From ffef56590d68c334819ecf26118a257bdafccf6b Mon Sep 17 00:00:00 2001 From: Patrick J Volkerding Date: Mon, 18 May 2020 19:17:21 +0000 Subject: Mon May 18 19:17:21 UTC 2020 Greetings! After three months in /testing, the PAM merge into the main tree is now complete. When updating, be sure to install the new pam, cracklib, and libpwquality packages or you may find yourself locked out of your machine. Otherwise, these changes should be completely transparent and you shouldn't notice any obvious operational differences. Be careful if you make any changes in /etc/pam.d/ - leaving an extra console logged in while testing PAM config changes is a recommended standard procedure. Thanks again to Robby Workman, Vincent Batts, Phantom X, and ivandi for help implementing this. It's not done yet and there will be more fine-tuning of the config files, but now we can move on to build some other updates. Enjoy! a/cracklib-2.9.7-x86_64-1.txz: Added. a/kernel-firmware-20200517_f8d32e4-noarch-1.txz: Upgraded. a/libcgroup-0.41-x86_64-7.txz: Rebuilt. Rebuilt to add PAM support. a/libpwquality-1.4.2-x86_64-1.txz: Added. a/lilo-24.2-x86_64-9.txz: Rebuilt. Enable the "compact" option by default. liloconfig: correctly set the root partition. a/pam-1.3.1-x86_64-1.txz: Added. a/shadow-4.8.1-x86_64-7.txz: Rebuilt. Rebuilt to add PAM support. a/utempter-1.2.0-x86_64-1.txz: Upgraded. a/util-linux-2.35.1-x86_64-6.txz: Rebuilt. Rebuilt to add PAM support. a/xfsprogs-5.6.0-x86_64-2.txz: Rebuilt. Recompiled against icu4c-67.1. ap/at-3.2.1-x86_64-2.txz: Rebuilt. Rebuilt to add PAM support. ap/cups-2.3.3-x86_64-2.txz: Rebuilt. Rebuilt to add PAM support. ap/hplip-3.20.5-x86_64-2.txz: Rebuilt. Rebuilt to add PAM support. ap/mariadb-10.4.13-x86_64-2.txz: Rebuilt. Rebuilt to add PAM support. ap/screen-4.8.0-x86_64-2.txz: Rebuilt. Rebuilt to add PAM support. ap/soma-3.3.0-noarch-1.txz: Upgraded. Thanks to David Woodfall. ap/sqlite-3.31.1-x86_64-2.txz: Rebuilt. Recompiled against icu4c-67.1. ap/sudo-1.9.0-x86_64-2.txz: Rebuilt. Rebuilt to add PAM support. ap/vim-8.2.0788-x86_64-1.txz: Upgraded. d/bison-3.6.2-x86_64-1.txz: Upgraded. d/meson-0.54.2-x86_64-1.txz: Upgraded. d/python-setuptools-46.4.0-x86_64-1.txz: Upgraded. d/vala-0.48.6-x86_64-1.txz: Upgraded. kde/calligra-2.9.11-x86_64-36.txz: Rebuilt. Recompiled against icu4c-67.1. kde/kde-workspace-4.11.22-x86_64-7.txz: Rebuilt. Rebuilt to add PAM support. l/ConsoleKit2-1.2.1-x86_64-4.txz: Rebuilt. Rebuilt to add PAM support. l/boost-1.73.0-x86_64-2.txz: Rebuilt. Recompiled against icu4c-67.1. l/gnome-keyring-3.36.0-x86_64-2.txz: Rebuilt. Rebuilt to add PAM support. l/harfbuzz-2.6.6-x86_64-2.txz: Rebuilt. Recompiled against icu4c-67.1. l/icu4c-67.1-x86_64-1.txz: Upgraded. Shared library .so-version bump. l/imagemagick-7.0.10_13-x86_64-1.txz: Upgraded. l/libcap-2.34-x86_64-2.txz: Rebuilt. Rebuilt to add PAM support. l/libical-3.0.8-x86_64-2.txz: Rebuilt. Recompiled against icu4c-67.1. l/libuv-1.38.0-x86_64-1.txz: Upgraded. l/libvisio-0.1.7-x86_64-3.txz: Rebuilt. Recompiled against icu4c-67.1. l/polkit-0.116-x86_64-3.txz: Rebuilt. Rebuilt to add PAM support. l/qt-4.8.7-x86_64-16.txz: Rebuilt. Recompiled against icu4c-67.1. l/qt5-5.13.2-x86_64-4.txz: Rebuilt. Recompiled against icu4c-67.1. l/qt5-webkit-5.212.0_alpha4-x86_64-2.txz: Rebuilt. Recompiled against icu4c-67.1. l/raptor2-2.0.15-x86_64-9.txz: Rebuilt. Recompiled against icu4c-67.1. l/system-config-printer-1.5.12-x86_64-4.txz: Rebuilt. Rebuilt to add PAM support. l/vte-0.60.2-x86_64-2.txz: Rebuilt. Recompiled against icu4c-67.1. n/cifs-utils-6.10-x86_64-4.txz: Rebuilt. Rebuilt to add PAM support. n/cyrus-sasl-2.1.27-x86_64-4.txz: Rebuilt. Rebuilt to add PAM support. n/dovecot-2.3.10.1-x86_64-1.txz: Upgraded. Rebuilt to add PAM support. Compiled against icu4c-67.1. This update fixes several denial-of-service vulnerabilities. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10957 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10958 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10967 (* Security fix *) n/mutt-1.14.1-x86_64-1.txz: Upgraded. n/netatalk-3.1.12-x86_64-3.txz: Rebuilt. Rebuilt to add PAM support. n/netkit-rsh-0.17-x86_64-3.txz: Rebuilt. Rebuilt to add PAM support. n/nss-pam-ldapd-0.9.11-x86_64-1.txz: Added. n/openssh-8.2p1-x86_64-3.txz: Rebuilt. Rebuilt to add PAM support. n/openvpn-2.4.9-x86_64-2.txz: Rebuilt. Rebuilt to add PAM support. n/pam-krb5-4.9-x86_64-1.txz: Added. n/php-7.4.6-x86_64-2.txz: Rebuilt. Recompiled against icu4c-67.1. n/popa3d-1.0.3-x86_64-4.txz: Rebuilt. Rebuilt to add PAM support. n/postfix-3.5.2-x86_64-1.txz: Upgraded. Compiled against icu4c-67.1. n/ppp-2.4.8-x86_64-2.txz: Rebuilt. Rebuilt to add PAM support. n/proftpd-1.3.6c-x86_64-2.txz: Rebuilt. Rebuilt to add PAM support. n/samba-4.12.2-x86_64-2.txz: Rebuilt. Rebuilt to add PAM support. Recompiled against icu4c-67.1. n/tin-2.4.4-x86_64-2.txz: Rebuilt. Recompiled against icu4c-67.1. n/vsftpd-3.0.3-x86_64-6.txz: Rebuilt. Rebuilt to add PAM support. t/texlive-2019.190626-x86_64-4.txz: Rebuilt. Recompiled against icu4c-67.1. x/vulkan-sdk-1.2.135.0-x86_64-1.txz: Upgraded. x/xdm-1.1.11-x86_64-10.txz: Rebuilt. Rebuilt to add PAM support. x/xisxwayland-1-x86_64-1.txz: Added. xap/sane-1.0.30-x86_64-1.txz: Upgraded. This update fixes several security issues. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12867 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12862 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12863 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12865 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12866 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12861 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12864 (* Security fix *) xap/vim-gvim-8.2.0788-x86_64-1.txz: Upgraded. xap/xlockmore-5.63-x86_64-2.txz: Rebuilt. Rebuilt to add PAM support. xap/xscreensaver-5.44-x86_64-2.txz: Rebuilt. Rebuilt to add PAM support. extra/brltty/brltty-6.1-x86_64-2.txz: Rebuilt. Recompiled against icu4c-67.1. extra/pure-alsa-system/qt5-5.13.2-x86_64-4_alsa.txz: Rebuilt. Recompiled against icu4c-67.1. isolinux/initrd.img: Rebuilt. Added PAM libraries, security modules, and config files. usb-and-pxe-installers/usbboot.img: Rebuilt. Added PAM libraries, security modules, and config files. --- source/a/lilo/liloconfig | 92 +++++++++++++++++++++++++----------------------- 1 file changed, 47 insertions(+), 