Tue Jan 21 21:23:01 UTC 2020

a/aaa_elflibs-15.0-x86_64-19.txz:  Rebuilt.
  Upgraded:  libcap.so.2.31, libgmp.so.10.4.0, libgmpxx.so.4.6.0.
  Added:  libgssapi_krb5.so.2.2, libk5crypto.so.3.1, libkrb5.so.3.3,
  libkrb5support.so.0.1.
a/util-linux-2.35-x86_64-1.txz:  Upgraded.
d/python-pip-20.0.1-x86_64-1.txz:  Upgraded.
l/Mako-1.1.1-x86_64-1.txz:  Upgraded.
l/keyutils-1.6.1-x86_64-1.txz:  Upgraded.
n/krb5-1.17-x86_64-1.txz:  Added.
  Nothing links to this yet, but we'll need it soon enough. :-)
n/php-7.4.2-x86_64-1.txz:  Upgraded.
  This update fixes bugs and security issues:
  Standard: OOB read in php_strip_tags_ex
  Mbstring: global buffer-overflow in 'mbfl_filt_conv_big5_wchar'
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7059
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7060
  (* Security fix *)
n/samba-4.11.5-x86_64-1.txz:  Upgraded.
  This update fixes the following security issues:
  Replication of ACLs set to inherit down a subtree on AD Directory
  not automatic.
  Crash after failed character conversion at log level 3 or above.
  Use after free during DNS zone scavenging in Samba AD DC.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14902
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14907
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19344
  (* Security fix *)
xap/gparted-1.1.0-x86_64-1.txz:  Upgraded.
This commit is contained in:
Patrick J Volkerding 2020-01-21 21:23:01 +00:00 committed by Eric Hameleers
parent ad9f88ee03
commit f6348b0bc1
41 changed files with 3266 additions and 126 deletions

View file

@ -11,9 +11,49 @@
<description>Tracking Slackware development in git.</description>
<language>en-us</language>
<id xmlns="http://www.w3.org/2005/Atom">urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f</id>
<pubDate>Mon, 20 Jan 2020 22:37:58 GMT</pubDate>
<lastBuildDate>Tue, 21 Jan 2020 07:59:42 GMT</lastBuildDate>
<pubDate>Tue, 21 Jan 2020 21:23:01 GMT</pubDate>
<lastBuildDate>Tue, 21 Jan 2020 22:32:49 GMT</lastBuildDate>
<generator>maintain_current_git.sh v 1.11</generator>
<item>
<title>Tue, 21 Jan 2020 21:23:01 GMT</title>
<pubDate>Tue, 21 Jan 2020 21:23:01 GMT</pubDate>
<link>https://git.slackware.nl/current/tag/?h=20200121212301</link>
<guid isPermaLink="false">20200121212301</guid>
<description>
<![CDATA[<pre>
a/aaa_elflibs-15.0-x86_64-19.txz: Rebuilt.
Upgraded: libcap.so.2.31, libgmp.so.10.4.0, libgmpxx.so.4.6.0.
Added: libgssapi_krb5.so.2.2, libk5crypto.so.3.1, libkrb5.so.3.3,
libkrb5support.so.0.1.
a/util-linux-2.35-x86_64-1.txz: Upgraded.
d/python-pip-20.0.1-x86_64-1.txz: Upgraded.
l/Mako-1.1.1-x86_64-1.txz: Upgraded.
l/keyutils-1.6.1-x86_64-1.txz: Upgraded.
n/krb5-1.17-x86_64-1.txz: Added.
Nothing links to this yet, but we'll need it soon enough. :-)
n/php-7.4.2-x86_64-1.txz: Upgraded.
This update fixes bugs and security issues:
Standard: OOB read in php_strip_tags_ex
Mbstring: global buffer-overflow in 'mbfl_filt_conv_big5_wchar'
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7059
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7060
(* Security fix *)
n/samba-4.11.5-x86_64-1.txz: Upgraded.
This update fixes the following security issues:
Replication of ACLs set to inherit down a subtree on AD Directory
not automatic.
Crash after failed character conversion at log level 3 or above.
Use after free during DNS zone scavenging in Samba AD DC.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14902
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14907
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19344
(* Security fix *)
xap/gparted-1.1.0-x86_64-1.txz: Upgraded.
</pre>]]>
</description>
</item>
<item>
<title>Mon, 20 Jan 2020 22:37:58 GMT</title>
<pubDate>Mon, 20 Jan 2020 22:37:58 GMT</pubDate>

View file

@ -1,3 +1,35 @@
Tue Jan 21 21:23:01 UTC 2020
a/aaa_elflibs-15.0-x86_64-19.txz: Rebuilt.
Upgraded: libcap.so.2.31, libgmp.so.10.4.0, libgmpxx.so.4.6.0.
Added: libgssapi_krb5.so.2.2, libk5crypto.so.3.1, libkrb5.so.3.3,
libkrb5support.so.0.1.
a/util-linux-2.35-x86_64-1.txz: Upgraded.
d/python-pip-20.0.1-x86_64-1.txz: Upgraded.
l/Mako-1.1.1-x86_64-1.txz: Upgraded.
l/keyutils-1.6.1-x86_64-1.txz: Upgraded.
n/krb5-1.17-x86_64-1.txz: Added.
Nothing links to this yet, but we'll need it soon enough. :-)
n/php-7.4.2-x86_64-1.txz: Upgraded.
This update fixes bugs and security issues:
Standard: OOB read in php_strip_tags_ex
Mbstring: global buffer-overflow in 'mbfl_filt_conv_big5_wchar'
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7059
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7060
(* Security fix *)
n/samba-4.11.5-x86_64-1.txz: Upgraded.
This update fixes the following security issues:
Replication of ACLs set to inherit down a subtree on AD Directory
not automatic.
Crash after failed character conversion at log level 3 or above.
Use after free during DNS zone scavenging in Samba AD DC.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14902
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14907
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19344
(* Security fix *)
xap/gparted-1.1.0-x86_64-1.txz: Upgraded.
+--------------------------+
Mon Jan 20 22:37:58 UTC 2020
a/aaa_terminfo-6.1_20200118-x86_64-1.txz: Upgraded.
d/make-4.3-x86_64-1.txz: Upgraded.

