aboutsummaryrefslogtreecommitdiffstats
path: root/share/libmsec.py
Commit message (Collapse)AuthorAgeFilesLines
* new function enable_pam_root_from_wheel to allow transparent root accessFrederic Lepied2005-06-171-1/+28
| | | | | for the wheel group members.
* password_history: touch opasswd to have it work.Frederic Lepied2005-03-211-2/+2
|
* better doc for allow_remote_root_login.Frederic Lepied2005-02-211-1/+3
|
* allow_reboot: remove consolehelper links instead of files inFrederic Lepied2004-09-301-5/+6
| | | | | /etc/security/console.apps.
* control CTRL+ALT-DEL in allow_rebootFrederic Lepied2004-09-301-1/+7
|
* MandrakelinuxFrederic Lepied2004-07-291-1/+1
|
* added allow_xauth_from_rootFrederic Lepied2004-07-291-0/+24
|
* fixed system-auth growing line forever (bug #7853) (Michael Scherer)Frederic Lepied2004-02-141-1/+1
|
* make it lib64 aware wrt pam files rewritingFrederic Lepied2004-02-121-21/+21
|
* allow_xserver_to_listen: corrected startx modifications (Gavin Porter)Frederic Lepied2003-11-181-3/+3
|
* document same_levelFrederic Lepied2003-10-091-2/+5
|
* Rework same_level to be able to put the priority on the config file.Frederic Lepied2003-10-081-40/+56
| | | | | | This is realized by inspecting the stack trace and using a global associative array.
* better doc for no_password_aging_for and set_security_confFrederic Lepied2003-08-221-5/+15
| | | | | allow to pass a number in set_umask
* be carefull to use 1 or 0 instead of True and False in set_zero_one_variableFrederic Lepied2003-08-221-1/+7
|
* corrected inverted descriptionsFrederic Lepied2003-03-071-3/+3
|
* put description on one line not to modify draksec_help.pyFrederic Lepied2003-02-171-2/+1
|
* reworded CHECK_PASSWD descriptionFrederic Lepied2003-02-171-1/+2
|
* fix mseclib man page and draksec help (parsers drop first two bytes... :-()Thierry Vignaud2003-02-031-2/+2
|
* password_aging: chage is l10n now so use LC_ALL=C before calling it.Frederic Lepied2002-11-201-2/+2
|
* allow_reboot: X-\*-Core => X-:\*-CoreFrederic Lepied2002-09-171-2/+2
|
* - allow_user_list handles Selected when not changing security level.Frederic Lepied2002-09-171-18/+38
| | | | | - allow_reboot handles Root when not changing security level.
* allow_user_list: lookup ShowUsers in the X-*-Greeter section of kdmrc.Frederic Lepied2002-09-051-2/+2
|
* removed debug outputFrederic Lepied2002-09-051-1/+0
|
* CHECK_SUID_GROUP => CHECK_SGIDFrederic Lepied2002-09-031-1/+1
|
* writeable => writableFrederic Lepied2002-08-301-1/+2
|
* allow_reboot: used section X-:0-Core instead of X-:*-Greeter for kdmrc.Frederic Lepied2002-08-251-3/+6
| | | | | password_history: create /etc/security/opasswd if it doesn't exist.
* corrected without_passwordFrederic Lepied2002-08-111-1/+1
|
* password_length use system-auth instead of passwd pam file.Frederic Lepied2002-08-111-17/+148
| | | | | new function: password_history.
* added fields to describe how arguments are used (to be used by shadow.py)Frederic Lepied2002-07-301-6/+61
|
* fixed typo in allow_root_loginFrederic Lepied2002-07-291-1/+1
|
* (set_zero_one_variable): corrected bug when the variable doesn't exist beforeFrederic Lepied2002-07-281-1/+3
| | | | | setting it.
* finalized no security lowering feature.Frederic Lepied2002-07-271-28/+68
|
* * (more functions): don't lower security when not changing secure level.Frederic Lepied2002-07-271-154/+424
|
* * (set_zero_one_variable): factorize sysctl.conf manipulation functions.Frederic Lepied2002-07-241-60/+137
| | | | | | | | | | | | | | * (accept_broadcasted_icmp_echo): split from accept_icmp_echo. * (set_umask): factorize set_root_umask and set_user_umask. * (enable_dns_spoofing_protection): split from enable_ip_spoofing_protection. * (allow_remote_root_login): split from allow_root_login. * (allow_autologin set_umask set_zero_one_variable allow_remote_root_login): don't lower security when not changing security level. * (allow_xserver_to_listen): split from allow_x_connections for better granularity. * (enable_ip_spoofing_protection): when disabling ip spoofing protection put back net.ipv4.conf.all.rp_filter to 0 (David Harris).
* if sysctl.conf is modified reload its content with sysctl but do not restartFrederic Lepied2002-07-061-1/+1
| | | | | network.
* allow_root_login: corrected regexp to avoid adding the string at every run.Frederic Lepied2002-07-041-2/+2
|
* insert changes when no match is found for logindefs and sshd_config.Frederic Lepied2002-07-041-3/+3
|
* corrected typoChristian Belisle2002-06-041-1/+1
|
* corrected typoFrederic Lepied2002-05-291-1/+1
|
* added no_password_aging_forFrederic Lepied2002-05-291-1/+9
|
* allow_reboot: only touch the shutdown, poweroff, reboot and halt files ifFrederic Lepied2002-03-271-1/+2
| | | | | they don't exist.
* removed yes/no declarations as they are used only from mseclib.py.Frederic Lepied2002-03-261-4/+1
| | | | | Maximum password aging can be -1.
* added yes and no to be used as argument to the functions.Frederic Lepied2002-03-081-0/+5
|
* use 127.0.0.1 instead of localhost in hosts.denyFrederic Lepied2002-03-041-3/+3
|
* don't restart network on sysctl.conf change.Frederic Lepied2002-02-251-1/+1
|
* added enable_passwordFrederic Lepied2002-02-201-0/+13
|
* /etc/security/msec/security.conf => /var/lib/msec/security.confFrederic Lepied2002-02-191-5/+48
| | | | | | | enhanced documentation. catch inconsistency between /etc/shadow and /etc/passwd.
* allow an extra arg to specify the log to do in enable_console_logFrederic Lepied2002-02-151-4/+5
|
* only reports an error for an empty wheel group when run interactively.Frederic Lepied2002-02-141-1/+1
|
* handle allowed delay in password changing.Frederic Lepied2002-02-051-6/+9
|