www:  http://student.wsei.krakow.pl/spam/
      -----------------------------------

mail: spam@student.wsei.krakow.pl
      ---------------------------
      

-------------------------------------------------------------------------------
ENG:
---
 
probably cracklib is dangerous and its no good idea to install it in production
state system. pwdb is taken from red hat distro (i couldn't find it anywhere)
and is in state "pre-alpha". pam in shadow is in beta stage.


4 packages:
cracklib:  cracklib.tgz/cracklib-2.7-i386-x.tgz - library needed by 
           pam_cracklib 
pwdb:      pwdb.tgz/pwdb-0.61.2-i386-x.tgz - library needed by pam_pwdb
           and pam_radius
pamlib:    pamlib.tgz/pamlib-0.77-i386-x.tgz - main pam library - LinuxPAM  
           * packages: cracklib, pwdb are needed
pamshadow: pamshadw.gz/pamshadow-4.0.3-i386-x.tgz - shadow suite compiled
           with pam support (compiled with libshadow)
           - pamed bins 8.0:
           /bin/login
           /bin/su
           /usr/bin/chfn
           /usr/bin/chsh
           /usr/bin/passwd
	   - pamed bins 8.1 (these from 8.0 and):
	   /usr/bin/chage
	   /usr/sbin/chpasswd
	   /usr/sbin/groupadd
	   /usr/sbin/groupdel
	   /usr/sbin/groupmod
	   /usr/sbin/newusers
	   /usr/sbin/useradd
	   /usr/sbin/userdel
	   /usr/sbin/usermod
           * packages: pamlib, cracklib, pwdb are needed  



in directory OLD you got packages with util-linux compiled with pam. now its
a couriosity i think. pamed shadow is more complete version.

----------
08.09.2002: first full version with cracklib and pwdb. using shadow package.

12.09.2002: pamshadow - configs updated.

20.09.2002: pamlib, pamshadow - recompiled to really i386 bins. 
            sorry, i forgot "--build=i386" option:(

20.09.2002: sshd daemon added for 8.0 and 8.1 ("daemon" subdir).


pamsshd:    pam-sshd.tgz/pam-openssh-3.4p1-i386-x.tgz - ssh daemon, clients
-------     and tools from openssh, pammed.


21.09.2002: fixed broken package pam-shadow (8.0),  pam-openssh recompiled, 
            recompiled pamlib for both 2 vers 8.0 and 8.1 
	    sorry i forgot "--enable-read-both-confs" option yesterday:(

26.09.2002: fixed permissions in pamshadow in both 8.0 and 8.1 packs.

19.10.2002: pamlib - Linux-PAM upgraded to 0.77 - stupid security hole found 
	    in 0.76 (remote with sshd or other pam-authorized remote session 
	    service). you need backup your "/etc/pam.conf" before install.   

24.03.2003: new slackware 9.0 ! we've gotta get new pam packs for slackware 9.0
            look for it in "slack9.0" subdir.

17.09.2003: pamsshd -> upgrade to openssh-3.7.1p1 in all vers, caused of serious
	    security holes in all previous vers of openssh (all - 8.0, 8.1, 9.0
	    are compiled with "--with-tcp-wrappers" configuration option).

24.09.2003: pamsshd -> all to openssh-3.7.1p2. problem in pam auth. you've gotta
	    enable option "UsePAM" and disable option "PasswordAuthentification"
	    in "/etc/ssh/sshd_config" (UsePAM yes; PasswordAuthentification no).
	    if you use PUTTY client, you've gotta change preferred protocol to 
	    SSHv2 (in ssh options) and enable "agent forwarding" (in ssh-->auth
	    options).

02.10.2003: new slackware 9.1 ! new pam packs for slackware 9.1 in "slack9.1" 
	    subdir. all pwdb and cracklib files moved to /usr.

30.10.2003: pamshadow for slackware 9.1 was compiled without PAM!!! !!!SORRY!!!
            no1 noticed that :(i dont't have slack9.1 on any server). recompiled.   