45 deletions(-) (limited to 'source/a/lilo/liloconfig') diff --git a/source/a/lilo/liloconfig b/source/a/lilo/liloconfig index 81ad2ca0..2129c6e1 100644 --- a/source/a/lilo/liloconfig +++ b/source/a/lilo/liloconfig @@ -2,7 +2,7 @@ # # Copyright 1994, 1998, 1999 Patrick Volkerding, Moorhead, Minnesota USA # Copyright 2002, 2003 Slackware Linux, Inc, Concord, CA -# Copyright 2007, 2008, 2011, 2013, 2018 Patrick Volkerding, Sebeka, Minnesota, USA +# Copyright 2007, 2008, 2011, 2013, 2018, 2020 Patrick Volkerding, Sebeka, Minnesota, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -45,7 +45,7 @@ LILO designed to work with EFI/UEFI systems." \ if [ $? = 1 -o $? = 255 ]; then exit fi - REPLY="`cat $TMP/reply`" + REPLY="$(cat $TMP/reply)" rm -f $TMP/reply if [ "$REPLY" = "skip" ]; then exit @@ -191,7 +191,7 @@ or the standard Linux console?" 0 0 0 \ # "1024x768x16m" "Frame buffer console, 1024x768x16.8m" \ # "1280x1024x16m" "Frame buffer console, 1280x1024x16.8m" \ # "1600x1200x16m" "Frame buffer console, 1600x1200x16.8m" - CONSOLETYPE="`cat $TMP/reply`" + CONSOLETYPE="$(cat $TMP/reply)" if [ "$CONSOLETYPE" = "1600x1200x16m" ]; then CONSOLENUM=799 elif [ "$CONSOLETYPE" = "1600x1200x64k" ]; then @@ -260,7 +260,7 @@ simplelilo() if [ $? = 1 -o $? = 255 ]; then APPEND="" fi - APPEND="`cat $TMP/reply`" + APPEND="$(cat $TMP/reply)" # If we got here, we either don't have boot manager or don't want to use it # Note 3/2018: or OS/2 Boot Manager cruft was removed ;-) @@ -284,7 +284,7 @@ Which option would you like?" \ if [ $? = 1 -o $? = 255 ]; then exit fi - TG="`cat $TMP/reply`" + TG="$(cat $TMP/reply)" rm -r $TMP/reply dialog --infobox "\nScanning partitions and generating /etc/lilo.conf..." 5 57 sleep 1 @@ -292,8 +292,8 @@ Which option would you like?" \ MBR_TARGET=/dev/sda echo $MBR_TARGET > $TMP/LILOMBR cat /proc/partitions | while read LINE ; do - MAJOR="`echo $LINE | cut -f 1 -d ' '`" - MINOR="`echo $LINE | cut -f 2 -d ' '`" + MAJOR="$(echo $LINE | cut -f 1 -d ' ')" + MINOR="$(echo $LINE | cut -f 2 -d ' ')" if [ ! "$MINOR" = "0" -a ! "$MINOR" = "64" ]; then # ignore whole devices to weed out CD drives if [ "$MAJOR" = "3" ]; then MBR_TARGET=/dev/hda @@ -321,9 +321,9 @@ Which option would you like?" \ fi fi done - LILO_TARGET=`cat $TMP/LILOMBR` + LILO_TARGET=$(cat $TMP/LILOMBR) elif [ "$TG" = "Root" ]; then - LILO_TARGET=`echo $ROOT_DEVICE` + LILO_TARGET=$(echo $ROOT_DEVICE) elif [ "$TG" = "Floppy" ]; then LILO_TARGET="/dev/fd0" fi @@ -344,7 +344,8 @@ EOF fi cat << EOF >> $T_PX/etc/lilo.conf boot = $LILO_TARGET -#compact # faster, but won't work on all systems. +# This option loads the kernel and initrd much faster: +compact # Boot BMP Image. # Bitmap in BMP format: 640x480x8 @@ -434,10 +435,10 @@ W95 FAT12 FAT16 HPFS" | grep -v "Ext'd" | grep -v "Extend" | sort )" - DOSP="`echo $DOSP | cut -f 1 -d ' '`" + DOSP="$(echo $DOSP | cut -f 1 -d ' ')" fi if [ ! "$DOSP" = "" ]; then - TABLE="`echo $DOSP | cut -b1-8`" + TABLE="$(echo $DOSP | cut -b1-8)" cat << EOF >> $T_PX/etc/lilo.conf # Windows bootable partition config begins other = $DOSP @@ -448,8 +449,8 @@ EOF echo "Windows - (Windows FAT/NTFS partition)" >> $T_PX/boot/boot_message.txt fi # Next, we search