summaryrefslogtreecommitdiffstats
path: root/source/a/util-linux
diff options
context:
space:
mode:
author Patrick J Volkerding <volkerdi@slackware.com>2020-06-13 20:40:31 +0000
committer Eric Hameleers <alien@slackware.com>2020-06-14 08:59:53 +0200
commit0959f2bb54a685807217ea93b53db25a8ce9181e (patch)
treeda80cc426ce1136cac13dc613a6c11c43baada9c /source/a/util-linux
parentbf14db28cb4ba1b9bcb3e355ce067b61220d7289 (diff)
downloadcurrent-0959f2bb54a685807217ea93b53db25a8ce9181e.tar.gz
current-0959f2bb54a685807217ea93b53db25a8ce9181e.tar.xz
Sat Jun 13 20:40:31 UTC 202020200613204031
a/pam-1.4.0-x86_64-1.txz: Upgraded. IMPORTANT NOTE: This update removes the pam_cracklib and pam_tally2 modules. None of our current configuration files in /etc/pam.d/ use either of those, but if the configuration files on your machine do you'll need to comment out or remove those lines, otherwise you may experience login failures. a/shadow-4.8.1-x86_64-9.txz: Rebuilt. /etc/pam.d/system-auth: prefix lines that call pam_gnome_keyring.so with '-' to avoid spamming the logs about failures. a/sysvinit-scripts-2.1-noarch-32.txz: Rebuilt. rc.S: create /var/run/faillock directory for pam_faillock(8). a/util-linux-2.35.2-x86_64-2.txz: Rebuilt. /etc/pam.d/login: change the example for locking an account for too many failed login attempts to use pam_faillock instead of pam_tally2. l/imagemagick-7.0.10_19-x86_64-1.txz: Upgraded. l/libzip-1.7.1-x86_64-1.txz: Upgraded. n/openssh-8.3p1-x86_64-2.txz: Rebuilt. /etc/pam.d/sshd: change the example for locking an account for too many failed login attempts to use pam_faillock instead of pam_tally2.
Diffstat (limited to 'source/a/util-linux')
-rw-r--r--source/a/util-linux/pam.d/login11
-rwxr-xr-xsource/a/util-linux/util-linux.SlackBuild2
2 files changed, 9 insertions, 4 deletions
diff --git a/source/a/util-linux/pam.d/login b/source/a/util-linux/pam.d/login
index 9209ef5bf..1e965f11e 100644
--- a/source/a/util-linux/pam.d/login
+++ b/source/a/util-linux/pam.d/login
@@ -1,9 +1,14 @@
#%PAM-1.0
auth required pam_securetty.so
-# To set a limit on failed authentications, the pam_tally2 module
-# can be enabled. See pam_tally2(8) for options.
-#auth required pam_tally2.so deny=4 unlock_time=1200
+# When using pam_faillock, print a message to the user if the account is
+# locked. This lets the user know what is going on, but it also potentially
+# gives additional information to attackers:
+#auth requisite pam_faillock.so preauth
auth include system-auth
+# To set a limit on failed authentications, the pam_faillock module
+# can be enabled. See pam_faillock(8) for more information.
+#auth [default=die] pam_faillock.so authfail
+#auth sufficient pam_faillock.so authsucc
auth include postlogin
account required pam_nologin.so
account include system-auth
diff --git a/source/a/util-linux/util-linux.SlackBuild b/source/a/util-linux/util-linux.SlackBuild
index 1467bc42e..3c33fe586 100755
--- a/source/a/util-linux/util-linux.SlackBuild
+++ b/source/a/util-linux/util-linux.SlackBuild
@@ -26,7 +26,7 @@ cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=util-linux
VERSION=${VERSION:-$(echo util-linux*.tar.xz | cut -d - -f 3 | rev | cut -f 3- -d . | rev)}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
ADJTIMEXVERS=1.29
SETSERIALVERS=2.17