summary refs log tree commit diff
path: root/pkgs/os-specific/linux/pam/default.nix
Commit message (Collapse)AuthorAge
* pam: fix pam_unix autohentication failures when ran as userSergei Trofimovich2023-11-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Commit d0c42dfa "pam: bind Linux-PAM locales from pam-specific folder (upstream patch)" added autoreconfHook269 into one of the postPatch phases. This clobbered the change applied by `suid-wrapper-path.patch` as it was patching Makefile.in. As a result `nixosTests.sway` test started failing as: check pass; user unknown Running `swaylock` on real system exhibited the same result. As `suid-wrapper-path.patch` is clobbered we were running non-suid version of `unix_chkpwd`: /nix/store/...-linux-pam-1.5.2/sbin/unix_chkpwd instead of SUID-wrapped /run/wrappers/bin/unix_chkpw The fix is trivial: move the patch from auto-generated file to `Makefile.am`. Discovered-by: Yureka
* pam: bind Linux-PAM locales from pam-specific folder (upstream patch)Sergei Trofimovich2023-09-01
| | | | | | | | | | | | | | | | | | | | | | | | | | Without the change `pam` packa looks up locales already registered via `bindtextdomain()`: - shadow: /nix/store/ymcln55n92xm25sk2pipqbcp5xghwc3j-shadow-4.13/share/locale/ - glibc: /nix/store/ibp4camsx1mlllwzh32yyqcq2r2xsy1a-glibc-2.37-8/share/locale Note that there is no `pam` pne in the list. The change adds extra lookup location: - linux-pam: /nix/store/k1lvsb3vyw2ijk9naamnay5nwc4mibda-linux-pam-1.5.2/share/locale Before the change: $ LANGUAGE=fi su Password: su: Authentication failure After the change: $ LANGUAGE=fi ./result-su/bin/su Salasana: su: Tunnistautumisvirhe
* pam: add sssd-ldap as a pam tests13412023-05-09
|
* pam: Make libxcrypt a non-optional dependencyMartin Weinelt2023-03-13
| | | | | Our PAM configuration now defaults to yescrypt, which requires libxcrypt.
* pam: enable libxcrypt by defaultFranz Pletz2022-10-09
|
* pam: fix cross-compilation from darwinRyan Burns2022-02-16
| | | | | | audit requires running linux-specific code during the build, so it cannot be cross-compiled from darwin hosts. So we can only enable audit support in pam when the buildPlatform is linux.
* Merge staging-next into staginggithub-actions[bot]2022-01-29
|\
| * linux-pam: make it use SUID wrapped version of unix_ckpwdVladimír Čunát2022-01-28
| |
* | linux-pam: 1.5.1 -> 1.5.2R. RyanTM2022-01-28
|/
* linux-pam: don't create dangling symlink during buildWinter2022-01-01
|
* pam: add audit dependencyMaciej Krüger2021-10-03
| | | | This allows building the pam_tty_audit module, among others
* linux-pam: Optionally build with libxcryptMisha Gusarov2021-02-28
| | | | | | This enables support for new password hashing functions in PAM. A part of #112371.
* pkgsStatic.linux-pam: Remove no longer necessary musl patches.Niklas Hambüchen2021-02-10
| | | | | | | | | | | | | See https://github.com/NixOS/nixpkgs/pull/109906#issuecomment-775630916. These Alpine patches: libpam-fix-build-with-eglibc-2.16.patch fix-compat.patch were removed in: https://git.alpinelinux.org/aports/commit/main/linux-pam?id=9ba93cf3f515b4f0b9b3802b84d42c4e436afe8b
* Merge pull request #109635 from mroi/patch-pamJörg Thalheim2021-02-03
|\ | | | | linux-pam: fix cross compilation on Darwin
| * linux-pam: fix cross compilation on DarwinMichael Roitzsch2021-01-17
| | | | | | | | | | A build-time tool is created, which requires libintl.h. On Linux, libintl.h comes with glibc, but on Darwin, gettext is needed.
* | linux-pam: remove broken musl pam_exec patchPeter Woodman2021-01-19
| | | | | | | | | | | | | | it looks like this build wasn't tested with musl-libc after upgrading to 1.5.1, and has been broken in this configuration since, as the removed patch does not apply cleanly. the good news is it's been fixed upstream, rendering it unnecessary.
