW_AUTHTOK_REQD;

View file

@ -0,0 +1,104 @@
From d8d11db2cef65da5d2afa7acf21aa9c8cd88abed Mon Sep 17 00:00:00 2001
From: Tomas Mraz <tmraz@fedoraproject.org>
Date: Tue, 27 Nov 2018 16:11:03 +0100
Subject: [PATCH] pam_unix: Use pam_syslog instead of helper_log_err.
* modules/pam_unix/passverify.c (verify_pwd_hash): Add pamh argument via
PAMH_ARG_DECL. Call pam_syslog() instead of helper_log_err().
* modules/pam_unix/passverify.h: Adjust the declaration of verify_pwd_hash().
* modules/pam_unix/support.c (_unix_verify_password): Add the pamh argument
to verify_pwd_hash() call.
---
modules/pam_unix/passverify.c | 24 +++++++++++++-----------
modules/pam_unix/passverify.h | 6 +++---
modules/pam_unix/support.c | 2 +-
3 files changed, 17 insertions(+), 15 deletions(-)
diff --git a/modules/pam_unix/passverify.c b/modules/pam_unix/passverify.c
index 2c808eb5..80e32767 100644
--- a/modules/pam_unix/passverify.c
+++ b/modules/pam_unix/passverify.c
@@ -65,8 +65,8 @@ strip_hpux_aging(char *hash)
}
}
-int
-verify_pwd_hash(const char *p, char *hash, unsigned int nullok)
+PAMH_ARG_DECL(int verify_pwd_hash,
+ const char *p, char *hash, unsigned int nullok)
{
size_t hash_len;
char *pp = NULL;
@@ -116,11 +116,10 @@ verify_pwd_hash(const char *p, char *hash, unsigned int nullok)
* pam_syslog() needs a pam handle,
* but that's not available here.
*/
- helper_log_err(LOG_ERR,
- "pam_unix(verify_pwd_hash): The method "
- "for computing the hash \"%.6s\" has been "
- "disabled in libcrypt by the preset from "
- "the system's vendor and/or administrator.",
+ pam_syslog(pamh, LOG_ERR,
+ "The support for password hash \"%.6s\" "
+ "has been disabled in libcrypt "
+ "configuration.",
hash);
}
/*
@@ -132,12 +131,15 @@ verify_pwd_hash(const char *p, char *hash, unsigned int nullok)
* recent implementations of libcrypt.
*/
if (retval_checksalt == CRYPT_SALT_INVALID) {
- helper_log_err(LOG_ERR,
- "pam_unix(verify_pwd_hash): The hash \"%.6s\""
- "does not use a method known by the version "
- "of libcrypt this system is supplied with.",
+ pam_syslog(pamh, LOG_ERR,
+ "The password hash \"%.6s\" is unknown to "
+ "libcrypt.",
hash);
}
+#else
+#ifndef HELPER_COMPILE
+ (void)pamh;
+#endif
#endif
#ifdef HAVE_CRYPT_R
struct crypt_data *cdata;
diff --git a/modules/pam_unix/passverify.h b/modules/pam_unix/passverify.h
index 086c28ac..e9a88fbf 100644
--- a/modules/pam_unix/passverify.h
+++ b/modules/pam_unix/passverify.h
@@ -12,9 +12,6 @@
#define OLD_PASSWORDS_FILE "/etc/security/opasswd"
-int
-verify_pwd_hash(const char *p, char *hash, unsigned int nullok);
-
int
is_pwd_shadowed(const struct passwd *pwd);
@@ -65,6 +62,9 @@ read_passwords(int fd, int npass, char **passwords);
#define PAMH_ARG(...) pamh, __VA_ARGS__
#endif
+PAMH_ARG_DECL(int verify_pwd_hash,
+ const char *p, char *hash, unsigned int nullok);
+
PAMH_ARG_DECL(char * create_password_hash,
const char *password, unsigned long long ctrl, int rounds);
diff --git a/modules/pam_unix/support.c b/modules/pam_unix/support.c
index 6894288d..ea5594d2 100644
--- a/modules/pam_unix/support.c
+++ b/modules/pam_unix/support.c
@@ -770,7 +770,7 @@ int _unix_verify_password(pam_handle_t * pamh, const char *name
}
}
} else {
- retval = verify_pwd_hash(p, salt, off(UNIX__NONULL, ctrl));
+ retval = verify_pwd_hash(pamh, p, salt, off(UNIX__NONULL, ctrl));
}
if (retval == PAM_SUCCESS) {

View file

@ -0,0 +1,95 @@
From 05aa693b7db6b818d31e41f0cab1d5fb4f49600e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bj=C3=B6rn=20Esser?= <besser82@fedoraproject.org>
Date: Thu, 15 Nov 2018 15:58:56 +0100
Subject: [PATCH] pam_unix: Prefer a gensalt function, that supports auto
entropy.
* modules/pam_unix/pam_unix_passwd.c: Initialize rounds parameter to 0.
* modules/pam_unix/passverify.c: Prefer gensalt with auto entropy.
* modules/pam_unix/support.c: Fix sanitizing of rounds parameter.
---
modules/pam_unix/pam_unix_passwd.c | 2 +-
modules/pam_unix/passverify.c | 13 +++++++++++++
modules/pam_unix/support.c | 7 +++++--
3 files changed, 19 insertions(+), 3 deletions(-)
Index: Linux-PAM-1.3.1/modules/pam_unix/pam_unix_passwd.c
===================================================================
--- Linux-PAM-1.3.1.orig/modules/pam_unix/pam_unix_passwd.c
+++ Linux-PAM-1.3.1/modules/pam_unix/pam_unix_passwd.c
@@ -607,7 +607,7 @@ pam_sm_chauthtok(pam_handle_t *pamh, int
unsigned int ctrl, lctrl;
int retval;
int remember = -1;
- int rounds = -1;
+ int rounds = 0;
int pass_min_len = 0;
/* <DO NOT free() THESE> */
Index: Linux-PAM-1.3.1/modules/pam_unix/passverify.c
===================================================================
--- Linux-PAM-1.3.1.orig/modules/pam_unix/passverify.c
+++ Linux-PAM-1.3.1/modules/pam_unix/passverify.c
@@ -375,7 +375,12 @@ PAMH_ARG_DECL(char * create_password_has
const char *password, unsigned int ctrl, int rounds)
{
const char *algoid;
+#if defined(CRYPT_GENSALT_OUTPUT_SIZE) && CRYPT_GENSALT_OUTPUT_SIZE > 64
+ /* Strings returned by crypt_gensalt_rn will be no longer than this. */
+ char salt[CRYPT_GENSALT_OUTPUT_SIZE];
+#else
char salt[64]; /* contains rounds number + max 16 bytes of salt + algo id */
+#endif
char *sp;
#ifdef HAVE_CRYPT_R
struct crypt_data *cdata = NULL;
@@ -406,6 +411,13 @@ PAMH_ARG_DECL(char * create_password_has
return crypted;
}
+#if defined(CRYPT_GENSALT_IMPLEMENTS_AUTO_ENTROPY) && CRYPT_GENSALT_IMPLEMENTS_AUTO_ENTROPY
+ /*
+ * Any version of libcrypt supporting auto entropy is
+ * guaranteed to have crypt_gensalt_rn().
+ */
+ sp = crypt_gensalt_rn(algoid, rounds, NULL, 0, salt, sizeof(salt));
+#else
#ifdef HAVE_CRYPT_GENSALT_R
if (on(UNIX_BLOWFISH_PASS, ctrl)) {
char entropy[17];
@@ -423,6 +435,7 @@ PAMH_ARG_DECL(char * create_password_has
#ifdef HAVE_CRYPT_GENSALT_R
}
#endif
+#endif /* CRYPT_GENSALT_IMPLEMENTS_AUTO_ENTROPY */
#ifdef HAVE_CRYPT_R
sp = NULL;
cdata = malloc(sizeof(*cdata));
Index: Linux-PAM-1.3.1/modules/pam_unix/support.c
===================================================================
--- Linux-PAM-1.3.1.orig/modules/pam_unix/support.c
+++ Linux-PAM-1.3.1/modules/pam_unix/support.c
@@ -175,6 +175,7 @@ int _set_ctrl(pam_handle_t *pamh, int fl
if (val) {
*rounds = strtol(val, NULL, 10);
+ set(UNIX_ALGO_ROUNDS, ctrl);
free (val);
}
}
@@ -254,11 +255,13 @@ int _set_ctrl(pam_handle_t *pamh, int fl
if (*rounds < 4 || *rounds > 31)
*rounds = 5;
} else if (on(UNIX_SHA256_PASS, ctrl) || on(UNIX_SHA512_PASS, ctrl)) {
- if ((*rounds < 1000) || (*rounds == INT_MAX))
+ if ((*rounds < 1000) || (*rounds == INT_MAX)) {
/* don't care about bogus values */
+ *rounds = 0;
unset(UNIX_ALGO_ROUNDS, ctrl);
- if (*rounds >= 10000000)
+ } else if (*rounds >= 10000000) {
*rounds = 9999999;
+ }
}
}

View file

@ -0,0 +1,105 @@
Index: Linux-PAM-1.3.1/modules/pam_unix/pam_unix.8.xml
===================================================================
--- Linux-PAM-1.3.1.orig/modules/pam_unix/pam_unix.8.xml
+++ Linux-PAM-1.3.1/modules/pam_unix/pam_unix.8.xml
@@ -293,11 +293,10 @@
<listitem>
<para>
When a user changes their password next,
- encrypt it with the SHA256 algorithm. If the
- SHA256 algorithm is not known to the <citerefentry>
+ encrypt it with the SHA256 algorithm. The
+ SHA256 algorithm must be supported by the <citerefentry>
<refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
- </citerefentry> function,
- fall back to MD5.
+ </citerefentry> function.
</para>
</listitem>
</varlistentry>
@@ -308,11 +307,10 @@
<listitem>
<para>
When a user changes their password next,
- encrypt it with the SHA512 algorithm. If the
- SHA512 algorithm is not known to the <citerefentry>
+ encrypt it with the SHA512 algorithm. The
+ SHA512 algorithm must be supported by the <citerefentry>
<refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
- </citerefentry> function,
- fall back to MD5.
+ </citerefentry> function.
</para>
</listitem>
</varlistentry>
@@ -323,11 +321,10 @@
<listitem>
<para>
When a user changes their password next,
- encrypt it with the blowfish algorithm. If the
- blowfish algorithm is not known to the <citerefentry>
+ encrypt it with the blowfish algorithm. The
+ blowfish algorithm must be supported by the <citerefentry>
<refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
- </citerefentry> function,
- fall back to MD5.
+ </citerefentry> function.
</para>
</listitem>
</varlistentry>
@@ -338,11 +335,10 @@
<listitem>
<para>
When a user changes their password next,
- encrypt it with the gost-yescrypt algorithm. If the
- gost-yescrypt algorithm is not known to the <citerefentry>
+ encrypt it with the gost-yescrypt algorithm. The
+ gost-yescrypt algorithm must be supported by the <citerefentry>
<refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
- </citerefentry> function,
- fall back to MD5.
+ </citerefentry> function.
</para>
</listitem>
</varlistentry>
@@ -353,11 +349,10 @@
<listitem>
<para>
When a user changes their password next,
- encrypt it with the yescrypt algorithm. If the
- yescrypt algorithm is not known to the <citerefentry>
+ encrypt it with the yescrypt algorithm. The
+ yescrypt algorithm must be supported by the <citerefentry>
<refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
- </citerefentry> function,
- fall back to MD5.
+ </citerefentry> function.
</para>
</listitem>
</varlistentry>
Index: Linux-PAM-1.3.1/modules/pam_unix/passverify.c
===================================================================
--- Linux-PAM-1.3.1.orig/modules/pam_unix/passverify.c
+++ Linux-PAM-1.3.1/modules/pam_unix/passverify.c
@@ -466,10 +466,9 @@ PAMH_ARG_DECL(char * create_password_has
sp = crypt(password, salt);
#endif
if (!sp || strncmp(algoid, sp, strlen(algoid)) != 0) {
- /* libxcrypt/libc doesn't know the algorithm, use MD5 */
+ /* libxcrypt/libc doesn't know the algorithm, error out */
pam_syslog(pamh, LOG_ERR,
- "Algo %s not supported by the crypto backend, "
- "falling back to MD5\n",
+ "Algo %s not supported by the crypto backend.\n",
on(UNIX_YESCRYPT_PASS, ctrl) ? "yescrypt" :
on(UNIX_GOST_YESCRYPT_PASS, ctrl) ? "gost_yescrypt" :
on(UNIX_BLOWFISH_PASS, ctrl) ? "blowfish" :
@@ -481,7 +480,7 @@ PAMH_ARG_DECL(char * create_password_has
#ifdef HAVE_CRYPT_R
free(cdata);
#endif
- return crypt_md5_wrapper(password);
+ return NULL;
}
sp = x_strdup(sp);
#ifdef HAVE_CRYPT_R

View file

@ -0,0 +1,34 @@
From a2b72aeb86f297d349bc9e6a8f059fedf97a499a Mon Sep 17 00:00:00 2001
From: "Dmitry V. Levin" <ldv@altlinux.org>
Date: Thu, 31 May 2018 00:20:18 +0000
Subject: [PATCH] pam_unix: remove obsolete _unix_read_password prototype
The function was removed by commit Linux-PAM-1.3.0~5
so the function prototype should go as well.
* modules/pam_unix/support.h (_unix_read_password): Remove.
Complements: 7e09188c5dc4 ("pam_unix: Use pam_get_authtok() instead of
direct pam_prompt() calls.")
---
modules/pam_unix/support.h | 7 -------
1 file changed, 7 deletions(-)
diff --git a/modules/pam_unix/support.h b/modules/pam_unix/support.h
index b4c279c3..543e9b9f 100644
--- a/modules/pam_unix/support.h
+++ b/modules/pam_unix/support.h
@@ -164,13 +164,6 @@ extern int _unix_blankpasswd(pam_handle_t *pamh,unsigned int ctrl,
const char *name);
extern int _unix_verify_password(pam_handle_t * pamh, const char *name
,const char *p, unsigned int ctrl);
-extern int _unix_read_password(pam_handle_t * pamh
- ,unsigned int ctrl
- ,const char *comment
- ,const char *prompt1
- ,const char *prompt2
- ,const char *data_name
- ,const void **pass);
extern int _unix_run_verify_binary(pam_handle_t *pamh,
unsigned int ctrl, const char *user, int *daysleft);

