09 June 2005 W. Michael Petullo * Fix a memory allocation size mistake. 15 May 2005 W. Michael Petullo * Made some changes after an initial test of Mac OS X. 14 May 2005 W. Michael Petullo * Added the ability to use mount points and volumes containing spaces. See the example pam_mount.conf for more information. * Did a little work on the BSD code but I can't test it right now. 28 April 2005 W. Michael Petullo * Fix compile with gcc 4 -- its pickier with signedness. * Updated to dot.conf 1.0.13. 17 April 2005 W. Michael Petullo * Fix log of losetup: claimed it was performing umount. * Allow umount.crypt to support devices with underscores (thanks Sigurd Schneider). 18 March 2005 W. Michael Petullo * Started writting unit tests. 08 February 2005 W. Michael Petullo * Fix build on 64-bit x86 (thanks Rudi Chiarito). 22 January 2005 W. Michael Petullo * Added some OpenSSH-related material to FAQ. 12 December 2004 W. Michael Petullo * Thank you very much to Bastian Kleineidam. Bastian is the Debian package maintainer and submitted patches that implement the following changes: * Add pam_sm_acct_mgmt implementation. * Add stuff needed for static module. * #include in misc.c. * Fix several compile warnings. * Change log level to LOG_AUTHPRIV. * New debug/error messages. * Look up user in each pam_sm_ function because ssh uses a different process for each PAM call. * Modifications to mount.crypt and umount.crypt. * Change FSCKLOOP to FSCKTARGET in default definition of FSCK command. * Better error messages from OpenSSL code. 04 November 2004 W. Michael Petullo * Initialize config->volume to NULL in initconfig() (thanks Philippe Martin). 27 October 2004 W. Michael Petullo * Pulled in changes from new. 07 August 2004 W. Michael Petullo * Moved chdir("/") from open_session to close_session. 01 August 2004 W. Michael Petullo * pmvarrun_LDFLAGS = $(GLIB_LIBS) to pmvarrun_LDFLAGS = $(GLIB_LIBS) -lz 29 July 2004 W. Michael Petullo * size_t segment_len; -> int segment_len; for x86_64. * Removed reference to Savannah from FAQ. 21 July 2004 W. Michael Petullo * Now ignore SIGPIPE when writing. This fixes problem with mount process dying before password is written. * properly wait for child processes even when write to pipe fails. 13 July 2004 W. Michael Petullo * Fixes for behavior when mounting CIFS (thanks Scott Barker). 02 July 2004 W. Michael Petullo * Fix usage of GError. 26 June 2004 W. Michael Petullo * Better checking on umount execution. * Fix umount.crypt hack + g_spawn. * Allow mount_t to getattr dirs with the user_home_dir_t context. 22 June 2004 W. Michael Petullo * Now installs SELinux policy files in /etc/selinux/strict. * No longer depends on policy-sources. * Replace procopen() with g_spawn_async_with_pipes(). 15 May 2004 W. Michael Petullo * Only setuid 0 for mount/umount, always setfsuid 0. 14 May 2004 W. Michael Petullo * SELinux work. 12 May 2004 W. Michael Petullo * Moved code that modifies /var/run/pam_mount to its own executable so that SELinux policy does not conflict with gdm. * Pam_mount now has command defaults that are overriden by pam_mount.conf. 07 May 2004 W. Michael Petullo * Worked on pam_mount_macros.te. 25 April 2004 W. Michael Petullo * Added mount.crypt and umount.crypt. 21 April 2004 W. Michael Petullo * Added some SELinux policy macros -- these need work. 14 April 2004 W. Michael Petullo * Got rid of broken pipe bomb caused by trying to write a password to a mount process that already exited. 08 April 2004 W. Michael Petullo * Now uses user option properly in the case of NCP mounts. The user option is now required for NCP mounts. * Checks for existing NCP mounts properly. 07 April 2004 W. Michael Petullo * Fixed bad behavior caused by Red Hat's su setting the process' fsuid to the uid. * Wildcards (*) may no longer be used in ~/.pam_mount.conf (again). * Fixed reading user from PAM system. 17 March 2004 W. Michael Petullo * Added FAQ entry about NCP share mounted as $HOME and X. 13 March 2004 W. Michael Petullo * options_allow nosuid,nodev in default pam_mount.conf. 11 March 2004 W. Michael Petullo * Fixed a big, bad memory allocation bug. * Finally compiles after adding lots or assertions. * Loopback images can now be nested. * Fixed core dump that occured when pam_mount was run as a session module without first being run as an auth module. Now logs a warning and returns an error. 