for Linux partitions: - LNXP="`PROBE -l | grep "Linux$"`" - LNXP="`echo $LNXP | cut -f 1 -d ' ' | sort`" + LNXP="$(PROBE -l | grep "Linux$")" + LNXP="$(echo $LNXP | cut -f 1 -d ' ' | sort)" if [ ! "$LNXP" = "" ]; then cat << EOF >> $T_PX/etc/lilo.conf # Linux bootable partition config begins @@ -463,10 +464,10 @@ EOF fi # DEAD CODE, BUT IN CASE OS/2 MAKES A COMEBACK! # # OK, hopefully we can remember how to deal with OS/2 :^) -# OS2P="`PROBE -l | grep "HPFS"`" -# OS2P="`echo $OS2P | cut -f 1 -d ' ' | sort`" +# OS2P="$(PROBE -l | grep "HPFS")" +# OS2P="$(echo $OS2P | cut -f 1 -d ' ' | sort)" # if [ ! "$OS2P" = "" ]; then -# TABLE="`echo $OS2P | cut -b1-8`" +# TABLE="$(echo $OS2P | cut -b1-8)" # if [ "$TABLE" = "/dev/hda" ]; then # cat << EOF >> $T_PX/etc/lilo.conf ## OS/2 bootable partition config begins @@ -635,13 +636,13 @@ EOF # 'probe()' borrowed from LILO QuickInst. probe() { - [ ! -z "`dd if=$1 bs=1 count=1 2>/dev/null | tr '\0' x`" ] + [ ! -z "$(dd if=$1 bs=1 count=1 2>/dev/null | tr '\0' x)" ] return } # Figure out if we're installing from the hard drive if [ -r $TMP/SeTT_PX ]; then - T_PX="`cat $TMP/SeTT_PX`" + T_PX="$(cat $TMP/SeTT_PX)" else if [ "$T_PX" = "" -a ! "$1" = "" ]; then T_PX=$1 @@ -658,9 +659,9 @@ LNX="no" # this means no Linux partition has been defined as bootable ROOT_DEVICE=$2 if [ "$ROOT_DEVICE" = "" ]; then if [ -r $TMP/SeTrootdev ]; then - ROOT_DEVICE="`cat $TMP/SeTrootdev`" + ROOT_DEVICE="$(cat $TMP/SeTrootdev)" else - ROOT_DEVICE="`mount | cut -f 1 -d " " | sed -n "1 p"`" + ROOT_DEVICE="$(mount | grep " on $T_PX " | cut -f 1 -d " " | head -n 1)" fi fi # Figure out where the kernel is: @@ -707,7 +708,7 @@ it later with the 'liloconfig' command. Which option would you like?" \ if [ $? = 1 -o $? = 255 ]; then exit fi - REPLY="`cat $TMP/reply`" + REPLY="$(cat $TMP/reply)" rm -f $TMP/reply if [ "$REPLY" = "skip" ]; then exit @@ -737,7 +738,7 @@ Which option would you like?" 21 73 8 \ if [ $? = 1 -o $? = 255 ]; then REPLY="Skip" else - REPLY="`cat $TMP/reply`" + REPLY="$(cat $TMP/reply)" fi rm -r $TMP/reply if [ "$REPLY" = "Begin" ]; then @@ -747,7 +748,7 @@ Which option would you like?" 21 73 8 \ HDR="no" continue; else - APPEND="`cat $TMP/reply`" + APPEND="$(cat $TMP/reply)" fi #ask_utf; #if [ $? = 1 -o $? = 255 ]; then @@ -772,15 +773,15 @@ selection. Please pick a target location:" 15 65 3 \ continue; else LNX="no" - TG="`cat $TMP/reply`" + TG="$(cat $TMP/reply)" fi rm -r $TMP/reply if [ "$TG" = "MBR" ]; then MBR_TARGET=/dev/sda echo $MBR_TARGET > $TMP/LILOMBR cat /proc/partitions | while read LINE ; do - MAJOR="`echo $LINE | cut -f 1 -d ' '`" - MINOR="`echo $LINE | cut -f 2 -d ' '`" + MAJOR="$(echo $LINE | cut -f 1 -d ' ')" + MINOR="$(echo $LINE | cut -f 2 -d ' ')" if [ ! "$MINOR" = "0" -a ! "$MINOR" = "64" ]; then # ignore whole devices to weed out CD drives if [ "$MAJOR" = "3" ]; then MBR_TARGET=/dev/hda @@ -797,17 +798,17 @@ selection. Please pick a target location:" 15 65 3 \ fi fi done - LILO_TARGET=`cat $TMP/LILOMBR` + LILO_TARGET=$(cat $TMP/LILOMBR) dialog --title "CONFIRM LOCATION TO INSTALL LILO" --inputbox \ "The auto-detected location to install the LILO boot block is shown below. \ If you need to make any changes, you can make them below. Otherwise, hit \ ENTER to accept the target location shown." 