From: "Michał Górny" <mgorny@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] repo/gentoo:master commit in: sys-auth/pambase/
Date: Thu, 28 Mar 2019 06:05:45 +0000 (UTC) [thread overview]
Message-ID: <1553752805.e7e2a601e277bbede4f3f4aaf05cc1e49392458c.mgorny@gentoo> (raw)
commit: e7e2a601e277bbede4f3f4aaf05cc1e49392458c
Author: Michał Górny <mgorny <AT> gentoo <DOT> org>
AuthorDate: Thu Mar 28 06:00:05 2019 +0000
Commit: Michał Górny <mgorny <AT> gentoo <DOT> org>
CommitDate: Thu Mar 28 06:00:05 2019 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e7e2a601
sys-auth/pambase: Add zlogene as primary maint
Signed-off-by: Michał Górny <mgorny <AT> gentoo.org>
sys-auth/pambase/metadata.xml | 186 +++++++++++++++++++++---------------------
1 file changed, 95 insertions(+), 91 deletions(-)
diff --git a/sys-auth/pambase/metadata.xml b/sys-auth/pambase/metadata.xml
index 7cd2dea5abe..ac1a717271f 100644
--- a/sys-auth/pambase/metadata.xml
+++ b/sys-auth/pambase/metadata.xml
@@ -1,95 +1,99 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
- <maintainer type="project">
- <email>pam-bugs@gentoo.org</email>
- </maintainer>
- <use>
- <flag name="cracklib">
- Enable pam_cracklib module on system authentication stack. This
- produces warnings when changing password to something easily
- crackable. It requires the same USE flag to be enabled on
- <pkg>sys-libs/pam</pkg> or system login might be impossible.
- </flag>
- <flag name="consolekit">
- Enable pam_ck_connector module on local system logins. This
- allows for console logins to make use of ConsoleKit
- authorization.
- </flag>
- <flag name="elogind">
- Use pam_elogind module to register user sessions with elogind.
- </flag>
- <flag name="systemd">
- Use pam_systemd module to register user sessions in the systemd
- control group hierarchy.
- </flag>
- <flag name="gnome-keyring">
- Enable pam_gnome_keyring module on system login stack. This
- enables proper Gnome Keyring access to logins, whether they are
- done with the login shell, a Desktop Manager or a remote login
- systems such as SSH.
- </flag>
- <flag name="debug">
- Enable debug information logging on syslog(3) for all the
- modules supporting this in the system authentication and system
- login stacks.
- </flag>
- <flag name="passwdqc">
- Enable pam_passwdqc module on system auth stack for password
- quality validation. This is an alternative to pam_cracklib
- producing warnings, rejecting or providing example passwords
- when changing your system password. It is used by default by
- OpenWall GNU/*/Linux and by FreeBSD.
- </flag>
- <flag name="mktemp">
- Enable pam_mktemp module on system auth stack for session
- handling. This module creates a private temporary directory for
- the user, and sets TMP and TMPDIR accordingly.
- </flag>
- <flag name="pam_ssh">
- Enable pam_ssh module on system auth stack for authentication
- and session handling. This module will accept as password the
- passphrase of a private SSH key (one of ~/.ssh/id_rsa,
- ~/.ssh/id_dsa or ~/.ssh/identity), and will spawn an ssh-agent
- instance to cache the open key.
- </flag>
- <flag name="sha512">
- Switch Linux-PAM's pam_unix module to use sha512 for passwords
- hashes rather than MD5. This option requires
- <pkg>sys-libs/pam</pkg> version 1.0.1 built against
- <pkg>sys-libs/glibc</pkg> version 2.7, if it's built against an
- earlier version, it will silently be ignored, and MD5 hashes
- will be used. All the passwords changed after this USE flag is
- enabled will be saved to the shadow file hashed using SHA512
- function. The password previously saved will be left
- untouched. Please note that while SHA512-hashed passwords will
- still be recognised if the USE flag is removed, the shadow file
- will not be compatible with systems using an earlier glibc
- version.
- </flag>
- <flag name="pam_krb5">
- Enable pam_krb5 module on system auth stack, as an alternative
- to pam_unix. If Kerberos authentication succeed, only pam_unix
- will be ignore, and all the other modules will proceed as usual,
- including Gnome Keyring and other session modules. It requires
- <pkg>sys-libs/pam</pkg> as PAM implementation.
- </flag>
- <flag name="minimal">
- Disables the standard PAM modules that provide extra information
- to users on login; this includes pam_tally (and pam_tally2 for
- Linux PAM 1.1 and later), pam_lastlog, pam_motd and other
- similar modules. This might not be a good idea on a multi-user
- system but could reduce slightly the overhead on single-user
- non-networked systems.
- </flag>
- <flag name="nullok">
- Enable the nullok option with the pam_unix module. This allows
- people to login with blank passwords.
- </flag>
- <flag name="securetty">
- Enable pam_securetty module in the login stack. Not generally
- relevant anymore as the login stack only refers to local logins
- and local terminals imply secure access in the first place.