View file

@ -1,20 +1,20 @@
Mon Jan 20 22:53:31 UTC 2020
Tue Jan 21 21:35:13 UTC 2020
Here is the file list for this directory. If you are using a
mirror site and find missing or extra files in the disk
subdirectories, please have the archive administrator refresh
the mirror.
drwxr-xr-x 12 root root 4096 2020-01-20 22:37 .
drwxr-xr-x 12 root root 4096 2020-01-21 21:23 .
-rw-r--r-- 1 root root 10064 2016-06-30 18:39 ./ANNOUNCE.14_2
-rw-r--r-- 1 root root 14866 2020-01-13 18:53 ./CHANGES_AND_HINTS.TXT
-rw-r--r-- 1 root root 930984 2020-01-19 19:42 ./CHECKSUMS.md5
-rw-r--r-- 1 root root 163 2020-01-19 19:42 ./CHECKSUMS.md5.asc
-rw-r--r-- 1 root root 930647 2020-01-20 22:54 ./CHECKSUMS.md5
-rw-r--r-- 1 root root 163 2020-01-20 22:54 ./CHECKSUMS.md5.asc
-rw-r--r-- 1 root root 17976 1994-06-10 02:28 ./COPYING
-rw-r--r-- 1 root root 35147 2007-06-30 04:21 ./COPYING3
-rw-r--r-- 1 root root 19573 2016-06-23 20:08 ./COPYRIGHT.TXT
-rw-r--r-- 1 root root 616 2006-10-02 04:37 ./CRYPTO_NOTICE.TXT
-rw-r--r-- 1 root root 782206 2020-01-20 22:37 ./ChangeLog.txt
-rw-r--r-- 1 root root 783699 2020-01-21 21:23 ./ChangeLog.txt
drwxr-xr-x 3 root root 4096 2013-03-20 22:17 ./EFI
drwxr-xr-x 2 root root 4096 2020-01-18 05:12 ./EFI/BOOT
-rw-r--r-- 1 root root 1417216 2019-07-05 18:54 ./EFI/BOOT/bootx64.efi
@ -25,9 +25,9 @@ drwxr-xr-x 2 root root 4096 2020-01-18 05:12 ./EFI/BOOT
-rwxr-xr-x 1 root root 2504 2019-07-05 18:54 ./EFI/BOOT/make-grub.sh
-rw-r--r-- 1 root root 10722 2013-09-21 19:02 ./EFI/BOOT/osdetect.cfg
-rw-r--r-- 1 root root 1273 2013-08-12 21:08 ./EFI/BOOT/tools.cfg
-rw-r--r-- 1 root root 1223844 2020-01-19 19:42 ./FILELIST.TXT
-rw-r--r-- 1 root root 1223439 2020-01-20 22:53 ./FILELIST.TXT
-rw-r--r-- 1 root root 1572 2012-08-29 18:27 ./GPG-KEY
-rw-r--r-- 1 root root 734599 2020-01-20 22:51 ./PACKAGES.TXT
-rw-r--r-- 1 root root 735064 2020-01-21 21:33 ./PACKAGES.TXT
-rw-r--r-- 1 root root 8564 2016-06-28 21:33 ./README.TXT
-rw-r--r-- 1 root root 3629 2020-01-18 04:47 ./README.initrd
-rw-r--r-- 1 root root 34412 2017-12-01 17:44 ./README_CRYPT.TXT
@ -830,19 +830,19 @@ drwxr-xr-x 2 root root 4096 2012-09-20 18:06 ./patches
-rw-r--r-- 1 root root 575 2012-09-20 18:06 ./patches/FILE_LIST
-rw-r--r-- 1 root root 14 2012-09-20 18:06 ./patches/MANIFEST.bz2
-rw-r--r-- 1 root root 224 2012-09-20 18:06 ./patches/PACKAGES.TXT
drwxr-xr-x 18 root root 4096 2020-01-20 22:52 ./slackware64
-rw-r--r-- 1 root root 291208 2020-01-20 22:52 ./slackware64/CHECKSUMS.md5
-rw-r--r-- 1 root root 163 2020-01-20 22:52 ./slackware64/CHECKSUMS.md5.asc
-rw-r--r-- 1 root root 362724 2020-01-20 22:49 ./slackware64/FILE_LIST
-rw-r--r-- 1 root root 3693334 2020-01-20 22:50 ./slackware64/MANIFEST.bz2
drwxr-xr-x 18 root root 4096 2020-01-21 21:33 ./slackware64
-rw-r--r-- 1 root root 291401 2020-01-21 21:33 ./slackware64/CHECKSUMS.md5
-rw-r--r-- 1 root root 163 2020-01-21 21:33 ./slackware64/CHECKSUMS.md5.asc
-rw-r--r-- 1 root root 362962 2020-01-21 21:31 ./slackware64/FILE_LIST
-rw-r--r-- 1 root root 3693801 2020-01-21 21:31 ./slackware64/MANIFEST.bz2
lrwxrwxrwx 1 root root 15 2009-08-23 23:34 ./slackware64/PACKAGES.TXT -> ../PACKAGES.TXT
drwxr-xr-x 2 root root 28672 2020-01-20 22:49 ./slackware64/a
drwxr-xr-x 2 root root 28672 2020-01-21 21:30 ./slackware64/a
-rw-r--r-- 1 root root 327 2018-06-24 18:44 ./slackware64/a/aaa_base-14.2-x86_64-5.txt
-rw-r--r-- 1 root root 10820 2018-06-24 18:44 ./slackware64/a/aaa_base-14.2-x86_64-5.txz
-rw-r--r-- 1 root root 163 2018-06-24 18:44 ./slackware64/a/aaa_base-14.2-x86_64-5.txz.asc
-rw-r--r-- 1 root root 471 2020-01-11 21:13 ./slackware64/a/aaa_elflibs-15.0-x86_64-18.txt
-rw-r--r-- 1 root root 8062532 2020-01-11 21:13 ./slackware64/a/aaa_elflibs-15.0-x86_64-18.txz
-rw-r--r-- 1 root root 163 2020-01-11 21:13 ./slackware64/a/aaa_elflibs-15.0-x86_64-18.txz.asc
-rw-r--r-- 1 root root 471 2020-01-21 18:54 ./slackware64/a/aaa_elflibs-15.0-x86_64-19.txt
-rw-r--r-- 1 root root 8492444 2020-01-21 18:54 ./slackware64/a/aaa_elflibs-15.0-x86_64-19.txz
-rw-r--r-- 1 root root 163 2020-01-21 18:54 ./slackware64/a/aaa_elflibs-15.0-x86_64-19.txz.asc
-rw-r--r-- 1 root root 503 2020-01-20 22:36 ./slackware64/a/aaa_terminfo-6.1_20200118-x86_64-1.txt
-rw-r--r-- 1 root root 49360 2020-01-20 22:36 ./slackware64/a/aaa_terminfo-6.1_20200118-x86_64-1.txz
-rw-r--r-- 1 root root 163 2020-01-20 22:36 ./slackware64/a/aaa_terminfo-6.1_20200118-x86_64-1.txz.asc
@ -1172,9 +1172,9 @@ drwxr-xr-x 2 root root 28672 2020-01-20 22:49 ./slackware64/a
-rw-r--r-- 1 root root 350 2018-04-13 13:13 ./slackware64/a/utempter-1.1.6-x86_64-3.txt
-rw-r--r-- 1 root root 15656 2018-04-13 13:13 ./slackware64/a/utempter-1.1.6-x86_64-3.txz
-rw-r--r-- 1 root root 163 2018-04-13 13:13 ./slackware64/a/utempter-1.1.6-x86_64-3.txz.asc
-rw-r--r-- 1 root root 344 2019-12-30 01:02 ./slackware64/a/util-linux-2.34-x86_64-2.txt
-rw-r--r-- 1 root root 2528416 2019-12-30 01:02 ./slackware64/a/util-linux-2.34-x86_64-2.txz
-rw-r--r-- 1 root root 163 2019-12-30 01:02 ./slackware64/a/util-linux-2.34-x86_64-2.txz.asc
-rw-r--r-- 1 root root 354 2020-01-21 18:11 ./slackware64/a/util-linux-2.35-x86_64-1.txt
-rw-r--r-- 1 root root 2611916 2020-01-21 18:11 ./slackware64/a/util-linux-2.35-x86_64-1.txz
-rw-r--r-- 1 root root 163 2020-01-21 18:11 ./slackware64/a/util-linux-2.35-x86_64-1.txz.asc
-rw-r--r-- 1 root root 579 2018-04-13 13:14 ./slackware64/a/which-2.21-x86_64-2.txt
-rw-r--r-- 1 root root 29812 2018-04-13 13:14 ./slackware64/a/which-2.21-x86_64-2.txz
-rw-r--r-- 1 root root 163 2018-04-13 13:14 ./slackware64/a/which-2.21-x86_64-2.txz.asc
@ -1433,7 +1433,7 @@ drwxr-xr-x 2 root root 20480 2020-01-19 19:38 ./slackware64/ap
-rw-r--r-- 1 root root 506 2020-01-07 20:18 ./slackware64/ap/zsh-5.7.1-x86_64-2.txt
-rw-r--r-- 1 root root 3000108 2020-01-07 20:18 ./slackware64/ap/zsh-5.7.1-x86_64-2.txz
-rw-r--r-- 1 root root 163 2020-01-07 20:18 ./slackware64/ap/zsh-5.7.1-x86_64-2.txz.asc
drwxr-xr-x 2 root root 20480 2020-01-20 22:49 ./slackware64/d
drwxr-xr-x 2 root root 20480 2020-01-21 21:30 ./slackware64/d
-rw-r--r-- 1 root root 360 2019-12-30 00:49 ./slackware64/d/Cython-0.29.14-x86_64-2.txt
-rw-r--r-- 1 root root 3295652 2019-12-30 00:49 ./slackware64/d/Cython-0.29.14-x86_64-2.txz
-rw-r--r-- 1 root root 163 2019-12-30 00:49 ./slackware64/d/Cython-0.29.14-x86_64-2.txz.asc
@ -1591,9 +1591,9 @@ drwxr-xr-x 2 root root 20480 2020-01-20 22:49 ./slackware64/d
-rw-r--r-- 1 root root 436 2019-12-20 19:53 ./slackware64/d/python-2.7.17-x86_64-2.txt
-rw-r--r-- 1 root root 13030944 2019-12-20 19:53 ./slackware64/d/python-2.7.17-x86_64-2.txz
-rw-r--r-- 1 root root 163 2019-12-20 19:53 ./slackware64/d/python-2.7.17-x86_64-2.txz.asc
-rw-r--r-- 1 root root 270 2019-12-30 00:49 ./slackware64/d/python-pip-19.3.1-x86_64-2.txt
-rw-r--r-- 1 root root 2209780 2019-12-30 00:49 ./slackware64/d/python-pip-19.3.1-x86_64-2.txz
-rw-r--r-- 1 root root 163 2019-12-30 00:49 ./slackware64/d/python-pip-19.3.1-x86_64-2.txz.asc
-rw-r--r-- 1 root root 270 2020-01-21 17:57 ./slackware64/d/python-pip-20.0.1-x86_64-1.txt
-rw-r--r-- 1 root root 2245164 2020-01-21 17:57 ./slackware64/d/python-pip-20.0.1-x86_64-1.txz
-rw-r--r-- 1 root root 163 2020-01-21 17:57 ./slackware64/d/python-pip-20.0.1-x86_64-1.txz.asc
-rw-r--r-- 1 root root 562 2020-01-20 19:35 ./slackware64/d/python-setuptools-45.1.0-x86_64-1.txt
-rw-r--r-- 1 root root 688028 2020-01-20 19:35 ./slackware64/d/python-setuptools-45.1.0-x86_64-1.txz
-rw-r--r-- 1 root root 163 2020-01-20 19:35 ./slackware64/d/python-setuptools-45.1.0-x86_64-1.txz.asc
@ -2504,7 +2504,7 @@ drwxr-xr-x 2 root root 20480 2016-03-10 03:11 ./slackware64/kdei
-rw-r--r-- 1 root root 7544 2018-03-01 07:54 ./slackware64/kdei/maketag
-rw-r--r-- 1 root root 7544 2018-03-01 07:54 ./slackware64/kdei/maketag.ez
-rw-r--r-- 1 root root 1500 2018-03-01 07:54 ./slackware64/kdei/tagfile
drwxr-xr-x 2 root root 69632 2020-01-20 22:49 ./slackware64/l
drwxr-xr-x 2 root root 69632 2020-01-21 21:30 ./slackware64/l
-rw-r--r-- 1 root root 338 2018-04-13 14:13 ./slackware64/l/ConsoleKit2-1.0.0-x86_64-4.txt
-rw-r--r-- 1 root root 149752 2018-04-13 14:13 ./slackware64/l/ConsoleKit2-1.0.0-x86_64-4.txz
-rw-r--r-- 1 root root 163 2018-04-13 14:13 ./slackware64/l/ConsoleKit2-1.0.0-x86_64-4.txz.asc
@ -2517,9 +2517,9 @@ drwxr-xr-x 2 root root 69632 2020-01-20 22:49 ./slackware64/l
-rw-r--r-- 1 root root 569 2019-07-12 18:38 ./slackware64/l/M2Crypto-0.35.2-x86_64-2.txt
-rw-r--r-- 1 root root 731408 2019-07-12 18:38 ./slackware64/l/M2Crypto-0.35.2-x86_64-2.txz
-rw-r--r-- 1 root root 163 2019-07-12 18:38 ./slackware64/l/M2Crypto-0.35.2-x86_64-2.txz.asc
-rw-r--r-- 1 root root 477 2019-12-30 01:02 ./slackware64/l/Mako-1.1.0-x86_64-2.txt
-rw-r--r-- 1 root root 160748 2019-12-30 01:02 ./slackware64/l/Mako-1.1.0-x86_64-2.txz
-rw-r--r-- 1 root root 163 2019-12-30 01:02 ./slackware64/l/Mako-1.1.0-x86_64-2.txz.asc
-rw-r--r-- 1 root root 477 2020-01-21 17:56 ./slackware64/l/Mako-1.1.1-x86_64-1.txt
-rw-r--r-- 1 root root 160896 2020-01-21 17:56 ./slackware64/l/Mako-1.1.1-x86_64-1.txz
-rw-r--r-- 1 root root 163 2020-01-21 17:56 ./slackware64/l/Mako-1.1.1-x86_64-1.txz.asc
-rw-r--r-- 1 root root 268 2019-12-30 01:12 ./slackware64/l/PyQt-4.12.3-x86_64-2.txt
-rw-r--r-- 1 root root 10053004 2019-12-30 01:12 ./slackware64/l/PyQt-4.12.3-x86_64-2.txz
-rw-r--r-- 1 root root 163 2019-12-30 01:12 ./slackware64/l/PyQt-4.12.3-x86_64-2.txz.asc
@ -2867,9 +2867,9 @@ drwxr-xr-x 2 root root 69632 2020-01-20 22:49 ./slackware64/l
-rw-r--r-- 1 root root 340 2018-04-13 14:53 ./slackware64/l/keybinder-0.3.1-x86_64-2.txt
-rw-r--r-- 1 root root 34060 2018-04-13 14:53 ./slackware64/l/keybinder-0.3.1-x86_64-2.txz
-rw-r--r-- 1 root root 163 2018-04-13 14:53 ./slackware64/l/keybinder-0.3.1-x86_64-2.txz.asc
-rw-r--r-- 1 root root 412 2019-11-25 18:33 ./slackware64/l/keyutils-1.6-x86_64-2.txt
-rw-r--r-- 1 root root 79976 2019-11-25 18:33 ./slackware64/l/keyutils-1.6-x86_64-2.txz
-rw-r--r-- 1 root root 163 2019-11-25 18:33 ./slackware64/l/keyutils-1.6-x86_64-2.txz.asc
-rw-r--r-- 1 root root 412 2020-01-21 17:44 ./slackware64/l/keyutils-1.6.1-x86_64-1.txt
-rw-r--r-- 1 root root 83984 2020-01-21 17:44 ./slackware64/l/keyutils-1.6.1-x86_64-1.txz
-rw-r--r-- 1 root root 163 2020-01-21 17:44 ./slackware64/l/keyutils-1.6.1-x86_64-1.txz.asc
-rw-r--r-- 1 root root 317 2018-04-13 14:53 ./slackware64/l/lame-3.100-x86_64-2.txt
-rw-r--r-- 1 root root 270272 2018-04-13 14:53 ./slackware64/l/lame-3.100-x86_64-2.txz
-rw-r--r-- 1 root root 163 2018-04-13 14:53 ./slackware64/l/lame-3.100-x86_64-2.txz.asc
@ -3476,7 +3476,7 @@ drwxr-xr-x 2 root root 69632 2020-01-20 22:49 ./slackware64/l
-rw-r--r-- 1 root root 463 2019-12-29 18:55 ./slackware64/l/zstd-1.4.4-x86_64-2.txt
-rw-r--r-- 1 root root 405812 2019-12-29 18:55 ./slackware64/l/zstd-1.4.4-x86_64-2.txz
-rw-r--r-- 1 root root 163 2019-12-29 18:55 ./slackware64/l/zstd-1.4.4-x86_64-2.txz.asc
drwxr-xr-x 2 root root 36864 2020-01-20 22:49 ./slackware64/n
drwxr-xr-x 2 root root 36864 2020-01-21 21:31 ./slackware64/n
-rw-r--r-- 1 root root 357 2020-01-14 18:18 ./slackware64/n/ModemManager-1.12.4-x86_64-1.txt
-rw-r--r-- 1 root root 1766548 2020-01-14 18:18 ./slackware64/n/ModemManager-1.12.4-x86_64-1.txz
-rw-r--r-- 1 root root 163 2020-01-14 18:18 ./slackware64/n/ModemManager-1.12.4-x86_64-1.txz.asc
@ -3617,6 +3617,9 @@ drwxr-xr-x 2 root root 36864 2020-01-20 22:49 ./slackware64/n
-rw-r--r-- 1 root root 422 2019-12-05 17:56 ./slackware64/n/iw-5.4-x86_64-1.txt
-rw-r--r-- 1 root root 81100 2019-12-05 17:56 ./slackware64/n/iw-5.4-x86_64-1.txz
-rw-r--r-- 1 root root 163 2019-12-05 17:56 ./slackware64/n/iw-5.4-x86_64-1.txz.asc
-rw-r--r-- 1 root root 304 2020-01-21 18:51 ./slackware64/n/krb5-1.17-x86_64-1.txt
-rw-r--r-- 1 root root 1211536 2020-01-21 18:51 ./slackware64/n/krb5-1.17-x86_64-1.txz
-rw-r--r-- 1 root root 163 2020-01-21 18:51 ./slackware64/n/krb5-1.17-x86_64-1.txz.asc
-rw-r--r-- 1 root root 546 2020-01-16 17:46 ./slackware64/n/lftp-4.9.1-x86_64-1.txt
-rw-r--r-- 1 root root 903664 2020-01-16 17:46 ./slackware64/n/lftp-4.9.1-x86_64-1.txz
-rw-r--r-- 1 root root 163 2020-01-16 17:46 ./slackware64/n/lftp-4.9.1-x86_64-1.txz.asc
@ -3680,8 +3683,8 @@ drwxr-xr-x 2 root root 36864 2020-01-20 22:49 ./slackware64/n
-rw-r--r-- 1 root root 495 2018-11-02 19:41 ./slackware64/n/lynx-2.8.9rel.1-x86_64-1.txt
-rw-r--r-- 1 root root 1739904 2018-11-02 19:41 ./slackware64/n/lynx-2.8.9rel.1-x86_64-1.txz
-rw-r--r-- 1 root root 163 2018-11-02 19:41 ./slackware64/n/lynx-2.8.9rel.1-x86_64-1.txz.asc
-rw-r--r-- 1 root root 11108 2018-11-24 20:17 ./slackware64/n/maketag
-rw-r--r-- 1 root root 11108 2018-11-24 20:17 ./slackware64/n/maketag.ez
-rw-r--r-- 1 root root 11166 2020-01-21 19:31 ./slackware64/n/maketag
-rw-r--r-- 1 root root 11166 2020-01-21 19:31 ./slackware64/n/maketag.ez
-rw-r--r-- 1 root root 416 2018-10-24 20:45 ./slackware64/n/mcabber-1.1.0-x86_64-1.txt
-rw-r--r-- 1 root root 245444 2018-10-24 20:45 ./slackware64/n/mcabber-1.1.0-x86_64-1.txz
-rw-r--r-- 1 root root 163 2018-10-24 20:45 ./slackware64/n/mcabber-1.1.0-x86_64-1.txz.asc
@ -3808,9 +3811,9 @@ drwxr-xr-x 2 root root 36864 2020-01-20 22:49 ./slackware64/n
-rw-r--r-- 1 root root 485 2019-12-20 19:31 ./slackware64/n/p11-kit-0.23.18.1-x86_64-2.txt
-rw-r--r-- 1 root root 441360 2019-12-20 19:31 ./slackware64/n/p11-kit-0.23.18.1-x86_64-2.txz
-rw-r--r-- 1 root root 163 2019-12-20 19:31 ./slackware64/n/p11-kit-0.23.18.1-x86_64-2.txz.asc
-rw-r--r-- 1 root root 374 2019-12-19 00:30 ./slackware64/n/php-7.4.1-x86_64-1.txt
-rw-r--r-- 1 root root 5700044 2019-12-19 00:30 ./slackware64/n/php-7.4.1-x86_64-1.txz
-rw-r--r-- 1 root root 163 2019-12-19 00:30 ./slackware64/n/php-7.4.1-x86_64-1.txz.asc
-rw-r--r-- 1 root root 374 2020-01-21 17:57 ./slackware64/n/php-7.4.2-x86_64-1.txt
-rw-r--r-- 1 root root 5698524 2020-01-21 17:57 ./slackware64/n/php-7.4.2-x86_64-1.txz
-rw-r--r-- 1 root root 163 2020-01-21 17:57 ./slackware64/n/php-7.4.2-x86_64-1.txz.asc
-rw-r--r-- 1 root root 576 2018-05-08 04:25 ./slackware64/n/pidentd-3.0.19-x86_64-4.txt
-rw-r--r-- 1 root root 43000 2018-05-08 04:25 ./slackware64/n/pidentd-3.0.19-x86_64-4.txz
-rw-r--r-- 1 root root 163 2018-05-08 04:25 ./slackware64/n/pidentd-3.0.19-x86_64-4.txz.asc
@ -3850,9 +3853,9 @@ drwxr-xr-x 2 root root 36864 2020-01-20 22:49 ./slackware64/n
-rw-r--r-- 1 root root 443 2019-12-30 20:02 ./slackware64/n/s-nail-14.9.16-x86_64-1.txt
-rw-r--r-- 1 root root 535976 2019-12-30 20:02 ./slackware64/n/s-nail-14.9.16-x86_64-1.txz
-rw-r--r-- 1 root root 163 2019-12-30 20:02 ./slackware64/n/s-nail-14.9.16-x86_64-1.txz.asc
-rw-r--r-- 1 root root 507 2019-12-30 07:09 ./slackware64/n/samba-4.11.4-x86_64-2.txt
-rw-r--r-- 1 root root 12731752 2019-12-30 07:09 ./slackware64/n/samba-4.11.4-x86_64-2.txz
-rw-r--r-- 1 root root 163 2019-12-30 07:09 ./slackware64/n/samba-4.11.4-x86_64-2.txz.asc
-rw-r--r-- 1 root root 507 2020-01-21 18:10 ./slackware64/n/samba-4.11.5-x86_64-1.txt
-rw-r--r-- 1 root root 12733984 2020-01-21 18:10 ./slackware64/n/samba-4.11.5-x86_64-1.txz
-rw-r--r-- 1 root root 163 2020-01-21 18:10 ./slackware64/n/samba-4.11.5-x86_64-1.txz.asc
-rw-r--r-- 1 root root 346 2018-11-08 00:52 ./slackware64/n/slrn-1.0.3a-x86_64-1.txt
-rw-r--r-- 1 root root 470008 2018-11-08 00:52 ./slackware64/n/slrn-1.0.3a-x86_64-1.txz
-rw-r--r-- 1 root root 163 2018-11-08 00:52 ./slackware64/n/slrn-1.0.3a-x86_64-1.txz.asc
@ -3865,7 +3868,7 @@ drwxr-xr-x 2 root root 36864 2020-01-20 22:49 ./slackware64/n
-rw-r--r-- 1 root root 510 2019-11-24 21:00 ./slackware64/n/stunnel-5.56-x86_64-1.txt
-rw-r--r-- 1 root root 185648 2019-11-24 21:00 ./slackware64/n/stunnel-5.56-x86_64-1.txz
-rw-r--r-- 1 root root 163 2019-11-24 21:00 ./slackware64/n/stunnel-5.56-x86_64-1.txz.asc
-rw-r--r-- 1 root root 1896 2018-11-24 20:17 ./slackware64/n/tagfile
-rw-r--r-- 1 root root 1905 2020-01-21 19:31 ./slackware64/n/tagfile
-rw-r--r-- 1 root root 648 2018-04-13 15:54 ./slackware64/n/tcp_wrappers-7.6-x86_64-2.txt
-rw-r--r-- 1 root root 77684 2018-04-13 15:54 ./slackware64/n/tcp_wrappers-7.6-x86_64-2.txz
-rw-r--r-- 1 root root 163 2018-04-13 15:54 ./slackware64/n/tcp_wrappers-7.6-x86_64-2.txz.asc
@ -4817,7 +4820,7 @@ drwxr-xr-x 2 root root 65536 2020-01-19 19:38 ./slackware64/x
-rw-r--r-- 1 root root 213 2018-04-13 06:10 ./slackware64/x/xwud-1.0.5-x86_64-2.txt
-rw-r--r-- 1 root root 25288 2018-04-13 06:10 ./slackware64/x/xwud-1.0.5-x86_64-2.txz
-rw-r--r-- 1 root root 163 2018-04-13 06:10 ./slackware64/x/xwud-1.0.5-x86_64-2.txz.asc
drwxr-xr-x 2 root root 12288 2020-01-20 22:49 ./slackware64/xap
drwxr-xr-x 2 root root 12288 2020-01-21 21:30 ./slackware64/xap
-rw-r--r-- 1 root root 625 2020-01-03 18:37 ./slackware64/xap/MPlayer-20200103-x86_64-1.txt
-rw-r--r-- 1 root root 2730320 2020-01-03 18:37 ./slackware64/xap/MPlayer-20200103-x86_64-1.txz
-rw-r--r-- 1 root root 163 2020-01-03 18:37 ./slackware64/xap/MPlayer-20200103-x86_64-1.txz.asc
@ -4869,9 +4872,9 @@ drwxr-xr-x 2 root root 12288 2020-01-20 22:49 ./slackware64/xap
-rw-r--r-- 1 root root 644 2019-12-02 20:32 ./slackware64/xap/gnuplot-5.2.8-x86_64-1.txt
-rw-r--r-- 1 root root 1406640 2019-12-02 20:32 ./slackware64/xap/gnuplot-5.2.8-x86_64-1.txz
-rw-r--r-- 1 root root 163 2019-12-02 20:32 ./slackware64/xap/gnuplot-5.2.8-x86_64-1.txz.asc
-rw-r--r-- 1 root root 377 2019-05-30 18:47 ./slackware64/xap/gparted-1.0.0-x86_64-1.txt
-rw-r--r-- 1 root root 853344 2019-05-30 18:47 ./slackware64/xap/gparted-1.0.0-x86_64-1.txz
-rw-r--r-- 1 root root 163 2019-05-30 18:47 ./slackware64/xap/gparted-1.0.0-x86_64-1.txz.asc
-rw-r--r-- 1 root root 377 2020-01-21 17:43 ./slackware64/xap/gparted-1.1.0-x86_64-1.txt
-rw-r--r-- 1 root root 862784 2020-01-21 17:43 ./slackware64/xap/gparted-1.1.0-x86_64-1.txz
-rw-r--r-- 1 root root 163 2020-01-21 17:43 ./slackware64/xap/gparted-1.1.0-x86_64-1.txz.asc
-rw-r--r-- 1 root root 209 2019-03-13 17:40 ./slackware64/xap/gucharmap-12.0.1-x86_64-1.txt
-rw-r--r-- 1 root root 2200864 2019-03-13 17:40 ./slackware64/xap/gucharmap-12.0.1-x86_64-1.txz
-rw-r--r-- 1 root root 163 2019-03-13 17:40 ./slackware64/xap/gucharmap-12.0.1-x86_64-1.txz.asc
@ -5054,11 +5057,11 @@ drwxr-xr-x 2 root root 4096 2019-02-17 23:51 ./slackware64/y
-rw-r--r-- 1 root root 1147 2018-03-01 07:55 ./slackware64/y/maketag
-rw-r--r-- 1 root root 1147 2018-03-01 07:55 ./slackware64/y/maketag.ez
-rw-r--r-- 1 root root 14 2018-03-01 07:55 ./slackware64/y/tagfile
drwxr-xr-x 19 root root 4096 2020-01-20 22:53 ./source
-rw-r--r-- 1 root root 475082 2020-01-20 22:53 ./source/CHECKSUMS.md5
-rw-r--r-- 1 root root 163 2020-01-20 22:53 ./source/CHECKSUMS.md5.asc
-rw-r--r-- 1 root root 669879 2020-01-20 22:53 ./source/FILE_LIST
-rw-r--r-- 1 root root 18292075 2020-01-20 22:53 ./source/MANIFEST.bz2
drwxr-xr-x 19 root root 4096 2020-01-21 21:35 ./source
-rw-r--r-- 1 root root 476833 2020-01-21 21:35 ./source/CHECKSUMS.md5
-rw-r--r-- 1 root root 163 2020-01-21 21:35 ./source/CHECKSUMS.md5.asc
-rw-r--r-- 1 root root 672276 2020-01-21 21:34 ./source/FILE_LIST
-rw-r--r-- 1 root root 18325900 2020-01-21 21:34 ./source/MANIFEST.bz2
-rw-r--r-- 1 root root 1314 2006-10-02 04:40 ./source/README.TXT
drwxr-xr-x 111 root root 4096 2020-01-12 22:42 ./source/a
-rw-r--r-- 1 root root 1034 2019-05-04 17:56 ./source/a/FTBFSlog
@ -5070,10 +5073,10 @@ drwxr-xr-x 2 root root 4096 2018-06-24 18:43 ./source/a/aaa_base
-rw-r--r-- 1 root root 783 2018-02-27 06:13 ./source/a/aaa_base/slack-desc
-rw-r--r-- 1 root root 15 2015-12-28 19:27 ./source/a/aaa_base/slackware-version
drwxr-xr-x 2 root root 4096 2019-12-21 00:21 ./source/a/aaa_elflibs
-rwxr-xr-x 1 root root 4266 2020-01-11 21:13 ./source/a/aaa_elflibs/aaa_elflibs.SlackBuild
-rwxr-xr-x 1 root root 4266 2020-01-21 18:54 ./source/a/aaa_elflibs/aaa_elflibs.SlackBuild
-rwxr-xr-x 1 root root 1630 2015-04-20 04:39 ./source/a/aaa_elflibs/display_orphans.sh
-rw-r--r-- 1 root root 930 2018-02-27 06:13 ./source/a/aaa_elflibs/slack-desc
-rw-r--r-- 1 root root 1895 2019-12-21 00:20 ./source/a/aaa_elflibs/symlinks-to-tracked-libs
-rw-r--r-- 1 root root 1985 2020-01-21 18:54 ./source/a/aaa_elflibs/symlinks-to-tracked-libs
-rw-r--r-- 1 root root 782 2019-12-21 00:21 ./source/a/aaa_elflibs/symlinks-to-tracked-libs-tmp
-rw-r--r-- 1 root root 312 2020-01-11 21:13 ./source/a/aaa_elflibs/tracked-files
-rw-r--r-- 1 root root 213 2015-04-20 04:40 ./source/a/aaa_elflibs/tracked-files-tmp
@ -5966,7 +5969,7 @@ drwxr-xr-x 2 root root 4096 2019-09-29 23:48 ./source/a/utempter
-rw-r--r-- 1 root root 198 2010-11-04 14:14 ./source/a/utempter/libutempter-1.1.6.tar.bz2.asc
-rw-r--r-- 1 root root 806 2018-02-27 06:13 ./source/a/utempter/slack-desc
-rwxr-xr-x 1 root root 4159 2019-09-29 23:48 ./source/a/utempter/utempter.SlackBuild
drwxr-xr-x 2 root root 4096 2019-12-29 19:15 ./source/a/util-linux
drwxr-xr-x 2 root root 4096 2020-01-21 18:04 ./source/a/util-linux
-rw-r--r-- 1 root root 53236 2011-07-12 20:47 ./source/a/util-linux/adjtimex_1.29-2.2.diff.gz
-rw-r--r-- 1 root root 85551 2010-04-17 03:32 ./source/a/util-linux/adjtimex_1.29.orig.tar.gz
-rw-r--r-- 1 root root 434 2014-10-30 15:31 ./source/a/util-linux/bsdstrings-util-linux_overflow.diff.gz
@ -5979,10 +5982,10 @@ drwxr-xr-x 2 root root 4096 2019-12-29 19:15 ./source/a/util-linux
-rw-r--r-- 1 root root 52437 2009-05-30 01:25 ./source/a/util-linux/setserial-2.17.tar.gz
-rw-r--r-- 1 root root 729 2009-05-30 01:25 ./source/a/util-linux/setserial-rc.serial.diff.gz
-rw-r--r-- 1 root root 376 2010-03-30 04:06 ./source/a/util-linux/setserial-undef_TIOCGHAYESESP.diff.gz
-rw-r--r-- 1 root root 796 2018-02-27 06:13 ./source/a/util-linux/slack-desc
-rw-r--r-- 1 root root 833 2019-06-14 10:46 ./source/a/util-linux/util-linux-2.34.tar.sign
-rw-r--r-- 1 root root 4974812 2019-06-14 10:46 ./source/a/util-linux/util-linux-2.34.tar.xz
-rwxr-xr-x 1 root root 10570 2019-12-29 19:15 ./source/a/util-linux/util-linux.SlackBuild
-rw-r--r-- 1 root root 806 2020-01-21 18:04 ./source/a/util-linux/slack-desc
-rw-r--r-- 1 root root 833 2020-01-21 10:50 ./source/a/util-linux/util-linux-2.35.tar.sign
-rw-r--r-- 1 root root 5137796 2020-01-21 10:50 ./source/a/util-linux/util-linux-2.35.tar.xz
-rwxr-xr-x 1 root root 10576 2020-01-21 18:05 ./source/a/util-linux/util-linux.SlackBuild
-rw-r--r-- 1 root root 275 2019-01-02 21:53 ./source/a/util-linux/util-linux.do.not.list.ram.devices.diff.gz
-rw-r--r-- 1 root root 335 2014-07-03 08:34 ./source/a/util-linux/util-linux.fdisk-no-solaris.diff.gz
-rw-r--r-- 1 root root 10292 2009-05-30 01:25 ./source/a/util-linux/ziptool-1.4.0.tar.xz
@ -6862,10 +6865,10 @@ drwxr-xr-x 2 root root 4096 2019-09-29 23:48 ./source/d/pmake
-rw-r--r-- 1 root root 26675 2005-07-07 09:32 ./source/d/pmake/pmake_1.111-1.diff.gz
-rw-r--r-- 1 root root 790 2018-02-27 06:49 ./source/d/pmake/slack-desc
drwxr-xr-x 2 root root 4096 2019-12-20 19:34 ./source/d/python
drwxr-xr-x 2 root root 4096 2019-12-29 19:15 ./source/d/python-pip
-rw-r--r-- 1 root root 999996 2019-10-18 08:21 ./source/d/python-pip/pip-19.3.1.tar.lz
drwxr-xr-x 2 root root 4096 2020-01-21 17:57 ./source/d/python-pip
-rw-r--r-- 1 root root 1023091 2020-01-21 12:43 ./source/d/python-pip/pip-20.0.1.tar.lz
-rw-r--r-- 1 root root 33 2018-03-29 06:10 ./source/d/python-pip/pip.url
-rwxr-xr-x 1 root root 3066 2019-12-29 19:15 ./source/d/python-pip/python-pip.SlackBuild
-rwxr-xr-x 1 root root 3066 2020-01-21 17:57 ./source/d/python-pip/python-pip.SlackBuild
-rw-r--r-- 1 root root 760 2018-02-27 06:13 ./source/d/python-pip/slack-desc
drwxr-xr-x 2 root root 4096 2020-01-20 19:35 ./source/d/python-setuptools
-rwxr-xr-x 1 root root 3414 2020-01-01 19:30 ./source/d/python-setuptools/python-setuptools.SlackBuild
@ -8217,9 +8220,9 @@ drwxr-xr-x 2 root root 4096 2019-09-29 23:48 ./source/l/M2Crypto
-rw-r--r-- 1 root root 1024 2018-02-27 06:12 ./source/l/M2Crypto/slack-desc
-rw-r--r-- 1 root root 46760 2019-06-19 22:31 ./source/l/M2Crypto/typing-3.7.4.tar.xz
-rw-r--r-- 1 root root 36 2018-09-24 19:28 ./source/l/M2Crypto/typing.url
drwxr-xr-x 2 root root 4096 2019-12-29 19:15 ./source/l/Mako
-rw-r--r-- 1 root root 335303 2019-08-01 16:28 ./source/l/Mako/Mako-1.1.0.tar.lz
-rwxr-xr-x 1 root root 2905 2019-12-29 19:15 ./source/l/Mako/Mako.SlackBuild
drwxr-xr-x 2 root root 4096 2020-01-21 17:56 ./source/l/Mako
-rw-r--r-- 1 root root 339384 2020-01-20 21:15 ./source/l/Mako/Mako-1.1.1.tar.lz
-rwxr-xr-x 1 root root 2905 2020-01-21 17:56 ./source/l/Mako/Mako.SlackBuild
-rw-r--r-- 1 root root 33 2018-11-26 21:01 ./source/l/Mako/Mako.url
-rw-r--r-- 1 root root 961 2018-02-27 06:12 ./source/l/Mako/slack-desc
drwxr-xr-x 2 root root 4096 2019-12-29 19:15 ./source/l/PyQt
@ -8863,9 +8866,9 @@ drwxr-xr-x 2 root root 4096 2019-09-29 23:48 ./source/l/keybinder
-rw-r--r-- 1 root root 239176 2015-11-06 15:32 ./source/l/keybinder/keybinder-3.0-0.3.1.tar.xz
-rwxr-xr-x 1 root root 4838 2019-09-29 23:48 ./source/l/keybinder/keybinder.SlackBuild
-rw-r--r-- 1 root root 829 2018-02-27 06:12 ./source/l/keybinder/slack-desc
drwxr-xr-x 2 root root 4096 2019-09-29 23:48 ./source/l/keyutils
-rw-r--r-- 1 root root 91583 2018-11-14 17:49 ./source/l/keyutils/keyutils-1.6.tar.lz
-rwxr-xr-x 1 root root 4644 2019-11-25 05:17 ./source/l/keyutils/keyutils.SlackBuild
drwxr-xr-x 2 root root 4096 2020-01-21 17:44 ./source/l/keyutils
-rw-r--r-- 1 root root 94987 2019-11-26 00:28 ./source/l/keyutils/keyutils-1.6.1.tar.lz
-rwxr-xr-x 1 root root 4644 2020-01-21 17:44 ./source/l/keyutils/keyutils.SlackBuild
-rw-r--r-- 1 root root 868 2018-02-27 06:12 ./source/l/keyutils/slack-desc
drwxr-xr-x 2 root root 4096 2019-09-29 23:48 ./source/l/lame
-rw-r--r-- 1 root root 1031744 2017-10-13 20:33 ./source/l/lame/lame-3.100.tar.xz
@ -9984,7 +9987,7 @@ drwxr-xr-x 2 root root 4096 2019-12-29 18:53 ./source/l/zstd
-rw-r--r-- 1 root root 325 2018-12-30 04:38 ./source/l/zstd/zstd.dont.link.pzstd.to.static.libzstd.a.diff.gz
-rw-r--r-- 1 root root 33 2018-11-08 01:06 ./source/l/zstd/zstd.url
-rwxr-xr-x 1 root root 14025 2018-11-20 03:08 ./source/make_world.sh
drwxr-xr-x 147 root root 4096 2019-12-01 19:14 ./source/n
drwxr-xr-x 148 root root 4096 2020-01-21 18:45 ./source/n
-rw-r--r-- 1 root root 1086 2020-01-14 04:36 ./source/n/FTBFSlog
drwxr-xr-x 2 root root 4096 2020-01-14 18:16 ./source/n/ModemManager
-rw-r--r-- 1 root root 2145600 2020-01-13 16:40 ./source/n/ModemManager/ModemManager-1.12.4.tar.xz
@ -10317,6 +10320,34 @@ drwxr-xr-x 2 root root 4096 2019-12-05 17:56 ./source/n/iw
-rwxr-xr-x 1 root root 3643 2019-09-29 23:48 ./source/n/iw/iw.SlackBuild
-rw-r--r-- 1 root root 47 2019-02-02 03:29 ./source/n/iw/iw.url
-rw-r--r-- 1 root root 876 2018-02-27 06:13 ./source/n/iw/slack-desc
drwxr-xr-x 4 root root 4096 2020-01-21 18:39 ./source/n/krb5
drwxr-xr-x 2 root root 4096 2020-01-21 18:39 ./source/n/krb5/conf
-rw-r--r-- 1 root root 92 2019-12-10 20:45 ./source/n/krb5/conf/kadmind
-rw-r--r-- 1 root root 1164 2019-12-10 21:03 ./source/n/krb5/conf/kdc.conf.example
-rw-r--r-- 1 root root 90 2019-12-10 20:48 ./source/n/krb5/conf/kpropd
-rw-r--r-- 1 root root 628 2019-12-10 21:00 ./source/n/krb5/conf/krb5.conf.example
-rw-r--r-- 1 root root 92 2019-12-10 20:49 ./source/n/krb5/conf/krb5kdc
-rw-r--r-- 1 root root 797 2019-12-12 21:24 ./source/n/krb5/conf/rc.kadmind
-rw-r--r-- 1 root root 857 2019-12-12 21:25 ./source/n/krb5/conf/rc.kpropd
-rw-r--r-- 1 root root 842 2019-12-12 21:24 ./source/n/krb5/conf/rc.krb5kdc
-rw-r--r-- 1 root root 357 2019-12-10 20:54 ./source/n/krb5/doinst.sh.gz
-rw-r--r-- 1 root root 6053923 2019-01-08 16:14 ./source/n/krb5/krb5-1.17.tar.lz
-rwxr-xr-x 1 root root 7876 2020-01-21 19:09 ./source/n/krb5/krb5.SlackBuild
-rw-r--r-- 1 root root 39 2017-09-30 20:08 ./source/n/krb5/krb5.url
drwxr-xr-x 2 root root 4096 2018-06-11 20:34 ./source/n/krb5/patches
-rw-r--r-- 1 root root 786 2017-05-20 06:32 ./source/n/krb5/patches/Build-with-Werror-implicit-int-where-supported.patch.gz
-rw-r--r-- 1 root root 428 2017-05-20 06:32 ./source/n/krb5/patches/krb5-1.11-kpasswdtest.patch.gz
-rw-r--r-- 1 root root 730 2017-05-20 06:32 ./source/n/krb5/patches/krb5-1.11-run_user_0.patch.gz
-rw-r--r-- 1 root root 708 2017-05-20 06:32 ./source/n/krb5/patches/krb5-1.12-api.patch.gz
-rw-r--r-- 1 root root 512 2017-05-20 06:32 ./source/n/krb5/patches/krb5-1.12-ksu-path.patch.gz
-rw-r--r-- 1 root root 2956 2017-05-20 06:32 ./source/n/krb5/patches/krb5-1.12-ktany.patch.gz
-rw-r--r-- 1 root root 6301 2017-05-20 06:32 ./source/n/krb5/patches/krb5-1.12.1-pam.patch.gz
-rw-r--r-- 1 root root 1387 2017-05-20 06:32 ./source/n/krb5/patches/krb5-1.13-dirsrv-accountlock.patch.gz
-rw-r--r-- 1 root root 1492 2017-05-20 06:32 ./source/n/krb5/patches/krb5-1.15-beta1-buildconf.patch.gz
-rw-r--r-- 1 root root 9919 2017-05-20 06:32 ./source/n/krb5/patches/krb5-1.15-beta1-selinux-label.patch.gz
-rw-r--r-- 1 root root 501 2017-05-20 06:32 ./source/n/krb5/patches/krb5-1.3.1-dns.patch.gz
-rw-r--r-- 1 root root 807 2017-05-20 06:32 ./source/n/krb5/patches/krb5-1.9-debuginfo.patch.gz
-rw-r--r-- 1 root root 756 2020-01-21 18:49 ./source/n/krb5/slack-desc
drwxr-xr-x 2 root root 4096 2020-01-16 17:44 ./source/n/lftp
-rw-r--r-- 1 root root 263 2009-05-31 06:11 ./source/n/lftp/doinst.sh.gz
-rw-r--r-- 1 root root 1648564 2020-01-15 20:01 ./source/n/lftp/lftp-4.9.1.tar.xz
@ -10738,12 +10769,12 @@ drwxr-xr-x 2 root root 4096 2019-12-20 19:30 ./source/n/p11-kit
-rwxr-xr-x 1 root root 3627 2019-12-20 19:30 ./source/n/p11-kit/p11-kit.SlackBuild
-rw-r--r-- 1 root root 45 2018-05-28 18:06 ./source/n/p11-kit/p11-kit.url
-rw-r--r-- 1 root root 972 2018-02-27 06:13 ./source/n/p11-kit/slack-desc
drwxr-xr-x 2 root root 4096 2019-12-19 00:26 ./source/n/php
drwxr-xr-x 2 root root 4096 2020-01-21 17:51 ./source/n/php
-rw-r--r-- 1 root root 425 2017-12-08 01:53 ./source/n/php/doinst.sh.gz
-rwxr-xr-x 1 root root 118 2019-12-19 00:26 ./source/n/php/fetch-php.sh
-rwxr-xr-x 1 root root 118 2020-01-21 17:51 ./source/n/php/fetch-php.sh
-rw-r--r-- 1 root root 1022 2017-11-28 18:32 ./source/n/php/mod_php.conf.example
-rw-r--r-- 1 root root 10245600 2019-12-18 01:10 ./source/n/php/php-7.4.1.tar.xz
-rw-r--r-- 1 root root 833 2019-12-18 01:10 ./source/n/php/php-7.4.1.tar.xz.asc
-rw-r--r-- 1 root root 10252304 2020-01-21 11:20 ./source/n/php/php-7.4.2.tar.xz
-rw-r--r-- 1 root root 833 2020-01-21 11:20 ./source/n/php/php-7.4.2.tar.xz.asc
-rw-r--r-- 1 root root 387 2017-11-28 02:08 ./source/n/php/php-fpm.conf.diff.gz
-rwxr-xr-x 1 root root 9347 2020-01-20 19:33 ./source/n/php/php.SlackBuild
-rw-r--r-- 1 root root 799 2019-12-01 19:12 ./source/n/php/php.ini-development.diff.gz
@ -10869,14 +10900,14 @@ drwxr-xr-x 2 root root 4096 2019-12-30 20:01 ./source/n/s-nail
-rwxr-xr-x 1 root root 4204 2019-12-30 20:02 ./source/n/s-nail/s-nail.SlackBuild
-rw-r--r-- 1 root root 92 2019-12-30 19:59 ./source/n/s-nail/s-nail.url
-rw-r--r-- 1 root root 930 2018-11-24 18:35 ./source/n/s-nail/slack-desc
drwxr-xr-x 2 root root 4096 2019-12-30 05:30 ./source/n/samba
drwxr-xr-x 2 root root 4096 2020-01-21 21:19 ./source/n/samba
-rw-r--r-- 1 root root 703 2016-06-13 04:19 ./source/n/samba/doinst.sh.gz
-rw-r--r-- 1 root root 940 2016-06-04 17:50 ./source/n/samba/rc.samba
-rw-r--r-- 1 root root 224 2019-12-16 15:02 ./source/n/samba/samba-4.11.4.tar.asc
-rw-r--r-- 1 root root 11565542 2019-12-16 15:02 ./source/n/samba/samba-4.11.4.tar.lz
-rwxr-xr-x 1 root root 7263 2019-12-30 05:30 ./source/n/samba/samba.SlackBuild
-rw-r--r-- 1 root root 224 2020-01-14 08:53 ./source/n/samba/samba-4.11.5.tar.asc
-rw-r--r-- 1 root root 11568165 2020-01-14 08:53 ./source/n/samba/samba-4.11.5.tar.lz
-rwxr-xr-x 1 root root 7263 2020-01-21 17:59 ./source/n/samba/samba.SlackBuild
-rw-r--r-- 1 root root 227 2019-02-06 20:36 ./source/n/samba/samba.libsmbclient.h.ffmpeg.compat.diff.gz
-rw-r--r-- 1 root root 129 2019-12-16 17:40 ./source/n/samba/samba.url
-rw-r--r-- 1 root root 129 2020-01-21 17:59 ./source/n/samba/samba.url
-rw-r--r-- 1 root root 960 2018-02-27 06:13 ./source/n/samba/slack-desc
-rw-r--r-- 1 root root 7921 2018-04-29 17:31 ./source/n/samba/smb.conf.default
-rw-r--r-- 1 root root 7933 2018-01-14 20:41 ./source/n/samba/smb.conf.default.orig
@ -12560,9 +12591,9 @@ drwxr-xr-x 2 root root 4096 2019-12-02 20:31 ./source/xap/gnuplot
-rw-r--r-- 1 root root 232 2017-09-30 18:21 ./source/xap/gnuplot/gnuplot.fix.info.generation.diff.gz
-rw-r--r-- 1 root root 24 2018-06-05 04:25 ./source/xap/gnuplot/gnuplot.url
-rw-r--r-- 1 root root 1099 2018-02-27 06:13 ./source/xap/gnuplot/slack-desc
drwxr-xr-x 2 root root 4096 2019-09-29 23:48 ./source/xap/gparted
drwxr-xr-x 2 root root 4096 2020-01-21 17:42 ./source/xap/gparted
-rw-r--r-- 1 root root 121 2016-02-03 19:48 ./source/xap/gparted/doinst.sh.gz
-rw-r--r-- 1 root root 2283660 2019-05-29 16:18 ./source/xap/gparted/gparted-1.0.0.tar.lz
-rw-r--r-- 1 root root 2321233 2020-01-20 17:30 ./source/xap/gparted/gparted-1.1.0.tar.lz
-rwxr-xr-x 1 root root 4124 2019-09-29 23:48 ./source/xap/gparted/gparted.SlackBuild
-rw-r--r-- 1 root root 864 2018-02-27 06:13 ./source/xap/gparted/slack-desc
drwxr-xr-x 2 root root 4096 2019-09-29 23:48 ./source/xap/gucharmap