View file

@ -0,0 +1,479 @@
From 16bd523f85ede9fa9115f80e826f2d803d7e61d4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bj=C3=B6rn=20Esser?= <besser82@fedoraproject.org>
Date: Thu, 15 Nov 2018 16:38:05 +0100
Subject: [PATCH] pam_unix: Add support for (gost-)yescrypt hashing methods.
libxcrypt (v4.2 and later) has added support for the yescrypt
hashing method; gost-yescrypt has been added in v4.3.
* modules/pam_unix/pam_unix.8.xml: Documentation for (gost-)yescrypt.
* modules/pam_unix/pam_unix_acct.c: Use 64 bit type for control flags.
* modules/pam_unix/pam_unix_auth.c: Likewise.
* modules/pam_unix/pam_unix_passwd.c: Likewise.
* modules/pam_unix/pam_unix_sess.c: Likewise.
* modules/pam_unix/passverify.c: Add support for (gost-)yescrypt.
* modules/pam_unix/passverify.h: Use 64 bit type for control flags.
* modules/pam_unix/support.c: Set sane rounds for (gost-)yescrypt.
* modules/pam_unix/support.h: Add support for (gost-)yescrypt.
---
modules/pam_unix/pam_unix.8.xml | 35 +++++++++-
modules/pam_unix/pam_unix_acct.c | 4 +-
modules/pam_unix/pam_unix_auth.c | 4 +-
modules/pam_unix/pam_unix_passwd.c | 12 ++--
modules/pam_unix/pam_unix_sess.c | 4 +-
modules/pam_unix/passverify.c | 8 ++-
modules/pam_unix/passverify.h | 2 +-
modules/pam_unix/support.c | 33 ++++++----
modules/pam_unix/support.h | 101 +++++++++++++++--------------
9 files changed, 128 insertions(+), 75 deletions(-)
diff --git a/modules/pam_unix/pam_unix.8.xml b/modules/pam_unix/pam_unix.8.xml
index 1b318f11..cae2aeaa 100644
--- a/modules/pam_unix/pam_unix.8.xml
+++ b/modules/pam_unix/pam_unix.8.xml
@@ -331,14 +331,45 @@
</para>
</listitem>
</varlistentry>
+ <varlistentry>
+ <term>
+ <option>gost_yescrypt</option>
+ </term>
+ <listitem>
+ <para>
+ When a user changes their password next,
+ encrypt it with the gost-yescrypt algorithm. If the
+ gost-yescrypt algorithm is not known to the <citerefentry>
+ <refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> function,
+ fall back to MD5.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>yescrypt</option>
+ </term>
+ <listitem>
+ <para>
+ When a user changes their password next,
+ encrypt it with the yescrypt algorithm. If the
+ yescrypt algorithm is not known to the <citerefentry>
+ <refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> function,
+ fall back to MD5.
+ </para>
+ </listitem>
+ </varlistentry>
<varlistentry>
<term>
<option>rounds=<replaceable>n</replaceable></option>
</term>
<listitem>
<para>
- Set the optional number of rounds of the SHA256, SHA512
- and blowfish password hashing algorithms to
+ Set the optional number of rounds of the SHA256, SHA512,
+ blowfish, gost-yescrypt, and yescrypt password hashing
+ algorithms to
<replaceable>n</replaceable>.
</para>
</listitem>
diff --git a/modules/pam_unix/pam_unix_acct.c b/modules/pam_unix/pam_unix_acct.c
index fbc84e2f..d8d084ac 100644
--- a/modules/pam_unix/pam_unix_acct.c
+++ b/modules/pam_unix/pam_unix_acct.c
@@ -62,7 +62,7 @@
#include "support.h"
#include "passverify.h"
-int _unix_run_verify_binary(pam_handle_t *pamh, unsigned int ctrl,
+int _unix_run_verify_binary(pam_handle_t *pamh, unsigned long long ctrl,
const char *user, int *daysleft)
{
int retval=0, child, fds[2];
@@ -185,7 +185,7 @@ int _unix_run_verify_binary(pam_handle_t *pamh, unsigned int ctrl,
int
pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc, const char **argv)
{
- unsigned int ctrl;
+ unsigned long long ctrl;
const void *void_uname;
const char *uname;
int retval, daysleft;
diff --git a/modules/pam_unix/pam_unix_auth.c b/modules/pam_unix/pam_unix_auth.c
index 9d9f709d..905fc66c 100644
--- a/modules/pam_unix/pam_unix_auth.c
+++ b/modules/pam_unix/pam_unix_auth.c
@@ -96,7 +96,7 @@ setcred_free (pam_handle_t *pamh UNUSED, void *ptr, int err UNUSED)
int
pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv)
{
- unsigned int ctrl;
+ unsigned long long ctrl;
int retval, *ret_data = NULL;
const char *name;
const char *p;
@@ -194,7 +194,7 @@ pam_sm_setcred (pam_handle_t *pamh, int flags,
{
int retval;
const void *pretval = NULL;
- unsigned int ctrl;
+ unsigned long long ctrl;
D(("called."));
diff --git a/modules/pam_unix/pam_unix_passwd.c b/modules/pam_unix/pam_unix_passwd.c
index f2c42513..df4c1233 100644
--- a/modules/pam_unix/pam_unix_passwd.c
+++ b/modules/pam_unix/pam_unix_passwd.c
@@ -138,7 +138,7 @@ __taddr2port (const struct netconfig *nconf, const struct netbuf *nbuf)
}
#endif
-static char *getNISserver(pam_handle_t *pamh, unsigned int ctrl)
+static char *getNISserver(pam_handle_t *pamh, unsigned long long ctrl)
{
char *master;
char *domainname;
@@ -233,7 +233,7 @@ static char *getNISserver(pam_handle_t *pamh, unsigned int ctrl)
#ifdef WITH_SELINUX
-static int _unix_run_update_binary(pam_handle_t *pamh, unsigned int ctrl, const char *user,
+static int _unix_run_update_binary(pam_handle_t *pamh, unsigned long long ctrl, const char *user,
const char *fromwhat, const char *towhat, int remember)
{
int retval, child, fds[2];
@@ -388,7 +388,7 @@ static int check_old_password(const char *forwho, const char *newpass)
static int _do_setpass(pam_handle_t* pamh, const char *forwho,
const char *fromwhat,
- char *towhat, unsigned int ctrl, int remember)
+ char *towhat, unsigned long long ctrl, int remember)
{
struct passwd *pwd = NULL;
int retval = 0;
@@ -512,7 +512,7 @@ static int _do_setpass(pam_handle_t* pamh, const char *forwho,
return retval;
}
-static int _unix_verify_shadow(pam_handle_t *pamh, const char *user, unsigned int ctrl)
+static int _unix_verify_shadow(pam_handle_t *pamh, const char *user, unsigned long long ctrl)
{
struct passwd *pwent = NULL; /* Password and shadow password */
struct spwd *spent = NULL; /* file entries for the user */
@@ -542,7 +542,7 @@ static int _unix_verify_shadow(pam_handle_t *pamh, const char *user, unsigned in
}
static int _pam_unix_approve_pass(pam_handle_t * pamh
- ,unsigned int ctrl
+ ,unsigned long long ctrl
,const char *pass_old
,const char *pass_new,
int pass_min_len)
@@ -600,7 +600,7 @@ static int _pam_unix_approve_pass(pam_handle_t * pamh
int
pam_sm_chauthtok(pam_handle_t *pamh, int flags, int argc, const char **argv)
{
- unsigned int ctrl, lctrl;
+ unsigned long long ctrl, lctrl;
int retval;
int remember = -1;
int rounds = 0;
diff --git a/modules/pam_unix/pam_unix_sess.c b/modules/pam_unix/pam_unix_sess.c
index 03e7dcd9..4b8af530 100644
--- a/modules/pam_unix/pam_unix_sess.c
+++ b/modules/pam_unix/pam_unix_sess.c
@@ -67,7 +67,7 @@ int
pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, const char **argv)
{
char *user_name, *service;
- unsigned int ctrl;
+ unsigned long long ctrl;
int retval;
const char *login_name;
@@ -103,7 +103,7 @@ int
pam_sm_close_session(pam_handle_t *pamh, int flags, int argc, const char **argv)
{
char *user_name, *service;
- unsigned int ctrl;
+ unsigned long long ctrl;
int retval;
D(("called."));
diff --git a/modules/pam_unix/passverify.c b/modules/pam_unix/passverify.c
index 95dfe528..39e2bfac 100644
--- a/modules/pam_unix/passverify.c
+++ b/modules/pam_unix/passverify.c
@@ -387,7 +387,7 @@ crypt_md5_wrapper(const char *pass_new)
}
PAMH_ARG_DECL(char * create_password_hash,
- const char *password, unsigned int ctrl, int rounds)
+ const char *password, unsigned long long ctrl, int rounds)
{
const char *algoid;
#if defined(CRYPT_GENSALT_OUTPUT_SIZE) && CRYPT_GENSALT_OUTPUT_SIZE > 64
@@ -404,6 +404,10 @@ PAMH_ARG_DECL(char * create_password_hash,
if (on(UNIX_MD5_PASS, ctrl)) {
/* algoid = "$1" */
return crypt_md5_wrapper(password);
+ } else if (on(UNIX_YESCRYPT_PASS, ctrl)) {
+ algoid = "$y$";
+ } else if (on(UNIX_GOST_YESCRYPT_PASS, ctrl)) {
+ algoid = "$gy$";
} else if (on(UNIX_BLOWFISH_PASS, ctrl)) {
algoid = "$2b$";
} else if (on(UNIX_SHA256_PASS, ctrl)) {
@@ -466,6 +470,8 @@ PAMH_ARG_DECL(char * create_password_hash,
pam_syslog(pamh, LOG_ERR,
"Algo %s not supported by the crypto backend, "
"falling back to MD5\n",
+ on(UNIX_YESCRYPT_PASS, ctrl) ? "yescrypt" :
+ on(UNIX_GOST_YESCRYPT_PASS, ctrl) ? "gost_yescrypt" :
on(UNIX_BLOWFISH_PASS, ctrl) ? "blowfish" :
on(UNIX_SHA256_PASS, ctrl) ? "sha256" :
on(UNIX_SHA512_PASS, ctrl) ? "sha512" : algoid);
diff --git a/modules/pam_unix/passverify.h b/modules/pam_unix/passverify.h
index caf7ae8a..086c28ac 100644
--- a/modules/pam_unix/passverify.h
+++ b/modules/pam_unix/passverify.h
@@ -66,7 +66,7 @@ read_passwords(int fd, int npass, char **passwords);
#endif
PAMH_ARG_DECL(char * create_password_hash,
- const char *password, unsigned int ctrl, int rounds);
+ const char *password, unsigned long long ctrl, int rounds);
PAMH_ARG_DECL(int get_account_info,
const char *name, struct passwd **pwd, struct spwd **spwdent);
diff --git a/modules/pam_unix/support.c b/modules/pam_unix/support.c
index 8cbc4217..6894288d 100644
--- a/modules/pam_unix/support.c
+++ b/modules/pam_unix/support.c
@@ -107,7 +107,7 @@ search_key (const char *key, const char *filename)
/* this is a front-end for module-application conversations */
-int _make_remark(pam_handle_t * pamh, unsigned int ctrl,
+int _make_remark(pam_handle_t * pamh, unsigned long long ctrl,
int type, const char *text)
{
int retval = PAM_SUCCESS;
@@ -122,10 +122,11 @@ int _make_remark(pam_handle_t * pamh, unsigned int ctrl,
* set the control flags for the UNIX module.
*/
-int _set_ctrl(pam_handle_t *pamh, int flags, int *remember, int *rounds,
