8.164. pam


Updated pam packages that fix several bugs are now available for Red Hat Enterprise Linux 6.
Pluggable Authentication Modules (PAM) provide a system to set up authentication policies without the need to recompile programs to handle authentication.

Bug Fixes

BZ#947011
The pam_unix module contained an "off-by-one" error when comparing the date of user account expiration with the current date. In this situation, the real expiration of the account happened a day after the date specified by the "chage -E" command. This update fixes the "off-by-one" error and user accounts now expire on the date set by the "chage -E" command.
BZ#1120099
The pam_unix and pam_pwhistory modules did not properly handle missing fields in the entries in the /etc/security/opasswd file. As a consequence, if some of the fields were not present in a user's entry, changing the password for example with the passwd command could result in a segmentation fault. This bug has been fixed and pam_unix and pam_pwhistory now properly handle missing fields in the entries in /etc/security/opasswd.
BZ#1054936
Previously, the pam_limits module did not verify whether the process referenced in the /var/run/utmp file as the login process still existed. As a consequence, when the user had the "maxlogins" limit set in the limits.conf file and the login session process terminated unexpectedly and also did not update the utmp file correctly, the user did not have access to the system even if some of his previous login session no longer existed due to the crash. After this update, pam_limits tests whether the login process still exists on the system. As a result, the number of existing login sessions is counted more precisely when the "maxlogins" limit is applied by the pam_limits module.
BZ#1119289
Previously, the pam_userdb module handled the call to the crypt() function too strictly not to expect modern crypt hash formats. As a consequence, pam_userdb was not able to support any other hash algorithms supported by the glibc library for the user password hashes. This update improves the code handling the crypt() function. Now, pam_userdb supports any password hash formats supported by the glibc crypt() function.
Users of pam are advised to upgrade to these updated packages, which fix these bugs.
Red Hat logoGithubRedditYoutubeTwitter

詳細情報

試用、購入および販売

コミュニティー

Red Hat ドキュメントについて

Red Hat をお使いのお客様が、信頼できるコンテンツが含まれている製品やサービスを活用することで、イノベーションを行い、目標を達成できるようにします。

多様性を受け入れるオープンソースの強化

Red Hat では、コード、ドキュメント、Web プロパティーにおける配慮に欠ける用語の置き換えに取り組んでいます。このような変更は、段階的に実施される予定です。詳細情報: Red Hat ブログ.

会社概要

Red Hat は、企業がコアとなるデータセンターからネットワークエッジに至るまで、各種プラットフォームや環境全体で作業を簡素化できるように、強化されたソリューションを提供しています。

© 2024 Red Hat, Inc.