pam

Description:Linux-PAM (Pluggable Authentication Modules)
License: BSD, GPL-2
Homepage:https://github.com/linux-pam/linux-pam
Location:Portage
Legend:
  • + - stable
  • ~ - unstable
  • M - hardmask
alpha amd64 arm hppa ia64 m68k mips ppc ppc64 s390 sh sparc x86
1.4.0-r2 diff ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ - ~ ~
1.3.1_p20200128-r1 ~ + + + ~ ~ ~ + + ~ - + +

USE flags

  • abi_mips_n32 - 64-bit (32-bit pointer) libraries
  • abi_mips_n64 - 64-bit libraries
  • abi_mips_o32 - 32-bit libraries
  • abi_ppc_32 - 32-bit (ppc) libraries
  • abi_ppc_64 - 64-bit (ppc64) libraries
  • abi_riscv_lp64 - 64-bit (rv64) soft-float libraries
  • abi_riscv_lp64d - 64-bit (rv64) double hard-float libraries
  • abi_s390_32 - 32-bit (s390) libraries
  • abi_s390_64 - 64-bit (s390x) libraries
  • abi_x86_32 - 32-bit (x86) libraries
  • abi_x86_64 - 64-bit (amd64) libraries
  • abi_x86_x32 - x32 ABI libraries
  • audit - Enable support for Linux audit subsystem using sys-process/audit
  • berkdb - Build the pam_userdb module, that allows to authenticate users against a Berkeley DB file. Please note that enabling this USE flag will create a PAM module that links to the Berkeley DB (as provided by sys-libs/db) installed in /usr/lib and will thus not work for boot-critical services authentication.
  • cracklib - Build the pam_cracklib module, that allows to verify the chosen passwords' strength through the use of sys-libs/cracklib. Please note that simply enabling the USE flag on this package will not make use of pam_cracklib by default, you should also enable it in sys-auth/pambase as well as update your configuration files.
  • debug - Enable extra debug codepaths, like asserts and extra output. If you want to get meaningful backtraces see https://wiki.gentoo.org/wiki/Project:Quality_Assurance/Backtraces
  • elibc_FreeBSD - ELIBC setting for systems that use the FreeBSD C library
  • elibc_glibc - ELIBC setting for systems that use the GNU C library
  • filecaps - Use Linux file capabilities to control privilege rather than set*id (this is orthogonal to USE=caps which uses capabilities at runtime e.g. libcap)
  • nis - Support for NIS/YP services
  • nls - Add Native Language Support (using gettext - GNU locale utilities)
  • pie - Build programs as Position Independent Executables (a security hardening technique)
  • selinux - !!internal use only!! Security Enhanced Linux support, this must be set by the selinux profile or breakage will occur
  • split-usr - Enable behavior to support maintaining /bin, /lib*, /sbin and /usr/sbin separately from /usr/bin and /usr/lib*
  • static-libs - Build static versions of dynamic libraries as well
  • test - Enable dependencies and/or preparations necessary to run tests (usually controlled by FEATURES=test but can be toggled independently)
  • vim-syntax - Pulls in related vim syntax scripts

Security Advisory

Date Severity Title
about 4 years normal Linux-PAM: Multiple vulnerabilities
about 8 years high Linux-PAM: Multiple vulnerabilities
almost 11 years normal Linux-PAM: Privilege escalation
almost 15 years normal SELinux PAM: Local password guessing attack

Also available in: Atom

Thank you!