- int *pass_min_len, int argc, const char **argv)
+unsigned long long _set_ctrl(pam_handle_t *pamh, int flags, int *remember,
+ int *rounds, int *pass_min_len, int argc,
+ const char **argv)
{
- unsigned int ctrl;
+ unsigned long long ctrl;
char *val;
int j;
@@ -243,15 +244,23 @@ int _set_ctrl(pam_handle_t *pamh, int flags, int *remember, int *rounds,
set(UNIX__NONULL, ctrl);
}
- /* Set default rounds for blowfish */
- if (on(UNIX_BLOWFISH_PASS, ctrl) && off(UNIX_ALGO_ROUNDS, ctrl) && rounds != NULL) {
- *rounds = 5;
- set(UNIX_ALGO_ROUNDS, ctrl);
+ /* Set default rounds for blowfish, gost-yescrypt and yescrypt */
+ if (off(UNIX_ALGO_ROUNDS, ctrl) && rounds != NULL) {
+ if (on(UNIX_BLOWFISH_PASS, ctrl) ||
+ on(UNIX_GOST_YESCRYPT_PASS, ctrl) ||
+ on(UNIX_YESCRYPT_PASS, ctrl)) {
+ *rounds = 5;
+ set(UNIX_ALGO_ROUNDS, ctrl);
+ }
}
/* Enforce sane "rounds" values */
if (on(UNIX_ALGO_ROUNDS, ctrl)) {
- if (on(UNIX_BLOWFISH_PASS, ctrl)) {
+ if (on(UNIX_GOST_YESCRYPT_PASS, ctrl) ||
+ on(UNIX_YESCRYPT_PASS, ctrl)) {
+ if (*rounds < 3 || *rounds > 11)
+ *rounds = 5;
+ } else if (on(UNIX_BLOWFISH_PASS, ctrl)) {
if (*rounds < 4 || *rounds > 31)
*rounds = 5;
} else if (on(UNIX_SHA256_PASS, ctrl) || on(UNIX_SHA512_PASS, ctrl)) {
@@ -532,7 +541,7 @@ int _unix_comesfromsource(pam_handle_t *pamh,
#include <sys/wait.h>
static int _unix_run_helper_binary(pam_handle_t *pamh, const char *passwd,
- unsigned int ctrl, const char *user)
+ unsigned long long ctrl, const char *user)
{
int retval, child, fds[2];
struct sigaction newsa, oldsa;
@@ -658,7 +667,7 @@ static int _unix_run_helper_binary(pam_handle_t *pamh, const char *passwd,
*/
int
-_unix_blankpasswd (pam_handle_t *pamh, unsigned int ctrl, const char *name)
+_unix_blankpasswd (pam_handle_t *pamh, unsigned long long ctrl, const char *name)
{
struct passwd *pwd = NULL;
char *salt = NULL;
@@ -706,7 +715,7 @@ _unix_blankpasswd (pam_handle_t *pamh, unsigned int ctrl, const char *name)
}
int _unix_verify_password(pam_handle_t * pamh, const char *name
- ,const char *p, unsigned int ctrl)
+ ,const char *p, unsigned long long ctrl)
{
struct passwd *pwd = NULL;
char *salt = NULL;
diff --git a/modules/pam_unix/support.h b/modules/pam_unix/support.h
index 543e9b9f..e02c05e0 100644
--- a/modules/pam_unix/support.h
+++ b/modules/pam_unix/support.h
@@ -22,8 +22,8 @@
typedef struct {
const char *token;
- unsigned int mask; /* shall assume 32 bits of flags */
- unsigned int flag;
+ unsigned long long mask; /* shall assume 64 bits of flags */
+ unsigned long long flag;
unsigned int is_hash_algo;
} UNIX_Ctrls;
@@ -48,7 +48,7 @@ typedef struct {
/* the generic mask */
-#define _ALL_ON_ (~0U)
+#define _ALL_ON_ (~0ULL)
/* end of macro definitions definitions for the control flags */
@@ -98,47 +98,51 @@ typedef struct {
#define UNIX_QUIET 28 /* Don't print informational messages */
#define UNIX_NO_PASS_EXPIRY 29 /* Don't check for password expiration if not used for authentication */
#define UNIX_DES 30 /* DES, default */
+#define UNIX_GOST_YESCRYPT_PASS 31 /* new password hashes will use gost-yescrypt */
+#define UNIX_YESCRYPT_PASS 32 /* new password hashes will use yescrypt */
/* -------------- */
-#define UNIX_CTRLS_ 31 /* number of ctrl arguments defined */
+#define UNIX_CTRLS_ 33 /* number of ctrl arguments defined */
-#define UNIX_DES_CRYPT(ctrl) (off(UNIX_MD5_PASS,ctrl)&&off(UNIX_BIGCRYPT,ctrl)&&off(UNIX_SHA256_PASS,ctrl)&&off(UNIX_SHA512_PASS,ctrl)&&off(UNIX_BLOWFISH_PASS,ctrl))
+#define UNIX_DES_CRYPT(ctrl) (off(UNIX_MD5_PASS,ctrl)&&off(UNIX_BIGCRYPT,ctrl)&&off(UNIX_SHA256_PASS,ctrl)&&off(UNIX_SHA512_PASS,ctrl)&&off(UNIX_BLOWFISH_PASS,ctrl)&&off(UNIX_GOST_YESCRYPT_PASS,ctrl)&&off(UNIX_YESCRYPT_PASS,ctrl))
static const UNIX_Ctrls unix_args[UNIX_CTRLS_] =
{
-/* symbol token name ctrl mask ctrl *
- * ----------------------- ------------------- --------------------- -------- */
-
-/* UNIX__OLD_PASSWD */ {NULL, _ALL_ON_, 01, 0},
-/* UNIX__VERIFY_PASSWD */ {NULL, _ALL_ON_, 02, 0},
-/* UNIX__IAMROOT */ {NULL, _ALL_ON_, 04, 0},
-/* UNIX_AUDIT */ {"audit", _ALL_ON_, 010, 0},
-/* UNIX_USE_FIRST_PASS */ {"use_first_pass", _ALL_ON_^(060), 020, 0},
-/* UNIX_TRY_FIRST_PASS */ {"try_first_pass", _ALL_ON_^(060), 040, 0},
-/* UNIX_AUTHTOK_TYPE */ {"authtok_type=", _ALL_ON_, 0100, 0},
-/* UNIX__PRELIM */ {NULL, _ALL_ON_^(0600), 0200, 0},
-/* UNIX__UPDATE */ {NULL, _ALL_ON_^(0600), 0400, 0},
-/* UNIX__NONULL */ {NULL, _ALL_ON_, 01000, 0},
-/* UNIX__QUIET */ {NULL, _ALL_ON_, 02000, 0},
-/* UNIX_USE_AUTHTOK */ {"use_authtok", _ALL_ON_, 04000, 0},
-/* UNIX_SHADOW */ {"shadow", _ALL_ON_, 010000, 0},
-/* UNIX_MD5_PASS */ {"md5", _ALL_ON_^(0260420000), 020000, 1},
-/* UNIX__NULLOK */ {"nullok", _ALL_ON_^(01000), 0, 0},
-/* UNIX_DEBUG */ {"debug", _ALL_ON_, 040000, 0},
-/* UNIX_NODELAY */ {"nodelay", _ALL_ON_, 0100000, 0},
-/* UNIX_NIS */ {"nis", _ALL_ON_, 0200000, 0},
-/* UNIX_BIGCRYPT */ {"bigcrypt", _ALL_ON_^(0260420000), 0400000, 1},
-/* UNIX_LIKE_AUTH */ {"likeauth", _ALL_ON_, 01000000, 0},
-/* UNIX_REMEMBER_PASSWD */ {"remember=", _ALL_ON_, 02000000, 0},
-/* UNIX_NOREAP */ {"noreap", _ALL_ON_, 04000000, 0},
-/* UNIX_BROKEN_SHADOW */ {"broken_shadow", _ALL_ON_, 010000000, 0},
-/* UNIX_SHA256_PASS */ {"sha256", _ALL_ON_^(0260420000), 020000000, 1},
-/* UNIX_SHA512_PASS */ {"sha512", _ALL_ON_^(0260420000), 040000000, 1},
-/* UNIX_ALGO_ROUNDS */ {"rounds=", _ALL_ON_, 0100000000, 0},
-/* UNIX_BLOWFISH_PASS */ {"blowfish", _ALL_ON_^(0260420000), 0200000000, 1},
-/* UNIX_MIN_PASS_LEN */ {"minlen=", _ALL_ON_, 0400000000, 0},
-/* UNIX_QUIET */ {"quiet", _ALL_ON_, 01000000000, 0},
-/* UNIX_NO_PASS_EXPIRY */ {"no_pass_expiry", _ALL_ON_, 02000000000, 0},
-/* UNIX_DES */ {"des", _ALL_ON_^(0260420000), 0, 1},
+/* symbol token name ctrl mask ctrl *
+ * --------------------------- -------------------- ------------------------- ---------------- */
+
+/* UNIX__OLD_PASSWD */ {NULL, _ALL_ON_, 01, 0},
+/* UNIX__VERIFY_PASSWD */ {NULL, _ALL_ON_, 02, 0},
+/* UNIX__IAMROOT */ {NULL, _ALL_ON_, 04, 0},
+/* UNIX_AUDIT */ {"audit", _ALL_ON_, 010, 0},
+/* UNIX_USE_FIRST_PASS */ {"use_first_pass", _ALL_ON_^(060ULL), 020, 0},
+/* UNIX_TRY_FIRST_PASS */ {"try_first_pass", _ALL_ON_^(060ULL), 040, 0},
+/* UNIX_AUTHTOK_TYPE */ {"authtok_type=", _ALL_ON_, 0100, 0},
+/* UNIX__PRELIM */ {NULL, _ALL_ON_^(0600ULL), 0200, 0},
+/* UNIX__UPDATE */ {NULL, _ALL_ON_^(0600ULL), 0400, 0},
+/* UNIX__NONULL */ {NULL, _ALL_ON_, 01000, 0},
+/* UNIX__QUIET */ {NULL, _ALL_ON_, 02000, 0},
+/* UNIX_USE_AUTHTOK */ {"use_authtok", _ALL_ON_, 04000, 0},
+/* UNIX_SHADOW */ {"shadow", _ALL_ON_, 010000, 0},
+/* UNIX_MD5_PASS */ {"md5", _ALL_ON_^(015660420000ULL), 020000, 1},
+/* UNIX__NULLOK */ {"nullok", _ALL_ON_^(01000ULL), 0, 0},
+/* UNIX_DEBUG */ {"debug", _ALL_ON_, 040000, 0},
+/* UNIX_NODELAY */ {"nodelay", _ALL_ON_, 0100000, 0},
+/* UNIX_NIS */ {"nis", _ALL_ON_, 0200000, 0},
+/* UNIX_BIGCRYPT */ {"bigcrypt", _ALL_ON_^(015660420000ULL), 0400000, 1},
+/* UNIX_LIKE_AUTH */ {"likeauth", _ALL_ON_, 01000000, 0},
+/* UNIX_REMEMBER_PASSWD */ {"remember=", _ALL_ON_, 02000000, 0},
+/* UNIX_NOREAP */ {"noreap", _ALL_ON_, 04000000, 0},
+/* UNIX_BROKEN_SHADOW */ {"broken_shadow", _ALL_ON_, 010000000, 0},
+/* UNIX_SHA256_PASS */ {"sha256", _ALL_ON_^(015660420000ULL), 020000000, 1},
+/* UNIX_SHA512_PASS */ {"sha512", _ALL_ON_^(015660420000ULL), 040000000, 1},
+/* UNIX_ALGO_ROUNDS */ {"rounds=", _ALL_ON_, 0100000000, 0},
+/* UNIX_BLOWFISH_PASS */ {"blowfish", _ALL_ON_^(015660420000ULL), 0200000000, 1},
+/* UNIX_MIN_PASS_LEN */ {"minlen=", _ALL_ON_, 0400000000, 0},
+/* UNIX_QUIET */ {"quiet", _ALL_ON_, 01000000000, 0},
+/* UNIX_NO_PASS_EXPIRY */ {"no_pass_expiry", _ALL_ON_, 02000000000, 0},
+/* UNIX_DES */ {"des", _ALL_ON_^(015660420000ULL), 0, 1},
+/* UNIX_GOST_YESCRYPT_PASS */ {"gost_yescrypt", _ALL_ON_^(015660420000ULL), 04000000000, 1},
+/* UNIX_YESCRYPT_PASS */ {"yescrypt", _ALL_ON_^(015660420000ULL), 010000000000, 1},
};
#define UNIX_DEFAULTS (unix_args[UNIX__NONULL].flag)
@@ -151,20 +155,23 @@ static const UNIX_Ctrls unix_args[UNIX_CTRLS_] =
_pam_drop(xx); \
}
-extern int _make_remark(pam_handle_t * pamh, unsigned int ctrl
- ,int type, const char *text);
-extern int _set_ctrl(pam_handle_t * pamh, int flags, int *remember, int *rounds,
- int *pass_min_len, int argc, const char **argv);
+extern int _make_remark(pam_handle_t * pamh, unsigned long long ctrl,
+ int type, const char *text);
+extern unsigned long long _set_ctrl(pam_handle_t * pamh, int flags,
+ int *remember, int *rounds,
+ int *pass_min_len,
+ int argc, const char **argv);
extern int _unix_getpwnam (pam_handle_t *pamh,
const char *name, int files, int nis,
struct passwd **ret);
extern int _unix_comesfromsource (pam_handle_t *pamh,
const char *name, int files, int nis);
-extern int _unix_blankpasswd(pam_handle_t *pamh,unsigned int ctrl,
+extern int _unix_blankpasswd(pam_handle_t *pamh, unsigned long long ctrl,
const char *name);
-extern int _unix_verify_password(pam_handle_t * pamh, const char *name
- ,const char *p, unsigned int ctrl);
+extern int _unix_verify_password(pam_handle_t * pamh, const char *name,
+ const char *p, unsigned long long ctrl);
extern int _unix_run_verify_binary(pam_handle_t *pamh,
- unsigned int ctrl, const char *user, int *daysleft);
+ unsigned long long ctrl,
+ const char *user, int *daysleft);
#endif /* _PAM_UNIX_SUPPORT_H */