View file

@ -506,6 +506,19 @@ gzip ./source/n/popa3d/popa3d.diff
gzip ./source/n/ca-certificates/fixup_update-ca-certificates.diff
gzip ./source/n/ca-certificates/doinst.sh
gzip ./source/n/ca-certificates/update-ca-certificates.c_rehash.diff
gzip ./source/n/krb5/patches/krb5-1.12-ktany.patch
gzip ./source/n/krb5/patches/krb5-1.15-beta1-selinux-label.patch
gzip ./source/n/krb5/patches/krb5-1.12-api.patch
gzip ./source/n/krb5/patches/Build-with-Werror-implicit-int-where-supported.patch
gzip ./source/n/krb5/patches/krb5-1.13-dirsrv-accountlock.patch
gzip ./source/n/krb5/patches/krb5-1.9-debuginfo.patch
gzip ./source/n/krb5/patches/krb5-1.15-beta1-buildconf.patch
gzip ./source/n/krb5/patches/krb5-1.12.1-pam.patch
gzip ./source/n/krb5/patches/krb5-1.12-ksu-path.patch
gzip ./source/n/krb5/patches/krb5-1.3.1-dns.patch
gzip ./source/n/krb5/patches/krb5-1.11-kpasswdtest.patch
gzip ./source/n/krb5/patches/krb5-1.11-run_user_0.patch
gzip ./source/n/krb5/doinst.sh
gzip ./source/n/bootp/bootp_2.4.3-15.diff
gzip ./source/n/bootp/bootptab
gzip ./source/n/lftp/doinst.sh