11 60 $LILO_TARGET 2> $TMP/reply if [ $? = 0 ]; then - LILO_TARGET="`cat $TMP/reply`" + LILO_TARGET="$(cat $TMP/reply)" fi rm -f $TMP/reply elif [ "$TG" = "Root" ]; then - LILO_TARGET=`echo $ROOT_DEVICE` + LILO_TARGET=$(echo $ROOT_DEVICE) elif [ "$TG" = "Floppy" ]; then LILO_TARGET="/dev/fd0" else @@ -826,7 +827,7 @@ default." 13 74 4 \ HDR="no" continue; else - TIMEOUT="`cat $TMP/reply`" + TIMEOUT="$(cat $TMP/reply)" fi rm -r $TMP/reply if [ "$TIMEOUT" = "None" ]; then @@ -852,7 +853,8 @@ default." 13 74 4 \ # Start LILO global section boot = $LILO_TARGET -#compact # faster, but won't work on all systems. +# This option loads the kernel and initrd much faster: +compact EOF # Boot splash @@ -954,7 +956,7 @@ EOF continue fi rm $TMP/tmpmsg - LINUX_PART="`cat $TMP/reply`" + LINUX_PART="$(cat $TMP/reply)" checkp_dialog $LINUX_PART if [ ! $? = 0 ]; then continue; @@ -967,7 +969,7 @@ SINGLE WORD." 11 60 2> $TMP/reply if [ $? = 1 -o $? = 255 ]; then continue fi - LABEL="`cat $TMP/reply`" + LABEL="$(cat $TMP/reply)" cat << EOF >> $TMP/lilo.conf # Linux bootable partition config begins image = $KERNEL @@ -995,13 +997,13 @@ partitions unless you start over with a new LILO header." 6 60 echo >> $TMP/tmpmsg echo "Which one would you like LILO to boot?" >> $TMP/tmpmsg dialog --title "SELECT OS/2 PARTITION" --no-collapse --inputbox \ -"`cat $TMP/tmpmsg`" 20 74 2> $TMP/reply +"$(cat $TMP/tmpmsg)" 20 74 2> $TMP/reply if [ $? = 1 -o $? = 255 ]; then rm $TMP/tmpmsg continue fi rm $TMP/tmpmsg - OS_2_PART="`cat $TMP/reply`" + OS_2_PART="$(cat $TMP/reply)" checkp_dialog $OS_2_PART if [ ! $? = 0 ]; then continue; @@ -1014,9 +1016,9 @@ SINGLE WORD." 11 60 2> $TMP/reply if [ $? = 1 -o $? = 255 ]; then continue fi - LABEL="`cat $TMP/reply`" - TABLE="`echo $OS_2_PART | cut -b1-8`" - if [ "`echo $TABLE | cut -b6-8`" = "hda" ]; then + LABEL="$(cat $TMP/reply)" + TABLE="$(echo $OS_2_PART | cut -b1-8)" + if [ "$(echo $TABLE | cut -b6-8)" = "hda" ]; then cat << EOF >> $TMP/lilo.conf # OS/2 bootable partition config begins other = $OS_2_PART @@ -1061,13 +1063,13 @@ HPFS" | grep -v "Ext'd" | grep -v "Extend" | sort | grep "$($OSPROBER 2> /dev/nu echo >> $TMP/tmpmsg echo "Which one would you like LILO to boot?" >> $TMP/tmpmsg dialog --title "SELECT WINDOWS PARTITION" --no-collapse --inputbox \ -"`cat $TMP/tmpmsg`" 20 74 2> $TMP/reply +"$(cat $TMP/tmpmsg)" 20 74 2> $TMP/reply if [ $? = 1 -o $? = 255 ]; then rm $TMP/tmpmsg continue fi rm $TMP/tmpmsg - DOSPART="`cat $TMP/reply`" + DOSPART="$(cat $TMP/reply)" checkp_dialog $DOSPART if [ ! $? = 0 ]; then continue; @@ -1080,13 +1082,13 @@ SINGLE WORD." 11 60 2> $TMP/reply if [ $? = 1 -o $? = 255 ]; then continue fi - LABEL="`cat $TMP/reply`" + LABEL="$(cat $TMP/reply)" unset USE_LOADER - TABLE="`echo $DOSPART | cut -b1-8`" - if [ "`echo $TABLE | cut -b6-8`" = "hda" ]; then + TABLE="$(echo $DOSPART | cut -b1-8)" + if [ "$(echo $TABLE | cut -b6-8)" = "hda" ]; then USE_LOADER="no" fi - if [ "`echo $TABLE | cut -b6-8`" = "sda" ]; then + if [ "$(echo $TABLE | cut -b6-8)" = "sda" ]; then if probe /dev/hda; then USE_LOADER="yes" else -- cgit v1.2.3