View file

@ -0,0 +1,232 @@
#!/bin/sh
# Copyright 2010 Vincent Batts, vbatts@hashbangbash.com
# Copyright 2010, 2011 Patrick J. Volkerding, Sebeka, Minnesota, USA
# All rights reserved.
#
# Redistribution and use of this script, with or without modification, is
# permitted provided that the following conditions are met:
#
# 1. Redistributions of this script must retain the above copyright
# notice, this list of conditions and the following disclaimer.
#
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
cd $(dirname $0) ; CWD=$(pwd)
SRCNAM=Linux-PAM
PKGNAM=pam
PAMRHVER=${PAMRHVER:-$(echo pam-redhat-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
VERSION=${VERSION:-$(echo $SRCNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
BUILD=${BUILD:-1}
# Automatically determine the architecture we're building on:
if [ -z "$ARCH" ]; then
case "$( uname -m )" in
i?86) export ARCH=i586 ;;
arm*) export ARCH=arm ;;
# Unless $ARCH is already set, use uname -m for all other archs:
*) export ARCH=$( uname -m ) ;;
esac
fi
# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
# the name of the created package would be, and then exit. This information
# could be useful to other scripts.
if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
exit 0
fi
NUMJOBS=${NUMJOBS:-" -j$(expr $(nproc) + 1) "}
if [ "$ARCH" = "i586" ]; then
SLKCFLAGS="-O2 -march=i586 -mtune=i686"
LIBDIRSUFFIX=""
elif [ "$ARCH" = "s390" ]; then
SLKCFLAGS="-O2"
LIBDIRSUFFIX=""
elif [ "$ARCH" = "x86_64" ]; then
SLKCFLAGS="-O2 -fPIC"
LIBDIRSUFFIX="64"
else
SLKCFLAGS="-O2"
LIBDIRSUFFIX=""
fi
TMP=${TMP:-/tmp}
PKG=$TMP/package-$PKGNAM
rm -rf $PKG
mkdir -p $TMP $PKG
cd $TMP
rm -rf $SRCNAM-$VERSION
tar xvf $CWD/$SRCNAM-$VERSION.tar.?z || exit 1
cd $SRCNAM-$VERSION || exit 1
chown -R root:root .
find . \
\( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
-exec chmod 755 {} \+ -o \
\( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
-exec chmod 644 {} \+
# Better take the Red Hat added modules and patches, because that's very
# likely to be the most standard as far as PAM goes:
tar xvf $CWD/pam-redhat-$PAMRHVER.tar.?z || exit 1
for file in CHANGELOG COPYING README ; do
mv pam-redhat-$PAMRHVER/${file}* ./${file}.pam-redhat
done
mv pam-redhat-$PAMRHVER/* modules
zcat $CWD/fedora-patches/pam-1.3.1-redhat-modules.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/fedora-patches/pam-1.3.1-noflex.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/fedora-patches/pam-1.1.3-nouserenv.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/fedora-patches/pam-1.1.6-limits-user.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/fedora-patches/pam-1.1.8-full-relro.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/fedora-patches/pam-1.3.0-pwhistory-helper.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/fedora-patches/pam-1.1.8-audit-user-mgmt.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/fedora-patches/pam-1.3.0-unix-nomsg.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/fedora-patches/pam-1.3.1-coverity.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/fedora-patches/pam-1.3.1-unix-remove-obsolete-_unix_read_password-prototype.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/fedora-patches/pam-1.3.1-unix-bcrypt_b.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/fedora-patches/pam-1.3.1-unix-gensalt-autoentropy.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/fedora-patches/pam-1.3.1-unix-crypt_checksalt.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/fedora-patches/pam-1.3.1-unix-yescrypt.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/fedora-patches/pam-1.3.1-unix-no-fallback.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/fedora-patches/pam-1.3.1-motd-multiple-paths.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/fedora-patches/pam-1.3.1-unix-checksalt_syslog.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/fedora-patches/pam-1.3.1-unix-fix_checksalt_syslog.patch.gz | patch -p1 --verbose || exit 1
# pam_tally2 removed in recent redhat-modules.patch, but we'll keep it
# for now since system-auth in the shadow package uses it. Perhaps see if
# pam_faillock can replace the usage there?
zcat $CWD/patches/pam.pam_tally2.slackware.diff.gz | patch -p1 --verbose || exit 1
# Upstream git patch to prevent pam_tally2 from doing an fsync()
# with every failed login. This can cause system slowdowns, especially
# on Internet-connected machines that may endure endless dictionary
# attacks.
zcat $CWD/patches/pam.pam_tally2.no.fsync.patch.gz | patch -p1 --verbose || exit 1
# Improve the comments in /etc/environment:
zcat $CWD/patches/pam.etc.environment.better.comments.diff.gz | patch -p1 --verbose || exit 1
autoreconf -ivf || exit 1
# Using --enable-securedir=/lib/security/ because some downstream software
# (last I checked) assumes this, so /lib64/security/ was a problem...
CFLAGS="$SLKCFLAGS" \
CXXFLAGS="$SLKCFLAGS" \
./configure \
--prefix=/ \
--libdir=/lib${LIBDIRSUFFIX} \
--sysconfdir=/etc \
--includedir=/usr/include/security \
--enable-securedir=/lib/security \
--datarootdir=/usr/share \
--localstatedir=/var \
--mandir=/usr/man \
--docdir=/usr/doc/$PKGNAM-$VERSION \
--disable-regenerate-docu \
--disable-audit \
--disable-prelude \
--disable-rpath \
--disable-selinux \
--disable-static \
--build=$ARCH-slackware-linux || exit 1
# Make these man pages or the build falls over later
xmlto man modules/pam_faillock/faillock.8.xml -o modules/pam_faillock/
xmlto man modules/pam_faillock/pam_faillock.8.xml -o modules/pam_faillock/
xmlto man modules/pam_pwhistory/pwhistory_helper.8.xml -o modules/pam_pwhistory/
make -C po update-gmo
make $NUMJOBS || make || exit 1
make install DESTDIR=$PKG || exit 1
# Don't ship .la files:
rm -f $PKG/{,usr/}lib${LIBDIRSUFFIX}/*.la
# The ones in /lib/security can also go:
rm -f $PKG/lib/security/*.la
# Add extra symlinks added by pam.spec:
( cd $PKG/lib/security
for type in acct auth passwd session ; do
ln -sf pam_unix.so pam_unix_${type}.so
done
)
# This is a pam helper that can only be called from pam
chown root:root $PKG/sbin/unix_chkpwd
chmod 6755 $PKG/sbin/unix_chkpwd
# This package can own the /etc/pam.d/ directory
mkdir -p $PKG/etc/pam.d
# Strip binaries:
( cd $PKG
find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
)
# Don't clobber config files:
find $PKG/etc -type f -exec mv {} {}.new \;
# Compress and if needed symlink the man pages:
if [ -d $PKG/usr/man ]; then
( cd $PKG/usr/man
for manpagedir in $(find . -type d -name "man*") ; do
( cd $manpagedir
for eachpage in $( find . -type l -maxdepth 1) ; do
ln -s $( readlink $eachpage ).gz $eachpage.gz
rm $eachpage
done
gzip -9 *.?
)
done
)
fi
mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION
cp -a \
AUTHORS COPYING* Copyright NEWS README* \
$PKG/usr/doc/$PKGNAM-$VERSION
# If there's a ChangeLog, installing at least part of the recent history
# is useful, but don't let it get totally out of control:
if [ -r ChangeLog ]; then
DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION)
cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog
touch -r ChangeLog $DOCSDIR/ChangeLog
fi
if [ -r CHANGELOG ]; then
DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION)
cat CHANGELOG | head -n 1000 > $DOCSDIR/CHANGELOG
touch -r CHANGELOG $DOCSDIR/CHANGELOG
fi
rm -f $PKG/usr/doc/$PKGNAM-$VERSION/index.html
mkdir -p $PKG/install
cat $CWD/slack-desc > $PKG/install/slack-desc
zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh
# Append config statements to the install/doinst.sh:
( cd $PKG
for i in $(find etc -type f -name "*.new") ; do
echo "config $i" >> $PKG/install/doinst.sh ;
done
)
cd $PKG
/sbin/makepkg -p -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz

View file

@ -0,0 +1,2 @@
#http://www.linux-pam.org/library/Linux-PAM-1.3.1.tar.bz2
https://github.com/linux-pam/linux-pam/releases

View file

@ -0,0 +1,15 @@
--- ./modules/pam_env/environment.orig 2017-02-10 04:10:15.000000000 -0600
+++ ./modules/pam_env/environment 2020-01-02 14:40:48.793005303 -0600
@@ -1,5 +1,10 @@
-#
-# This file is parsed by pam_env module
+# /etc/environment
+# This file is parsed by pam_env module.
+# This file may contain environment variable settings that should be used
+# system-wide. Please note that it is not a script file and should only
+# contain assignment expressions, one per line.
+# The environment variables in this file will be loaded before those in other
+# files such as: /etc/profile, /etc/profile.d/*, ~/.profile, etc.
#
# Syntax: simple "KEY=VAL" pairs on separate lines
#

View file

@ -0,0 +1,35 @@
From b136bff25e93be6f11de74aca03569022364b973 Mon Sep 17 00:00:00 2001
From: "Maciej S. Szmigiero" <mail@maciej.szmigiero.name>
Date: Mon, 25 Feb 2019 20:50:48 +0100
Subject: [PATCH] pam_tally2: Remove unnecessary fsync()
pam_tally2 does fsync() after writing to a tally file.
This causes hard drive cache flushes on every failed SSH login on many
(if not most) filesystems.
And an internet-exposed machine can have a lot of these failed logins.
This operation however doesn't seem to be necessary - the pam_tally2
module does not do any operation which would need explicit post-crash
ordering, it just does simple file reads and writes.
And doing a fsync() after them doesn't close any race if the system happens
to crash between a write being posted and its fsync() completion.
Let's remove this operation to get rid of all these extra cache flushes.
---
modules/pam_tally2/pam_tally2.c | 4 ----
1 file changed, 4 deletions(-)
diff --git a/modules/pam_tally2/pam_tally2.c b/modules/pam_tally2/pam_tally2.c
index 984edf6a..ce7f5aee 100644
--- a/modules/pam_tally2/pam_tally2.c
+++ b/modules/pam_tally2/pam_tally2.c
@@ -484,10 +484,6 @@ set_tally(pam_handle_t *pamh, uid_t uid,
}
}
- if (fsync(*tfile)) {
- pam_syslog(pamh, LOG_ALERT, "update (fsync) failed for %s: %m", filename);
- return PAM_AUTH_ERR;
- }
return PAM_SUCCESS;
}

View file

@ -0,0 +1,11 @@
--- ./modules/Makefile.am.orig 2019-07-16 13:18:28.619322386 -0500
+++ ./modules/Makefile.am 2019-07-16 13:45:49.260371056 -0500
@@ -10,7 +10,7 @@
pam_mkhomedir pam_motd pam_namespace pam_nologin \
pam_permit pam_pwhistory pam_rhosts pam_rootok pam_securetty \
pam_selinux pam_sepermit pam_shells pam_stress \
- pam_succeed_if pam_time pam_timestamp \
+ pam_succeed_if pam_tally2 pam_time pam_timestamp \
pam_tty_audit pam_umask \
pam_unix pam_userdb pam_warn pam_wheel pam_xauth

View file

@ -0,0 +1,19 @@
# HOW TO EDIT THIS FILE:
# The "handy ruler" below makes it easier to edit a package description. Line
# up the first '|' above the ':' following the base package name, and the '|'
# on the right side marks the last column you can put a character in. You must
# make exactly 11 lines for the formatting to be correct. It's also
# customary to leave one space after the ':'.
|-----handy-ruler------------------------------------------------------|
pam: pam (Pluggable Authentication Modules)
pam:
pam: PAM = Pluggable Authentication Modules. Basically, it is a flexible
pam: mechanism for authenticating users. PAM provides a way to develop
pam: programs that are independent of authentication scheme. However,
pam: these programs will need "authentication modules" (and libpam) at
pam: run-time in order to work.
pam:
pam: Homepage: http://www.linux-pam.org/
pam:
pam:

View file

@ -0,0 +1,17 @@
#!/bin/bash
cd $(dirname $0) ; CWD=$(pwd)
rm -rf /tmp/pam-packages
TMP=/tmp/pam-packages
export TMP
mkdir -p $TMP
BUILDLIST=$CWD/buildlist ./make_world.sh
# Give everything a _pam build suffix while it remains in /testing:
( cd $TMP
for package in *.txz ; do
mv $package $(basename $package .txz)_pam.txz
done
)

View file

@ -0,0 +1,33 @@
a/cracklib/cracklib.SlackBuild
a/pam/pam.SlackBuild
a/libpwquality/libpwquality.SlackBuild
source/a/shadow/shadow.SlackBuild
source/a/util-linux/util-linux.SlackBuild
source/a/libcgroup/libcgroup.SlackBuild
source/ap/cups/cups.SlackBuild
source/ap/hplip/hplip.SlackBuild
source/ap/screen/screen.SlackBuild
source/ap/sudo/sudo.SlackBuild
source/l/ConsoleKit2/ConsoleKit2.SlackBuild
source/l/gnome-keyring/gnome-keyring.SlackBuild
source/l/polkit/polkit.SlackBuild
source/l/system-config-printer/system-config-printer.SlackBuild
source/n/dovecot/dovecot.SlackBuild
source/n/netatalk/netatalk.SlackBuild
source/n/openssh/openssh.SlackBuild
source/n/openvpn/openvpn.SlackBuild
source/n/popa3d/popa3d.SlackBuild
source/n/ppp/ppp.SlackBuild
source/n/proftpd/proftpd.SlackBuild
source/n/samba/samba.SlackBuild
source/n/vsftpd/vsftpd.SlackBuild
source/x/x11/x11.SlackBuild app xdm
source/l/libcap/libcap.SlackBuild
source/n/cyrus-sasl/cyrus-sasl.SlackBuild
source/n/cifs-utils/cifs-utils.SlackBuild
source/n/netkit-rsh/netkit-rsh.SlackBuild
source/ap/at/at.SlackBuild
source/ap/mariadb/mariadb.SlackBuild
source/xap/xlockmore/xlockmore.SlackBuild
source/xap/xscreensaver/xscreensaver.SlackBuild
source/kde/kde.SlackBuild kdebase:kde-workspace

