v0.33 (February 22 2008) ======================== - notify about unknown options in /etc/pam.d/* - support "debug" option for pam_mount in /etc/pam.d/* - mount.crypt: detect loop devices by major number - remove trailing comma from mount options v0.32 (December 06 2007) ======================== - remove unintended zeroing of variable - rip out mntagain hack v0.31 (December 01 2007) ======================== Fixed parsing of old-style pam_mount.conf with spaces in group names, copy-and-paste typos and a missing return value. Added workaround for CIFS volumes within NFS mounts with "root_squash" option. - allow --keyfile to be used for non-LUKS too - add workaround for CIFS mounts within root_squashed NFS - luksClose is the same as Remove (in umount.crypt) - fix copy-and-paste error in converter script - convert "local" fstype entries from old configuration format correctly. - fixed parsing of old pam_mount.conf with spaces in group names - fixed: When no volumes were to be mounted, return value was not PAM_SUCCESS. v0.29 (September 27 2007) ========================= An uninitialized array and a copy-and-paste error were corrected in the recently introduced process spawn code. - explicitly initialize fd array (spawn.c) - fix a copy-and-paste typo during dup2() (spawn.c) v0.28 (September 27 2007) ========================= A hotfix for an incorrect printf format specification in pmvarrun. Also installs config files by default now. - install pam_mount.conf.xml by default - add --with-selinux configure option to install selinux files - fix crash due to printf arguments in pmvarrun.c v0.27 (September 26 2007) ========================= This release fixes a crash on logout with su by using a fixed $PATH to work around broken login programs. MSAD usernames are now accepted in pmvarrun. The libglib dependency has been dropped. - add luserconf conversion note to convert_pam_mount_conf.pl - do not print "mount errors" if there won't be any - allow MSAD usernames (with spaces and backslash) in pmvarrun - quick-terminate if there is nothing to do on closing session - fix crash on logout with su (unsigned loop underflow) - drop libglib dependency - always use fixed $PATH v0.26 (September 20 2007) ========================= Luks argument ordering, mountpoint creation as user, and the converter script were corrected. The "nullok" and --keyfile options were added. - revert r290 which incorrectly changed the luks argument order - --keyfile option added to mount.crypt - improved error reporting in the config converter script - do not literally copy the special-meaning single dashes in converter script - fix mount.crypt inner shell syntax - add "nullok" option - fix a missing user identity switch after mkmountpoint'ing v0.21 (September 17 2007) ========================= Some mount helpers needed a different option passing method. Stacking of loop devices is now avoided, and pam_mount will not ask for a password if no volumes are to be mounted. The documentation has been updated to include PAM module stacking (e.g. when using pam_ldap with pam_mount). - silence unwanted error message (fallout from r240) - add "Known Bugs and Issues" documentation - more documentation - How to stack PAM modules without pam_stack - option passing to some mount helpers needs to be different - avoid stacking of loop devices - do not ask for password if no volumes found v0.20 (September 05 2007) ========================= This release adds extra options regarding pam_mount behavior (messages and mount points). - do not use absolute paths, search $PATH instead for programs - add pam_mount.conf to .conf.xml converter - "sufficient" keyword documentation - misc cryptmount fix - pass down readonly flag to luksOpen - add option to retain automatically created mountpoints - create mountpoint as user if possible (e.g. if /home/USER already exists and your volume is /home/USER/myvol) - build fixes, making it work OOTB again with FC6 and Autoconf 2.59 - allow changing the password prompt - add an overview of pam_mount options (options.txt) - implement the "soft_try_pass" option v0.19 (July 04 2007) ==================== pam_mount now uses an XML config file, which also has a few new variables and options. Support for truecrypt was added. - pam_mount switched to an XML configuration. - NT domain placeholders - properly detect loop64 support - split group matching into multiple attributes - add an "invert" attribute - remove pam_mount.la from `make install`ed directory - partial davfs support - added truecrypt support v0.18 (September 07 2006) ========================= A crash on x86_64 has been fixed. pam_mount now changes to the root directory before attempting to (un)mount. - change to / before attempting mount - check return value in xmemdup() - fix segfault on x64: Do not reuse va_lists (found by Celestar) v0.17 (August 06 2006) ====================== This release fixes memory corruption issues and improper zeroing. - use standard allocators - fix memory corruption issue - enhance debugging messages with file/line - fix improper zeroing (deceived as memory corruption) v0.16 (July 30 2006) ==================== The GDM SIGCHLD workaround handling has been improved, essential environment variables for FUSE daemons are now set, and configure has two new options (--slibdir and --sbindir). - SIGCHLD handling updated - set important environment variables for fuse daemons - added new --slibdir and --ssbindir options to configure - documentation updates v0.15 (July 26 2006) ==================== - mount.crypt and umount.crypt are installed to /sbin rather than /usr/sbin; /bin/mount only looks into /sbin - KRB5 credentials are now set in the environment - fix XDM crash, for GCC >= 4.x - disable debug output by default (confused gksu) [sf bug #1524325] - do FUSE mounts done unprivileged [sf bug #1489657 and ML] - fixed: /bin/login sends SIGHUP/SIGTERM to outstanding session processes after PAM completed; this killed fuse daemons - work around XDM crash (symbol clash), for GCC <= 3.x; the proper solution would be that XDM be NOT compiled with -rdynamic - properly truncate /var/run/pam_mount/YOURNAME files [sf bug #1503246] v0.13 (April 01 2006) ===================== Before SVN, patchsets were used. [patch 01/11] January 28 2006 - src/readconfig.c, mount.c: mount volumes with user credentials, not as root - src/mount.c: add a swift error message for people using broken distros [patch 02/11] January 28 2006 - config/pam_mount.conf, readconfig.c: lsof is in /usr/bin [patch 03/11] February 23 2006 - dry/pam_mount.spec: fixed: forgot to clean out unpackaged files [patch 04/11] February 27 2006 - config/pam_mount.conf: update some examples [patch 05/11] Februrary 27 2006 - scripts/mount.crypt: fix SED expression [patch 06/11] March 04 2006 - src/mount.c: add an extra hint for old distros [patch 07/11] March 19 2006 - src/*.h: fix position of #include's, they need to be before extern "C". [patch 08/11] March 19 2006 - config/pam_mount.conf: fix examples for shares with spaces [patch 09/11] March 19 2006 - src/pam_mount.c: relookup user (for LDAP) [patch 10/11] April 01 2006 - use own SIGCHLD handler during pam_mount operations (try to fix a quirk with GDM) [patch 11/11] April 01 2006 - configure: enforce straight /lib position for pam_mount Linux v0.12.2 (January 31 2006) ========================= Mount smbfs and cifs mounts with ownership belonging to the user rather than root. v0.12.0 (January 11 2006) ========================= This version fixes an fd leak, expansion problems with @group and a wrong inversion. The smb/ncp filesystem types have been superseded by smbfs/ncpfs. Support for secondary "@@groups" was added. v0.11 (December 28 2005) ======================== - fix some memory leaks, unterminated strings, extra trailing slashes, double frees - fixed: wildcards were not expanded for "@group"s - account for trailing slashes and path resolution in umount.crypt v0.10 (November 18 2005) ======================== - support ANY [kernel] filesystem (yes, finally) -- includes tmpfs, fuse mounts and --bind operations. - merged various patches and fixes by Bastian Kleineidam - handle symlinks better (read: resolve them, so that the result matches /bin/mount's resolving behavior) - implemented group volumes, to be used by "volume @xyz ..." - cleaned the code up here and there