* | pkgs/os-specific: stdenv.lib -> libBen Siraphob2021-01-17
|/
* treewide: with stdenv.lib; in meta -> with lib;Profpatsch2021-01-11
| | | | | | | | | | | | | | | | | | | Part of: https://github.com/NixOS/nixpkgs/issues/108938 meta = with stdenv.lib; is a widely used pattern. We want to slowly remove the `stdenv.lib` indirection and encourage people to use `lib` directly. Thus let’s start with the meta field. This used a rewriting script to mostly automatically replace all occurances of this pattern, and add the `lib` argument to the package header if it doesn’t exist yet. The script in its current form is available at https://cs.tvl.fyi/depot@2f807d7f141068d2d60676a89213eaa5353ca6e0/-/blob/users/Profpatsch/nixpkgs-rewriter/default.nix
* pam.passthru.tests: add relevant nixos testsFrederik Rietdijk2021-01-03
|
* pam: 1.3.1 -> 1.5.1Tim Steinbach2020-12-23
|
* treewide: fix broken AlpineLinux repo links (#87892)Lila2020-05-15
|
* treewide: Per RFC45, remove all unquoted URLsMichael Reilly2020-04-10
|
* linux-pam: set sconfigdir to /etc for usage at runtimeMatthew Bauer2019-12-30
| | | | | | | | So users don’t need to override the $out/etc/security files, we need to manually set this to /etc. Override it in the install phase so that we still get the example $out/etc/security files . Fixes #76713
* treewide: name -> pname (easy cases) (#66585)volth2019-08-15
| | | | | | | | | treewide replacement of stdenv.mkDerivation rec { name = "*-${version}"; version = "*"; to pname
* Merge pull request #59747 from dtzWill/fix/pam-1.3.1-muslWill Dietz2019-04-18
|\ | | | | libpam: fix w/musl after update to 1.3.1
| * libpam: fix w/musl after update to 1.3.1Will Dietz2019-04-18
| |
* | pam: 1.3.0 -> 1.3.1Matthias Beyer2019-04-16
|/ | | | Signed-off-by: Matthias Beyer <mail@beyermatthias.de>
* treewide: Remove usage of remaining redundant platform compatability stuffJohn Ericson2018-08-30
| | | | | Want to get this out of here for 18.09, so it can be deprecated thereafter.
* Merge remote-tracking branch 'upstream/master' into stagingJohn Ericson2018-05-14
|\
| * pam: Remove crossAttrsJohn Ericson2018-05-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It turns out none of this stuff is needed. The docs aren't evenly built properly anyways so the build trivially succeeds either way, due to what looks like upstream misunderstanding automake. If I try to build the docs manually in a cross shell (before and after this change), there's a make rule error such that some HTML files aren't even attempted to be built and then a copy fails. Even if this was all fixed, these been a good number of cross fixes upstream getting them to use CC_FOR_BUILD and other good stuff, so I doubt such hacks would be needed. Progress towards #40531 and #33302.
* | pam: build with userdb supportNikolay Amiantov2018-04-26
| |
* | tree-wide: disable `doCheck` and `doInstallCheck` where it fails (the ↵Jan Malakhovski2018-04-25
|/ | | | trivial part)
* pam: depsBuildBuild for buildPackages.stdenv.ccWill Dietz2018-02-13
|
* changes some targetPlatform to hostPlatform checksWill Dietz2018-02-13
|
* linux-pam: fix build w/muslWill Dietz2018-02-13
|
* linux-pam: Add necessary build dependencies for cross-compilationBen Gamari2018-02-13
| | | | | | Ensure that we use the correct `ar` and add explicit dependency on the build CC. (cherry picked from commit 5efb768011f6bce870f4ce814295a399d5a89c10)
* pam: 1.2.1 -> 1.3.0Tuomas Tynkkynen2017-12-03
|
* Getting rid of the var indirection and using a bin path insteadParnell Springmeyer2017-01-29
|
* Addressing PR feedbackParnell Springmeyer2017-01-28
|
* Adapting everything for the merged permissions wrappers work.Parnell Springmeyer2016-09-01
|
* Merge commit staging+systemd into closure-sizeVladimír Čunát2015-10-03
|\ | | | | | | Many non-conflict problems weren't (fully) resolved in this commit yet.
| * pam: 1.2.0 -> 1.2.1William A. Kennington III2015-07-19
| | | | | | | | Fixes CVE-2015-3238
| * pam: 1.1.8 -> 1.2.0William A. Kennington III2015-05-10
| |
* | pam: don't split modulesVladimír Čunát2015-05-05
| | | | | | | | libpam seems to need a reference to the modules anyway.
* | mutiout: make it builtinVladimír Čunát2014-08-30
| |
* | WIP: getting goodVladimír Čunát2014-08-27
| |
* | Merge 'staging' into multiple-outputsVladimír Čunát2014-08-23
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: pkgs/applications/audio/flac/default.nix pkgs/build-support/gcc-wrapper/builder.sh pkgs/development/libraries/apr-util/default.nix pkgs/development/libraries/apr/default.nix pkgs/development/libraries/atk/default.nix pkgs/development/libraries/freetype/default.nix pkgs/development/libraries/gdk-pixbuf/default.nix pkgs/development/libraries/glib/default.nix pkgs/development/libraries/glibc/2.17/builder.sh pkgs/development/libraries/glibc/2.17/locales.nix pkgs/development/libraries/libjpeg/default.nix pkgs/development/libraries/libogg/default.nix pkgs/development/libraries/libsamplerate/default.nix pkgs/development/libraries/libtiff/default.nix pkgs/development/libraries/libvorbis/default.nix pkgs/development/libraries/mesa/default.nix pkgs/development/libraries/pango/default.nix pkgs/development/web/nodejs/default.nix pkgs/os-specific/linux/pam/default.nix pkgs/os-specific/linux/systemd/default.nix pkgs/stdenv/generic/setup.sh pkgs/stdenv/linux/default.nix pkgs/top-level/all-packages.nix pkgs/top-level/release-small.nix
| * pam: upstream patch to fix CVE-2014-2583Vladimír Čunát2014-05-03
| |
| * linux-pam: Update to 1.1.8Eelco Dolstra2014-04-16
| |
* | pam: Split off the PAM modulesEelco Dolstra2013-06-11
|/ | | | Clients of PAM can find the modules via /etc/pam.d.
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-05-14 06:56:01 +0000