302
testing/source/PAM/make_world.sh Executable file
View file

@ -0,0 +1,302 @@
#!/bin/bash
# Copyright 2018 Patrick J. Volkerding, Sebeka, Minnesota, USA
# All rights reserved.
#
# Redistribution and use of this script, with or without modification, is
# permitted provided that the following conditions are met:
#
# 1. Redistributions of this script must retain the above copyright
# notice, this list of conditions and the following disclaimer.
#
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
# make_world for Slackware: rebuilds all the SlackBuild scripts that are
# listed in the given build list.
# Each line needs to look like (for example, and without beginning with "# "):
# a/grep/grep.SlackBuild
# For x11/KDE packages, you may specify a specific package to be built using
# the arguments understood by the SlackBuild. For example:
# kde/kde.SlackBuild kdelibs:kdelibs
# Any line beginning with "#" will be skipped.
# WARNING: This script has the potential to mess up your system.
# It is not recommended to run this on a production machine.
# This script is meant to be used on a fully installed and updated system.
# Using it on a partially installed system may result in broken packages,
# packages with missing features, or build failures. If there are circular
# dependencies, more than one build may be needed to get a correct package.
#
# Slackware is not Gentoo.
# For Amusement Purposes Only.
# Not all SlackBuilds are compatible with this script. In order for a build
# script to work, it needs these features:
# 1) cd into the script directory when run i.e.: cd $(dirname $0) ; CWD=$(pwd)
# 2) Handle $TMP properly (less of an issue if you don't change $TMP)
# 3) Support output package name reporting with PRINT_PACKAGE_NAME=yes
cd $(dirname $0) ; CWD=$(pwd)
# Some SlackBuilds do not work (yet) with a different $TMP setting.
TMP=${TMP:-/tmp}
export TMP
# Where the SlackBuild script puts the built package (i.e., $TMP).
OUTPUT_LOCATION=${OUTPUT_LOCATION:-$TMP}
# Used for logs and lock files.
LOGDIR=$TMP/make_world
# Lockfiles. You might need to purge these before restarting a build.
mkdir -p $LOGDIR/lock
# Set a custom Slackware source directory. By default we assume we are already
# in the source directory.
SLACKWARE_SOURCE_DIRECTORY=${SLACKWARE_SOURCE_DIRECTORY:-}
if [ ! -z "$SLACKWARE_SOURCE_DIRECTORY" ]; then
# Make sure this ends in '/':
if [ ! "$(echo $SLACKWARE_SOURCE_DIRECTORY | rev | cut -b 1)" = "/" ]; then
SLACKWARE_SOURCE_DIRECTORY="${SLACKWARE_SOURCE_DIRECTORY}/"
fi
fi
# To wipe build directories and package creation directories after each
# package is built, set this to anything other than "no". You might need
# to use this if you're short on build space. NOTE: if you use this
# feature, you can NOT run more than one copy of this script at the same
# time! It will wipe build trees for other packages before they can finish.
# Otherwise, file locking is used and you may run as many parallel copies
# of this script as you think will help to speed things along.
WIPE_AFTER_BUILD=${WIPE_AFTER_BUILD:-no}
# Be kind, don't hit control-c! If you do, you might leave broken packages,
# logfiles, and locks in $TMP that will cause problems for you later. If you're
# not in a huge hurry to quit, create this file (replace with $TMP if needed):
# /tmp/make_world/lock/abort
# This will cause all instances of make_world.sh to exit when they complete the
# task they are working on.
rm -f $LOGDIR/lock/abort
BUILDLIST=${BUILDLIST:-$LOGDIR/buildlist}
if [ ! -r $BUILDLIST -a ! -r ${BUILDLIST}.lock ]; then
# The buildlist does not exist, so attempt to create one that builds
# everything except for the kernels (the kernel scripts are not compatible
# with make_world.sh, mostly because of the need to reboot the new kernel).
touch ${BUILDLIST} ${BUILDLIST}.lock
echo "Generating list of packages to build in ${BUILDLIST}..."
for script in ${SLACKWARE_SOURCE_DIRECTORY}*/*/*.SlackBuild ; do
# Only add the script if the SlackBuild name matches the directory name:
if [ "$(basename $(echo $script | cut -f 1 -d ' ') .SlackBuild)" = "$(echo $(dirname $(echo $script | cut -f 1 -d ' ')) | rev | cut -f 1 -d / | rev)" ]; then
if [ "$uname -m)" = "x86_64" -a "$(basename $(echo $script | cut -f 1 -d ' '))" = "isapnptools.SlackBuild" ]; then
# Don't try to build isapnptools on x86_64.
continue
fi
echo $script >> $BUILDLIST
fi
done
if [ -r ${SLACKWARE_SOURCE_DIRECTORY}kde/kde.SlackBuild ]; then
echo "${SLACKWARE_SOURCE_DIRECTORY}kde/kde.SlackBuild" >> $BUILDLIST
fi
rm -f ${BUILDLIST}.lock
# Set GEN_LIST_ONLY=yes if you'd like to exit after generating a build list.
# You might want to do this to comment some build scripts out first, or if
# you'd like to sort it into a "magic build order". ;-) This script is pretty
# good at just brute-forcing things, though (with a few runs).
if [ "$GEN_LIST_ONLY" = "yes" ]; then
echo "Generated ${BUILDLIST}. Exiting."
exit 0
fi
fi
if [ -r ${BUILDLIST}.lock ]; then
echo -n "Waiting for ${BUILDLIST}.lock to be removed..."
while [ 0 ]; do
if [ ! -r ${BUILDLIST}.lock ]; then
break
fi
sleep 5
done
echo " done."
fi
echo "Using buildlist $BUILDLIST."
# To use shuffle mode (build packages in a random order each time through),
# pass SHUFFLE=yes (or anything other than "no") to this script.
SHUFFLE=${SHUFFLE:-no}
if [ "$SHUFFLE" = "no" ]; then
SHUF=cat
else
SHUF=shuf
fi
# To keep repeating the build list, set $REPEAT to anything other than "no":
REPEAT=${REPEAT:-no}
# To always rebuild a SlackBuild even if already built packages are found, set
# FORCE_BUILD=yes:
FORCE_BUILD=${FORCE_BUILD:-no}
# Function to do the build:
do_build() {
if [ "$HAVE_GLOBAL_LOCK" = "true" ]; then
# Wait for other builds to complete
echo -n "have global lock, waiting for other builds to complete... "
while [ 0 ]; do
sleep 5
if ! /bin/ls $LOGDIR/lock/*.lock 1> /dev/null 2> /dev/null ; then
echo -n "done, continuing... "
break
fi
done
fi
# If we're trying again, we don't want to leave a failure log in the logs
# directory. But save it just in case...
if [ -r $LOGDIR/$(basename $(echo $buildscript | cut -f 1 -d ' ')).log.failed ]; then
mkdir -p $LOGDIR/faillog-backups
mv $LOGDIR/$(basename $(echo $buildscript | cut -f 1 -d ' ')).log.failed $LOGDIR/faillog-backups
fi
$buildscript &> $LOGDIR/$(basename $(echo $buildscript | cut -f 1 -d ' ')).log
if [ ! $? = 0 ]; then
# Exit code from SlackBuild indicated an error:
echo "$(PRINT_PACKAGE_NAME=foo $buildscript | head -n 1) failed to build."
mv $LOGDIR/$(basename $(echo $buildscript | cut -f 1 -d ' ')).log $LOGDIR/$(basename $(echo $buildscript | cut -f 1 -d ' ')).log.failed
elif [ ! -r $OUTPUT_LOCATION/$(PRINT_PACKAGE_NAME=foo $buildscript | head -n 1) ]; then
# No error code returned from SlackBuild, but the package(s) were not found.
# Possibly the SlackBuild doesn't honor $TMP, and a non-/tmp $TMP variable was set?
echo "$(PRINT_PACKAGE_NAME=foo $buildscript | head -n 1) failed to build."
mv $LOGDIR/$(basename $(echo $buildscript | cut -f 1 -d ' ')).log $LOGDIR/$(basename $(echo $buildscript | cut -f 1 -d ' ')).log.failed
else
# Figure out a progress report to include with the successful build message:
cat $BUILDLIST | grep -v "^$" | grep -v "^#" | sort | uniq | cut -f 1 -d ' ' | rev | cut -f 1 -d / | rev > $LOGDIR/tmp-pkgs-to-build.$$
# OK, we don't know if every *.log is actually finished if we're running
# more than one make_world.sh, but whatever. It's an estimate.
/bin/ls $LOGDIR/*.log | rev | cut -f 2,3 -d . | cut -f 1 -d / | rev > $LOGDIR/tmp-pkgs-built-or-building.$$
NUMTOTAL="$(cat $LOGDIR/tmp-pkgs-to-build.$$ | wc -l)"
NUMBUILT="$(grep -x -f $LOGDIR/tmp-pkgs-built-or-building.$$ $LOGDIR/tmp-pkgs-to-build.$$ | wc -l)"
rm -f $LOGDIR/tmp-pkgs-to-build.$$ $LOGDIR/tmp-pkgs-built-or-building.$$
echo "$(PRINT_PACKAGE_NAME=foo $buildscript | head -n 1) built successfully ($NUMBUILT/$NUMTOTAL)."
for package in $(PRINT_PACKAGE_NAME=foo $buildscript) ; do
upgradepkg --install-new --reinstall $OUTPUT_LOCATION/$package > /dev/null 2>&1
done
# The post-build cleanup is pretty sloppy. It will not clean up all of
# the build-related residue, and it may possibly delete some things that
# this script did not put there. It's also not compatible with running
# more than one copy of make_world.sh simultaneously.
# Think more than twice before using this.
if [ ! "$WIPE_AFTER_BUILD" = "no" ]; then
( cd $TMP
rm -f configure CMakeLists.txt
for findconfigure in */configure ; do
rm -rf "$(dirname $findconfigure)"
done
for findautogen in */autogen.sh ; do
rm -rf "$(dirname $findautogen)"
done
for findcmake in */CMakeLists.txt ; do
rm -rf "$(dirname $findcmake)"
done
for findmake in */Makefile ; do
rm -rf "$(dirname $findmake)"
done
for findmeson in */meson.build ; do
rm -rf "$(dirname $findmeson)"
done
for findpython in */setup.py ; do
rm -rf "$(dirname $findpython)"
done
rm -rf package-*
)
fi
fi
}
# Main loop:
while [ 0 ]; do
# Skip any blank lines or lines in the buildlist that begin with #:
cat $BUILDLIST | grep -v "^$" | grep -v "^#" | $SHUF | while read buildscript ; do
if [ -r $LOGDIR/lock/abort ]; then
echo "Exiting (abort requested)."
exit 0
fi
# If there's a global lock, we have to wait for it to be released:
if [ -r $LOGDIR/lock/lock.global ]; then
HELD_BY="$(cat $LOGDIR/lock/lock.global)"
echo -n "Waiting for global lock release (held by ${HELD_BY})... "
while [ 0 ]; do
sleep 10
if [ ! -r $LOGDIR/lock/lock.global ]; then
echo "released."
break
fi
if [ ! "${HELD_BY}" = "$(cat $LOGDIR/lock/lock.global)" ]; then
HELD_BY="$(cat $LOGDIR/lock/lock.global)"
echo
echo -n "Waiting for global lock release (held by ${HELD_BY})... "
fi
done
fi
echo -n "Working on $buildscript... "
if [ -r $OUTPUT_LOCATION/$(PRINT_PACKAGE_NAME=foo $buildscript | head -n 1) -a $FORCE_BUILD = no ]; then
echo "skipping because built package(s) were found."
continue
fi
# Use flock to only allow one instance of this script to work on a given
# SlackBuild script at a time. If the SlackBuild is already locked, we'll
# just move on to the next one. Yes, you can run more than one copy of this
# script at the same time to speed things up!
#
# See if we need a global lock. Some SlackBuilds are disruptive and other
# builds should not take place until they have completed. For example, perl
# removes itself from the system during the build. Assume that we need a
# global lock for any package that uses removepkg, upgradepkg, slacktrack,
# or trackbuild. Also, you may add the identifier REQUIRE_GLOBAL_LOCK
# anywhere in a SlackBuild script to make it require the global lock.
HAVE_GLOBAL_LOCK=false
if grep -q -e removepkg -e upgradepkg -e slacktrack -e trackbuild -e REQUIRE_GLOBAL_LOCK $(dirname $(echo $buildscript | cut -f 1 -d ' '))/$(basename $(echo $buildscript | cut -f 1 -d ' ')) ; then
# pkgtools, x11, and KDE all trigger the detection above, but none of them
# really need the global lock. So only request the lock if the build
# script is not one of those.
if ! echo "$(basename $(echo $buildscript | cut -f 1 -d ' '))" | grep -q -x -e pkgtools.SlackBuild -e x11.SlackBuild -e kde.SlackBuild ; then
HAVE_GLOBAL_LOCK=true
fi
fi
if [ "$HAVE_GLOBAL_LOCK" = "true" ]; then
( flock 9 || exit 11
echo $(basename $(echo $buildscript | cut -f 1 -d ' ')) >> $LOGDIR/lock/lock.global
do_build
) 9> $LOGDIR/lock/lock.global
# Remove lock file:
rm -f $LOGDIR/lock/lock.global
else
( flock -n 9 || exit 11
do_build
) 9> $LOGDIR/lock/$(basename $(echo $buildscript | cut -f 1 -d ' ')).lock
if [ $? = 11 ]; then
echo "skipping (locked by another make_world.sh instance)."
continue
fi
# Remove lock file:
rm -f $LOGDIR/lock/$(basename $(echo $buildscript | cut -f 1 -d ' ')).lock
fi
done
if [ "$REPEAT" = "no" ]; then
break
else
# Figure out if we skipped everything and exit REPEAT mode if we did:
cat $BUILDLIST | grep -v "^$" | grep -v "^#" | sort | uniq | cut -f 1 -d ' ' | rev | cut -f 1 -d / | rev > $LOGDIR/tmp-pkgs-to-build.$$
/bin/ls $LOGDIR/*.log | rev | cut -f 2,3 -d . | cut -f 1 -d / | rev > $LOGDIR/tmp-pkgs-built-or-building.$$
NUMTOTAL="$(cat $LOGDIR/tmp-pkgs-to-build.$$ | wc -l)"
NUMBUILT="$(grep -x -f $LOGDIR/tmp-pkgs-built-or-building.$$ $LOGDIR/tmp-pkgs-to-build.$$ | wc -l)"
rm -f $LOGDIR/tmp-pkgs-to-build.$$ $LOGDIR/tmp-pkgs-built-or-building.$$
if [ "$NUMTOTAL" = "$NUMBUILT" ]; then
echo "All packages have been built ($NUMBUILT/$NUMTOTAL). Exiting."
break
else
echo "Repeating BUILDLIST since some packages are not built yet ($NUMBUILT/$NUMTOTAL complete)."
fi
fi
done