View file

@ -57,6 +57,7 @@ Press ENTER when you are done." \
"ipw2200-fw" "Firmware for Intel ipw2200 wireless." "on" \
"irssi" "IRSSI Internet Relay Chat (IRC) client" "on" \
"iw" "Utility for mac80211 based wireless devices" "on" \
"krb5" "Network authentication protocol" "on" \
"lftp" "Shell-like FTP and HTTP transfer program" "on" \
"libassuan" "Interprocess Communication Library for GPG" "on" \
"libgcrypt" "General purpose crypto library" "on" \
@ -161,7 +162,7 @@ if [ $? = 1 -o $? = 255 ]; then
rm -f $TMP/SeTpkgs
> $TMP/SeTnewtag
for pkg in \
ModemManager NetworkManager alpine autofs biff+comsat bind bluez bluez-firmware bootp bridge-utils bsd-finger ca-certificates cifs-utils conntrack-tools crda curl cyrus-sasl dhcp dhcpcd dnsmasq dovecot ebtables elm epic5 ethtool fetchmail getmail gnupg gnupg2 gnutls gpa gpgme htdig httpd icmpinfo iftop inetd iproute2 ipset iptables iptraf-ng iputils ipw2100-fw ipw2200-fw irssi iw lftp libassuan libgcrypt libgpg-error libksba libmbim libmilter libmnl libndp libnetfilter_acct libnetfilter_conntrack libnetfilter_cthelper libnetfilter_cttimeout libnetfilter_log libnetfilter_queue libnfnetlink libnftnl libqmi libtirpc links lynx mcabber metamail mobile-broadband-provider-info mtr mutt nc ncftp net-snmp net-tools netatalk netdate netkit-bootparamd netkit-ftp netkit-ntalk netkit-routed netkit-rsh netkit-rusers netkit-rwall netkit-rwho netkit-timed netpipes nettle netwatch network-scripts netwrite newspost nfacct nfs-utils nftables nghttp2 nmap nn npth ntp obexftp openldap-client openobex openssh openssl openssl10 openvpn p11-kit php pidentd pinentry popa3d postfix ppp procmail proftpd pssh rdist rp-pppoe rpcbind rsync s-nail samba slrn snownews sshfs stunnel tcp_wrappers tcpdump telnet tftp-hpa tin traceroute ulogd uucp vlan vsftpd wget whois wireless_tools wpa_supplicant yptools ytalk zd1211-firmware \
ModemManager NetworkManager alpine autofs biff+comsat bind bluez bluez-firmware bootp bridge-utils bsd-finger ca-certificates cifs-utils conntrack-tools crda curl cyrus-sasl dhcp dhcpcd dnsmasq dovecot ebtables elm epic5 ethtool fetchmail getmail gnupg gnupg2 gnutls gpa gpgme htdig httpd icmpinfo iftop inetd iproute2 ipset iptables iptraf-ng iputils ipw2100-fw ipw2200-fw irssi iw krb5 lftp libassuan libgcrypt libgpg-error libksba libmbim libmilter libmnl libndp libnetfilter_acct libnetfilter_conntrack libnetfilter_cthelper libnetfilter_cttimeout libnetfilter_log libnetfilter_queue libnfnetlink libnftnl libqmi libtirpc links lynx mcabber metamail mobile-broadband-provider-info mtr mutt nc ncftp net-snmp net-tools netatalk netdate netkit-bootparamd netkit-ftp netkit-ntalk netkit-routed netkit-rsh netkit-rusers netkit-rwall netkit-rwho netkit-timed netpipes nettle netwatch network-scripts netwrite newspost nfacct nfs-utils nftables nghttp2 nmap nn npth ntp obexftp openldap-client openobex openssh openssl openssl10 openvpn p11-kit php pidentd pinentry popa3d postfix ppp procmail proftpd pssh rdist rp-pppoe rpcbind rsync s-nail samba slrn snownews sshfs stunnel tcp_wrappers tcpdump telnet tftp-hpa tin traceroute ulogd uucp vlan vsftpd wget whois wireless_tools wpa_supplicant yptools ytalk zd1211-firmware \
; do
echo "$pkg: SKP" >> $TMP/SeTnewtag
done
@ -169,7 +170,7 @@ ModemManager NetworkManager alpine autofs biff+comsat bind bluez bluez-firmware
fi
cat /dev/null > $TMP/SeTnewtag
for PACKAGE in \
ModemManager NetworkManager alpine autofs biff+comsat bind bluez bluez-firmware bootp bridge-utils bsd-finger ca-certificates cifs-utils conntrack-tools crda curl cyrus-sasl dhcp dhcpcd dnsmasq dovecot ebtables elm epic5 ethtool fetchmail getmail gnupg gnupg2 gnutls gpa gpgme htdig httpd icmpinfo iftop inetd iproute2 ipset iptables iptraf-ng iputils ipw2100-fw ipw2200-fw irssi iw lftp libassuan libgcrypt libgpg-error libksba libmbim libmilter libmnl libndp libnetfilter_acct libnetfilter_conntrack libnetfilter_cthelper libnetfilter_cttimeout libnetfilter_log libnetfilter_queue libnfnetlink libnftnl libqmi libtirpc links lynx mcabber metamail mobile-broadband-provider-info mtr mutt nc ncftp net-snmp net-tools netatalk netdate netkit-bootparamd netkit-ftp netkit-ntalk netkit-routed netkit-rsh netkit-rusers netkit-rwall netkit-rwho netkit-timed netpipes nettle netwatch network-scripts netwrite newspost nfacct nfs-utils nftables nghttp2 nmap nn npth ntp obexftp openldap-client openobex openssh openssl openssl10 openvpn p11-kit php pidentd pinentry popa3d postfix ppp procmail proftpd pssh rdist rp-pppoe rpcbind rsync s-nail samba slrn snownews sshfs stunnel tcp_wrappers tcpdump telnet tftp-hpa tin traceroute ulogd uucp vlan vsftpd wget whois wireless_tools wpa_supplicant yptools ytalk zd1211-firmware \
ModemManager NetworkManager alpine autofs biff+comsat bind bluez bluez-firmware bootp bridge-utils bsd-finger ca-certificates cifs-utils conntrack-tools crda curl cyrus-sasl dhcp dhcpcd dnsmasq dovecot ebtables elm epic5 ethtool fetchmail getmail gnupg gnupg2 gnutls gpa gpgme htdig httpd icmpinfo iftop inetd iproute2 ipset iptables iptraf-ng iputils ipw2100-fw ipw2200-fw irssi iw krb5 lftp libassuan libgcrypt libgpg-error libksba libmbim libmilter libmnl libndp libnetfilter_acct libnetfilter_conntrack libnetfilter_cthelper libnetfilter_cttimeout libnetfilter_log libnetfilter_queue libnfnetlink libnftnl libqmi libtirpc links lynx mcabber metamail mobile-broadband-provider-info mtr mutt nc ncftp net-snmp net-tools netatalk netdate netkit-bootparamd netkit-ftp netkit-ntalk netkit-routed netkit-rsh netkit-rusers netkit-rwall netkit-rwho netkit-timed netpipes nettle netwatch network-scripts netwrite newspost nfacct nfs-utils nftables nghttp2 nmap nn npth ntp obexftp openldap-client openobex openssh openssl openssl10 openvpn p11-kit php pidentd pinentry popa3d postfix ppp procmail proftpd pssh rdist rp-pppoe rpcbind rsync s-nail samba slrn snownews sshfs stunnel tcp_wrappers tcpdump telnet tftp-hpa tin traceroute ulogd uucp vlan vsftpd wget whois wireless_tools wpa_supplicant yptools ytalk zd1211-firmware \
; do
if grep "\(^\| \)$PACKAGE\( \|$\)" $TMP/SeTpkgs 1> /dev/null 2> /dev/null ; then
echo "$PACKAGE: ADD" >> $TMP/SeTnewtag

View file

@ -57,6 +57,7 @@ Press ENTER when you are done." \
"ipw2200-fw" "Firmware for Intel ipw2200 wireless." "on" \
"irssi" "IRSSI Internet Relay Chat (IRC) client" "on" \
"iw" "Utility for mac80211 based wireless devices" "on" \
"krb5" "Network authentication protocol" "on" \
"lftp" "Shell-like FTP and HTTP transfer program" "on" \
"libassuan" "Interprocess Communication Library for GPG" "on" \
"libgcrypt" "General purpose crypto library" "on" \
@ -161,7 +162,7 @@ if [ $? = 1 -o $? = 255 ]; then
rm -f $TMP/SeTpkgs
> $TMP/SeTnewtag
for pkg in \
ModemManager NetworkManager alpine autofs biff+comsat bind bluez bluez-firmware bootp bridge-utils bsd-finger ca-certificates cifs-utils conntrack-tools crda curl cyrus-sasl dhcp dhcpcd dnsmasq dovecot ebtables elm epic5 ethtool fetchmail getmail gnupg gnupg2 gnutls gpa gpgme htdig httpd icmpinfo iftop inetd iproute2 ipset iptables iptraf-ng iputils ipw2100-fw ipw2200-fw irssi iw lftp libassuan libgcrypt libgpg-error libksba libmbim libmilter libmnl libndp libnetfilter_acct libnetfilter_conntrack libnetfilter_cthelper libnetfilter_cttimeout libnetfilter_log libnetfilter_queue libnfnetlink libnftnl libqmi libtirpc links lynx mcabber metamail mobile-broadband-provider-info mtr mutt nc ncftp net-snmp net-tools netatalk netdate netkit-bootparamd netkit-ftp netkit-ntalk netkit-routed netkit-rsh netkit-rusers netkit-rwall netkit-rwho netkit-timed netpipes nettle netwatch network-scripts netwrite newspost nfacct nfs-utils nftables nghttp2 nmap nn npth ntp obexftp openldap-client openobex openssh openssl openssl10 openvpn p11-kit php pidentd pinentry popa3d postfix ppp procmail proftpd pssh rdist rp-pppoe rpcbind rsync s-nail samba slrn snownews sshfs stunnel tcp_wrappers tcpdump telnet tftp-hpa tin traceroute ulogd uucp vlan vsftpd wget whois wireless_tools wpa_supplicant yptools ytalk zd1211-firmware \
ModemManager NetworkManager alpine autofs biff+comsat bind bluez bluez-firmware bootp bridge-utils bsd-finger ca-certificates cifs-utils conntrack-tools crda curl cyrus-sasl dhcp dhcpcd dnsmasq dovecot ebtables elm epic5 ethtool fetchmail getmail gnupg gnupg2 gnutls gpa gpgme htdig httpd icmpinfo iftop inetd iproute2 ipset iptables iptraf-ng iputils ipw2100-fw ipw2200-fw irssi iw krb5 lftp libassuan libgcrypt libgpg-error libksba libmbim libmilter libmnl libndp libnetfilter_acct libnetfilter_conntrack libnetfilter_cthelper libnetfilter_cttimeout libnetfilter_log libnetfilter_queue libnfnetlink libnftnl libqmi libtirpc links lynx mcabber metamail mobile-broadband-provider-info mtr mutt nc ncftp net-snmp net-tools netatalk netdate netkit-bootparamd netkit-ftp netkit-ntalk netkit-routed netkit-rsh netkit-rusers netkit-rwall netkit-rwho netkit-timed netpipes nettle netwatch network-scripts netwrite newspost nfacct nfs-utils nftables nghttp2 nmap nn npth ntp obexftp openldap-client openobex openssh openssl openssl10 openvpn p11-kit php pidentd pinentry popa3d postfix ppp procmail proftpd pssh rdist rp-pppoe rpcbind rsync s-nail samba slrn snownews sshfs stunnel tcp_wrappers tcpdump telnet tftp-hpa tin traceroute ulogd uucp vlan vsftpd wget whois wireless_tools wpa_supplicant yptools ytalk zd1211-firmware \
; do
echo "$pkg: SKP" >> $TMP/SeTnewtag
done
@ -169,7 +170,7 @@ ModemManager NetworkManager alpine autofs biff+comsat bind bluez bluez-firmware
fi
cat /dev/null > $TMP/SeTnewtag
for PACKAGE in \
ModemManager NetworkManager alpine autofs biff+comsat bind bluez bluez-firmware bootp bridge-utils bsd-finger ca-certificates cifs-utils conntrack-tools crda curl cyrus-sasl dhcp dhcpcd dnsmasq dovecot ebtables elm epic5 ethtool fetchmail getmail gnupg gnupg2 gnutls gpa gpgme htdig httpd icmpinfo iftop inetd iproute2 ipset iptables iptraf-ng iputils ipw2100-fw ipw2200-fw irssi iw lftp libassuan libgcrypt libgpg-error libksba libmbim libmilter libmnl libndp libnetfilter_acct libnetfilter_conntrack libnetfilter_cthelper libnetfilter_cttimeout libnetfilter_log libnetfilter_queue libnfnetlink libnftnl libqmi libtirpc links lynx mcabber metamail mobile-broadband-provider-info mtr mutt nc ncftp net-snmp net-tools netatalk netdate netkit-bootparamd netkit-ftp netkit-ntalk netkit-routed netkit-rsh netkit-rusers netkit-rwall netkit-rwho netkit-timed netpipes nettle netwatch network-scripts netwrite newspost nfacct nfs-utils nftables nghttp2 nmap nn npth ntp obexftp openldap-client openobex openssh openssl openssl10 openvpn p11-kit php pidentd pinentry popa3d postfix ppp procmail proftpd pssh rdist rp-pppoe rpcbind rsync s-nail samba slrn snownews sshfs stunnel tcp_wrappers tcpdump telnet tftp-hpa tin traceroute ulogd uucp vlan vsftpd wget whois wireless_tools wpa_supplicant yptools ytalk zd1211-firmware \
ModemManager NetworkManager alpine autofs biff+comsat bind bluez bluez-firmware bootp bridge-utils bsd-finger ca-certificates cifs-utils conntrack-tools crda curl cyrus-sasl dhcp dhcpcd dnsmasq dovecot ebtables elm epic5 ethtool fetchmail getmail gnupg gnupg2 gnutls gpa gpgme htdig httpd icmpinfo iftop inetd iproute2 ipset iptables iptraf-ng iputils ipw2100-fw ipw2200-fw irssi iw krb5 lftp libassuan libgcrypt libgpg-error libksba libmbim libmilter libmnl libndp libnetfilter_acct libnetfilter_conntrack libnetfilter_cthelper libnetfilter_cttimeout libnetfilter_log libnetfilter_queue libnfnetlink libnftnl libqmi libtirpc links lynx mcabber metamail mobile-broadband-provider-info mtr mutt nc ncftp net-snmp net-tools netatalk netdate netkit-bootparamd netkit-ftp netkit-ntalk netkit-routed netkit-rsh netkit-rusers netkit-rwall netkit-rwho netkit-timed netpipes nettle netwatch network-scripts netwrite newspost nfacct nfs-utils nftables nghttp2 nmap nn npth ntp obexftp openldap-client openobex openssh openssl openssl10 openvpn p11-kit php pidentd pinentry popa3d postfix ppp procmail proftpd pssh rdist rp-pppoe rpcbind rsync s-nail samba slrn snownews sshfs stunnel tcp_wrappers tcpdump telnet tftp-hpa tin traceroute ulogd uucp vlan vsftpd wget whois wireless_tools wpa_supplicant yptools ytalk zd1211-firmware \
; do
if grep "\(^\| \)$PACKAGE\( \|$\)" $TMP/SeTpkgs 1> /dev/null 2> /dev/null ; then
echo "$PACKAGE: ADD" >> $TMP/SeTnewtag

View file

@ -44,6 +44,7 @@ ipw2100-fw:ADD
ipw2200-fw:ADD
irssi:OPT
iw:REC
krb5:REC
lftp:OPT
libassuan:REC
libgcrypt:REC

View file

@ -23,7 +23,7 @@ cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=aaa_elflibs
VERSION=${VERSION:-15.0}
BUILD=${BUILD:-18}
BUILD=${BUILD:-19}
# Automatically determine the architecture we're building on:
if [ -z "$ARCH" ]; then

View file

@ -11,6 +11,10 @@
/lib/libelf.so.1
/lib/libfuse.so.2
/lib/libgpm.so.2
/lib/libkrb5support.so.0
/lib/libkrb5.so.3
/lib/libk5crypto.so.3
/lib/libgssapi_krb5.so.2
/lib/liblzma.so.5
/lib/libncurses.so.5
/lib/libncurses.so.6

View file

@ -11,7 +11,7 @@ util-linux:
util-linux: The util-linux package is a huge collection of random utilities
util-linux: that are essential to run a Linux system.
util-linux:
util-linux: https://www.kernel.org/pub/linux/utils/util-linux/
util-linux: Homepage: https://www.kernel.org/pub/linux/utils/util-linux/
util-linux:
util-linux:
util-linux:

View file

@ -1,6 +1,6 @@
#!/bin/bash
# Copyright 2008, 2009, 2010, 2011, 2012, 2013, 2015, 2017, 2018 Patrick J. Volkerding, Sebeka, MN, USA
# Copyright 2008, 2009, 2010, 2011, 2012, 2013, 2015, 2017, 2018, 2020 Patrick J. Volkerding, Sebeka, MN, USA
# All rights reserved.
#
# Redistribution and use of this script, with or without modification, is
@ -26,7 +26,7 @@ cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=util-linux
VERSION=${VERSION:-$(echo util-linux*.tar.xz | cut -d - -f 3 | rev | cut -f 3- -d . | rev)}
BUILD=${BUILD:-2}
BUILD=${BUILD:-1}
ADJTIMEXVERS=1.29
SETSERIALVERS=2.17

View file

@ -25,7 +25,7 @@ cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=python-pip
VERSION=${VERSION:-$(echo pip-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
BUILD=${BUILD:-2}
BUILD=${BUILD:-1}
SRCNAM=pip

View file

@ -25,7 +25,7 @@ cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=Mako
VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
BUILD=${BUILD:-2}
BUILD=${BUILD:-1}
if [ -z "$ARCH" ]; then
case "$( uname -m )" in

View file

@ -24,7 +24,7 @@ cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=keyutils
VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
BUILD=${BUILD:-2}
BUILD=${BUILD:-1}
# Automatically determine the architecture we're building on:
if [ -z "$ARCH" ]; then

View file

@ -0,0 +1,2 @@
# To set additional options for kadmind, add them in the variable below:
KADMIND_OPTIONS=""

View file

@ -0,0 +1,35 @@
[kdcdefaults]
kdc_listen = 88
kdc_tcp_listen = 88
[realms]
ATHENA.MIT.EDU = {
kadmind_port = 749
max_life = 12h 0m 0s
max_renewable_life = 7d 0h 0m 0s
master_key_type = aes256-cts-hmac-sha1-96
supported_enctypes = aes256-cts-hmac-sha1-96:normal aes128-cts-hmac-sha1-96:normal
database_module = openldap_ldapconf
}
[logging]
kdc = FILE:/var/kerberos/krb5kdc/kdc.log
admin_server = FILE:/var/kerberos/krb5kdc/kadmin.log
[dbdefaults]
ldap_kerberos_container_dn = cn=krbcontainer,dc=mit,dc=edu
[dbmodules]
openldap_ldapconf = {
db_library = kldap
disable_last_success = true
ldap_kdc_dn = "cn=krbadmin,dc=mit,dc=edu"
# this object needs to have read rights on
# the realm container and principal subtrees
ldap_kadmind_dn = "cn=krbadmin,dc=mit,dc=edu"
# this object needs to have read and write rights on
# the realm container and principal subtrees
ldap_service_password_file = /etc/kerberos/service.keyfile
ldap_servers = ldaps://kerberos.mit.edu
ldap_conns_per_server = 5
}

View file

@ -0,0 +1,2 @@
# To set additional options for kpropd, add them in the variable below:
KPROPD_OPTIONS=""

View file

@ -0,0 +1,29 @@
[libdefaults]
default_realm = ATHENA.MIT.EDU
dns_lookup_kdc = true
dns_lookup_realm = false
[realms]
ATHENA.MIT.EDU = {
kdc = kerberos.mit.edu
kdc = kerberos-1.mit.edu
kdc = kerberos-2.mit.edu
admin_server = kerberos.mit.edu
master_kdc = kerberos.mit.edu
}
EXAMPLE.COM = {
kdc = kerberos.example.com
kdc = kerberos-1.example.com
admin_server = kerberos.example.com
}
[domain_realm]
mit.edu = ATHENA.MIT.EDU
[capaths]
ATHENA.MIT.EDU = {
EXAMPLE.COM = .
}
EXAMPLE.COM = {
ATHENA.MIT.EDU = .
}

View file

@ -0,0 +1,2 @@
# To set additional options for krb5kdc, add them in the variable below:
KRB5KDC_OPTIONS=""

View file

@ -0,0 +1,40 @@
#!/bin/sh
# Start the Kerberos administration server. This typically runs on the
# master Kerberos server, which stores the KDC database.
# To change the default options, edit /etc/default/kadmind.
if [ -r /etc/default/kadmind ]; then
. /etc/default/kadmind
fi
start_atd() {
if ! /usr/bin/pgrep --ns $$ --euid root -f "^/usr/sbin/kadmind" 1> /dev/null 2> /dev/null ; then
echo "Starting kadmind: /usr/sbin/kadmind $KADMIND_OPTIONS"
/usr/sbin/kadmind $KADMIND_OPTIONS
fi
}
stop_atd() {
echo "Stopping kadmind."
/usr/bin/pkill --ns $$ --euid root -f "^/usr/sbin/kadmind" 2> /dev/null
}
restart_atd() {
stop_atd
sleep 1
start_atd
}
case "$1" in
'start')
start_atd
;;
'stop')
stop_atd
;;
'restart')
restart_atd
;;
*)
echo "usage $0 start|stop|restart"
esac

View file

@ -0,0 +1,41 @@
#!/bin/sh
# Start the Kerberos V5 slave KDC update server. This runs on a slave
# (secondary) KDC server. It allows the master Kerberos server to use
# kprop(8) to propagate its database to the slave servers.
# To change the default options, edit /etc/default/kpropd.
if [ -r /etc/default/kpropd ]; then
. /etc/default/kpropd
fi
start_atd() {
if ! /usr/bin/pgrep --ns $$ --euid root -f "^/usr/sbin/kpropd" 1> /dev/null 2> /dev/null ; then
echo "Starting kpropd: /usr/sbin/kpropd $KPROPD_OPTIONS"
/usr/sbin/kpropd $KPROPD_OPTIONS
fi
}
stop_atd() {
echo "Stopping kpropd."
/usr/bin/pkill --ns $$ --euid root -f "^/usr/sbin/kpropd" 2> /dev/null
}
restart_atd() {
stop_atd
sleep 1
start_atd
}
case "$1" in
'start')
start_atd
;;
'stop')
stop_atd
;;
'restart')
restart_atd
;;
*)
echo "usage $0 start|stop|restart"
esac

View file

@ -0,0 +1,41 @@
#!/bin/sh
# Start krb5kdc, which is the Kerberos version 5 Authentication Service
# and Key Distribution Center (AS/KDC). This needs to run first on both
# master and secondary KDCs.
# To change the default options, edit /etc/default/krb5kdc.
if [ -r /etc/default/krb5kdc ]; then
. /etc/default/krb5kdc
fi
start_atd() {
if ! /usr/bin/pgrep --ns $$ --euid root -f "^/usr/sbin/krb5kdc" 1> /dev/null 2> /dev/null ; then
echo "Starting krb5kdc: /usr/sbin/krb5kdc $KRB5KDC_OPTIONS"
/usr/sbin/krb5kdc $KRB5KDC_OPTIONS
fi
}
stop_atd() {
echo "Stopping krb5kdc."
/usr/bin/pkill --ns $$ --euid root -f "^/usr/sbin/krb5kdc" 2> /dev/null
}
restart_atd() {
stop_atd
sleep 1
start_atd
}
case "$1" in
'start')
start_atd
;;
'stop')
stop_atd
;;
'restart')
restart_atd
;;
*)
echo "usage $0 start|stop|restart"
esac

30
source/n/krb5/doinst.sh Normal file
View file

@ -0,0 +1,30 @@
config() {
NEW="$1"
OLD="$(dirname $NEW)/$(basename $NEW .new)"
# If there's no config file by that name, mv it over:
if [ ! -r $OLD ]; then
mv $NEW $OLD
elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then
# toss the redundant copy
rm $NEW
fi
# Otherwise, we leave the .new copy for the admin to consider...
}
preserve_perms() {
NEW="$1"
OLD="$(dirname $NEW)/$(basename $NEW .new)"
if [ -e $OLD ]; then
cp -a $OLD ${NEW}.incoming
cat $NEW > ${NEW}.incoming
mv ${NEW}.incoming $NEW
fi
config $NEW
}
preserve_perms etc/rc.d/rc.kadmind.new
preserve_perms etc/rc.d/rc.kpropd.new
preserve_perms etc/rc.d/rc.krb5kdc.new
config etc/default/kadmind.new
config etc/default/kpropd.new
config etc/default/krb5kdc.new

221
source/n/krb5/krb5.SlackBuild Executable file
View file

@ -0,0 +1,221 @@
#!/bin/sh
# Copyright 2009 Tom Canich, State College, Pennsylvania, USA
# Copyright 2015-2017 Willy Sudiarto Raharjo <willysr@slackbuilds.org>
# Copyright 2017, 2018, 2019, 2020 Patrick J. Volkerding, Sebeka, MN, USA
# All rights reserved.
#
# Redistribution and use of this script, with or without modification, is
# permitted provided that the following conditions are met:
#
# 1. Redistributions of this script must retain the above copyright
# notice, this list of conditions and the following disclaimer.
#
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR "AS IS" AND ANY EXPRESS OR IMPLIED
# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=krb5
VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
BUILD=${BUILD:-1}
if [ -z "$ARCH" ]; then
case "$( uname -m )" in
i?86) ARCH=i586 ;;
arm*) ARCH=arm ;;
*) ARCH=$( uname -m ) ;;
esac
fi
NUMJOBS=${NUMJOBS:-" -j7 "}
TMP=${TMP:-/tmp}
PKG=$TMP/package-$PKGNAM
if [ "$ARCH" = "i586" ]; then
SLKCFLAGS="-O2 -march=i586 -mtune=i686"
LIBDIRSUFFIX=""
elif [ "$ARCH" = "i686" ]; then
SLKCFLAGS="-O2 -march=i686 -mtune=i686"
LIBDIRSUFFIX=""
elif [ "$ARCH" = "x86_64" ]; then
SLKCFLAGS="-O2 -fPIC"
LIBDIRSUFFIX="64"
else
SLKCFLAGS="-O2"
LIBDIRSUFFIX=""
fi
# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
# the name of the created package would be, and then exit. This information
# could be useful to other scripts.
if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
exit 0
fi
rm -rf $PKG
mkdir -p $TMP $PKG
cd $TMP
rm -rf $PKGNAM-$VERSION
tar xvf $CWD/$PKGNAM-$VERSION.tar.?z || exit 1
cd $PKGNAM-$VERSION || exit 1
chown -R root:root .
find . \
\( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
-exec chmod 755 {} \+ -o \
\( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
-exec chmod 644 {} \+
sed -i "/KRB5ROOT=/s/\/local//" src/util/ac_check_krb5.m4
# Not listed in ./configure --help, does this actually do anything?
# --with-pam
# NOTE: It appears that the krb5-1.12.1-pam.patch.gz patch introduces this
# option, which would then pamify ksu. We'll not worry about it now.
## NOTE: I'm not applying any of these until it's shown that we actually need
## to hack up krb5 this much. Initially we'll ship without any of them, and
## if all goes well the plan is to drop them from the source directory and
## this script. If it turns out some or all of them are needed, we'll look
## into it when the time comes. As always, input from those who know more about
## it than I do is always welcomed.
## Add some patches from Fedora (via Phantom X) for compatibility:
#zcat $CWD/patches/krb5-1.12.1-pam.patch.gz | patch -p1 --verbose || exit 1
## Below patch fails without selinux:
##zcat $CWD/patches/krb5-1.15-beta1-selinux-label.patch.gz | patch -p1 --verbose || exit 1
#zcat $CWD/patches/krb5-1.12-ksu-path.patch.gz | patch -p1 --verbose || exit 1
#zcat $CWD/patches/krb5-1.12-ktany.patch.gz | patch -p1 --verbose || exit 1
#zcat $CWD/patches/krb5-1.15-beta1-buildconf.patch.gz | patch -p1 --verbose || exit 1
#zcat $CWD/patches/krb5-1.3.1-dns.patch.gz | patch -p1 --verbose || exit 1
#zcat $CWD/patches/krb5-1.12-api.patch.gz | patch -p1 --verbose || exit 1
#zcat $CWD/patches/krb5-1.13-dirsrv-accountlock.patch.gz | patch -p1 --verbose || exit 1
#zcat $CWD/patches/krb5-1.9-debuginfo.patch.gz | patch -p1 --verbose || exit 1
## Below patch fails without selinux patch:
##zcat $CWD/patches/krb5-1.11-run_user_0.patch.gz | patch -p1 --verbose || exit 1
#zcat $CWD/patches/krb5-1.11-kpasswdtest.patch.gz | patch -p1 --verbose || exit 1
#zcat $CWD/patches/Build-with-Werror-implicit-int-where-supported.patch.gz | patch -p1 --verbose || exit 1
cd src
CFLAGS="$SLKCFLAGS" \
CXXFLAGS="$SLKCFLAGS" \
CPPFLAGS+=" -I/usr/include/et" \
./configure \
--prefix=/usr \
--libdir=/usr/lib${LIBDIRSUFFIX} \
--sysconfdir=/etc \
--localstatedir=/var/kerberos \
--runstatedir=/var/run \
--mandir=/usr/man \
--enable-dns-for-realm \
--with-ldap \
--with-system-et \
--with-system-ss \
--enable-pkinit \
--with-tls-impl=openssl \
--with-system-verto=no \
--with-prng-alg=os \
--build=$ARCH-slackware-linux || exit 1
# Build:
make $NUMJOBS || make || exit 1
# Double check for proper runstatedir setting:
if ! grep -q /var/run/krb5kdc include/osconf.h ; then
echo "FATAL: runstatedir not set properly: $(grep KDC_RUN_DIR include/osconf.h)"
exit 1
fi
# Install:
make install DESTDIR=$PKG || exit 1
# Don't ship .la files:
rm -f $PKG/{,usr/}lib${LIBDIRSUFFIX}/*.la
# Fix perms on shared objects:
find $PKG/usr/lib${LIBDIRSUFFIX} -name "*.so*" -exec chmod 755 "{}" \+
# Install init scripts:
mkdir -p $PKG/etc/rc.d
cp -a $CWD/conf/rc.kadmind $PKG/etc/rc.d/rc.kadmind.new
cp -a $CWD/conf/rc.kpropd $PKG/etc/rc.d/rc.kpropd.new
cp -a $CWD/conf/rc.krb5kdc $PKG/etc/rc.d/rc.krb5kdc.new
chown root:root $PKG/etc/rc.d/*
chmod 644 $PKG/etc/rc.d/*
# Install default options:
mkdir -p $PKG/etc/default
cp -a $CWD/conf/kadmind $PKG/etc/default/kadmind.new
cp -a $CWD/conf/kpropd $PKG/etc/default/kpropd.new
cp -a $CWD/conf/krb5kdc $PKG/etc/default/krb5kdc.new
chown root:root $PKG/etc/default/*
chmod 644 $PKG/etc/default/*
# Install example config files:
mkdir -p $PKG/etc
cp -a $CWD/conf/krb5.conf.example $PKG/etc/krb5.conf.example
chown root:root $PKG/etc/krb5.conf.example
chmod 644 $PKG/etc/krb5.conf.example
mkdir -p /var/kerberos/krb5kdc
cp -a $CWD/conf/kdc.conf.example $PKG/var/kerberos/krb5kdc/kdc.conf.example
chown root:root $PKG/var/kerberos/krb5kdc/kdc.conf.example
chmod 644 $PKG/var/kerberos/krb5kdc/kdc.conf.example
# Move examples to the documentation directory:
mkdir -p $PKG/usr/doc/${PKGNAM}-${VERSION}/examples
mv $PKG/usr/share/examples/krb5/* $PKG/usr/doc/${PKGNAM}-${VERSION}/examples
rmdir $PKG/usr/share/examples/krb5 $PKG/usr/share/examples 2> /dev/null
# Move some libraries to $PKG/lib${LIBDIRSUFFIX}:
mkdir -p $PKG/lib${LIBDIRSUFFIX}
( cd $PKG/usr/lib${LIBDIRSUFFIX}
for lib in libgssapi_krb5 libkrb5 libk5crypto libkrb5support ; do
mv ${lib}.so.?.* ../../lib${LIBDIRSUFFIX}
ln -sf ../../lib${LIBDIRSUFFIX}/${lib}.so.?.* .
cp -a ${lib}.so.? ../../lib${LIBDIRSUFFIX}
done
)
find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | grep ELF \
| cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true
rm -rf $PKG/usr/man/cat{1,5,8}
# Compress and link manpages, if any:
if [ -d $PKG/usr/man ]; then
( cd $PKG/usr/man
for manpagedir in $(find . -type d -name "man*") ; do
( cd $manpagedir
for eachpage in $( find . -type l -maxdepth 1 | grep -v '\.gz$') ; do
ln -s $( readlink $eachpage ).gz $eachpage.gz
rm $eachpage
done
gzip -9 *.?
)
done
)
fi
# krb5 ships with a ton of docs, but for now we'll just include these:
mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION
cp -a \
../NOTICE* ../README* \
$PKG/usr/doc/$PKGNAM-$VERSION
mkdir -p $PKG/install
zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh
cat $CWD/slack-desc > $PKG/install/slack-desc
cd $PKG
/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz

1
source/n/krb5/krb5.url Normal file
View file

@ -0,0 +1 @@
http://web.mit.edu/kerberos/dist/krb5/

View file

@ -0,0 +1,23 @@
From 6c5c66b807cabaf71a56d1a630ea3b47344f81b4 Mon Sep 17 00:00:00 2001
From: Robbie Harwood <rharwood@redhat.com>
Date: Thu, 10 Nov 2016 13:20:49 -0500
Subject: [PATCH] Build with -Werror-implicit-int where supported
(cherry picked from commit 873d864230c9c64c65ff12a24199bac3adf3bc2f)
---
src/aclocal.m4 | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/aclocal.m4 b/src/aclocal.m4
index 2bfb994..da1d6d8 100644
--- a/src/aclocal.m4
+++ b/src/aclocal.m4
@@ -529,7 +529,7 @@ if test "$GCC" = yes ; then
TRY_WARN_CC_FLAG(-Wno-format-zero-length)
# Other flags here may not be supported on some versions of
# gcc that people want to use.
- for flag in overflow strict-overflow missing-format-attribute missing-prototypes return-type missing-braces parentheses switch unused-function unused-label unused-variable unused-value unknown-pragmas sign-compare newline-eof error=uninitialized error=pointer-arith error=int-conversion error=incompatible-pointer-types error=discarded-qualifiers ; do
+ for flag in overflow strict-overflow missing-format-attribute missing-prototypes return-type missing-braces parentheses switch unused-function unused-label unused-variable unused-value unknown-pragmas sign-compare newline-eof error=uninitialized error=pointer-arith error=int-conversion error=incompatible-pointer-types error=discarded-qualifiers error=implicit-int ; do
TRY_WARN_CC_FLAG(-W$flag)
done
# old-style-definition? generates many, many warnings

