packages/kiran-authentication-service
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!36 修改多路认证情况下,如果认证失败,交由failock模块计数

Browse Source 
From: @liubuguiii 
Reviewed-by: @tangjie02 
Signed-off-by: @tangjie02
This commit is contained in:
openeuler-ci-bot 2023-06-03 11:16:45 +00:00 committed by Gitee
commit 4aa8ce3cb0
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
2 changed files with 35 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
0010-fix-multi-channel-auth-If-the-authentication-fails-t.patch Normal file
View File

@ -0,0 +1,30 @@
From 3af3972404b72f71851995e0d4e89bdb4ce29862 Mon Sep 17 00:00:00 2001
From: liuxinhao <liuxinhao@kylinsec.com.cn>
Date: Sat, 3 Jun 2023 17:08:16 +0800
Subject: [PATCH] fix(multi-channel auth): If the authentication fails, the
faillock module counts the data
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
- 修改多路认证情况下如果认证失败交由failock模块计数
---
data/kiran-authentication-service | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/data/kiran-authentication-service b/data/kiran-authentication-service
index e0f2763..8bbbea7 100644
--- a/data/kiran-authentication-service
+++ b/data/kiran-authentication-service
@@ -6,7 +6,7 @@
# =========================认证配置项目================================ #
# 多路认证模式,成/功则认证通过,失败/切换到密码 跳过多因子认证模式
-auth [success=done ignore=2 default=die] pam_kiran_authentication.so doauth
+auth [success=done ignore=2 default=bad] pam_kiran_authentication.so doauth
# 多因子认证模式, 成功继续执行PAM流程栈,失败或默认值都为失败
#auth [success=2 default=bad] pam_kiran_authentication.so doauth
# ==================================================================== #
--
2.33.0

6
kiran-authentication-service.spec
View File

@ -1,6 +1,6 @@
Name: kiran-authentication-service
Version: 2.5.1
Release: 4
Release: 5
Summary: Kiran Desktop kiran authentication service
License: MulanPSL-2.0
URL: http://www.kylinsec.com.cn
@ -16,6 +16,7 @@ Patch0006: 0006-fix-default-device-Device-adapters-do-not-update-def.patch
Patch0007: 0007-fix-multi-factor-Multifactor-authentication-handling.patch
Patch0008: 0008-fix-default-device-Update-the-logic-of-the-default-a.patch
Patch0009: 0009-fix-multi-factor-multi-factor-no-jump-login.patch
Patch0010: 0010-fix-multi-channel-auth-If-the-authentication-fails-t.patch
BuildRequires: systemd
BuildRequires: systemd-devel
@ -91,6 +92,9 @@ systemctl enable kiran-authentication-daemon.service
%{_includedir}/kiran-authentication-service/kas-authentication-i.h
%changelog
* Sat Jun 03 2023 liuxinhao <liuxinhao@kylinsec.com.cn> - 2.5.1-5
- KYOS-B: If the authentication fails, the faillock module counts the data(#I7937W)
* Fri Jun 02 2023 liuxinhao <liuxinhao@kylinsec.com.cn> - 2.5.1-4
- KYOS-B: Device adapters do not update default devices that do not exist
- KYOS-B: Multifactor authentication, handling only password authentication