1
testing/source/PAM/source Symbolic link
View file

@ -0,0 +1 @@
../../../source

View file

@ -1,247 +0,0 @@
#!/bin/bash
# Copyright 2005-2018 Patrick J. Volkerding, Sebeka, Minnesota, USA
# All rights reserved.
#
# Redistribution and use of this script, with or without modification, is
# permitted provided that the following conditions are met:
#
# 1. Redistributions of this script must retain the above copyright
# notice, this list of conditions and the following disclaimer.
#
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
# Modified 2011 by Eric Hameleers <alien at slackware.com> for ARM port.
cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=binutils
VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
BUILD=${BUILD:-1}
# Automatically determine the architecture we're building on:
MARCH=$( uname -m )
if [ -z "$ARCH" ]; then
case "$MARCH" in
i?86) export ARCH=i586 ;;
armv7hl) export ARCH=$MARCH ;;
arm*) export ARCH=arm ;;
# Unless $ARCH is already set, use uname -m for all other archs:
*) export ARCH=$MARCH ;;
esac
fi
# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
# the name of the created package would be, and then exit. This information
# could be useful to other scripts.
if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
exit 0
fi
NUMJOBS=${NUMJOBS:-" -j$(expr $(nproc) + 1) "}
# Set to ld.gold or ld.bfd:
DEFAULT_LD=ld.bfd
if [ "$ARCH" = "i586" ]; then
SLKCFLAGS="-O2 -march=i586 -mtune=i686"
# The config option below is currently needed to compile on x86:
WERROR="--enable-werror=no"
LIBDIRSUFFIX=""
elif [ "$ARCH" = "i686" ]; then
SLKCFLAGS="-O2 -march=i686 -mtune=i686"
# The config option below is currently needed to compile on x86:
WERROR="--enable-werror=no"
LIBDIRSUFFIX=""
elif [ "$ARCH" = "s390" ]; then
SLKCFLAGS="-O2"
LIBDIRSUFFIX=""
elif [ "$ARCH" = "x86_64" ]; then
SLKCFLAGS="-O2 -fPIC"
LIBDIRSUFFIX="64"
elif [ "$ARCH" = "armv7hl" ]; then
SLKCFLAGS="-O2 -march=armv7-a -mfpu=vfpv3-d16"
LIBDIRSUFFIX=""
else
SLKCFLAGS="-O2"
LIBDIRSUFFIX=""
fi
case "$ARCH" in
arm*) TARGET=$ARCH-slackware-linux-gnueabi ;;
*) TARGET=$ARCH-slackware-linux ;;
esac
TMP=${TMP:-/tmp}
PKG=$TMP/package-binutils
rm -rf $PKG
mkdir -p $TMP $PKG
cd $TMP
rm -rf binutils-$VERSION
tar xvf $CWD/binutils-$VERSION.tar.?z || exit 1
cd binutils-$VERSION || exit 1
# Various upstream patches:
zcat $CWD/patches/binutils-2.20.51.0.2-libtool-lib64.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/patches/binutils-2.25-version.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/patches/binutils-2.25-set-long-long.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/patches/binutils-2.20.51.0.10-copy-osabi.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/patches/binutils-2.20.51.0.10-sec-merge-emit.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/patches/binutils-2.24-ldforcele.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/patches/binutils-2.25.1-cleansweep.patch.gz | patch -p2 --verbose || exit 1
# Export the demangle.h header file:
zcat $CWD/patches/binutils.export.demangle.h.diff.gz | patch -p1 --verbose || exit 1
# Don't check to see if "config.h" was included in the installed headers:
zcat $CWD/patches/binutils.no-config-h-check.diff.gz | patch -p1 --verbose || exit 1
# Set %version to something halfway meaningful:
sed -i -e 's/%''{release}/slack15/g' bfd/Makefile{.am,.in}
chown -R root:root .
find . \
\( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
-exec chmod 755 {} \+ -o \
\( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
-exec chmod 644 {} \+
# End of preparations
if echo "$*" | grep -qw -- --prep ; then
exit 0
fi
# Build for an x86 glibc2-based Linux system:
CFLAGS="$SLKCFLAGS" \
./configure \
--prefix=/usr \
--libdir=/usr/lib${LIBDIRSUFFIX} \
--mandir=/usr/man \
--infodir=/usr/info \
--with-docdir=/usr/doc/binutils-$VERSION \
--disable-compressed-debug-sections \
--enable-shared \
--enable-multilib \
--enable-64-bit-bfd \
--enable-plugins \
--enable-threads \
--enable-targets=i386-efi-pe,${TARGET} \
--enable-install-libiberty \
--enable-gold=yes \
--enable-ld=default \
--enable-initfini-array \
$WERROR \
--build=$TARGET \
|| exit 1
# Use "tooldir=/usr" to avoid internal references to the /usr/${TARGET}/
# directory. While binutils won't actually use that directory after this,
# we'll still create it since some people have made local use of it.
# Note that this will place ldscripts in /usr/lib, even on $ARCH that
# use LIBDIRSUFFIX=64. According to Ian Lance Taylor, the ldscripts have
# been built into the linker for quite some time and the ones in the
# filesystem aren't actually loaded. For the most part they are now
# documentation and it doesn't matter where they reside.
make clean || exit 1
make tooldir=/usr $NUMJOBS || make tooldir=/usr || exit 1
make tooldir=/usr install DESTDIR=$PKG || exit 1
# Using tooldir=/usr also makes the /usr/${TARGET}/lib${LIBDIRSUFFIX}
# directory obsolete, and the build will no longer install it. But since
# some people might be making local use of that directory, we'll install
# it anyway:
mkdir -p $PKG/usr/${TARGET}/lib${LIBDIRSUFFIX}
# Same with /usr/${TARGET}/bin:
mkdir -p $PKG/usr/${TARGET}/bin
# Don't ship .la files:
rm -f $PKG/{,usr/}lib${LIBDIRSUFFIX}/*.la
# COMMENTED OUT, since a valid use case was provided for windres on Linux.
# None of these tools are very large, and unless they can be shown to be
# non-functional, there's no good reason to exclude them.
## Remove Windows specific tools / docs (if they exist):
#rm -f $PKG/usr/bin/{dlltool,nlmconv,windres,windmc}
#rm -f $PKG/usr/man/man1/{dlltool,nlmconv,windres,windmc}*
# Add a symlink since binutils's version of strings used to be called
# "strings-GNU" on Slackware, and it's possible that people have scripts
# that use that name:
( cd $PKG/usr/bin ; ln -sf strings strings-GNU )
## OBSOLETE, since we're using tooldir=/usr. But we'll keep this cruft as a
## reference until we get the all clear on the tooldir= changes. :-)
## Move ldscripts to /usr/lib${LIBDIRSUFFIX}, and then put symlinks in place
#mv $PKG/usr/${TARGET}/lib/ldscripts $PKG/usr/lib${LIBDIRSUFFIX}
#( cd $PKG/usr/${TARGET}
# ln -s /usr/lib${LIBDIRSUFFIX}/ldscripts lib/ldscripts
# for FILE in ar as ld ld.bfd ld.gold nm objcopy objdump ranlib strip ; do
# if [ -r "/usr/bin/$FILE" ]; then
# rm -f bin/$FILE
# ln -s /usr/bin/$FILE bin/$FILE
# fi
# done
#)
# If the requested default linker is present, make it the default:
# Set the link differently on the system to change the default at runtime.
if [ -r $PKG/usr/bin/$DEFAULT_LD ]; then
( cd $PKG/usr/bin ; rm -f ld ; ln -sf $DEFAULT_LD ld )
fi
find $PKG | xargs file | grep -e "executable" -e "shared object" \
| grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
# Remove some unneeded man pages, and then compress the rest
rm -f $PKG/usr/man/man1/{dlltool,windres}.1
( cd $PKG/usr/man
find . -type f -exec gzip -9 {} \+
for i in $(find . -type l) ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done
)
# Compress info pages
rm -f $PKG/usr/info/dir
gzip -9 $PKG/usr/info/*
mkdir -p $PKG/usr/doc/binutils-$VERSION
cp \
$CWD/release.binutils-* \
COPYING* ChangeLog.linux MAI* README* \
$PKG/usr/doc/binutils-$VERSION
# If there's a ChangeLog, installing at least part of the recent history
# is useful, but don't let it get totally out of control:
if [ -r ChangeLog ]; then
DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION)
cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog
touch -r ChangeLog $DOCSDIR/ChangeLog
fi
chown -R root:root $PKG/usr/doc/binutils-$VERSION
# Add slack-desc:
mkdir -p $PKG/install
cat $CWD/slack-desc > $PKG/install/slack-desc
cd $PKG
/sbin/makepkg -l y -c n $TMP/binutils-$VERSION-$ARCH-$BUILD.txz
cat << EOF
#############################
oprofile links to libbfd so
be sure to recompile that
#############################
EOF

View file

@ -1,16 +0,0 @@
--- binutils-2.26.orig/bfd/elf.c 2016-01-25 10:11:33.482288877 +0000
+++ binutils-2.26/bfd/elf.c 2016-01-25 10:16:48.520223863 +0000
@@ -1300,6 +1300,13 @@ _bfd_elf_copy_private_bfd_data (bfd *ibf
}
}
+ /* If the input BFD has the OSABI field set and the
+ output BFD does not, then copy the value. */
+ if (elf_elfheader (ibfd)->e_ident [EI_OSABI] != ELFOSABI_NONE
+ && elf_elfheader (obfd)->e_ident [EI_OSABI] == ELFOSABI_NONE)
+ elf_elfheader (obfd)->e_ident [EI_OSABI] =
+ elf_elfheader (ibfd)->e_ident [EI_OSABI];
+
return TRUE;
}

View file

@ -1,11 +0,0 @@
--- binutils-2.26.orig/bfd/merge.c 2016-01-25 10:11:33.505289018 +0000
+++ binutils-2.26/bfd/merge.c 2016-01-25 10:19:56.961381656 +0000
@@ -334,7 +334,7 @@ sec_merge_emit (bfd *abfd, struct sec_me
/* Trailing alignment needed? */
off = sec->size - off;
- if (off != 0)
+ if (off != 0 && alignment_power)
{
if (contents)
memcpy (contents + offset, pad, off);

View file

@ -1,236 +0,0 @@
diff -rcp ../binutils-2.20.51.0.7.original/bfd/configure ./bfd/configure
--- a/bfd/configure 2010-04-08 14:53:48.000000000 +0100
+++ b/bfd/configure 2010-04-08 14:56:50.000000000 +0100
@@ -10762,10 +10762,34 @@
# before this can be enabled.
hardcode_into_libs=yes
+ # find out which ABI we are using
+ libsuff=
+ case "$host_cpu" in
+ x86_64*|s390*|powerpc*|ppc*|sparc*)
+ echo 'int i;' > conftest.$ac_ext
+ if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; then
+ case `/usr/bin/file conftest.$ac_objext` in
+ *64-bit*)
+ libsuff=64
+ if test x"$sys_lib_search_path_spec" = x"/lib /usr/lib /usr/local/lib"; then
+ sys_lib_search_path_spec="/lib${libsuff} /usr/lib${libsuff} /usr/local/lib${libsuff}"
+ fi
+ sys_lib_dlsearch_path_spec="/lib${libsuff} /usr/lib${libsuff}"
+ ;;
+ esac
+ fi
+ rm -rf conftest*
+ ;;
+ esac
+
# Append ld.so.conf contents to the search path
if test -f /etc/ld.so.conf; then
lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s 2>/dev/null", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;/^[ ]*hwcap[ ]/d;s/[:, ]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;s/"//g;/^$/d' | tr '\n' ' '`
- sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra"
+ sys_lib_dlsearch_path_spec="/lib${libsuff} /usr/lib${libsuff} $lt_ld_extra"
fi
# We used to test for /lib/ld.so.1 and disable shared libraries on
diff -rcp ../binutils-2.20.51.0.7.original/binutils/configure ./binutils/configure
--- a/binutils/configure 2010-04-08 14:53:45.000000000 +0100
+++ b/binutils/configure 2010-04-08 14:56:21.000000000 +0100
@@ -10560,10 +10560,34 @@
# before this can be enabled.
hardcode_into_libs=yes
+ # find out which ABI we are using
+ libsuff=
+ case "$host_cpu" in
+ x86_64*|s390*|powerpc*|ppc*|sparc*)
+ echo 'int i;' > conftest.$ac_ext
+ if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; then
+ case `/usr/bin/file conftest.$ac_objext` in
+ *64-bit*)
+ libsuff=64
+ if test x"$sys_lib_search_path_spec" = x"/lib /usr/lib /usr/local/lib"; then
+ sys_lib_search_path_spec="/lib${libsuff} /usr/lib${libsuff} /usr/local/lib${libsuff}"
+ fi
+ sys_lib_dlsearch_path_spec="/lib${libsuff} /usr/lib${libsuff}"
+ ;;
+ esac
+ fi
+ rm -rf conftest*
+ ;;
+ esac
+
# Append ld.so.conf contents to the search path
if test -f /etc/ld.so.conf; then
lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s 2>/dev/null", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;/^[ ]*hwcap[ ]/d;s/[:, ]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;s/"//g;/^$/d' | tr '\n' ' '`
- sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra"
+ sys_lib_dlsearch_path_spec="/lib${libsuff} /usr/lib${libsuff} $lt_ld_extra"
fi
# We used to test for /lib/ld.so.1 and disable shared libraries on
diff -rcp ../binutils-2.20.51.0.7.original/gas/configure ./gas/configure
--- a/gas/configure 2010-04-08 14:53:47.000000000 +0100
+++ b/gas/configure 2010-04-08 14:57:24.000000000 +0100
@@ -10547,10 +10547,34 @@
# before this can be enabled.
hardcode_into_libs=yes
+ # find out which ABI we are using
+ libsuff=
+ case "$host_cpu" in
+ x86_64*|s390*|powerpc*|ppc*|sparc*)
+ echo 'int i;' > conftest.$ac_ext
+ if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; then
+ case `/usr/bin/file conftest.$ac_objext` in
+ *64-bit*)
+ libsuff=64
+ if test x"$sys_lib_search_path_spec" = x"/lib /usr/lib /usr/local/lib"; then
+ sys_lib_search_path_spec="/lib${libsuff} /usr/lib${libsuff} /usr/local/lib${libsuff}"
+ fi
+ sys_lib_dlsearch_path_spec="/lib${libsuff} /usr/lib${libsuff}"
+ ;;
+ esac
+ fi
+ rm -rf conftest*
+ ;;
+ esac
+
# Append ld.so.conf contents to the search path
if test -f /etc/ld.so.conf; then
lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s 2>/dev/null", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;/^[ ]*hwcap[ ]/d;s/[:, ]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;s/"//g;/^$/d' | tr '\n' ' '`
- sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra"
+ sys_lib_dlsearch_path_spec="/lib${libsuff} /usr/lib${libsuff} $lt_ld_extra"
fi
# We used to test for /lib/ld.so.1 and disable shared libraries on
diff -rcp ../binutils-2.20.51.0.7.original/gprof/configure ./gprof/configure
--- a/gprof/configure 2010-04-08 14:53:45.000000000 +0100
+++ b/gprof/configure 2010-04-08 14:57:50.000000000 +0100
@@ -10485,10 +10485,34 @@
# before this can be enabled.
hardcode_into_libs=yes
+ # find out which ABI we are using
+ libsuff=
+ case "$host_cpu" in
+ x86_64*|s390*|powerpc*|ppc*|sparc*)
+ echo 'int i;' > conftest.$ac_ext
+ if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; then
+ case `/usr/bin/file conftest.$ac_objext` in
+ *64-bit*)
+ libsuff=64
+ if test x"$sys_lib_search_path_spec" = x"/lib /usr/lib /usr/local/lib"; then
+ sys_lib_search_path_spec="/lib${libsuff} /usr/lib${libsuff} /usr/local/lib${libsuff}"
+ fi
+ sys_lib_dlsearch_path_spec="/lib${libsuff} /usr/lib${libsuff}"
+ ;;
+ esac
+ fi
+ rm -rf conftest*
+ ;;
+ esac
+
# Append ld.so.conf contents to the search path
if test -f /etc/ld.so.conf; then
lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s 2>/dev/null", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;/^[ ]*hwcap[ ]/d;s/[:, ]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;s/"//g;/^$/d' | tr '\n' ' '`
- sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra"
+ sys_lib_dlsearch_path_spec="/lib${libsuff} /usr/lib${libsuff} $lt_ld_extra"
fi
# We used to test for /lib/ld.so.1 and disable shared libraries on
diff -rcp ../binutils-2.20.51.0.7.original/ld/configure ./ld/configure
--- a/ld/configure 2010-04-08 14:53:44.000000000 +0100
+++ b/ld/configure 2010-04-08 14:58:21.000000000 +0100
@@ -10966,10 +10966,34 @@
# before this can be enabled.
hardcode_into_libs=yes
+ # find out which ABI we are using
+ libsuff=
+ case "$host_cpu" in
+ x86_64*|s390*|powerpc*|ppc*|sparc*)
+ echo 'int i;' > conftest.$ac_ext
+ if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; then
+ case `/usr/bin/file conftest.$ac_objext` in
+ *64-bit*)
+ libsuff=64
+ if test x"$sys_lib_search_path_spec" = x"/lib /usr/lib /usr/local/lib"; then
+ sys_lib_search_path_spec="/lib${libsuff} /usr/lib${libsuff} /usr/local/lib${libsuff}"
+ fi
+ sys_lib_dlsearch_path_spec="/lib${libsuff} /usr/lib${libsuff}"
+ ;;
+ esac
+ fi
+ rm -rf conftest*
+ ;;
+ esac
+
# Append ld.so.conf contents to the search path
if test -f /etc/ld.so.conf; then
lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s 2>/dev/null", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;/^[ ]*hwcap[ ]/d;s/[:, ]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;s/"//g;/^$/d' | tr '\n' ' '`
- sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra"
+ sys_lib_dlsearch_path_spec="/lib${libsuff} /usr/lib${libsuff} $lt_ld_extra"
fi
# We used to test for /lib/ld.so.1 and disable shared libraries on
Only in .: .#libtool.m4
Only in .: #libtool.m4#
diff -rcp ../binutils-2.20.51.0.7.original/opcodes/configure ./opcodes/configure
--- a/opcodes/configure 2010-04-08 14:53:45.000000000 +0100
+++ b/opcodes/configure 2010-04-08 14:59:10.000000000 +0100
@@ -10496,10 +10496,34 @@
# before this can be enabled.
hardcode_into_libs=yes
+ # find out which ABI we are using
+ libsuff=
+ case "$host_cpu" in
+ x86_64*|s390*|powerpc*|ppc*|sparc*)
+ echo 'int i;' > conftest.$ac_ext
+ if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; then
+ case `/usr/bin/file conftest.$ac_objext` in
+ *64-bit*)
+ libsuff=64
+ if test x"$sys_lib_search_path_spec" = x"/lib /usr/lib /usr/local/lib"; then
+ sys_lib_search_path_spec="/lib${libsuff} /usr/lib${libsuff} /usr/local/lib${libsuff}"
+ fi
+ sys_lib_dlsearch_path_spec="/lib${libsuff} /usr/lib${libsuff}"
+ ;;
+ esac
+ fi
+ rm -rf conftest*
+ ;;
+ esac
+
# Append ld.so.conf contents to the search path
if test -f /etc/ld.so.conf; then
lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s 2>/dev/null", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;/^[ ]*hwcap[ ]/d;s/[:, ]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;s/"//g;/^$/d' | tr '\n' ' '`
- sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra"
+ sys_lib_dlsearch_path_spec="/lib${libsuff} /usr/lib${libsuff} $lt_ld_extra"
fi
# We used to test for /lib/ld.so.1 and disable shared libraries on