View file

@ -0,0 +1,21 @@
From 0fb88f451f25c4bf923248c9e13dd79f658c743a Mon Sep 17 00:00:00 2001
From: Robbie Harwood <rharwood@redhat.com>
Date: Tue, 23 Aug 2016 16:52:01 -0400
Subject: [PATCH] krb5-1.11-kpasswdtest.patch
---
src/kadmin/testing/proto/krb5.conf.proto | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/kadmin/testing/proto/krb5.conf.proto b/src/kadmin/testing/proto/krb5.conf.proto
index 00c4429..9c4bc1d 100644
--- a/src/kadmin/testing/proto/krb5.conf.proto
+++ b/src/kadmin/testing/proto/krb5.conf.proto
@@ -9,6 +9,7 @@
__REALM__ = {
kdc = __KDCHOST__:1750
admin_server = __KDCHOST__:1751
+ kpasswd_server = __KDCHOST__:1752
database_module = foobar_db2_module_blah
}

View file

@ -0,0 +1,44 @@
From 308f3826d44ab9ee114fc7d1c4fb61e9005025ad Mon Sep 17 00:00:00 2001
From: Robbie Harwood <rharwood@redhat.com>
Date: Tue, 23 Aug 2016 16:49:57 -0400
Subject: [PATCH] krb5-1.11-run_user_0.patch
A hack: if we're looking at creating a ccache directory directly below
the /run/user/0 directory, and /run/user/0 doesn't exist, try to create
it, too.
---
src/lib/krb5/ccache/cc_dir.c | 14 ++++++++++++++
1 file changed, 14 insertions(+)
diff --git a/src/lib/krb5/ccache/cc_dir.c b/src/lib/krb5/ccache/cc_dir.c
index 73f0fe6..4850c0d 100644
--- a/src/lib/krb5/ccache/cc_dir.c
+++ b/src/lib/krb5/ccache/cc_dir.c
@@ -61,6 +61,8 @@
#include <dirent.h>
+#define ROOT_SPECIAL_DCC_PARENT "/run/user/0"
+
extern const krb5_cc_ops krb5_dcc_ops;
extern const krb5_cc_ops krb5_fcc_ops;
@@ -237,6 +239,18 @@ verify_dir(krb5_context context, const char *dirname)
if (stat(dirname, &st) < 0) {
if (errno == ENOENT) {
+ if (strncmp(dirname, ROOT_SPECIAL_DCC_PARENT "/",
+ sizeof(ROOT_SPECIAL_DCC_PARENT)) == 0 &&
+ stat(ROOT_SPECIAL_DCC_PARENT, &st) < 0 &&
+ errno == ENOENT) {
+#ifdef USE_SELINUX
+ selabel = krb5int_push_fscreatecon_for(ROOT_SPECIAL_DCC_PARENT);
+#endif
+ status = mkdir(ROOT_SPECIAL_DCC_PARENT, S_IRWXU);
+#ifdef USE_SELINUX
+ krb5int_pop_fscreatecon(selabel);
+#endif
+ }
#ifdef USE_SELINUX
selabel = krb5int_push_fscreatecon_for(dirname);
#endif

View file

@ -0,0 +1,37 @@
From e08681c1315628c8202d103de09325ed4881d1a5 Mon Sep 17 00:00:00 2001
From: Robbie Harwood <rharwood@redhat.com>
Date: Tue, 23 Aug 2016 16:47:00 -0400
Subject: [PATCH] krb5-1.12-api.patch
Reference docs don't define what happens if you call krb5_realm_compare() with
malformed krb5_principal structures. Define a behavior which keeps it from
crashing if applications don't check ahead of time.
---
src/lib/krb5/krb/princ_comp.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/src/lib/krb5/krb/princ_comp.c b/src/lib/krb5/krb/princ_comp.c
index a693610..0ed7883 100644
--- a/src/lib/krb5/krb/princ_comp.c
+++ b/src/lib/krb5/krb/princ_comp.c
@@ -36,6 +36,10 @@ realm_compare_flags(krb5_context context,
const krb5_data *realm1 = &princ1->realm;
const krb5_data *realm2 = &princ2->realm;
+ if (princ1 == NULL || princ2 == NULL)
+ return FALSE;
+ if (realm1 == NULL || realm2 == NULL)
+ return FALSE;
if (realm1->length != realm2->length)
return FALSE;
if (realm1->length == 0)
@@ -88,6 +92,9 @@ krb5_principal_compare_flags(krb5_context context,
krb5_principal upn2 = NULL;
krb5_boolean ret = FALSE;
+ if (princ1 == NULL || princ2 == NULL)
+ return FALSE;
+
if (flags & KRB5_PRINCIPAL_COMPARE_ENTERPRISE) {
/* Treat UPNs as if they were real principals */
if (princ1->type == KRB5_NT_ENTERPRISE_PRINCIPAL) {

View file

@ -0,0 +1,22 @@
From 13918214c30b97aaef5d816a3d266be0ec13147e Mon Sep 17 00:00:00 2001
From: Robbie Harwood <rharwood@redhat.com>
Date: Tue, 23 Aug 2016 16:32:09 -0400
Subject: [PATCH] krb5-1.12-ksu-path.patch
Set the default PATH to the one set by login.
---
src/clients/ksu/Makefile.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/clients/ksu/Makefile.in b/src/clients/ksu/Makefile.in
index 5755bb5..9d58f29 100644
--- a/src/clients/ksu/Makefile.in
+++ b/src/clients/ksu/Makefile.in
@@ -1,6 +1,6 @@
mydir=clients$(S)ksu
BUILDTOP=$(REL)..$(S)..
-DEFINES = -DGET_TGT_VIA_PASSWD -DPRINC_LOOK_AHEAD -DCMD_PATH='"/bin /local/bin"'
+DEFINES = -DGET_TGT_VIA_PASSWD -DPRINC_LOOK_AHEAD -DCMD_PATH='"/usr/local/sbin /usr/local/bin /sbin /bin /usr/sbin /usr/bin"'
KSU_LIBS=@KSU_LIBS@
PAM_LIBS=@PAM_LIBS@

View file

@ -0,0 +1,366 @@
From e2f52b93c6a6257a76ac37d3c7d63ea3099dd89c Mon Sep 17 00:00:00 2001
From: Robbie Harwood <rharwood@redhat.com>
Date: Tue, 23 Aug 2016 16:33:53 -0400
Subject: [PATCH] krb5-1.12-ktany.patch
Adds an "ANY" keytab type which is a list of other keytab locations to search
when searching for a specific entry. When iterated through, it only presents
the contents of the first keytab.
---
src/lib/krb5/keytab/Makefile.in | 3 +
src/lib/krb5/keytab/kt_any.c | 292 ++++++++++++++++++++++++++++++++++++++++
src/lib/krb5/keytab/ktbase.c | 7 +-
3 files changed, 301 insertions(+), 1 deletion(-)
create mode 100644 src/lib/krb5/keytab/kt_any.c
diff --git a/src/lib/krb5/keytab/Makefile.in b/src/lib/krb5/keytab/Makefile.in
index 2a8fceb..ffd179f 100644
--- a/src/lib/krb5/keytab/Makefile.in
+++ b/src/lib/krb5/keytab/Makefile.in
@@ -12,6 +12,7 @@ STLIBOBJS= \
ktfr_entry.o \
ktremove.o \
ktfns.o \
+ kt_any.o \
kt_file.o \
kt_memory.o \
kt_srvtab.o \
@@ -24,6 +25,7 @@ OBJS= \
$(OUTPRE)ktfr_entry.$(OBJEXT) \
$(OUTPRE)ktremove.$(OBJEXT) \
$(OUTPRE)ktfns.$(OBJEXT) \
+ $(OUTPRE)kt_any.$(OBJEXT) \
$(OUTPRE)kt_file.$(OBJEXT) \
$(OUTPRE)kt_memory.$(OBJEXT) \
$(OUTPRE)kt_srvtab.$(OBJEXT) \
@@ -36,6 +38,7 @@ SRCS= \
$(srcdir)/ktfr_entry.c \
$(srcdir)/ktremove.c \
$(srcdir)/ktfns.c \
+ $(srcdir)/kt_any.c \
$(srcdir)/kt_file.c \
$(srcdir)/kt_memory.c \
$(srcdir)/kt_srvtab.c \
diff --git a/src/lib/krb5/keytab/kt_any.c b/src/lib/krb5/keytab/kt_any.c
new file mode 100644
index 0000000..1b9b776
--- /dev/null
+++ b/src/lib/krb5/keytab/kt_any.c
@@ -0,0 +1,292 @@
+/*
+ * lib/krb5/keytab/kt_any.c
+ *
+ * Copyright 1998, 1999 by the Massachusetts Institute of Technology.
+ * All Rights Reserved.
+ *
+ * Export of this software from the United States of America may
+ * require a specific license from the United States Government.
+ * It is the responsibility of any person or organization contemplating
+ * export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission. M.I.T. makes no representations about the suitability of
+ * this software for any purpose. It is provided "as is" without express
+ * or implied warranty.
+ *
+ *
+ * krb5_kta_ops
+ */
+
+#include "k5-int.h"
+
+typedef struct _krb5_ktany_data {
+ char *name;
+ krb5_keytab *choices;
+ int nchoices;
+} krb5_ktany_data;
+
+typedef struct _krb5_ktany_cursor_data {
+ int which;
+ krb5_kt_cursor cursor;
+} krb5_ktany_cursor_data;
+
+static krb5_error_code krb5_ktany_resolve
+ (krb5_context,
+ const char *,
+ krb5_keytab *);
+static krb5_error_code krb5_ktany_get_name
+ (krb5_context context,
+ krb5_keytab id,
+ char *name,
+ unsigned int len);
+static krb5_error_code krb5_ktany_close
+ (krb5_context context,
+ krb5_keytab id);
+static krb5_error_code krb5_ktany_get_entry
+ (krb5_context context,
+ krb5_keytab id,
+ krb5_const_principal principal,
+ krb5_kvno kvno,
+ krb5_enctype enctype,
+ krb5_keytab_entry *entry);
+static krb5_error_code krb5_ktany_start_seq_get
+ (krb5_context context,
+ krb5_keytab id,
+ krb5_kt_cursor *cursorp);
+static krb5_error_code krb5_ktany_next_entry
+ (krb5_context context,
+ krb5_keytab id,
+ krb5_keytab_entry *entry,
+ krb5_kt_cursor *cursor);
+static krb5_error_code krb5_ktany_end_seq_get
+ (krb5_context context,
+ krb5_keytab id,
+ krb5_kt_cursor *cursor);
+static void cleanup
+ (krb5_context context,
+ krb5_ktany_data *data,
+ int nchoices);
+
+struct _krb5_kt_ops krb5_kta_ops = {
+ 0,
+ "ANY", /* Prefix -- this string should not appear anywhere else! */
+ krb5_ktany_resolve,
+ krb5_ktany_get_name,
+ krb5_ktany_close,
+ krb5_ktany_get_entry,
+ krb5_ktany_start_seq_get,
+ krb5_ktany_next_entry,
+ krb5_ktany_end_seq_get,
+ NULL,
+ NULL,
+ NULL,
+};
+
+static krb5_error_code
+krb5_ktany_resolve(context, name, id)
+ krb5_context context;
+ const char *name;
+ krb5_keytab *id;
+{
+ const char *p, *q;
+ char *copy;
+ krb5_error_code kerror;
+ krb5_ktany_data *data;
+ int i;
+
+ /* Allocate space for our data and remember a copy of the name. */
+ if ((data = (krb5_ktany_data *)malloc(sizeof(krb5_ktany_data))) == NULL)
+ return(ENOMEM);
+ if ((data->name = (char *)malloc(strlen(name) + 1)) == NULL) {
+ free(data);
+ return(ENOMEM);
+ }
+ strcpy(data->name, name);
+
+ /* Count the number of choices and allocate memory for them. */
+ data->nchoices = 1;
+ for (p = name; (q = strchr(p, ',')) != NULL; p = q + 1)
+ data->nchoices++;
+ if ((data->choices = (krb5_keytab *)
+ malloc(data->nchoices * sizeof(krb5_keytab))) == NULL) {
+ free(data->name);
+ free(data);
+ return(ENOMEM);
+ }
+
+ /* Resolve each of the choices. */
+ i = 0;
+ for (p = name; (q = strchr(p, ',')) != NULL; p = q + 1) {
+ /* Make a copy of the choice name so we can terminate it. */
+ if ((copy = (char *)malloc(q - p + 1)) == NULL) {
+ cleanup(context, data, i);
+ return(ENOMEM);
+ }
+ memcpy(copy, p, q - p);
+ copy[q - p] = 0;
+
+ /* Try resolving the choice name. */
+ kerror = krb5_kt_resolve(context, copy, &data->choices[i]);
+ free(copy);
+ if (kerror) {
+ cleanup(context, data, i);
+ return(kerror);
+ }
+ i++;
+ }
+ if ((kerror = krb5_kt_resolve(context, p, &data->choices[i]))) {
+ cleanup(context, data, i);
+ return(kerror);
+ }
+
+ /* Allocate and fill in an ID for the caller. */
+ if ((*id = (krb5_keytab)malloc(sizeof(**id))) == NULL) {
+ cleanup(context, data, i);
+ return(ENOMEM);
+ }
+ (*id)->ops = &krb5_kta_ops;
+ (*id)->data = (krb5_pointer)data;
+ (*id)->magic = KV5M_KEYTAB;
+
+ return(0);
+}
+
+static krb5_error_code
+krb5_ktany_get_name(context, id, name, len)
+ krb5_context context;
+ krb5_keytab id;
+ char *name;
+ unsigned int len;
+{
+ krb5_ktany_data *data = (krb5_ktany_data *)id->data;
+
+ if (len < strlen(data->name) + 1)
+ return(KRB5_KT_NAME_TOOLONG);
+ strcpy(name, data->name);
+ return(0);
+}
+
+static krb5_error_code
+krb5_ktany_close(context, id)
+ krb5_context context;
+ krb5_keytab id;
+{
+ krb5_ktany_data *data = (krb5_ktany_data *)id->data;
+
+ cleanup(context, data, data->nchoices);
+ id->ops = 0;
+ free(id);
+ return(0);
+}
+
+static krb5_error_code
+krb5_ktany_get_entry(context, id, principal, kvno, enctype, entry)
+ krb5_context context;
+ krb5_keytab id;
+ krb5_const_principal principal;
+ krb5_kvno kvno;
+ krb5_enctype enctype;
+ krb5_keytab_entry *entry;
+{
+ krb5_ktany_data *data = (krb5_ktany_data *)id->data;
+ krb5_error_code kerror = KRB5_KT_NOTFOUND;
+ int i;
+
+ for (i = 0; i < data->nchoices; i++) {
+ if ((kerror = krb5_kt_get_entry(context, data->choices[i], principal,
+ kvno, enctype, entry)) != ENOENT)
+ return kerror;
+ }
+ return kerror;
+}
+
+static krb5_error_code
+krb5_ktany_start_seq_get(context, id, cursorp)
+ krb5_context context;
+ krb5_keytab id;
+ krb5_kt_cursor *cursorp;
+{
+ krb5_ktany_data *data = (krb5_ktany_data *)id->data;
+ krb5_ktany_cursor_data *cdata;
+ krb5_error_code kerror = ENOENT;
+ int i;
+
+ if ((cdata = (krb5_ktany_cursor_data *)
+ malloc(sizeof(krb5_ktany_cursor_data))) == NULL)
+ return(ENOMEM);
+
+ /* Find a choice which can handle the serialization request. */
+ for (i = 0; i < data->nchoices; i++) {
+ if ((kerror = krb5_kt_start_seq_get(context, data->choices[i],
+ &cdata->cursor)) == 0)
+ break;
+ else if (kerror != ENOENT) {
+ free(cdata);
+ return(kerror);
+ }
+ }
+
+ if (i == data->nchoices) {
+ /* Everyone returned ENOENT, so no go. */
+ free(cdata);
+ return(kerror);
+ }
+
+ cdata->which = i;
+ *cursorp = (krb5_kt_cursor)cdata;
+ return(0);
+}
+
+static krb5_error_code
+krb5_ktany_next_entry(context, id, entry, cursor)
+ krb5_context context;
+ krb5_keytab id;
+ krb5_keytab_entry *entry;
+ krb5_kt_cursor *cursor;
+{
+ krb5_ktany_data *data = (krb5_ktany_data *)id->data;
+ krb5_ktany_cursor_data *cdata = (krb5_ktany_cursor_data *)*cursor;
+ krb5_keytab choice_id;
+
+ choice_id = data->choices[cdata->which];
+ return(krb5_kt_next_entry(context, choice_id, entry, &cdata->cursor));
+}
+
+static krb5_error_code
+krb5_ktany_end_seq_get(context, id, cursor)
+ krb5_context context;
+ krb5_keytab id;
+ krb5_kt_cursor *cursor;
+{
+ krb5_ktany_data *data = (krb5_ktany_data *)id->data;
+ krb5_ktany_cursor_data *cdata = (krb5_ktany_cursor_data *)*cursor;
+ krb5_keytab choice_id;
+ krb5_error_code kerror;
+
+ choice_id = data->choices[cdata->which];
+ kerror = krb5_kt_end_seq_get(context, choice_id, &cdata->cursor);
+ free(cdata);
+ return(kerror);
+}
+
+static void
+cleanup(context, data, nchoices)
+ krb5_context context;
+ krb5_ktany_data *data;
+ int nchoices;
+{
+ int i;
+
+ free(data->name);
+ for (i = 0; i < nchoices; i++)
+ krb5_kt_close(context, data->choices[i]);
+ free(data->choices);
+ free(data);
+}
diff --git a/src/lib/krb5/keytab/ktbase.c b/src/lib/krb5/keytab/ktbase.c
index 0d39b29..6534d7c 100644
--- a/src/lib/krb5/keytab/ktbase.c
+++ b/src/lib/krb5/keytab/ktbase.c
@@ -57,14 +57,19 @@ extern const krb5_kt_ops krb5_ktf_ops;
extern const krb5_kt_ops krb5_ktf_writable_ops;
extern const krb5_kt_ops krb5_kts_ops;
extern const krb5_kt_ops krb5_mkt_ops;
+extern const krb5_kt_ops krb5_kta_ops;
struct krb5_kt_typelist {
const krb5_kt_ops *ops;
const struct krb5_kt_typelist *next;
};
+static struct krb5_kt_typelist krb5_kt_typelist_any = {
+ &krb5_kta_ops,
+ NULL
+};
const static struct krb5_kt_typelist krb5_kt_typelist_srvtab = {
&krb5_kts_ops,
- NULL
+ &krb5_kt_typelist_any
};
const static struct krb5_kt_typelist krb5_kt_typelist_memory = {
&krb5_mkt_ops,