10 March 2004 W. Michael Petullo * Added zlib-devel to RPM specification BuildRequires. * No longer segfaults when run as session module before auth module. 10 February 2004 W. Michael Petullo * Now installs /lib/security/pam_mount_auth.so and /lib/security/pam_mount_session.so links for authconfig. * made some changes to default cifsmount definition (thanks Rudi Chiarito). 03 February 2004 W. Michael Petullo * Gdm now prompts for username before password again when using pam_mount. 29 January 2004 W. Michael Petullo * Added maintainer-clean-local targets. 28 January 2004 W. Michael Petullo * Began migrating malloc/free/etc. to g_malloc/g_free/etc. 26 January 2004 W. Michael Petullo * Fixed bug that caused crash when no options specified for SMB mount (thanks Toshio). 24 January 2004 W. Michael Petullo * More RPM specification work. 23 January 2004 W. Michael Petullo * Worked on RPM specification (with help from some Fedora folks). 04 January 2004 W. Michael Petullo * RPM spec file is now rebuilt from XML on make rpm. * Fixed a fopen return value check in mount.c. * Many splint prompted changes. 02 January 2004 W. Michael Petullo * No longer use pam_mount's pair.c if compiling using libfmt_ptrn. 01 January 2004 W. Michael Petullo * Add some quotes and quote escapes to several mount command examples in example pam_mount.conf. 09 December 2003 W. Michael Petullo * Now uses templates in command definitions. THIS RENDERS OLD PAM_MOUNT.CONFs OBSOLETE! 06 December 2003 W. Michael Petullo * Fsck should now work with non-terminal-based logins like gdm. * Resumed regression testing. * Cleaned up some error messages. 05 December 2003 W. Michael Petullo * FAQ should now be included in RPM and tarball. 26 November 2003 W. Michael Petullo * More NFS fixes. * Options can now be '-' and not provided by /etc/fstab (no options is okay). 24 November 2003 W. Michael Petullo * Fixed NFS code. Now requires that nfsmount be defined in pam_mount.conf. 18 November 2003 W. Michael Petullo * Updated in preparation for inclusion into the Fedora Project. 31 October 2003 W. Michael Petullo * Added mention of Jonathan Robinson's "Error reading password from file descriptor 0: empty password" problem to the FAQ. 29 October 2003 W. Michael Petullo * Updated FAQ to contain contents of README_*. 28 October 2003 W. Michael Petullo * Added BuildRequires: glib2-devel to RPM specifications (thanks Rudi Chiarito). * Use %config(noreplace) /etc/security/pam_mount.conf in RPM specification (thanks Rudi Chiarito). * Do not use --bind when mounting remote filesystems. 26 October 2003 W. Michael Petullo * RPM specification not simply uses %{_mandir} (thanks Rudi Chiarito). 24 October 2003 W. Michael Petullo * Started an FAQ. * Various compile clean ups, thanks to Ben Story and Donald Bindner. 20 October 2003 W. Michael Petullo * Should now mount special SMB share "homes" correctly (Thanks Gustavo Homem). 07 October 2003 W. Michael Petullo * Ensured all source files had a proper copyright notice. * Started using glib instead of code from a book published by O'Reilly. 20 September 2003 W. Michael Petullo * Added include/new/Makefile.am. 18 September 2003 W. Michael Petullo * Added mention of cryptoswap to pam_mount.xml. * Now re-use more pipe/fork/exec code, reducing mount.c's source size by about thurty lines. 14 September 2003 W. Michael Petullo * Cleaned up the read_command a bit. 4 September 2003 W. Michael Petullo * Some changes to the project's RPM specification. * Fixed expand_home (thanks Peter Astrand). * Fixed two off-by-one errors (thanks Peter Astrand). * errors (thanks Peter Astrand). 15 August 2003 W. Michael Petullo * Finished migrating mount.c to execv. * Added unlosetup configuration. * Added fsckloop configuration. * Pam_mount now checks to ensure a command exists before execv'ing it. 12 August 2003 W. Michael Petullo * exec_unmount_volume and exec_mount_volume_again now use execv in anticipation of post 1.0 additions. 7 August 2003 W. Michael Petullo * mkehd now chowns key and image it creates for user. * autoehd can now mount volumes that are defined in pam_mount.conf instead of fstab. 22 July 2003 W. Michael Petullo * Cleaned up some configuration expansion code. 20 July 2003 W. Michael Petullo * Added several regression tests to my test account and fixed some code throughout readconfig.c. 19 July 2003 W. Michael Petullo * Overhaul of option parsing code. 18 July 2003 W. Michael Petullo * Fsck should now run on any local volume. 15 July 2003 W. Michael Petullo * Got rid of some silly debugging statements. * Added check: if /etc/fstab is to be used for a volume, then no options should be specified. 14 July 2003 W. Michael Petullo * Warning about volumes "not for me" no longer logged when debugging is turned off. * Now mounts same volume multiple times correctly on GNU/Linux. 12 July 2003 W. Michael Petullo * Fixed array size issue associated with FSK decryption code that could potentially cause a problem. 7 July 2003 W. Michael Petullo * Fixed bug in mount.c's efsk code. * Pam_mount now continues to try and unmount volumes after one fails. 5 July 2003 W. Michael Petullo * Fixed documentation about mounting by hand using when OpenSSL. 20 June 2003 W. Michael Petullo * Added beginning of a manpage. 11 June 2003 W. Michael Petullo * Will now recursively create complete mount point path. * Changed some variables' sizes from FILENAME_MAX to PATH_MAX. * Reimplemented try_first_pass. 11 June 2003 W. Michael Petullo * Cleaned up mount.c a little. 10 June 2003 W. Michael Petullo * Cleaned up pam_mount.c and misc.c a little. 6 June 2003 W. Michael Petullo * Pam_sm_authenticate now returns PAM_AUTH_ERR when password is longer than MAX_PAR. Returned PAM_SERVICE_ERR before. * Now use pam_[sg]et_data() to get password between auth portion and session portion of pam_mount. Used a global variable before. 5 June 2003 W. Michael Petullo * Cleaned up documentation on /etc/pam.d/ configurations a little. * Minor maintenance on pam_mount.c. 4 June 2003 W. Michael Petullo * Fixed use_first_pass behavior and figured out how to configure for use with pam_ldap (and I hope pam_winbind). * Old try_first_pass is no longer supported. See README for how to support different mount and system passwords. 1 June 2003 W. Michael Petullo * Cleaned up new fsck code a little. 31 May 2003 W. Michael Petullo * Added ability to run fsck on local filesystems before mounting (needs work). * Fixed bug in readconfig.c:freeconfig() that caused segfault. 30 May 2003 W. Michael Petullo * Password is now passed to cifsmount using stdin for security reasons. 28 May 2003 W. Michael Petullo * Fixed bug in expandconfig that cause & expansion to fail when all fields did not contain a &. * Now use dotconf 1.0.12. 27 May 2003 W. Michael Petullo * Pam_mount no longer tries to close /var/run/pam_mount/ after opening fails. This was causing sessions to fail as CLOSE calls exit(EXIT_FAILURE) when close() fails. Ssh sessions on hosts that use privilege separation would fail completely instead of just failing to mount volumes. * Added README_SSHD. * /var/run/pam_mount/ is now created group owned by the user's primary group. 26 May 2003 W. Michael Petullo * Added expansion of fs_key_path (thanks Edgar Holleis). * Added a check for malloc returning NULL in readconfig.c. * Pam_mount now returns PAM_SERVICE_ERR on error. Should be listed as optional in service config. files. 24 May 2003 W. Michael Petullo * Changed log() to l0g() to avoid conflict with -lm on some platforms. 19 May 2003 W. Michael Petullo * More patches from Bastien Kleineidam (thanks): - logging fns now use vargs - fixed memleak on unmount failure 7 May 2003 W. Michael Petullo * Mkehd no longer uses an env. var. to transmit password to openssl. * Mkehd now supports multiple volumes per user in /etc/pam_mount.conf. 6 May 2003 W. Michael Petullo * Did some work on mkehd. * Now builds .deb. * Pam_mount.so is installed in $(prefix)/../lib/security instead of /lib/security on GNU/Linux (mainly to facilitate building .debs). 5 May 2003 W. Michael Petullo * Re-added free in readconfig.c:log_error(). * Readconfig.c:read_command() now checks to ensure command specifications contain at least one parameter (was causing a core dump on bad pam_mount.confs). Also fixed default pam_mount.conf which was broken. 28 April 2003 W. Michael Petullo * Fixed (I hope) ncpmount parameters (thanks Bastian Kleineidam). * Added some error checking (thanks Bastian Kleineidam). * Changed some strcpy's to strncpy (thanks Bastian Kleineidam). * Failed mallocs in readconfig.c are now handled better. * Fixed some minor errors pointed out by OpenBSD's lint. 27 April 2003 W. Michael Petullo * Got rid of some calls to sleep that seem unnecessary. * Got rid of some useless signal handling code. * session counting now used strtol instead of atoi. * pam_mount now rmdirs mount points it mkdirs. 21 April 2003 W. Michael Petullo * Started to make checks for valid mount options a little cleaner so that it is more apparent that they are coded right. * Made some functions static as appropriate. 19 April 2003 W. Michael Petullo * Added some checks to volume_record_sane. 16 April 2003 W. Michael Petullo * Combined mount_volume and do_mount in mount.c. * Fixed exec logic in mount.c. Failed unmounts should now be noticed. Failed mntchecks or lsofs no longer continue to run a second pam_mount process (they exit(EXIT_FAILURE)). 15 April 2003 W. Michael Petullo * pam_mount.so is now installed to /lib/security on GNU/Linux, /usr/lib on OpenBSD. * Made exec failure message a bit more descriptive. 4 April 2003 W. Michael Petullo * Tested GNU/Linux build. * Changed references to SSL in mount.c to CRYPTO. May need to change back? Needs testing. 3 April 2003 W. Michael Petullo * Renamed mountehd to autoehd. 28 March 2003 W. Michael Petullo * Minor documentation work. * Fixed bug that caused local mount to fail when no options were specified in pam_mount.conf volume definition. 26 March 2003 W. Michael Petullo * Continued to clean up after getting rid of pmhelper change. 24 March 2003 W. Michael Petullo * Pmhelper code is now integrated into pam_mount.so instead of being a separate, suid executable. This fixes a major locally exploitable security bug. 10 March 2003 W. Michael Petullo * Pam_mount now unmounts volumes in the opposite order that it mounts them in order to facilitate nested mounts (Thanks to Thorsten Wiegel). 5 March 2003 W. Michael Petullo * Added support for CIFS (Thanks to Daniel Zeiss). Right now the CIF mount technique can leak passwords to other users. 28 February 2003 W. Michael Petullo * Began to build README, RPM spec, Debian control, etc using XSLT. * Updated AUTHORS file. 22 February 2003 W. Michael Petullo * Pmhelper can now check for existing mounts on Open and FreeBSD. * Can no longer define commands in ~/.pam_mount.conf. 21 February 2003 W. Michael Petullo * Moved code from pam_sm_auth... to pam_sm_open_session. * Pam_mount.c and pmhelper.c now zeroize passwords after use. 17 February 2003 W. Michael Petullo * Fixed cpp-related pmhelper.c build error on GNU/Linux. 15 February 2003 W. Michael Petullo * OpenBD port not works, though not very well. * Added BSD fstab.h-related code. * invoke_child now fails if pmhelper exits with error code (!= 0). * Fixed misuse of execv. 11 February 2003 W. Michael Petullo * Began to port to OpenBSD using openpam, which is used by FreeBSD. Note that OpenBSD does not use PAM by default. 9 February 2003 W. Michael Petullo * Cleaned up code in pam_mount.c and pmhelper.c. 25 December 2002 W. Michael Petullo * Debian package generation now works. I'm new to this, so there may be some problems. 24 December 2002 W. Michael Petullo * Lots of work on Debian package generation. * Updated package requirements. 19 December 2002 W. Michael Petullo * Small logic and bug tweaks. 13 December 2002 W. Michael Petullo * ./configure now checks for security/pam_modules.h. * SMB code now uses PASSWD_FD because PASSWD can leak passwords to other users. This needs to be tested. * No longer links against libssl if it does not exist. * Now uses -o pass-fd to transmit passwords to ncpmount. 18 November 2002 W. Michael Petullo * Wildcard volume definitions are now ignored when root logs in. * Fixed off-by-one bug in new session counting code. 17 November 2002 W. Michael Petullo * pam_mount now tracks multiple logins, only unmounting anything when a user has logged out of all of his sessions. 16 November 2002 W. Michael Petullo * Added NCP code to already_mounted. Does it work? * Removed some sleep calls. Things are now faster. 14 November 2002 W. Michael Petullo * When checking if volume is already mounted, pmhelper now checks volume AND mount point. * Now complains if mount type is SMB or NCP and no server is specified. 13 November 2002 W. Michael Petullo * When checking if a volume is already mounted, pmhelper now constructs correct string for SMBMOUNT type. NCPMOUNT still needs to be fixed. 10 November 2002 W. Michael Petullo * Pmhelper now uses env. var. PASSWD to give ncpmount a password. As of ncpfs 2.2.0.19, a patch from http://www.flyn.org is needed for ncpmount. 09 November 2002 W. Michael Petullo * Fixed potential buffer overflow in pmhelper.c. 06 November 2002 W. Michael Petullo * pam_mount.conf now installed in /etc/security, not ${prefix}../etc/security. 03 November 2002 W. Michael Petullo * Added code to test return value of malloc/calloc/reallocs. 02 November 2002 W. Michael Petullo * Smbmount now gets its password from the PASSWD environment variable. Smbmount reads passwords from /dev/tty over stdin so the pipe method does not work. I'm not sure if ncpmount works. I wish smbmount and ncpmount supported mount's -p0 technique. 01 November 2002 W. Michael Petullo * Pmhelper not installs in ${exec_prefix}/sbin and pam_mount.so always goes in /lib/security. * Mountehd should now be installed. * Dynamically allocated memory in config structure are now freed by session close function. 30 October 2002 W. Michael Petullo * Fixed bug in read_options that caused function to fail, logging "too many options." * Fixed bug causing "options_allow *" to not work. 28 October 2002 W. Michael Petullo * Fixed asprintf misuse that caused pmhelper to segfault when mounting a smbfs volume. 27 October 2002 W. Michael Petullo * A user can now use luserconf to mount volumes using other usernames. * Cleaned up code a bit. * Build error fix (thanks Michael Rhee). 26 October 2002 W. Michael Petullo * Added checks so luserconf can only configure commands and volumes. * Pmhelper now checks to see if a volume is already mounted before it tries to mount it. * Cleaned up some of the new readconfig code a bit. * Always returns PAM_SUCCESS again so login is not refused. * Fixed complaint about misc.o being used both with and without libtool (linked misc.c to miscso.c). 21 October 2002 W. Michael Petullo * Began to use dotconf to read configuration files. This work ended up spanning several days, as expected. Though this is a bit difficult, the old readconfig.c need to be scrapped -- it was difficult to maintain and scrub for security flaws. The new code still needs work, but has a more well designed core. A little pain now will save more later. 20 October 2002 W. Michael Petullo * Applied some code cleanups from Bastian Kleineidam. * Moved mkhomedir code to pmhelper.c. Now creates homedirs when wildcards are not used too. * Changed mkhome option to mkmountpoint. 19 October 2002 W. Michael Petullo * Added mention of mkehd to nasty-details_pam_mount.xml. * Added documentation to functions in pmhelper.c. 18 October 2002 W. Michael Petullo * Fixed buffer issue in readconfig.c (thanks Miguel Freitas). 17 October 2002 W. Michael Petullo * All mount types now avoid using the command line to pass passwords. Needs testing! * Now chowns homedir to owner if pam_mount has to create it. Make sure nsswitch is configured if using, for example, winbindd. * More code scrubbing. * (Following release 0.4.1) fixed a bug that causes filesystem keys to decrypt wrong, breaking encrypted home directory method three (an array not initialized to [0, ..., 0]. 16 October 2002 W. Michael Petullo * Pam_mount not creates user's home directory if it doesn't exist. Useful if the user is authenticated using some wazoo method and does not really exist on the local machine. * (Following release 0.4.0) fixed some buffer sizes in pmhelper.c. 14 October 2002 W. Michael Petullo * Cleaned up log function. * Cleaned up misc.c. * Added some return value checks and errmsgs in pam_mount.c. 12 October 2002 W. Michael Petullo * EHD scripts now detect technique 1, 2, or 3 from pam_mount.conf. * Added mountehd script. 07 October 2002 W. Michael Petullo * Added a README_DEBIAN file with some Debian-related notes. * Pmhelper should now install suid. * Documentation change .*_firstpass to .*_first_pass. * Added mkehd script. 06 October 2002 W. Michael Petullo * Applied Pekka Aleksi Knuutila's patch: 1. Now fixed on Debian again. 2. Now does a chdir("/"), fixed umount in some cases. KDM? 3. Environment instead of command line used to pass password to smbmount. Thanks, Pekka! * (Following release 0.3.9) Added nfs to legal volume types. Local actually has supported NFS, but allowing someone to specify nfs may cut down on confusion. Local has meant "use /bin/mount" not "local filesystem." Local may be a bad choice of words. * Added passwdehd script. 27 August 2002 W. Michael Petullo * Fixed a typo in pam_mount.conf. 14 August 2002 W. Michael Petullo * Pmhelper now unmounts the mount point, not the volume. If the mount point is not specified in pam_mount.conf, then it is read from fstab. This is necessary to unmount SMB volumes like "home." 11 August 2002 W. Michael Petullo * Got rid of some compiler warnings. * Added some more error checking to openssl code. * In pam_mount.conf, if user is *, ~ will be expanded to user's home. 10 August 2002 W. Michael Petullo * Worked on documentation for encrypted filesystem keys. * (Following release 0.3.6) started using EVP_get_cipherbyname() -- should be real close to supporting all openssl-supported ciphers. * Added support for encrypted filesystem keys. * Pam_mount.spec now uses %config(noreplace) in install configuration. 03 August 2002 W. Michael Petullo * (Following Release 0.3.5) began using FCTK. * Began to work on supporting filesystems that have a different password than the user's login password. 03 August 2002 W. Michael Petullo * Lsof now works when logging out of consoles. * Changed module type to session only. THIS REQUIRES CHANGES TO PAM CONFIGURATION FILES (ie: /etc/pam.d/*). * Pmhelper now understands the mount point may not be in /etc/fstab. In this case, the path is provided by pam_mount.so. 02 August 2002 W. Michael Petullo * Reduced the output of lsof to only files related to ~. 01 August 2002 W. Michael Petullo * Made /usr/sbin/lsof configurable in /etc/security/pam_mount. 30 July 2002 W. Michael Petullo * Changed syslog priorities. * Now logs output of /usr/sbin/lsof when debugging is on. 30 July 2002 W. Michael Petullo * Ran indent on source files. * Got rid of pmhelper.c.orig and pmhelper.c.rej. 30 June 2002 W. Michael Petullo * Fixed error that prevented encrypted volumes from working when debugging was off. * Updated CREDITS file. 27 June 2002 W. Michael Petullo * Fixed bug that caused segfault when unmounting with debugging on. * Location of config file is now /etc/security/pam_mount.conf by default. * UID of pmhelper process is now set to 0 since euid of 0 is not enough for using mount (makes u+s su work). * Mount point is now optional in pam_mount.conf for local mount type. See pam_mount.conf example. * Debug messages are now logged with syslog. * Cleaned up debug messages a bit. Separated into log and debug messages. Log messages are important and are printed even if debugging is off. * Got rid of some C++ style comments. * Applied Mukesh Agrawal's encryption patch. 17 December 2001 Elvis Pfützenreuter * Removed broken test in pmhelper.c to see if monting directory is $HOME - now it will always wait for mount() to complete. If this poses problems, please notify (0.3.2). 29 November 2000 Elvis Pfützenreuter * applied patch that waits mount to be completed if the mount point happens to be the user's home dir (see CREDITS) (0.3.1). 15 November 2000 Elvis Pfützenreuter * applied patch that enables template volumes (see CREDITS) (0.3pre) 14 November 2000 Elvis Pfützenreuter * pmhelper no longer stays in memory during the user session (0.2). xx xxxx 2000 Elvis Pfützenreuter * Several modifications in /etc/pam_mount.conf format (0.1). xx xxxx 2000 Elvis Pfützenreuter * First public version (0.01).