View file

@ -1,54 +0,0 @@
Common subdirectories: ../binutils-2.24.orig/ld/emulparams and ld/emulparams
Common subdirectories: ../binutils-2.24.orig/ld/emultempl and ld/emultempl
diff -up ../binutils-2.24.orig/ld/ldlang.c ld/ldlang.c
--- a/ld/ldlang.c 2014-05-09 10:35:04.589504928 +0100
+++ b/ld/ldlang.c 2014-05-09 10:35:55.515661478 +0100
@@ -7096,6 +7096,18 @@
&& little != NULL)
format = little;
+ if (getenv ("LD_FORCE_LE") != NULL)
+ {
+ if (strcmp (format, "elf64-powerpc") == 0)
+ format = "elf64-powerpcle";
+ else if (strcmp (format, "elf32-powerpc") == 0)
+ format = "elf32-powerpcle";
+ else if (strcmp (format, "elf64-big") == 0)
+ format = "elf64-little";
+ else if (strcmp (format, "elf32-big") == 0)
+ format = "elf32-little";
+ }
+
output_target = format;
}
}
Only in ld: ldlang.c.orig
diff -up ../binutils-2.24.orig/ld/ldmain.c ld/ldmain.c
--- a/ld/ldmain.c 2014-05-09 10:35:04.593504941 +0100
+++ b/ld/ldmain.c 2014-05-09 10:35:55.515661478 +0100
@@ -603,6 +603,18 @@
}
}
+ if ((strncmp (emulation, "elf64ppc", 8) == 0
+ || strncmp (emulation, "elf32ppc", 8) == 0)
+ && getenv ("LD_FORCE_LE") != NULL)
+ {
+ size_t len = strlen (emulation);
+ char *le = xmalloc (len + 2);
+ memcpy (le, emulation, 5);
+ le[5] = 'l';
+ memcpy (le + 6, emulation + 5, len - 4);
+ emulation = le;
+ }
+
return emulation;
}
Only in ld: ldmain.c.orig
Common subdirectories: ../binutils-2.24.orig/ld/ldscripts and ld/ldscripts
Common subdirectories: ../binutils-2.24.orig/ld/.libs and ld/.libs
Common subdirectories: ../binutils-2.24.orig/ld/po and ld/po
Common subdirectories: ../binutils-2.24.orig/ld/scripttempl and ld/scripttempl
Common subdirectories: ../binutils-2.24.orig/ld/testsuite and ld/testsuite
Common subdirectories: ../binutils-2.24.orig/ld/tmpdir and ld/tmpdir

View file

@ -1,38 +0,0 @@
diff -up binutils-2.25.orig/bfd/configure.ac binutils-2.25/bfd/configure.ac
--- binutils-2.25.orig/bfd/configure.ac 2014-12-24 10:34:45.590491143 +0000
+++ binutils-2.25/bfd/configure.ac 2014-12-24 10:36:12.997981992 +0000
@@ -183,11 +183,13 @@ if test "x${ac_cv_sizeof_long}" = "x8";
BFD_HOST_64BIT_LONG=1
test -n "${HOST_64BIT_TYPE}" || HOST_64BIT_TYPE="long"
test -n "${HOST_U_64BIT_TYPE}" || HOST_U_64BIT_TYPE="unsigned long"
-elif test "x${ac_cv_sizeof_long_long}" = "x8"; then
+fi
+if test "x${ac_cv_sizeof_long_long}" = "x8"; then
BFD_HOST_64BIT_LONG_LONG=1
test -n "${HOST_64BIT_TYPE}" || HOST_64BIT_TYPE="long long"
test -n "${HOST_U_64BIT_TYPE}" || HOST_U_64BIT_TYPE="unsigned long long"
- if test "x${ac_cv_sizeof_void_p}" = "x8"; then
+ if test "x${ac_cv_sizeof_void_p}" = "x8" \
+ -a "x${ac_cv_sizeof_long}" != "x8"; then
BFD_HOSTPTR_T="unsigned long long"
fi
fi
diff -up ../binutils-2.20.51.0.7.original/bfd/configure ./bfd/configure
--- a/bfd/configure 2010-04-08 15:23:58.000000000 +0100
+++ b/bfd/configure 2010-04-08 15:24:06.000000000 +0100
@@ -12819,11 +12819,13 @@
BFD_HOST_64BIT_LONG=1
test -n "${HOST_64BIT_TYPE}" || HOST_64BIT_TYPE="long"
test -n "${HOST_U_64BIT_TYPE}" || HOST_U_64BIT_TYPE="unsigned long"
-elif test "x${ac_cv_sizeof_long_long}" = "x8"; then
+fi
+if test "x${ac_cv_sizeof_long_long}" = "x8"; then
BFD_HOST_64BIT_LONG_LONG=1
test -n "${HOST_64BIT_TYPE}" || HOST_64BIT_TYPE="long long"
test -n "${HOST_U_64BIT_TYPE}" || HOST_U_64BIT_TYPE="unsigned long long"
- if test "x${ac_cv_sizeof_void_p}" = "x8"; then
+ if test "x${ac_cv_sizeof_void_p}" = "x8" \
+ -a "x${ac_cv_sizeof_long}" != "x8"; then
BFD_HOSTPTR_T="unsigned long long"
fi
fi

View file

@ -1,44 +0,0 @@
--- binutils-2.26.orig/bfd/Makefile.am 2016-01-25 10:11:33.505289018 +0000
+++ binutils-2.26/bfd/Makefile.am 2016-01-25 10:13:23.489964145 +0000
@@ -1043,8 +1043,8 @@ DISTCLEANFILES = $(BUILD_CFILES) $(BUILD
bfdver.h: $(srcdir)/version.h $(srcdir)/development.sh $(srcdir)/Makefile.in
@echo "creating $@"
@bfd_version=`echo "$(VERSION)" | $(SED) -e 's/\([^\.]*\)\.*\([^\.]*\)\.*\([^\.]*\)\.*\([^\.]*\)\.*\([^\.]*\).*/\1.00\2.00\3.00\4.00\5/' -e 's/\([^\.]*\)\..*\(..\)\..*\(..\)\..*\(..\)\..*\(..\)$$/\1\2\3\4\5/'` ;\
- bfd_version_string="\"$(VERSION)\"" ;\
- bfd_soversion="$(VERSION)" ;\
+ bfd_version_string="\"$(VERSION)-%{release}\"" ;\
+ bfd_soversion="$(VERSION)-%{release}" ;\
bfd_version_package="\"$(PKGVERSION)\"" ;\
report_bugs_to="\"$(REPORT_BUGS_TO)\"" ;\
. $(srcdir)/development.sh ;\
@@ -1055,7 +1055,7 @@ bfdver.h: $(srcdir)/version.h $(srcdir)/
fi ;\
$(SED) -e "s,@bfd_version@,$$bfd_version," \
-e "s,@bfd_version_string@,$$bfd_version_string," \
- -e "s,@bfd_version_package@,$$bfd_version_package," \
+ -e "s,@bfd_version_package@,\"version \"," \
-e "s,@report_bugs_to@,$$report_bugs_to," \
< $(srcdir)/version.h > $@; \
echo "$${bfd_soversion}" > libtool-soversion
--- binutils-2.26.orig/bfd/Makefile.in 2016-01-25 10:11:33.505289018 +0000
+++ binutils-2.26/bfd/Makefile.in 2016-01-25 10:14:17.818297941 +0000
@@ -2111,8 +2111,8 @@ stmp-lcoff-h: $(LIBCOFF_H_FILES)
bfdver.h: $(srcdir)/version.h $(srcdir)/development.sh $(srcdir)/Makefile.in
@echo "creating $@"
@bfd_version=`echo "$(VERSION)" | $(SED) -e 's/\([^\.]*\)\.*\([^\.]*\)\.*\([^\.]*\)\.*\([^\.]*\)\.*\([^\.]*\).*/\1.00\2.00\3.00\4.00\5/' -e 's/\([^\.]*\)\..*\(..\)\..*\(..\)\..*\(..\)\..*\(..\)$$/\1\2\3\4\5/'` ;\
- bfd_version_string="\"$(VERSION)\"" ;\
- bfd_soversion="$(VERSION)" ;\
+ bfd_version_string="\"$(VERSION)-%{release}\"" ;\
+ bfd_soversion="$(VERSION)-%{release}" ;\
bfd_version_package="\"$(PKGVERSION)\"" ;\
report_bugs_to="\"$(REPORT_BUGS_TO)\"" ;\
. $(srcdir)/development.sh ;\
@@ -2123,7 +2123,7 @@ bfdver.h: $(srcdir)/version.h $(srcdir)/
fi ;\
$(SED) -e "s,@bfd_version@,$$bfd_version," \
-e "s,@bfd_version_string@,$$bfd_version_string," \
- -e "s,@bfd_version_package@,$$bfd_version_package," \
+ -e "s,@bfd_version_package@,\"version \"," \
-e "s,@report_bugs_to@,$$report_bugs_to," \
< $(srcdir)/version.h > $@; \
echo "$${bfd_soversion}" > libtool-soversion

View file

@ -1,63 +0,0 @@
--- ../binutils-2.25.1.orig/ld/testsuite/ld-plugin/lto.exp 2016-01-08 15:24:58.241083264 +0000
+++ ld/testsuite/ld-plugin/lto.exp 2016-01-08 16:30:51.845827089 +0000
@@ -386,6 +386,11 @@ if { [at_least_gcc_version 4 7] } {
}
}
+# Fedora specific binutils patches break some of the tests that follow...
+restore_notify
+return
+
+
# Run "ld -r" to generate inputs for complex LTO tests.
run_dump_test "lto-3r"
remote_exec host "mv" "tmpdir/dump tmpdir/lto-3.o"
--- ../binutils-2.26.orig/ld/testsuite/ld-size/size.exp 2016-01-27 15:51:27.223093570 +0000
+++ ld/testsuite/ld-size/size.exp 2016-01-27 16:00:04.262015016 +0000
@@ -113,37 +113,6 @@ run_cc_link_tests [list \
"libsize-6b.so" \
] \
[list \
- "Build libsize-7.so" \
- "-shared" \
- "-fPIC" \
- {size-7b.c} \
- {} \
- "libsize-7.so" \
- ] \
- [list \
- "Build size-7" \
- "$NOPIE_LDFLAGS -Wl,--no-as-needed tmpdir/libsize-7.so" \
- "$NOPIE_CFLAGS" \
- {size-7a.c} \
- {{readelf -rW size-7.rd}} \
- "size-7.exe" \
- ] \
- [list \
- "Build libsize-8.so" \
- "-shared" "-fPIC" \
- {size-8b.c} \
- {} \
- "libsize-8.so" \
- ] \
- [list \
- "Build size-8" \
- "$NOPIE_LDFLAGS -Wl,--no-as-needed tmpdir/libsize-8.so" \
- "$NOPIE_CFLAGS" \
- {size-8a.c} \
- {{readelf -rW size-8.rd}} \
- "size-8.exe" \
- ] \
- [list \
"Build libsize-9.so" \
"-shared" \
"-fPIC" \
@@ -161,6 +130,8 @@ run_cc_link_tests [list \
] \
]
+return
+
# Check if size relocation works at run-time.
catch "exec tmpdir/size-7.exe > tmpdir/dump.out" exec_output
if ![string match "" $exec_output] then {

View file

@ -1,30 +0,0 @@
--- ./bfd/Makefile.in.orig 2019-02-02 09:47:56.000000000 -0600
+++ ./bfd/Makefile.in 2019-02-02 14:10:55.709944225 -0600
@@ -249,7 +249,7 @@
esac
am__bfdinclude_HEADERS_DIST = $(INCDIR)/plugin-api.h bfd.h \
$(INCDIR)/ansidecl.h $(INCDIR)/symcat.h bfd_stdint.h \
- $(INCDIR)/diagnostics.h $(INCDIR)/bfdlink.h
+ $(INCDIR)/diagnostics.h $(INCDIR)/bfdlink.h $(INCDIR)/demangle.h
HEADERS = $(bfdinclude_HEADERS)
RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \
distclean-recursive maintainer-clean-recursive
@@ -469,6 +469,7 @@
@INSTALL_LIBBFD_TRUE@bfdinclude_HEADERS = $(BFD_H) \
@INSTALL_LIBBFD_TRUE@ $(INCDIR)/ansidecl.h $(INCDIR)/symcat.h \
@INSTALL_LIBBFD_TRUE@ bfd_stdint.h $(INCDIR)/diagnostics.h \
+@INSTALL_LIBBFD_TRUE@ $(INCDIR)/demangle.h \
@INSTALL_LIBBFD_TRUE@ $(INCDIR)/bfdlink.h $(am__append_2)
@INSTALL_LIBBFD_FALSE@rpath_bfdlibdir = @bfdlibdir@
@INSTALL_LIBBFD_FALSE@noinst_LTLIBRARIES = libbfd.la
--- ./bfd/Makefile.am.orig 2019-01-19 10:01:32.000000000 -0600
+++ ./bfd/Makefile.am 2019-02-02 14:09:28.363952384 -0600
@@ -33,7 +33,7 @@
bfdincludedir = @bfdincludedir@
bfdlib_LTLIBRARIES = libbfd.la
bfdinclude_HEADERS = $(BFD_H) $(INCDIR)/ansidecl.h $(INCDIR)/symcat.h \
- bfd_stdint.h $(INCDIR)/diagnostics.h $(INCDIR)/bfdlink.h
+ bfd_stdint.h $(INCDIR)/diagnostics.h $(INCDIR)/bfdlink.h $(INCDIR)/demangle.h
else !INSTALL_LIBBFD
# Empty these so that the respective installation directories will not be created.
bfdlibdir =

