File cryptconfig.changes of Package cryptconfig
-------------------------------------------------------------------
Tue Feb 18 14:29:55 UTC 2014 - jmatejek@suse.com
- cryptconfig-0.3-loop0.patch - do not fail if stat'ing /dev/loop0
fails (that probably means module is not loaded)
(bnc#861561 for SLE12, bnc#824087)
-------------------------------------------------------------------
Sat Mar 2 12:14:36 UTC 2013 - seife+obs@b1-systems.com
- fix build with automake-1.13.1
-------------------------------------------------------------------
Fri Sep 30 20:07:51 UTC 2011 - coolo@suse.com
- add libtool as buildrequire to make the spec file more reliable
-------------------------------------------------------------------
Sun Jan 31 21:59:18 UTC 2010 - jengelh@medozas.de
- package baselibs.conf
-------------------------------------------------------------------
Thu Jun 25 12:36:27 CEST 2009 - sbrabec@suse.cz
- Supplement pam-32bit/pam-64bit in baselibs.conf (bnc#354164).
-------------------------------------------------------------------
Wed Feb 18 12:07:50 CET 2009 - mc@suse.de
- write new "fskeyhash" and "cipher" attributes for "volume" in
pam_mount.conf.xml
-------------------------------------------------------------------
Sat Dec 6 07:45:58 CET 2008 - mauro@suse.de
- Updated translations.
-------------------------------------------------------------------
Fri Nov 21 17:35:04 EST 2008 - crivera@suse.de
- Make sure we found a map device before calling
get_mount_point (). This fixes bnc#448200.
-------------------------------------------------------------------
Thu May 22 13:35:20 CEST 2008 - cthiel@suse.de
- fix baselibs.conf
-------------------------------------------------------------------
Thu Apr 10 12:54:45 CEST 2008 - ro@suse.de
- added baselibs.conf file to build xxbit packages
for multilib support
-------------------------------------------------------------------
Wed Mar 5 20:10:17 CET 2008 - crivera@suse.de
- Add a fix for bnc 367255.
-------------------------------------------------------------------
Tue Mar 4 19:32:59 CET 2008 - crivera@suse.de
- Add public data support. We use a very simple approach. We create a
public directory, /home/.$USER. Any public data is moved from the
encrypted home directory to the public directory. We then place symlinks
in the encrypted home directory and the unencrypted home directory that
point to the public data. The public data is available whether the
encrypted home directory is mounted or not.
This is adds two new commands pd-add and pd-remove. They each take a
list of relative or absolute paths rooted in the encrypted home directory.
-------------------------------------------------------------------
Mon Jan 21 21:22:33 CET 2008 - aj@suse.de
- Fix open call.
- Cleanup rpmlint warnings.
-------------------------------------------------------------------
Mon Nov 12 19:34:00 CET 2007 - crivera@suse.de
- Update cryptconfig to use new pam_mount xml config format.
- Use pam-config to modify PAM service files.
-------------------------------------------------------------------
Fri Nov 2 17:19:19 CET 2007 - crivera@suse.de
- Don't fail if some pam service files don't exist. This fixes
326794.
- Use loop ioctls instead of the losetup binary.
- Add memory locking to protect passpharses and key data.
- Allow for sizes like "1G" and "200M" to be given on the command
line.
-------------------------------------------------------------------
Mon Jun 11 11:34:47 CEST 2007 - aj@suse.de
- Change Requires as well.
-------------------------------------------------------------------
Fri Jun 1 11:55:10 CEST 2007 - lnussel@suse.de
- change BuildRequires util-linux-crypto -> cryptsetup
-------------------------------------------------------------------
Fri Mar 30 16:24:07 CEST 2007 - crivera@suse.de
- Fix the copy_user_data() function to make sure dot directories
are getting copied. This fixes 259113.
-------------------------------------------------------------------
Mon Mar 12 18:19:30 CET 2007 - crivera@suse.de
- Implement pam_sm_open_session() and pam_sm_close_session() for
pam_cryptpass. This lets us hook into the session stack, before pam_mount,
to verify that the authtok being used can decrypt the image key. If it
can't then we can prompt for the key password and sync the two. This
provides a much nicer experience for users of non-local auth mechanisms.
This fixes 253683.
- Make root the owner of the unencrypted home directory. This is to avoid
confusion if the user logs in from a service that doesn't have pam_mount
in the stack. This fixes 245698.
- Add a flag, --remove-data, that will remove the data in the user's
unencrypted home directory after it's been copied to the encrypted image.
- Move the list of passwd services to cryptconfig.conf and add gnome-passwd
to the default list.
- Add pam_cryptpass.so to the pam session stack before pam_mount to ensure
that the key file is in sync with the user's password. This fixes 253683.
-------------------------------------------------------------------
Wed Feb 21 20:31:23 CET 2007 - crivera@suse.de
- Remove 'su' from the list of pam config files to edit.
This fixes Bug 245702.
- Add a check against a key file size threshold to avoid interger overflow
attacks. This helps fix 243881.
- Replace chown and g_stat with fchown and fstat to avoid potential
symlink issues. This helps fix 243881.
- Use "--" to prevent user's from adding additional command-line options
to apps that we exec. This helps fix 243881.
- Use flock() to avoid races if multiple instances cryptconfig are running.
- Set our umask to 077. This helps fix 243881.
-------------------------------------------------------------------
Thu Feb 15 00:06:59 CET 2007 - crivera@suse.de
- Use 64-bit version of lseek() when creating and enlarging
images. This fixes 245632.
-------------------------------------------------------------------
Mon Feb 12 22:50:21 CET 2007 - crivera@suse.de
- Search for the full path when looking for the
loop device an image is using.
- Make get_passphrase() stop reading input when it encounters
a new line. This allows cryptconfig to be a little more scriptable
and allows the new unit tests to work.
- Correctly check the return value when adding a key file to an image.
- Only call luks_close() if we've actually setup a map device.
- Don't allow encrypted home directories for the root user.
- Add a mount flag to the open command to allow images to be unlocked
and mounted.
- A few more minor fixes.
-------------------------------------------------------------------
Tue Jan 23 21:48:57 CET 2007 - crivera@suse.de
- Escape the '\' characters in user names when writing to
pam_mount.conf. This allows encrypted directories to work
with Active Directory. This fixes bug 237929.
- Set our umask to 022.
- Merge a patch from dgollub to fix a file creation bug.
- Add O_TRUNC in crappy_rename() when copying across devices.
- Move the pam services list to cryptconf.conf instead of
depending on an internal list. This will allow people to
enable encrypted home dirs with other pam services.
- Use 256 bytes of random data when generating a key instead of 64.
This is why we depend on pam_mount-0.18-32.
-------------------------------------------------------------------
Tue Jan 16 18:44:00 CET 2007 - crivera@suse.de
- Fix a small automake build issue.
-------------------------------------------------------------------
Fri Jan 12 23:22:15 CET 2007 - maw@suse.de
- Feature update (more fate #253)
- Remove cryptconfig-pam_moddir.patch which is now upstream.
-------------------------------------------------------------------
Tue Jan 9 16:10:10 CET 2007 - ro@suse.de
- fix lib64 issue: teach configure about PAM_MODDIR
- work around automake problem
-------------------------------------------------------------------
Mon Jan 8 23:04:47 CET 2007 - maw@suse.de
- Initial import into autobuild (fate #253).