31.10.2003: pamshadow in all vers had misconfiguration in /etc/pam.conf. order:
            "passwd password required pam_unix_passwd.so" hadn't paramameters: 
	    "md5 shadow". it was the reason of trouble with passwords lenght > 8 
            chars. it was possibility to use exactly 8 first chars from password 
	    to pass. corrected. !!!IT'S SECURITY!!! change it /etc/pam.conf.

07.12.2003: removed libs (/lib/libshadow.a, /lib/libmisc.a) from pamshadow pack
            in 8.1, 9.0 and 9.1 vers. i noticed that these libs are breaking 
	    compilation/runnig of some services (freeradius).

17.06.2004: pammed proftpd (pam-proftpd) for 8.1, 9.0 and 9.1 added in "daemon"
            subdir. maintenance of 8.0 was dropped (bye bye 8.3 pack names:).

28.06.2004: new slack 10.0 -> new pam for slack 10.0:). new pam packs for 
            slackware 10.0 in "slack10.0" subdir.

12.09.2004: pam-proftpd for 10.0 updated to proftpd-1.2.10 (after slackware).

13.02.2005: new (s)pam for slack 10.1. new pam packs for slackware 10.1 in 
            "slack10.1" subdir. pam-lib upgraded to Linux-PAM-0.78. added pammed
	    vsftpd ("pam-vsftpd" in daemon subdir). polish section of this 
	    document moved to the end (Poland is i UE now;). pam-shadow is still 
	    in 4.0.3 version - after slackware (with slackware patches).

14.02.2005: patch: "036_CAN-2004-1001_passwd_check.diff" (from debian) for 
	    shadow-4.0.3 (patch istn't in slackware release because its pam 
	    related). flaw was not critical, but... patched: 10.1, 10.0, 9.1, 
	    9.0 and 8.1. sorry so late - unpatched from 05.11.2004 :(.

16.02.2005: corrected files rights for suided bins (go-r) and ownership 
	    (root.root - > root.bin) for all bins in pam-shadow for: 10.1, 10.0,
	    9.1, 9.0 and 8.1.
	    
10.03.2005: pammed popa3d for slack 10.1 added.

21.09.2005: new (s)pam for slack 10.2. Linux-PAM version bumped to 0.80, pwdb 
	    version to 0.62, added libselinux for compiling full set of PAM 
	    plugins. new directory structure for spam 10.2 - added "extra" dir. 
	    in "extra" dir you can find pammed sudo and cyrus-sasl library.
	    added install descriptions (slack-desc) to the all packages. 

23.09.2005: rebuilding all packages. introduced package building system 
	    (slackbuild scripts). you can find build scripts in: "src/slack10.2" 

18.11.2005: upgraded pamlib to version 0.81 (patching liselinux issue)

11.01.2006: recompiled popa3d for slack 10.1 and 10.2. popa3d now really works 
	    with pam (everything in diff file in src/slack10.2/daemon/popa3d 
	    dir). using right filename for popa3d pam config now. 
	    Happy Birthday Wojtek!

11.02.2006: openssh updated to 4.3p1 for all from slack 8.1 to slack 10.2. sudo
            updated to 1.6.8p12 fo slack 10.2 (all after slackware)

11.02.2006: Corrected pam-openssh for slack 9.0, 9.1, 10.0 and 10.1 (wrong path
	    for "sshd.pid")

30.09.2006: openssh updated to 4.4p1 for all from slack 8.1 to slack 10.2. 
            (after slackware)

15.10.2006: new (s)pam for slack 11.0. added libsepol for compiling new 
	    libselinux 1.30 (new directory "selinux"). all for full set 
	    of PAM plugins.

03.12.2006: proftpd updated to 1.3.0a for all from slack 8.1 to slack 11.0.
	    (after slackware)

06.07.2007: new (s)pam for slack 12.0. added screen to "extra". patched vsftpd 
	    witch gentoo patch for compiling with 2.6 kernel capabilities.