View file

@ -1,28 +0,0 @@
--- ./bfd/bfd-in2.h.orig 2013-02-27 14:28:03.000000000 -0600
+++ ./bfd/bfd-in2.h 2013-04-02 15:57:44.847202021 -0500
@@ -32,11 +32,6 @@
#ifndef __BFD_H_SEEN__
#define __BFD_H_SEEN__
-/* PR 14072: Ensure that config.h is included first. */
-#if !defined PACKAGE && !defined PACKAGE_VERSION
-#error config.h must be included before this header
-#endif
-
#ifdef __cplusplus
extern "C" {
#endif
--- ./bfd/bfd-in.h.orig 2013-02-27 14:28:03.000000000 -0600
+++ ./bfd/bfd-in.h 2013-04-02 15:57:44.846202021 -0500
@@ -25,11 +25,6 @@
#ifndef __BFD_H_SEEN__
#define __BFD_H_SEEN__
-/* PR 14072: Ensure that config.h is included first. */
-#if !defined PACKAGE && !defined PACKAGE_VERSION
-#error config.h must be included before this header
-#endif
-
#ifdef __cplusplus
extern "C" {
#endif

View file

@ -1,164 +0,0 @@
#!/bin/sh
# Copyright (C) 2002, 2005 Slackware Linux, Inc.
# Copyright 2005, 2006, 2007, 2011, 2012, 2018 Patrick J. Volkerding, Sebeka, Minnesota, USA
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# Swap glibc on the fly.
#
# If we're on a running system we have to handle this _very_ carefully. :-)
# The tricks involved here get trickier every time...
# OK, now we have to be sure of a few things. First, you do have a 2.6
# kernel running, right?
if [ -r /proc/ksyms ]; then
echo "FATAL: you need to be running a 2.6.x kernel in order to upgrade"
echo "to this version of glibc."
echo
sleep 999
exit 1
fi
# Next, stop using the /lib/ntpl libraries. These are now obsolete and
# will break the installation if present:
if [ -d lib/tls ]; then
mkdir -p lib/obsolete
mv lib/tls lib/obsolete
fi
if [ -x sbin/ldconfig ]; then
sbin/ldconfig -r . 2> /dev/null
fi
# Install NPTL glibc libraries:
if [ -x /sbin/ldconfig -a -d lib/incoming ]; then # swap on the fly
# Try to protect with flock against another installpkg/removepkg running
# ldconfig while we're doing the on-the-fly install:
mkdir -p run/lock/pkgtools
( flock 9 || exit 11
# First create copies of the incoming libraries:
( cd lib/incoming
for file in * ; do
if [ ! -r ../${file}.incoming ]; then
cp -a $file ../${file}.incoming
fi
done
)
# Then switch to them all at once:
/sbin/ldconfig -l lib/*.incoming 2> /dev/null
# Remove old versions of the glibc libraries. If you really don't want to
# do this for some reason, create a file /etc/glibc-nowipe.
if [ ! -r etc/glibc-nowipe ]; then
( cd lib
for INCOMING in incoming/*-* ; do
LIBPREFIX=$(basename $INCOMING | cut -f 1 -d -)
for LIBRARY in ${LIBPREFIX}-* ; do
# Don't remove the library if it ends in .incoming:
if [ "$(echo $LIBRARY | rev | cut -f 1 -d .)" = "gnimocni" ]; then
continue
fi
# Don't remove symlinks:
if [ -L $LIBRARY ]; then
continue
fi
rm -f $LIBRARY
done
done
)
fi
# Finally, rename them and clean up:
( cd lib
for file in *.incoming ; do
rm -f `basename $file .incoming`
cp -a $file `basename $file .incoming`
/sbin/ldconfig -l `basename $file .incoming` 2> /dev/null
rm -f $file
done
)
) 9> run/lock/pkgtools/ldconfig.lock
else # no ldconfig? This is a broken situation, but we will do what we can:
( cd lib/incoming
for file in * ; do
cp -a $file ..
done
)
fi
# Now, get rid of the temporary directory:
rm -rf lib/incoming
# Done installing NPTL glibc libraries.
# Handle config files:
config() {
NEW="$1"
OLD="$(dirname $NEW)/$(basename $NEW .new)"
# If there's no config file by that name, mv it over:
if [ ! -r $OLD ]; then
mv $NEW $OLD
elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then # toss the redundant copy
rm $NEW
fi
# Otherwise, we leave the .new copy for the admin to consider...
}
config etc/nscd.conf.new
config etc/profile.d/glibc.csh.new
config etc/profile.d/glibc.sh.new
# Clearly you already decided this issue. :-)
rm -f etc/profile.d/glibc.csh.new
rm -f etc/profile.d/glibc.sh.new
# This block below *should* be dead code, but it's probably safer to leave it
# here as a fallback. It no longer has complete coverage of all the links
# that would be needed in /lib${LIBDIRSUFFIX}, but it covers enough that if
# we did fall back on this the machine would boot until it reached the boot
# time call to ldconfig, which would then take care of any missing links.
# In case there's no ldconfig, make the links manually:
if [ ! -x /sbin/ldconfig ]; then
( cd lib ; rm -rf libnss_nis.so.2 )
( cd lib ; ln -sf libnss_nis-@@VERSION@@.so libnss_nis.so.2 )
( cd lib ; rm -rf libm.so.6 )
( cd lib ; ln -sf libm-@@VERSION@@.so libm.so.6 )
( cd lib ; rm -rf libnss_files.so.2 )
( cd lib ; ln -sf libnss_files-@@VERSION@@.so libnss_files.so.2 )
( cd lib ; rm -rf libresolv.so.2 )
( cd lib ; ln -sf libresolv-@@VERSION@@.so libresolv.so.2 )
( cd lib ; rm -rf libnsl.so.1 )
( cd lib ; ln -sf libnsl-@@VERSION@@.so libnsl.so.1 )
( cd lib ; rm -rf libutil.so.1 )
( cd lib ; ln -sf libutil-@@VERSION@@.so libutil.so.1 )
( cd lib ; rm -rf libnss_compat.so.2 )
( cd lib ; ln -sf libnss_compat-@@VERSION@@.so libnss_compat.so.2 )
( cd lib ; rm -rf libthread_db.so.1 )
( cd lib ; ln -sf libthread_db-1.0.so libthread_db.so.1 )
( cd lib ; rm -rf libnss_hesiod.so.2 )
( cd lib ; ln -sf libnss_hesiod-@@VERSION@@.so libnss_hesiod.so.2 )
( cd lib ; rm -rf libanl.so.1 )
( cd lib ; ln -sf libanl-@@VERSION@@.so libanl.so.1 )
( cd lib ; rm -rf libcrypt.so.1 )
( cd lib ; ln -sf libcrypt-@@VERSION@@.so libcrypt.so.1 )
( cd lib ; rm -rf libBrokenLocale.so.1 )
( cd lib ; ln -sf libBrokenLocale-@@VERSION@@.so libBrokenLocale.so.1 )
( cd lib ; rm -rf ld-linux.so.2 )
( cd lib ; ln -sf ld-@@VERSION@@.so ld-linux.so.2 )
( cd lib ; rm -rf libdl.so.2 )
( cd lib ; ln -sf libdl-@@VERSION@@.so libdl.so.2 )
( cd lib ; rm -rf libnss_dns.so.2 )
( cd lib ; ln -sf libnss_dns-@@VERSION@@.so libnss_dns.so.2 )
( cd lib ; rm -rf libpthread.so.0 )
( cd lib ; ln -sf libpthread-@@VERSION@@.so libpthread.so.0 )
( cd lib ; rm -rf libnss_nisplus.so.2 )
( cd lib ; ln -sf libnss_nisplus-@@VERSION@@.so libnss_nisplus.so.2 )
( cd lib ; rm -rf libc.so.6 )
( cd lib ; ln -sf libc-@@VERSION@@.so libc.so.6 )
( cd lib ; rm -rf librt.so.1 )
( cd lib ; ln -sf librt-@@VERSION@@.so librt.so.1 )
fi
# More links:

View file

@ -1,161 +0,0 @@
#!/bin/sh
# Copyright (C) 2002, 2005 Slackware Linux, Inc.
# Copyright 2005, 2006, 2011, 2012, 2018 Patrick J. Volkerding, Sebeka, Minnesota, USA
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# Swap glibc on the fly.
#
# If we're on a running system we have to handle this _very_ carefully. :-)
# The tricks involved here get trickier every time...
# OK, now we have to be sure of a few things. First, you do have a 2.6
# kernel running, right?
if [ -r /proc/ksyms ]; then
echo "FATAL: you need to be running a 2.6.x kernel in order to upgrade"
echo "to this version of glibc."
echo
sleep 999
exit 1
fi
# Next, stop using the /lib/ntpl libraries. These are now obsolete and
# will break the installation if present:
if [ -d lib/tls ]; then
mkdir -p lib/obsolete
mv lib/tls lib/obsolete
fi
if [ -x sbin/ldconfig ]; then
sbin/ldconfig -r . 2> /dev/null
fi
# Install NPTL glibc libraries:
if [ -x /sbin/ldconfig -a -d lib/incoming ]; then # swap on the fly
# Try to protect with flock against another installpkg/removepkg running
# ldconfig while we're doing the on-the-fly install:
mkdir -p run/lock/pkgtools
( flock 9 || exit 11
# First create copies of the incoming libraries:
( cd lib/incoming
for file in * ; do
if [ ! -r ../${file}.incoming ]; then
cp -a $file ../${file}.incoming
fi
done
)
# Then switch to them all at once:
/sbin/ldconfig -l lib/*.incoming 2> /dev/null
# Remove old versions of the glibc libraries. If you really don't want to
# do this for some reason, create a file /etc/glibc-nowipe.
if [ ! -r etc/glibc-nowipe ]; then
( cd lib
for INCOMING in incoming/*-* ; do
LIBPREFIX=$(basename $INCOMING | cut -f 1 -d -)
for LIBRARY in ${LIBPREFIX}-* ; do
# Don't remove the library if it ends in .incoming:
if [ "$(echo $LIBRARY | rev | cut -f 1 -d .)" = "gnimocni" ]; then
continue
fi
# Don't remove symlinks:
if [ -L $LIBRARY ]; then
continue
fi
rm -f $LIBRARY
done
done
)
fi
# Finally, rename them and clean up:
( cd lib
for file in *.incoming ; do
rm -f `basename $file .incoming`
cp -a $file `basename $file .incoming`
/sbin/ldconfig -l `basename $file .incoming` 2> /dev/null
rm -f $file
done
)
) 9> run/lock/pkgtools/ldconfig.lock
else # no ldconfig? This is a broken situation, but we will do what we can:
( cd lib/incoming
for file in * ; do
cp -a $file ..
done
)
fi
# Now, get rid of the temporary directory:
rm -rf lib/incoming
# Done installing NPTL glibc libraries.
# Handle config files:
config() {
NEW="$1"
OLD="$(dirname $NEW)/$(basename $NEW .new)"
# If there's no config file by that name, mv it over:
if [ ! -r $OLD ]; then
mv $NEW $OLD
elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then # toss the redundant copy
rm $NEW
fi
# Otherwise, we leave the .new copy for the admin to consider...
}
config etc/profile.d/glibc.csh.new
config etc/profile.d/glibc.sh.new
# Clearly you already decided this issue. :-)
rm -f etc/profile.d/glibc.csh.new
rm -f etc/profile.d/glibc.sh.new
# This block below *should* be dead code, but it's probably safer to leave it
# here as a fallback. It no longer has complete coverage of all the links
# that would be needed in /lib${LIBDIRSUFFIX}, but it covers enough that if
# we did fall back on this the machine would boot until it reached the boot
# time call to ldconfig, which would then take care of any missing links.
if [ ! -x /sbin/ldconfig ]; then
( cd lib ; rm -rf libnss_nis.so.2 )
( cd lib ; ln -sf libnss_nis-@@VERSION@@.so libnss_nis.so.2 )
( cd lib ; rm -rf libm.so.6 )
( cd lib ; ln -sf libm-@@VERSION@@.so libm.so.6 )
( cd lib ; rm -rf libnss_files.so.2 )
( cd lib ; ln -sf libnss_files-@@VERSION@@.so libnss_files.so.2 )
( cd lib ; rm -rf libresolv.so.2 )
( cd lib ; ln -sf libresolv-@@VERSION@@.so libresolv.so.2 )
( cd lib ; rm -rf libnsl.so.1 )
( cd lib ; ln -sf libnsl-@@VERSION@@.so libnsl.so.1 )
( cd lib ; rm -rf libutil.so.1 )
( cd lib ; ln -sf libutil-@@VERSION@@.so libutil.so.1 )
( cd lib ; rm -rf libnss_compat.so.2 )
( cd lib ; ln -sf libnss_compat-@@VERSION@@.so libnss_compat.so.2 )
( cd lib ; rm -rf libthread_db.so.1 )
( cd lib ; ln -sf libthread_db-1.0.so libthread_db.so.1 )
( cd lib ; rm -rf libnss_hesiod.so.2 )
( cd lib ; ln -sf libnss_hesiod-@@VERSION@@.so libnss_hesiod.so.2 )
( cd lib ; rm -rf libanl.so.1 )
( cd lib ; ln -sf libanl-@@VERSION@@.so libanl.so.1 )
( cd lib ; rm -rf libcrypt.so.1 )
( cd lib ; ln -sf libcrypt-@@VERSION@@.so libcrypt.so.1 )
( cd lib ; rm -rf libBrokenLocale.so.1 )
( cd lib ; ln -sf libBrokenLocale-@@VERSION@@.so libBrokenLocale.so.1 )
( cd lib ; rm -rf ld-linux.so.2 )
( cd lib ; ln -sf ld-@@VERSION@@.so ld-linux.so.2 )
( cd lib ; rm -rf libdl.so.2 )
( cd lib ; ln -sf libdl-@@VERSION@@.so libdl.so.2 )
( cd lib ; rm -rf libnss_dns.so.2 )
( cd lib ; ln -sf libnss_dns-@@VERSION@@.so libnss_dns.so.2 )
( cd lib ; rm -rf libpthread.so.0 )
( cd lib ; ln -sf libpthread-@@VERSION@@.so libpthread.so.0 )
( cd lib ; rm -rf libnss_nisplus.so.2 )
( cd lib ; ln -sf libnss_nisplus-@@VERSION@@.so libnss_nisplus.so.2 )
( cd lib ; rm -rf libc.so.6 )
( cd lib ; ln -sf libc-@@VERSION@@.so libc.so.6 )
( cd lib ; rm -rf librt.so.1 )
( cd lib ; ln -sf librt-@@VERSION@@.so librt.so.1 )
fi

Some files were not shown because too many files have changed in this diff Show more