View file

@ -0,0 +1,770 @@
From 977d51ce9a5bb37255e87db37353f0d70d6b293d Mon Sep 17 00:00:00 2001
From: Robbie Harwood <rharwood@redhat.com>
Date: Tue, 23 Aug 2016 16:29:58 -0400
Subject: [PATCH] krb5-1.12.1-pam.patch
Modify ksu so that it performs account and session management on behalf of
the target user account, mimicking the action of regular su. The default
service name is "ksu", because on Fedora at least the configuration used
is determined by whether or not a login shell is being opened, and so
this may need to vary, too. At run-time, ksu's behavior can be reset to
the earlier, non-PAM behavior by setting "use_pam" to false in the [ksu]
section of /etc/krb5.conf.
When enabled, ksu gains a dependency on libpam.
Originally RT#5939, though it's changed since then to perform the account
and session management before dropping privileges, and to apply on top of
changes we're proposing for how it handles cache collections.
---
src/aclocal.m4 | 67 ++++++++
src/clients/ksu/Makefile.in | 8 +-
src/clients/ksu/main.c | 88 +++++++++-
src/clients/ksu/pam.c | 389 ++++++++++++++++++++++++++++++++++++++++++++
src/clients/ksu/pam.h | 57 +++++++
src/configure.in | 2 +
6 files changed, 608 insertions(+), 3 deletions(-)
create mode 100644 src/clients/ksu/pam.c
create mode 100644 src/clients/ksu/pam.h
diff --git a/src/aclocal.m4 b/src/aclocal.m4
index 9c46da4..508e5fe 100644
--- a/src/aclocal.m4
+++ b/src/aclocal.m4
@@ -1675,3 +1675,70 @@ AC_DEFUN(KRB5_AC_PERSISTENT_KEYRING,[
]))
])dnl
dnl
+dnl
+dnl Use PAM instead of local crypt() compare for checking local passwords,
+dnl and perform PAM account, session management, and password-changing where
+dnl appropriate.
+dnl
+AC_DEFUN(KRB5_WITH_PAM,[
+AC_ARG_WITH(pam,[AC_HELP_STRING(--with-pam,[compile with PAM support])],
+ withpam="$withval",withpam=auto)
+AC_ARG_WITH(pam-ksu-service,[AC_HELP_STRING(--with-ksu-service,[PAM service name for ksu ["ksu"]])],
+ withksupamservice="$withval",withksupamservice=ksu)
+old_LIBS="$LIBS"
+if test "$withpam" != no ; then
+ AC_MSG_RESULT([checking for PAM...])
+ PAM_LIBS=
+
+ AC_CHECK_HEADERS(security/pam_appl.h)
+ if test "x$ac_cv_header_security_pam_appl_h" != xyes ; then
+ if test "$withpam" = auto ; then
+ AC_MSG_RESULT([Unable to locate security/pam_appl.h.])
+ withpam=no
+ else
+ AC_MSG_ERROR([Unable to locate security/pam_appl.h.])
+ fi
+ fi
+
+ LIBS=
+ unset ac_cv_func_pam_start
+ AC_CHECK_FUNCS(putenv pam_start)
+ if test "x$ac_cv_func_pam_start" = xno ; then
+ unset ac_cv_func_pam_start
+ AC_CHECK_LIB(dl,dlopen)
+ AC_CHECK_FUNCS(pam_start)
+ if test "x$ac_cv_func_pam_start" = xno ; then
+ AC_CHECK_LIB(pam,pam_start)
+ unset ac_cv_func_pam_start
+ unset ac_cv_func_pam_getenvlist
+ AC_CHECK_FUNCS(pam_start pam_getenvlist)
+ if test "x$ac_cv_func_pam_start" = xyes ; then
+ PAM_LIBS="$LIBS"
+ else
+ if test "$withpam" = auto ; then
+ AC_MSG_RESULT([Unable to locate libpam.])
+ withpam=no
+ else
+ AC_MSG_ERROR([Unable to locate libpam.])
+ fi
+ fi
+ fi
+ fi
+ if test "$withpam" != no ; then
+ AC_MSG_NOTICE([building with PAM support])
+ AC_DEFINE(USE_PAM,1,[Define if Kerberos-aware tools should support PAM])
+ AC_DEFINE_UNQUOTED(KSU_PAM_SERVICE,"$withksupamservice",
+ [Define to the name of the PAM service name to be used by ksu.])
+ PAM_LIBS="$LIBS"
+ NON_PAM_MAN=".\\\" "
+ PAM_MAN=
+ else
+ PAM_MAN=".\\\" "
+ NON_PAM_MAN=
+ fi
+fi
+LIBS="$old_LIBS"
+AC_SUBST(PAM_LIBS)
+AC_SUBST(PAM_MAN)
+AC_SUBST(NON_PAM_MAN)
+])dnl
diff --git a/src/clients/ksu/Makefile.in b/src/clients/ksu/Makefile.in
index b2fcbf2..5755bb5 100644
--- a/src/clients/ksu/Makefile.in
+++ b/src/clients/ksu/Makefile.in
@@ -3,12 +3,14 @@ BUILDTOP=$(REL)..$(S)..
DEFINES = -DGET_TGT_VIA_PASSWD -DPRINC_LOOK_AHEAD -DCMD_PATH='"/bin /local/bin"'
KSU_LIBS=@KSU_LIBS@
+PAM_LIBS=@PAM_LIBS@
SRCS = \
$(srcdir)/krb_auth_su.c \
$(srcdir)/ccache.c \
$(srcdir)/authorization.c \
$(srcdir)/main.c \
+ $(srcdir)/pam.c \
$(srcdir)/heuristic.c \
$(srcdir)/xmalloc.c \
$(srcdir)/setenv.c
@@ -17,13 +19,17 @@ OBJS = \
ccache.o \
authorization.o \
main.o \
+ pam.o \
heuristic.o \
xmalloc.o @SETENVOBJ@
all: ksu
ksu: $(OBJS) $(KRB5_BASE_DEPLIBS)
- $(CC_LINK) -o $@ $(OBJS) $(KRB5_BASE_LIBS) $(KSU_LIBS)
+ $(CC_LINK) -o $@ $(OBJS) $(KRB5_BASE_LIBS) $(KSU_LIBS) $(PAM_LIBS)
+
+pam.o: pam.c
+ $(CC) $(ALL_CFLAGS) -c $<
clean:
$(RM) ksu
diff --git a/src/clients/ksu/main.c b/src/clients/ksu/main.c
index 28342c2..cab0c18 100644
--- a/src/clients/ksu/main.c
+++ b/src/clients/ksu/main.c
@@ -26,6 +26,7 @@
* KSU was writen by: Ari Medvinsky, ari@isi.edu
*/
+#include "autoconf.h"
#include "ksu.h"
#include "adm_proto.h"
#include <sys/types.h>
@@ -33,6 +34,10 @@
#include <signal.h>
#include <grp.h>
+#ifdef USE_PAM
+#include "pam.h"
+#endif
+
/* globals */
char * prog_name;
int auth_debug =0;
@@ -40,6 +45,7 @@ char k5login_path[MAXPATHLEN];
char k5users_path[MAXPATHLEN];
char * gb_err = NULL;
int quiet = 0;
+int force_fork = 0;
/***********/
#define KS_TEMPORARY_CACHE "MEMORY:_ksu"
@@ -515,6 +521,23 @@ main (argc, argv)
prog_name,target_user,client_name,
source_user,ontty());
+#ifdef USE_PAM
+ if (appl_pam_enabled(ksu_context, "ksu")) {
+ if (appl_pam_acct_mgmt(KSU_PAM_SERVICE, 1, target_user, NULL,
+ NULL, source_user,
+ ttyname(STDERR_FILENO)) != 0) {
+ fprintf(stderr, "Access denied for %s.\n", target_user);
+ exit(1);
+ }
+ if (appl_pam_requires_chauthtok()) {
+ fprintf(stderr, "Password change required for %s.\n",
+ target_user);
+ exit(1);
+ }
+ force_fork++;
+ }
+#endif
+
/* Run authorization as target.*/
if (krb5_seteuid(target_uid)) {
com_err(prog_name, errno, _("while switching to target for "
@@ -575,6 +598,24 @@ main (argc, argv)
exit(1);
}
+#ifdef USE_PAM
+ } else {
+ /* we always do PAM account management, even for root */
+ if (appl_pam_enabled(ksu_context, "ksu")) {
+ if (appl_pam_acct_mgmt(KSU_PAM_SERVICE, 1, target_user, NULL,
+ NULL, source_user,
+ ttyname(STDERR_FILENO)) != 0) {
+ fprintf(stderr, "Access denied for %s.\n", target_user);
+ exit(1);
+ }
+ if (appl_pam_requires_chauthtok()) {
+ fprintf(stderr, "Password change required for %s.\n",
+ target_user);
+ exit(1);
+ }
+ force_fork++;
+ }
+#endif
}
if( some_rest_copy){
@@ -632,6 +673,30 @@ main (argc, argv)
exit(1);
}
+#ifdef USE_PAM
+ if (appl_pam_enabled(ksu_context, "ksu")) {
+ if (appl_pam_session_open() != 0) {
+ fprintf(stderr, "Error opening session for %s.\n", target_user);
+ exit(1);
+ }
+#ifdef DEBUG
+ if (auth_debug){
+ printf(" Opened PAM session.\n");
+ }
+#endif
+ if (appl_pam_cred_init()) {
+ fprintf(stderr, "Error initializing credentials for %s.\n",
+ target_user);
+ exit(1);
+ }
+#ifdef DEBUG
+ if (auth_debug){
+ printf(" Initialized PAM credentials.\n");
+ }
+#endif
+ }
+#endif
+
/* set permissions */
if (setgid(target_pwd->pw_gid) < 0) {
perror("ksu: setgid");
@@ -729,7 +794,7 @@ main (argc, argv)
fprintf(stderr, "program to be execed %s\n",params[0]);
}
- if( keep_target_cache ) {
+ if( keep_target_cache && !force_fork ) {
execv(params[0], params);
com_err(prog_name, errno, _("while trying to execv %s"), params[0]);
sweep_up(ksu_context, cc_target);
@@ -759,16 +824,35 @@ main (argc, argv)
if (ret_pid == -1) {
com_err(prog_name, errno, _("while calling waitpid"));
}
- sweep_up(ksu_context, cc_target);
+ if( !keep_target_cache ) {
+ sweep_up(ksu_context, cc_target);
+ }
exit (statusp);
case -1:
com_err(prog_name, errno, _("while trying to fork."));
sweep_up(ksu_context, cc_target);
exit (1);
case 0:
+#ifdef USE_PAM
+ if (appl_pam_enabled(ksu_context, "ksu")) {
+ if (appl_pam_setenv() != 0) {
+ fprintf(stderr, "Error setting up environment for %s.\n",
+ target_user);
+ exit (1);
+ }
+#ifdef DEBUG
+ if (auth_debug){
+ printf(" Set up PAM environment.\n");
+ }
+#endif
+ }
+#endif
execv(params[0], params);
com_err(prog_name, errno, _("while trying to execv %s"),
params[0]);
+ if( keep_target_cache ) {
+ sweep_up(ksu_context, cc_target);
+ }
exit (1);
}
}
diff --git a/src/clients/ksu/pam.c b/src/clients/ksu/pam.c
new file mode 100644
index 0000000..cbfe487
--- /dev/null
+++ b/src/clients/ksu/pam.c
@@ -0,0 +1,389 @@
+/*
+ * src/clients/ksu/pam.c
+ *
+ * Copyright 2007,2009,2010 Red Hat, Inc.
+ *
+ * All Rights Reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * Redistributions of source code must retain the above copyright notice, this
+ * list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * Neither the name of Red Hat, Inc. nor the names of its contributors may be
+ * used to endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ *
+ * Convenience wrappers for using PAM.
+ */
+
+#include "autoconf.h"
+#ifdef USE_PAM
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+#include "k5-int.h"
+#include "pam.h"
+
+#ifndef MAXPWSIZE
+#define MAXPWSIZE 128
+#endif
+
+static int appl_pam_started;
+static pid_t appl_pam_starter = -1;
+static int appl_pam_session_opened;
+static int appl_pam_creds_initialized;
+static int appl_pam_pwchange_required;
+static pam_handle_t *appl_pamh;
+static struct pam_conv appl_pam_conv;
+static char *appl_pam_user;
+struct appl_pam_non_interactive_args {
+ const char *user;
+ const char *password;
+};
+
+int
+appl_pam_enabled(krb5_context context, const char *section)
+{
+ int enabled = 1;
+ if ((context != NULL) && (context->profile != NULL)) {
+ if (profile_get_boolean(context->profile,
+ section,
+ USE_PAM_CONFIGURATION_KEYWORD,
+ NULL,
+ enabled, &enabled) != 0) {
+ enabled = 1;
+ }
+ }
+ return enabled;
+}
+
+void
+appl_pam_cleanup(void)
+{
+ if (getpid() != appl_pam_starter) {
+ return;
+ }
+#ifdef DEBUG
+ printf("Called to clean up PAM.\n");
+#endif
+ if (appl_pam_creds_initialized) {
+#ifdef DEBUG
+ printf("Deleting PAM credentials.\n");
+#endif
+ pam_setcred(appl_pamh, PAM_DELETE_CRED);
+ appl_pam_creds_initialized = 0;
+ }
+ if (appl_pam_session_opened) {
+#ifdef DEBUG
+ printf("Closing PAM session.\n");
+#endif
+ pam_close_session(appl_pamh, 0);
+ appl_pam_session_opened = 0;
+ }
+ appl_pam_pwchange_required = 0;
+ if (appl_pam_started) {
+#ifdef DEBUG
+ printf("Shutting down PAM.\n");
+#endif
+ pam_end(appl_pamh, 0);
+ appl_pam_started = 0;
+ appl_pam_starter = -1;
+ free(appl_pam_user);
+ appl_pam_user = NULL;
+ }
+}
+static int
+appl_pam_interactive_converse(int num_msg, const struct pam_message **msg,
+ struct pam_response **presp, void *appdata_ptr)
+{
+ const struct pam_message *message;
+ struct pam_response *resp;
+ int i, code;
+ char *pwstring, pwbuf[MAXPWSIZE];
+ unsigned int pwsize;
+ resp = malloc(sizeof(struct pam_response) * num_msg);
+ if (resp == NULL) {
+ return PAM_BUF_ERR;
+ }
+ memset(resp, 0, sizeof(struct pam_response) * num_msg);
+ code = PAM_SUCCESS;
+ for (i = 0; i < num_msg; i++) {
+ message = &(msg[0][i]); /* XXX */
+ message = msg[i]; /* XXX */
+ pwstring = NULL;
+ switch (message->msg_style) {
+ case PAM_TEXT_INFO:
+ case PAM_ERROR_MSG:
+ printf("[%s]\n", message->msg ? message->msg : "");
+ fflush(stdout);
+ resp[i].resp = NULL;
+ resp[i].resp_retcode = PAM_SUCCESS;
+ break;
+ case PAM_PROMPT_ECHO_ON:
+ case PAM_PROMPT_ECHO_OFF:
+ if (message->msg_style == PAM_PROMPT_ECHO_ON) {
+ if (fgets(pwbuf, sizeof(pwbuf),
+ stdin) != NULL) {
+ pwbuf[strcspn(pwbuf, "\r\n")] = '\0';
+ pwstring = pwbuf;
+ }
+ } else {
+ pwstring = getpass(message->msg ?
+ message->msg :
+ "");
+ }
+ if ((pwstring != NULL) && (pwstring[0] != '\0')) {
+ pwsize = strlen(pwstring);
+ resp[i].resp = malloc(pwsize + 1);
+ if (resp[i].resp == NULL) {
+ resp[i].resp_retcode = PAM_BUF_ERR;
+ } else {
+ memcpy(resp[i].resp, pwstring, pwsize);
+ resp[i].resp[pwsize] = '\0';
+ resp[i].resp_retcode = PAM_SUCCESS;
+ }
+ } else {
+ resp[i].resp_retcode = PAM_CONV_ERR;
+ code = PAM_CONV_ERR;
+ }
+ break;
+ default:
+ break;
+ }
+ }
+ *presp = resp;
+ return code;
+}
+static int
+appl_pam_non_interactive_converse(int num_msg,
+ const struct pam_message **msg,
+ struct pam_response **presp,
+ void *appdata_ptr)
+{
+ const struct pam_message *message;
+ struct pam_response *resp;
+ int i, code;
+ unsigned int pwsize;
+ struct appl_pam_non_interactive_args *args;
+ const char *pwstring;
+ resp = malloc(sizeof(struct pam_response) * num_msg);
+ if (resp == NULL) {
+ return PAM_BUF_ERR;
+ }
+ args = appdata_ptr;
+ memset(resp, 0, sizeof(struct pam_response) * num_msg);
+ code = PAM_SUCCESS;
+ for (i = 0; i < num_msg; i++) {
+ message = &((*msg)[i]);
+ message = msg[i];
+ pwstring = NULL;
+ switch (message->msg_style) {
+ case PAM_TEXT_INFO:
+ case PAM_ERROR_MSG:
+ break;
+ case PAM_PROMPT_ECHO_ON:
+ case PAM_PROMPT_ECHO_OFF:
+ if (message->msg_style == PAM_PROMPT_ECHO_ON) {
+ /* assume "user" */
+ pwstring = args->user;
+ } else {
+ /* assume "password" */
+ pwstring = args->password;
+ }
+ if ((pwstring != NULL) && (pwstring[0] != '\0')) {
+ pwsize = strlen(pwstring);
+ resp[i].resp = malloc(pwsize + 1);
+ if (resp[i].resp == NULL) {
+ resp[i].resp_retcode = PAM_BUF_ERR;
+ } else {
+ memcpy(resp[i].resp, pwstring, pwsize);
+ resp[i].resp[pwsize] = '\0';
+ resp[i].resp_retcode = PAM_SUCCESS;
+ }
+ } else {
+ resp[i].resp_retcode = PAM_CONV_ERR;
+ code = PAM_CONV_ERR;
+ }
+ break;
+ default:
+ break;
+ }
+ }
+ *presp = resp;
+ return code;
+}
+static int
+appl_pam_start(const char *service, int interactive,
+ const char *login_username,
+ const char *non_interactive_password,
+ const char *hostname,
+ const char *ruser,
+ const char *tty)
+{
+ static int exit_handler_registered;
+ static struct appl_pam_non_interactive_args args;
+ int ret = 0;
+ if (appl_pam_started &&
+ (strcmp(login_username, appl_pam_user) != 0)) {
+ appl_pam_cleanup();
+ appl_pam_user = NULL;
+ }
+ if (!appl_pam_started) {
+#ifdef DEBUG
+ printf("Starting PAM up (service=\"%s\",user=\"%s\").\n",
+ service, login_username);
+#endif
+ memset(&appl_pam_conv, 0, sizeof(appl_pam_conv));
+ appl_pam_conv.conv = interactive ?
+ &appl_pam_interactive_converse :
+ &appl_pam_non_interactive_converse;
+ memset(&args, 0, sizeof(args));
+ args.user = strdup(login_username);
+ args.password = non_interactive_password ?
+ strdup(non_interactive_password) :
+ NULL;
+ appl_pam_conv.appdata_ptr = &args;
+ ret = pam_start(service, login_username,
+ &appl_pam_conv, &appl_pamh);
+ if (ret == 0) {
+ if (hostname != NULL) {
+#ifdef DEBUG
+ printf("Setting PAM_RHOST to \"%s\".\n", hostname);
+#endif
+ pam_set_item(appl_pamh, PAM_RHOST, hostname);
+ }
+ if (ruser != NULL) {
+#ifdef DEBUG
+ printf("Setting PAM_RUSER to \"%s\".\n", ruser);
+#endif
+ pam_set_item(appl_pamh, PAM_RUSER, ruser);
+ }
+ if (tty != NULL) {
+#ifdef DEBUG
+ printf("Setting PAM_TTY to \"%s\".\n", tty);
+#endif
+ pam_set_item(appl_pamh, PAM_TTY, tty);
+ }
+ if (!exit_handler_registered &&
+ (atexit(appl_pam_cleanup) != 0)) {
+ pam_end(appl_pamh, 0);
+ appl_pamh = NULL;
+ ret = -1;
+ } else {
+ appl_pam_started = 1;
+ appl_pam_starter = getpid();
+ appl_pam_user = strdup(login_username);
+ exit_handler_registered = 1;
+ }
+ }
+ }
+ return ret;
+}
+int
+appl_pam_acct_mgmt(const char *service, int interactive,
+ const char *login_username,
+ const char *non_interactive_password,
+ const char *hostname,
+ const char *ruser,
+ const char *tty)
+{
+ int ret;
+ appl_pam_pwchange_required = 0;
+ ret = appl_pam_start(service, interactive, login_username,
+ non_interactive_password, hostname, ruser, tty);
+ if (ret == 0) {
+#ifdef DEBUG
+ printf("Calling pam_acct_mgmt().\n");
+#endif
+ ret = pam_acct_mgmt(appl_pamh, 0);
+ switch (ret) {
+ case PAM_IGNORE:
+ ret = 0;
+ break;
+ case PAM_NEW_AUTHTOK_REQD:
+ appl_pam_pwchange_required = 1;
+ ret = 0;
+ break;
+ default:
+ break;
+ }
+ }
+ return ret;
+}
+int
+appl_pam_requires_chauthtok(void)
+{
+ return appl_pam_pwchange_required;
+}
+int
+appl_pam_session_open(void)
+{
+ int ret = 0;
+ if (appl_pam_started) {
+#ifdef DEBUG
+ printf("Opening PAM session.\n");
+#endif
+ ret = pam_open_session(appl_pamh, 0);
+ if (ret == 0) {
+ appl_pam_session_opened = 1;
+ }
+ }
+ return ret;
+}
+int
+appl_pam_setenv(void)
+{
+ int ret = 0;
+#ifdef HAVE_PAM_GETENVLIST
+#ifdef HAVE_PUTENV
+ int i;
+ char **list;
+ if (appl_pam_started) {
+ list = pam_getenvlist(appl_pamh);
+ for (i = 0; ((list != NULL) && (list[i] != NULL)); i++) {
+#ifdef DEBUG
+ printf("Setting \"%s\" in environment.\n", list[i]);
+#endif
+ putenv(list[i]);
+ }
+ }
+#endif
+#endif
+ return ret;
+}
+int
+appl_pam_cred_init(void)
+{
+ int ret = 0;
+ if (appl_pam_started) {
+#ifdef DEBUG
+ printf("Initializing PAM credentials.\n");
+#endif
+ ret = pam_setcred(appl_pamh, PAM_ESTABLISH_CRED);
+ if (ret == 0) {
+ appl_pam_creds_initialized = 1;
+ }
+ }
+ return ret;
+}
+#endif
diff --git a/src/clients/ksu/pam.h b/src/clients/ksu/pam.h
new file mode 100644
index 0000000..0ab7656
--- /dev/null
+++ b/src/clients/ksu/pam.h
@@ -0,0 +1,57 @@
+/*
+ * src/clients/ksu/pam.h
+ *
+ * Copyright 2007,2009,2010 Red Hat, Inc.
+ *
+ * All Rights Reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * Redistributions of source code must retain the above copyright notice, this
+ * list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * Neither the name of Red Hat, Inc. nor the names of its contributors may be
+ * used to endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ *
+ * Convenience wrappers for using PAM.
+ */
+
+#include <krb5.h>
+#ifdef HAVE_SECURITY_PAM_APPL_H
+#include <security/pam_appl.h>
+#endif
+
+#define USE_PAM_CONFIGURATION_KEYWORD "use_pam"
+
+#ifdef USE_PAM
+int appl_pam_enabled(krb5_context context, const char *section);
+int appl_pam_acct_mgmt(const char *service, int interactive,
+ const char *local_username,
+ const char *non_interactive_password,
+ const char *hostname,
+ const char *ruser,
+ const char *tty);
+int appl_pam_requires_chauthtok(void);
+int appl_pam_session_open(void);
+int appl_pam_setenv(void);
+int appl_pam_cred_init(void);
+void appl_pam_cleanup(void);
+#endif
diff --git a/src/configure.in b/src/configure.in
index 037c9f3..daabd12 100644
--- a/src/configure.in
+++ b/src/configure.in
@@ -1336,6 +1336,8 @@ AC_SUBST([VERTO_VERSION])
AC_PATH_PROG(GROFF, groff)
+KRB5_WITH_PAM
+
# Make localedir work in autoconf 2.5x.
if test "${localedir+set}" != set; then
localedir='$(datadir)/locale'

