diff --git a/Linux-PAM-allow-disabled-password-aging.patch b/Linux-PAM-allow-disabled-password-aging.patch deleted file mode 100644 index dd145a8..0000000 --- a/Linux-PAM-allow-disabled-password-aging.patch +++ /dev/null @@ -1,31 +0,0 @@ -From 9ebc14085a3ba253598cfaa0d3f0d76ea5ee8ccb Mon Sep 17 00:00:00 2001 -From: Tobias Stoeckmann -Date: Wed, 13 Dec 2023 00:37:29 +0100 -Subject: [PATCH] pam_unix: allow disabled password aging - -According to shadow(5) manual page, an empty sp_lstchg field implies -that password aging is disabled. - -This indeed is in sync with shadow's isexpired function. - -Signed-off-by: Tobias Stoeckmann ---- - modules/pam_unix/passverify.c | 5 +++++ - 1 file changed, 5 insertions(+) - -diff --git a/modules/pam_unix/passverify.c b/modules/pam_unix/passverify.c -index a842b70d3..7993737c9 100644 ---- a/modules/pam_unix/passverify.c -+++ b/modules/pam_unix/passverify.c -@@ -311,6 +311,11 @@ PAMH_ARG_DECL(int check_shadow_expiry, - *daysleft = 0; - return PAM_NEW_AUTHTOK_REQD; - } -+ if (spent->sp_lstchg < 0) { -+ D(("password aging disabled")); -+ *daysleft = 0; -+ return PAM_SUCCESS; -+ } - if (curdays < spent->sp_lstchg) { - pam_syslog(pamh, LOG_DEBUG, - "account %s has password changed in future", diff --git a/pam.spec b/pam.spec index 90050d0..0724d4d 100644 --- a/pam.spec +++ b/pam.spec @@ -15,7 +15,7 @@ Summary: A security tool which provides authentication for applications Name: pam Version: 1.6.0 -Release: 2 +Release: 1 Epoch: 1 # The library is BSD licensed with option to relicense as GPLv2+ - this option is redundant # as the BSD license allows that anyway. pam_timestamp and pam_console modules are GPLv2+, @@ -55,9 +55,6 @@ Patch508: Linux-PAM-0.99.3.0-pamtimestampadm.patch Patch702: Linux-PAM-1.6.0-add-now-missing-nis-constant.patch # (akdengi> add user to default group users which need for Samba Patch801: Linux-PAM-1.1.4-group_add_users.patch -# https://github.com/linux-pam/linux-pam/issues/743 -# https://github.com/linux-pam/linux-pam/commit/9ebc14085a3ba253598cfaa0d3f0d76ea5ee8ccb -Patch802: Linux-PAM-allow-disabled-password-aging.patch %if %{with selinux} BuildRequires: selinux-devel >= 2.1.6-7