* doc/Makefile.am (check-ldaphome-config): Take into account
gray_env_get_bool (see 7636fa3e).
* doc/pam-modules.texi: Update; final check.
* NEWS: Update.
* pam_ldaphome/pam_ldaphome.c (create_exists): New return code.
(create_home_dir): Return create_exists if the directory already
exists.
(ldaphome_main): Run initrc only after creating the home dir.
* NEWS: Document new features.
* doc/pam-modules.texi: Document usergitconfig.
* doc/pam_ldaphome.8in: Update.
* examples/ldappubkey: New file.
* examples/usergitconfig: Refer to perldoc on error.
* lib/env.c (gray_env_get_bool): New function.
* lib/graypam.h (gray_env_get_bool): New proto.
* pam_ldaphome/pam_ldaphome.c (import_public_key): Do nothing if
"import-public-keys" is set to "no".
(pam_sm_authenticate): New function.
* pam_ldaphome/pam_ldaphome.c (find_env,locate_unset)
(env_concat,parsenv,env_setup): New statics.
(run_prog): Use execve and env_setup to set up the
environment.
* doc/pam-modules.texi: Document new statements.
* doc/pam_ldaphome.8in: Likewise.
This allows for dynamic modifications of the initial directory contents,
depending on the login name of the user. The name of the external program
is given with the initrc-command configuration statement. It is invoked
with the single argument, specifying the login name. The standard input
is closed, standard output is diverted to standard error. Standard error
can be diverted to a file using the initrc-log statement.
* Makefile.am (EXTRA_DIST): Add examples.
* examples/usergitconfig: New file.
* pam_ldaphome/pam_ldaphome.c (run_prog, run_initrc): New statics.
(pam_sm_authenticate): Call run_initrc prior to calling
import_public_key.
* pam_ldaphome/pam_ldaphome.c (create_interdir): Fail if unable to chown,
(store_pubkeys): Log error if fchown or ftruncate fails.
(dir_in_path): New static function.
(create_home_dir): Return enum create_status.
If allow-home-dir statement is present, create directory only if
it is located in one of the directories listed in it, otherwise
return create_skip.
(pam_sm_authenticate): Import keys only if home dir exists.
* doc/pam-modules.texi: Document allow-home-dir.
* pam_fshadow/pam_fshadow.c (_pam_parse): Initialize global
variables, in case pam_fshadow is called twice in the same
stack. Do not register rexp in pam data, this hurts
reentrability.
(pam_sm_authenticate): Free rexp.
New keywords: bindpwfile and keyfile-mode.
* doc/pam-modules.texi: Document bindpwfile and keyfile-mode.
* pam_ldaphome/pam_ldaphome.c (ldap_bind): Read password from
file, if bindpwfile is given.
(store_pubkeys): Optionally enforce file mode, given by the
keyfile-mode configuration statement.
* pamck/pamck.c (main): Fix a typo.
* acinclude.m4 (PM_ENABLE): Revamp. Change meaning of the second argument.
* configure.ac: Reflect the above change.
* pam_umotd/pam_umotd.c: Remove unused includes.
* acinclude.m4 (PM_ENABLE): Don't test $build_$1 variable
before its initialization.
* pam_umotd/pam_umotd.c: Remove unnecessary includes.
(exec_file): Argv is not const.
(pam_sm_open_session): PAM does not guarantee that
argv[] is null-terminated. Create a null-terminated copy
for use by exec_file.
* Makefile.am [PAM_COND_UMOTD] (UMOTD_DIR): New variable.
(SUBDIRS): Add $(UMOTD_DIR).
* configure.ac: Check for security/pam_ext.h.
Add pam_umotd module.
* lib/graypam.h (pam_opt_type)<pam_opt_rest>: New type.
* lib/parseopt.c (gray_parseopt): Upon encoutnering pam_opt_rest parameter,
stop further processing and return the index of the next argument.
* pam_umotd/Makefile.am: New file.
* pam_umotd/pam_umotd.c: New file.
* doc/pam-modules.texi: Document new configuration keywords.
* pam_ldaphome/pam_ldaphome.c (get_intval): Take additional
"base" argument. Return 1 if the requested keyword is not
present in the database, -1 on error and 0 on success.
(ldap_connect): Consult the "ldap-version" configuration
variable for the LDAP version to use.
(create_home_dir): Read mode for the home directory from
the configuration variable "home-dir-mode".
* pam_ldaphome/pam_ldaphome.c (argcvz_free,trimnl): New functions.
(get_ldap_attr): Trim trailing newlines from the return value.
(ldap_search): Rename to get_pubkeys. Return null-terminated array
of sorted lexicographically keys.
(store_pubkey): Rename to store_pubkeys, take char ** as its
first argument. Store all keys unless the file already contains
exactly that set of keys.
(import_public_key): Call store_pubkeys. Use argcvz_free to
free the keys.