View file

@ -0,0 +1,75 @@
From 0a33cb5ff8f80c62a652bc60860fad375ee58a85 Mon Sep 17 00:00:00 2001
From: Robbie Harwood <rharwood@redhat.com>
Date: Tue, 23 Aug 2016 16:47:44 -0400
Subject: [PATCH] krb5-1.13-dirsrv-accountlock.patch
Treat 'nsAccountLock: true' the same as 'loginDisabled: true'. Updated from
original version filed as RT#5891.
---
src/aclocal.m4 | 9 +++++++++
src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c | 17 +++++++++++++++++
src/plugins/kdb/ldap/libkdb_ldap/ldap_principal.c | 3 +++
3 files changed, 29 insertions(+)
diff --git a/src/aclocal.m4 b/src/aclocal.m4
index f5667c3..2bfb994 100644
--- a/src/aclocal.m4
+++ b/src/aclocal.m4
@@ -1656,6 +1656,15 @@ if test "$with_ldap" = yes; then
AC_MSG_NOTICE(enabling OpenLDAP database backend module support)
OPENLDAP_PLUGIN=yes
fi
+AC_ARG_WITH([dirsrv-account-locking],
+[ --with-dirsrv-account-locking compile 389/Red Hat/Fedora/Netscape Directory Server database backend module],
+[case "$withval" in
+ yes | no) ;;
+ *) AC_MSG_ERROR(Invalid option value --with-dirsrv-account-locking="$withval") ;;
+esac], with_dirsrv_account_locking=no)
+if test $with_dirsrv_account_locking = yes; then
+ AC_DEFINE(HAVE_DIRSRV_ACCOUNT_LOCKING,1,[Define if LDAP KDB interface should heed 389 DS's nsAccountLock attribute.])
+fi
])dnl
dnl
dnl If libkeyutils exists (on Linux) include it and use keyring ccache
diff --git a/src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c b/src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c
index 32efc4f..af8b2db 100644
--- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c
+++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c
@@ -1674,6 +1674,23 @@ populate_krb5_db_entry(krb5_context context, krb5_ldap_context *ldap_context,
ret = krb5_dbe_update_tl_data(context, entry, &userinfo_tl_data);
if (ret)
goto cleanup;
+#ifdef HAVE_DIRSRV_ACCOUNT_LOCKING
+ {
+ krb5_timestamp expiretime=0;
+ char *is_login_disabled=NULL;
+
+ /* LOGIN DISABLED */
+ ret = krb5_ldap_get_string(ld, ent, "nsAccountLock", &is_login_disabled,
+ &attr_present);
+ if (ret)
+ goto cleanup;
+ if (attr_present == TRUE) {
+ if (strcasecmp(is_login_disabled, "TRUE")== 0)
+ entry->attributes |= KRB5_KDB_DISALLOW_ALL_TIX;
+ free (is_login_disabled);
+ }
+ }
+#endif
ret = krb5_read_tkt_policy(context, ldap_context, entry, tktpolname);
if (ret)
diff --git a/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal.c b/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal.c
index d722dbf..5e8e9a8 100644
--- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal.c
+++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal.c
@@ -54,6 +54,9 @@ char *principal_attributes[] = { "krbprincipalname",
"krbLastFailedAuth",
"krbLoginFailedCount",
"krbLastSuccessfulAuth",
+#ifdef HAVE_DIRSRV_ACCOUNT_LOCKING
+ "nsAccountLock",
+#endif
"krbLastPwdChange",
"krbLastAdminUnlock",
"krbPrincipalAuthInd",

View file

@ -0,0 +1,70 @@
From 302fdf788fe4d3895a9dcc0e86f98c09a34ea82a Mon Sep 17 00:00:00 2001
From: Robbie Harwood <rharwood@redhat.com>
Date: Tue, 23 Aug 2016 16:45:26 -0400
Subject: [PATCH] krb5-1.15-beta1-buildconf.patch
Build binaries in this package as RELRO PIEs, libraries as partial RELRO,
and install shared libraries with the execute bit set on them. Prune out
the -L/usr/lib* and PIE flags where they might leak out and affect
apps which just want to link with the libraries. FIXME: needs to check and
not just assume that the compiler supports using these flags.
---
src/build-tools/krb5-config.in | 7 +++++++
src/config/pre.in | 2 +-
src/config/shlib.conf | 5 +++--
3 files changed, 11 insertions(+), 3 deletions(-)
diff --git a/src/build-tools/krb5-config.in b/src/build-tools/krb5-config.in
index c17cb5e..1891dea 100755
--- a/src/build-tools/krb5-config.in
+++ b/src/build-tools/krb5-config.in
@@ -226,6 +226,13 @@ if test -n "$do_libs"; then
-e 's#\$(PTHREAD_CFLAGS)#'"$PTHREAD_CFLAGS"'#' \
-e 's#\$(CFLAGS)##'`
+ if test `dirname $libdir` = /usr ; then
+ lib_flags=`echo $lib_flags | sed -e "s#-L$libdir##" -e "s#$RPATH_FLAG$libdir##"`
+ fi
+ lib_flags=`echo $lib_flags | sed -e "s#-fPIE##g" -e "s#-pie##g"`
+ lib_flags=`echo $lib_flags | sed -e "s#-Wl,-z,relro##g"`
+ lib_flags=`echo $lib_flags | sed -e "s#-Wl,-z,now##g"`
+
if test $library = 'kdb'; then
lib_flags="$lib_flags -lkdb5 $KDB5_DB_LIB"
library=krb5
diff --git a/src/config/pre.in b/src/config/pre.in
index fcea229..d961b56 100644
--- a/src/config/pre.in
+++ b/src/config/pre.in
@@ -185,7 +185,7 @@ INSTALL_PROGRAM=@INSTALL_PROGRAM@ $(INSTALL_STRIP)
INSTALL_SCRIPT=@INSTALL_PROGRAM@
INSTALL_DATA=@INSTALL_DATA@
INSTALL_SHLIB=@INSTALL_SHLIB@
-INSTALL_SETUID=$(INSTALL) $(INSTALL_STRIP) -m 4755 -o root
+INSTALL_SETUID=$(INSTALL) $(INSTALL_STRIP) -m 4755
## This is needed because autoconf will sometimes define @exec_prefix@ to be
## ${prefix}.
prefix=@prefix@
diff --git a/src/config/shlib.conf b/src/config/shlib.conf
index 3e4af6c..2b20c3f 100644
--- a/src/config/shlib.conf
+++ b/src/config/shlib.conf
@@ -423,7 +423,7 @@ mips-*-netbsd*)
# Linux ld doesn't default to stuffing the SONAME field...
# Use objdump -x to examine the fields of the library
# UNDEF_CHECK is suppressed by --enable-asan
- LDCOMBINE='$(CC) -shared -fPIC -Wl,-h,$(LIBPREFIX)$(LIBBASE)$(SHLIBSEXT) $(UNDEF_CHECK)'
+ LDCOMBINE='$(CC) -shared -fPIC -Wl,-h,$(LIBPREFIX)$(LIBBASE)$(SHLIBSEXT) $(UNDEF_CHECK) -Wl,-z,relro -Wl,--warn-shared-textrel'
UNDEF_CHECK='-Wl,--no-undefined'
# $(EXPORT_CHECK) runs export-check.pl when in maintainer mode.
LDCOMBINE_TAIL='-Wl,--version-script binutils.versions $(EXPORT_CHECK)'
@@ -435,7 +435,8 @@ mips-*-netbsd*)
SHLIB_EXPFLAGS='$(SHLIB_RPATH_FLAGS) $(SHLIB_DIRS) $(SHLIB_EXPLIBS)'
PROFFLAGS=-pg
PROG_RPATH_FLAGS='$(RPATH_FLAG)$(PROG_RPATH)'
- CC_LINK_SHARED='$(CC) $(PROG_LIBPATH) $(PROG_RPATH_FLAGS) $(CFLAGS) $(LDFLAGS)'
+ CC_LINK_SHARED='$(CC) $(PROG_LIBPATH) $(PROG_RPATH_FLAGS) $(CFLAGS) -pie -Wl,-z,relro -Wl,-z,now $(LDFLAGS)'
+ INSTALL_SHLIB='${INSTALL} -m755'
CC_LINK_STATIC='$(CC) $(PROG_LIBPATH) $(CFLAGS) $(LDFLAGS)'
CXX_LINK_SHARED='$(CXX) $(PROG_LIBPATH) $(PROG_RPATH_FLAGS) $(CXXFLAGS) $(LDFLAGS)'
CXX_LINK_STATIC='$(CXX) $(PROG_LIBPATH) $(CXXFLAGS) $(LDFLAGS)'

File diff suppressed because it is too large Load diff

View file

@ -0,0 +1,22 @@
From 285e023d996ed1a9dbe77239967b3f56ed2c8075 Mon Sep 17 00:00:00 2001
From: Robbie Harwood <rharwood@redhat.com>
Date: Tue, 23 Aug 2016 16:46:21 -0400
Subject: [PATCH] krb5-1.3.1-dns.patch
We want to be able to use --with-netlib and --enable-dns at the same time.
---
src/aclocal.m4 | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/aclocal.m4 b/src/aclocal.m4
index 607859f..f5667c3 100644
--- a/src/aclocal.m4
+++ b/src/aclocal.m4
@@ -703,6 +703,7 @@ AC_HELP_STRING([--with-netlib=LIBS], use user defined resolver library),
LIBS="$LIBS $withval"
AC_MSG_RESULT("netlib will use \'$withval\'")
fi
+ KRB5_AC_ENABLE_DNS
],dnl
[AC_LIBRARY_NET]
)])dnl

View file

@ -0,0 +1,39 @@
From 792c6e3ce90f8cb374df41abbf3da1631d64045f Mon Sep 17 00:00:00 2001
From: Robbie Harwood <rharwood@redhat.com>
Date: Tue, 23 Aug 2016 16:49:25 -0400
Subject: [PATCH] krb5-1.9-debuginfo.patch
We want to keep these y.tab.c files around because the debuginfo points to
them. It would be more elegant at the end to use symbolic links, but that
could mess up people working in the tree on other things.
---
src/kadmin/cli/Makefile.in | 5 +++++
src/plugins/kdb/ldap/ldap_util/Makefile.in | 2 +-
2 files changed, 6 insertions(+), 1 deletion(-)
diff --git a/src/kadmin/cli/Makefile.in b/src/kadmin/cli/Makefile.in
index adfea6e..d1327e4 100644
--- a/src/kadmin/cli/Makefile.in
+++ b/src/kadmin/cli/Makefile.in
@@ -37,3 +37,8 @@ clean-unix::
# CC_LINK is not meant for compilation and this use may break in the future.
datetest: getdate.c
$(CC_LINK) $(ALL_CFLAGS) -DTEST -o datetest getdate.c
+
+%.c: %.y
+ $(RM) y.tab.c $@
+ $(YACC.y) $<
+ $(CP) y.tab.c $@
diff --git a/src/plugins/kdb/ldap/ldap_util/Makefile.in b/src/plugins/kdb/ldap/ldap_util/Makefile.in
index 8669c24..a22f23c 100644
--- a/src/plugins/kdb/ldap/ldap_util/Makefile.in
+++ b/src/plugins/kdb/ldap/ldap_util/Makefile.in
@@ -20,7 +20,7 @@ $(PROG): $(OBJS) $(KADMSRV_DEPLIBS) $(KRB5_BASE_DEPLIB) $(GETDATE)
getdate.c: $(GETDATE)
$(RM) getdate.c y.tab.c
$(YACC) $(GETDATE)
- $(MV) y.tab.c getdate.c
+ $(CP) y.tab.c getdate.c
install:
$(INSTALL_PROGRAM) $(PROG) ${DESTDIR}$(ADMIN_BINDIR)/$(PROG)

19
source/n/krb5/slack-desc Normal file
View file

@ -0,0 +1,19 @@
# HOW TO EDIT THIS FILE:
# The "handy ruler" below makes it easier to edit a package description. Line
# up the first '|' above the ':' following the base package name, and the '|'
# on the right side marks the last column you can put a character in. You must
# make exactly 11 lines for the formatting to be correct. It's also
# customary to leave one space after the ':'.
|-----handy-ruler------------------------------------------------------|
krb5: krb5 (Network authentication protocol)
krb5:
krb5: Kerberos is a network authentication protocol. It is designed to
krb5: provide strong authentication for client/server applications by using
krb5: secret-key cryptography.
krb5:
krb5: Homepage: http://web.mit.edu/kerberos/
krb5:
krb5:
krb5:
krb5:

View file

@ -1,2 +1,2 @@
lftpget http://us.php.net/distributions/php-7.4.1.tar.xz.asc
lftpget http://us.php.net/distributions/php-7.4.1.tar.xz
lftpget http://us.php.net/distributions/php-7.4.2.tar.xz.asc
lftpget http://us.php.net/distributions/php-7.4.2.tar.xz

View file

@ -26,7 +26,7 @@ cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=samba
VERSION=${VERSION:-$(echo samba-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
BUILD=${BUILD:-2}
BUILD=${BUILD:-1}
if [ -e $CWD/machine.conf ]; then
. $CWD/machine.conf ]

View file

@ -1,2 +1,2 @@
https://download.samba.org/pub/samba/stable/samba-4.11.4.tar.gz
https://download.samba.org/pub/samba/stable/samba-4.11.4.tar.asc
https://download.samba.org/pub/samba/stable/samba-4.11.5.tar.gz
https://download.samba.org/pub/samba/stable/samba-4.11.5.tar.asc