15.09.2007: openssh updated to 4.7p1 for all from slack 8.1 to slack 12.0 
            (after slackware)

05.04.2008: openssh updated to 5.0p1 for all from slack 8.1 to slack 12.0
            (after slackware)

08.05.2008: new (s)pam for slack 12.1. Linux-PAM upgraded to 1.0.1 - compiled
	    without one plugin: pam_tty_audit (needs audit, but audit needs 
	    swig). plugins pam_pwdb (no pwdb needed anymore) and  pam_radius 
	    are gone. if you need them, Linux-PAM-0.81 and pwdb can be found 
	    in new "old" subdir. selinux libs and cracklib are upgraded too.
	    patched proftpd with gentoo patch for compiling with newer 2.6 
	    kernels.

29.07.2008: openssh updated to 5.1p1 for slack 11.0, 12.0 and 12.1
            (after slackware)

30.07.2008: proftpd 1.3.1 recompiled for slack 11.0, 12.0 and 12.1 - 
	    now working with updated openssl libs (after slackware)

28.12.2008: new (s)pam for slack 12.2. Changed packaging schema - no more
	    "pam-" prefix (pam-NAME-ARCH-BUILD_NUMBER.tgz). We got standard 
	    package name schema with "spam" postfix after build number
	    (NAME-ARCH-BUILD_NUMBERspam.tgz). So you can use "upgradepkg"
	    for installing spam packages replacing original slackware packages
	    (do not mess in system packages database).

19.05.2009: security update - cyrus-sasl to 2.1.23 for slack from 10.2 to 12.1

25.09.2009: recompiled pam-openssh and pam-cyrus-sasl for slack 12.0 (compiled
            against wrong version of pam lib during last updates)

29.09.2009: it will be no pam for slack 13.0 and up - project end. I can't 
            build packages for other platforms then i486. You can use 
	    slackbuilds from slack 12.2 to make packages yourself.

-------------------------------------------------------------------------------
POL:
---

* rzeczy nowe i poprawione beda opisywane tylko w wersji angielskiej


prawdopodobnie biblioteka cracklib jest niebezpieczna i odradzana jest
jej instalacja w systemach produkcyjnych. pwdb to wynalazek znaleziony 
w dysrtybucji red hat (nigdzie indziej nie moglem znalezc). 
opisany jako "pre-alpha". pam w shadow jest w wersji beta.

4 pakiety:
cracklib:  cracklib.tgz/cracklib-2.7-i386-x.tgz - biblioteka potrzebna przez
           modul pam_cracklib
pwdb:      pwdb.tgz/pwdb-0.61.2-i386-x.tgz - biblioteka potrzebna przez moduly
           pam_pwdb i pam_radius 
pamlib:    pamlib.tgz/pamlib-0.77-i386-x.tgz - glowna biblioteka PAM - LinuxPAM
           * pakiety: cracklib i pwdb sa potrzebne
pamshadow: pamshadw.gz/pamshadow-4.0.3-i386-x.tgz zestaw shadow skompilowany
           z pam (skompilowany z libshadow).
           - binarki z pam 8.0:
	   /bin/login
           /bin/su
           /usr/bin/chfn
           /usr/bin/chsh
           /usr/bin/passwd
           - binarki z pam 8.1 (te z 8.0 i):
	   /usr/bin/chage
	   /usr/sbin/chpasswd
	   /usr/sbin/groupadd
	   /usr/sbin/groupdel
	   /usr/sbin/groupmod
	   /usr/sbin/newusers
	   /usr/sbin/useradd
	   /usr/sbin/userdel
	   /usr/sbin/usermod
           * pakiety: cracklib, pwdb i pamlib sa potrzebne

w katalogu OLD sa pakiety pam z util-linux. teraz nalezy traktowac ten sposob
zastosowania pam jako ciekawostke. wersja z shadow jest pelniejsza. 

------
grzech