- </flag>
- </use>
+ <maintainer type="person">
+ <email>zlogene@gentoo.org</email>
+ <name>Mikle Kolyada</name>
+ </maintainer>
+ <maintainer type="project">
+ <email>pam-bugs@gentoo.org</email>
+ </maintainer>
+ <use>
+ <flag name="cracklib">
+ Enable pam_cracklib module on system authentication stack. This
+ produces warnings when changing password to something easily
+ crackable. It requires the same USE flag to be enabled on
+ <pkg>sys-libs/pam</pkg> or system login might be impossible.
+ </flag>
+ <flag name="consolekit">
+ Enable pam_ck_connector module on local system logins. This
+ allows for console logins to make use of ConsoleKit
+ authorization.
+ </flag>
+ <flag name="elogind">
+ Use pam_elogind module to register user sessions with elogind.
+ </flag>
+ <flag name="systemd">
+ Use pam_systemd module to register user sessions in the systemd
+ control group hierarchy.
+ </flag>
+ <flag name="gnome-keyring">
+ Enable pam_gnome_keyring module on system login stack. This
+ enables proper Gnome Keyring access to logins, whether they are
+ done with the login shell, a Desktop Manager or a remote login
+ systems such as SSH.
+ </flag>
+ <flag name="debug">
+ Enable debug information logging on syslog(3) for all the
+ modules supporting this in the system authentication and system
+ login stacks.
+ </flag>
+ <flag name="passwdqc">
+ Enable pam_passwdqc module on system auth stack for password
+ quality validation. This is an alternative to pam_cracklib
+ producing warnings, rejecting or providing example passwords
+ when changing your system password. It is used by default by
+ OpenWall GNU/*/Linux and by FreeBSD.
+ </flag>
+ <flag name="mktemp">
+ Enable pam_mktemp module on system auth stack for session
+ handling. This module creates a private temporary directory for
+ the user, and sets TMP and TMPDIR accordingly.
+ </flag>
+ <flag name="pam_ssh">
+ Enable pam_ssh module on system auth stack for authentication
+ and session handling. This module will accept as password the
+ passphrase of a private SSH key (one of ~/.ssh/id_rsa,
+ ~/.ssh/id_dsa or ~/.ssh/identity), and will spawn an ssh-agent
+ instance to cache the open key.
+ </flag>
+ <flag name="sha512">
+ Switch Linux-PAM's pam_unix module to use sha512 for passwords
+ hashes rather than MD5. This option requires
+ <pkg>sys-libs/pam</pkg> version 1.0.1 built against
+ <pkg>sys-libs/glibc</pkg> version 2.7, if it's built against an
+ earlier version, it will silently be ignored, and MD5 hashes
+ will be used. All the passwords changed after this USE flag is
+ enabled will be saved to the shadow file hashed using SHA512
+ function. The password previously saved will be left
+ untouched. Please note that while SHA512-hashed passwords will
+ still be recognised if the USE flag is removed, the shadow file
+ will not be compatible with systems using an earlier glibc
+ version.
+ </flag>
+ <flag name="pam_krb5">
+ Enable pam_krb5 module on system auth stack, as an alternative
+ to pam_unix. If Kerberos authentication succeed, only pam_unix
+ will be ignore, and all the other modules will proceed as usual,
+ including Gnome Keyring and other session modules. It requires
+ <pkg>sys-libs/pam</pkg> as PAM implementation.
+ </flag>
+ <flag name="minimal">
+ Disables the standard PAM modules that provide extra information
+ to users on login; this includes pam_tally (and pam_tally2 for
+ Linux PAM 1.1 and later), pam_lastlog, pam_motd and other
+ similar modules. This might not be a good idea on a multi-user
+ system but could reduce slightly the overhead on single-user
+ non-networked systems.
+ </flag>
+ <flag name="nullok">
+ Enable the nullok option with the pam_unix module. This allows
+ people to login with blank passwords.
+ </flag>
+ <flag name="securetty">
+ Enable pam_securetty module in the login stack. Not generally
+ relevant anymore as the login stack only refers to local logins
+ and local terminals imply secure access in the first place.
+ </flag>
+ </use>
</pkgmetadata>
next reply other threads:[~2019-03-28 6:06 UTC|newest]
Thread overview: 117+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-03-28 6:05 Michał Górny [this message]
-- strict thread matches above, loose matches on Subject: below --
2025-02-28 10:13 [gentoo-commits] repo/gentoo:master commit in: sys-auth/pambase/ Sam James
2025-02-28 10:12 Sam James
2025-02-28 3:43 Sam James
2025-02-23 23:53 Sam James
2024-04-13 6:26 Arthur Zamarin
2024-03-14 9:12 Sam James
2024-03-14 7:36 Arthur Zamarin
2024-03-14 7:34 Sam James
2024-03-14 6:44 Sam James
2024-03-14 6:23 Sam James
2024-03-14 6:11 Sam James
2024-03-14 6:06 Sam James
2024-01-28 8:16 Sam James
2024-01-19 5:49 Sam James
2024-01-19 5:39 Sam James
2023-06-24 1:18 Sam James
2023-01-14 23:11 Sam James
2022-12-11 16:19 Sam James
2022-12-11 12:53 Sam James
2022-10-28 19:53 Sam James
2022-08-08 6:08 Sam James
2022-07-06 6:02 Arthur Zamarin
2022-07-03 8:59 Agostino Sarubbo
2022-07-03 8:52 Agostino Sarubbo
2022-07-03 8:51 Agostino Sarubbo
2022-07-03 8:51 Agostino Sarubbo
2022-07-03 8:50 Agostino Sarubbo
2022-07-03 8:49 Agostino Sarubbo
2022-07-03 8:48 Agostino Sarubbo
2022-02-14 17:14 Sam James
2021-12-19 11:12 Sam James
2021-12-18 17:53 Mikle Kolyada
2021-12-18 17:48 Mikle Kolyada
2021-11-14 12:36 Mikle Kolyada
2021-06-01 19:09 Mikle Kolyada
2021-06-01 19:09 Mikle Kolyada
2021-02-18 16:03 Mikle Kolyada
2021-02-02 20:59 Sam James
2021-02-01 19:08 Mikle Kolyada
2021-02-01 14:01 Mikle Kolyada
2020-12-22 18:39 Mikle Kolyada
2020-12-22 18:20 Mikle Kolyada
2020-11-04 11:01 Mikle Kolyada
2020-11-04 11:01 Mikle Kolyada
2020-11-03 7:38 Sam James
2020-11-03 7:23 Sam James
2020-10-29 20:56 Mikle Kolyada
2020-10-28 19:28 Mikle Kolyada
2020-10-28 17:15 Mikle Kolyada
2020-10-27 0:17 Sam James
2020-10-27 0:17 Sam James
2020-10-20 2:40 Sam James
2020-10-13 18:47 Mikle Kolyada
2020-10-13 18:47 Mikle Kolyada
2020-10-10 15:46 Mikle Kolyada
2020-10-10 9:31 Mikle Kolyada
2020-10-10 9:31 Mikle Kolyada
2020-10-10 9:14 Mikle Kolyada
2020-10-04 19:41 Mikle Kolyada
2020-09-20 12:58 Mikle Kolyada
2020-09-20 8:55 Mikle Kolyada
2020-09-18 2:10 Sam James
2020-09-17 21:15 Mikle Kolyada
2020-08-29 7:13 Mikle Kolyada
2020-08-17 7:52 Mikle Kolyada
2020-08-16 19:02 Mikle Kolyada
2020-08-10 16:23 Mikle Kolyada
2020-08-09 16:20 Mikle Kolyada
2020-08-07 0:11 Sam James
2020-08-06 22:41 Sam James
2020-08-05 9:19 Mikle Kolyada
2020-08-05 9:19 Mikle Kolyada
2020-08-04 16:02 Mikle Kolyada
2020-08-04 15:01 Mikle Kolyada
2020-08-04 14:22 Mikle Kolyada
2020-08-04 9:52 Mikle Kolyada
2020-07-28 15:51 Sam James
2020-07-28 15:47 Sam James
2020-07-03 10:45 David Seifert
2020-07-03 9:55 David Seifert
2020-06-18 10:21 Mikle Kolyada
2020-06-17 18:38 Mikle Kolyada
2020-06-17 18:35 Mikle Kolyada
2020-06-16 18:37 Mikle Kolyada
2020-06-16 16:44 Mikle Kolyada
2020-06-09 13:19 Mikle Kolyada
2020-03-07 7:23 Mikle Kolyada
2019-11-30 10:31 Mikle Kolyada
2019-11-22 11:19 Mikle Kolyada
2019-11-03 17:25 Mikle Kolyada
2019-10-11 15:28 Michał Górny
2019-06-23 10:48 Mikle Kolyada
2019-05-04 11:24 Mikle Kolyada
2019-04-02 13:31 Mikle Kolyada
2019-02-17 16:01 Mikle Kolyada
2019-02-12 13:05 Mikle Kolyada
2018-12-28 3:46 Matt Turner
2018-12-05 15:32 Mart Raudsepp
2018-10-29 1:01 Matt Turner
2018-10-27 18:43 Sergei Trofimovich
2018-10-26 20:19 Sergei Trofimovich
2018-09-29 8:01 Sergei Trofimovich
2018-09-23 16:46 Pacho Ramos
2018-09-23 16:46 Pacho Ramos
2018-08-26 20:35 Michał Górny
2018-01-12 5:32 Mike Frysinger
2017-12-28 22:35 Michael Orlitzky
2017-12-24 21:37 Mikle Kolyada
2017-12-24 19:51 Mikle Kolyada
2017-12-24 19:19 Mikle Kolyada
2017-12-15 9:23 Jason Zaman
2017-12-02 8:21 Markus Meier
2017-11-30 20:19 Tobias Klausmann
2017-11-29 20:28 Sergei Trofimovich
2017-08-16 7:29 Michał Górny
2016-04-18 9:43 Patrice Clement
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1553752805.e7e2a601e277bbede4f3f4aaf05cc1e49392458c.mgorny@gentoo \
--to=mgorny@gentoo.org \
--cc=gentoo-commits@lists.gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox