[gentoo-commits] proj/pambase:master commit in: /, templates/ - gentoo-commits

From:	Mikle Kolyada <zlogene@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] proj/pambase:master commit in: /, templates/
Date:	Mon, 17 Aug 2020 07:33:23
Message-Id:	`1597649439.ed4f15348fa950b02016154790bb6d180cccf5f9.zlogene@gentoo`

1

commit:     ed4f15348fa950b02016154790bb6d180cccf5f9

2

Author:     Mikle Kolyada <zlogene <AT> gentoo <DOT> org>

3

AuthorDate: Mon Aug 17 07:30:39 2020 +0000

4

Commit:     Mikle Kolyada <zlogene <AT> gentoo <DOT> org>

5

CommitDate: Mon Aug 17 07:30:39 2020 +0000

6

URL:        https://gitweb.gentoo.org/proj/pambase.git/commit/?id=ed4f1534

7

8

make pam_gnome_keyring optional

9

10

Signed-off-by: Mikle Kolyada <zlogene <AT> gentoo.org>

11

12

 pambase.py           | 143 ++++++++++++++++++++++++++-------------------------

13

 templates/passwd.tpl |   5 +-

14

 2 files changed, 76 insertions(+), 72 deletions(-)

15

16

diff --git a/pambase.py b/pambase.py

17

index 07e458d..83ee97c 100755

18

--- a/pambase.py

19

+++ b/pambase.py

20

@@ -6,96 +6,97 @@ import pathlib

21

22

23

 def main():

24

-	parser = argparse.ArgumentParser(description='basic Gentoo PAM configuration files')

25

-	parser.add_argument('--libcap', action="store_true", help='enable pam_caps.so module')

26

-	parser.add_argument('--passwdqc', action="store_true", help='enable pam_passwdqc.so module')

27

-	parser.add_argument('--pwquality', action="store_true", help='enable pam_pwquality.so module')

28

-	parser.add_argument('--elogind', action="store_true", help='enable pam_elogind.so module')

29

-	parser.add_argument('--systemd', action="store_true", help='enable pam_systemd.so module')

30

-	parser.add_argument('--selinux', action="store_true", help='enable pam_selinux.so module')

31

-	parser.add_argument('--mktemp', action="store_true", help='enable pam_mktemp.so module')

32

-	parser.add_argument('--pam-ssh', action="store_true", help='enable pam_ssh.so module')

33

-	parser.add_argument('--securetty', action="store_true", help='enable pam_securetty.so module')

34

-	parser.add_argument('--sha512', action="store_true", help='enable sha512 option for pam_unix.so module')

35

-	parser.add_argument('--krb5', action="store_true", help='enable pam_krb5.so module')

36

-	parser.add_argument('--minimal', action="store_true", help='install minimalistic PAM stack')

37

-	parser.add_argument('--debug', action="store_true", help='enable debug for selected modules')

38

-	parser.add_argument('--nullok', action="store_true", help='enable nullok option for pam_unix.so module')

39

-

40

-	parsed_args = parser.parse_args()

41

-	processed = process_args(parsed_args)

42

-

43

-	parse_templates(processed)

44

+    parser = argparse.ArgumentParser(description='basic Gentoo PAM configuration files')

45

+    parser.add_argument('--gnome-keyring', action="store_true", help='enable pam_gnome_keyring.so module')

46

+    parser.add_argument('--libcap', action="store_true", help='enable pam_caps.so module')

47

+    parser.add_argument('--passwdqc', action="store_true", help='enable pam_passwdqc.so module')

48

+    parser.add_argument('--pwquality', action="store_true", help='enable pam_pwquality.so module')

49

+    parser.add_argument('--elogind', action="store_true", help='enable pam_elogind.so module')

50

+    parser.add_argument('--systemd', action="store_true", help='enable pam_systemd.so module')

51

+    parser.add_argument('--selinux', action="store_true", help='enable pam_selinux.so module')

52

+    parser.add_argument('--mktemp', action="store_true", help='enable pam_mktemp.so module')

53

+    parser.add_argument('--pam-ssh', action="store_true", help='enable pam_ssh.so module')

54

+    parser.add_argument('--securetty', action="store_true", help='enable pam_securetty.so module')

55

+    parser.add_argument('--sha512', action="store_true", help='enable sha512 option for pam_unix.so module')

56

+    parser.add_argument('--krb5', action="store_true", help='enable pam_krb5.so module')

57

+    parser.add_argument('--minimal', action="store_true", help='install minimalistic PAM stack')

58

+    parser.add_argument('--debug', action="store_true", help='enable debug for selected modules')

59

+    parser.add_argument('--nullok', action="store_true", help='enable nullok option for pam_unix.so module')

60

+

61

+    parsed_args = parser.parse_args()

62

+    processed = process_args(parsed_args)

63

+

64

+    parse_templates(processed)

65

66

67

 def process_args(args):

68

-	# make sure that output directory exists

69

-	pathlib.Path("stack").mkdir(parents=True, exist_ok=True)

70

+    # make sure that output directory exists

71

+    pathlib.Path("stack").mkdir(parents=True, exist_ok=True)

72

73

-	blank_variables = [

74

-		"krb5_authtok",

75

-		"unix_authtok",

76

-		"unix_extended_encryption",

77

-		"likeauth",

78

-		"nullok"

79

-	]

80

+    blank_variables = [

81

+        "krb5_authtok",

82

+        "unix_authtok",

83

+        "unix_extended_encryption",

84

+        "likeauth",

85

+        "nullok"

86

+    ]

87

88

-	# create a blank dictionary

89

-	# then add in our parsed args

90

-	output = dict.fromkeys(blank_variables, "")

91

-	output.update(vars(args))

92

+    # create a blank dictionary

93

+    # then add in our parsed args

94

+    output = dict.fromkeys(blank_variables, "")

95

+    output.update(vars(args))

96

97

-	# unconditional variables

98

-	output["likeauth"] = "likeauth"

99

-	output["unix_authtok"] = "use_authtok"

100

+    # unconditional variables

101

+    output["likeauth"] = "likeauth"

102

+    output["unix_authtok"] = "use_authtok"

103

104

-	if args.debug:

105

-		output["debug"] = "debug"

106

+    if args.debug:

107

+        output["debug"] = "debug"

108

109

-	if args.nullok:

110

-		output["nullok"] = "nullok"

111

+    if args.nullok:

112

+        output["nullok"] = "nullok"

113

114

-	if args.krb5:

115

-		output["krb5_params"] = "{0} ignore_root try_first_pass".format("debug").strip()

116

+    if args.krb5:

117

+        output["krb5_params"] = "{0} ignore_root try_first_pass".format("debug").strip()

118

119

-	if args.sha512:

120

-		output["unix_extended_encryption"] = "sha512 shadow"

121

-	else:

122

-		output["unix_extended_encryption"] = "md5 shadow"

123

+    if args.sha512:

124

+        output["unix_extended_encryption"] = "sha512 shadow"

125

+    else:

126

+        output["unix_extended_encryption"] = "md5 shadow"

127

128

-	return output

129

+    return output

130

131

132

 def parse_templates(processed_args):

133

-	load = FileSystemLoader('')

134

-	env = Environment(loader=load, trim_blocks=True, lstrip_blocks=True, keep_trailing_newline=True)

135

+    load = FileSystemLoader('')

136

+    env = Environment(loader=load, trim_blocks=True, lstrip_blocks=True, keep_trailing_newline=True)

137

138

-	templates = [

139

-		"login",

140

-		"other",

141

-		"passwd",

142

-		"system-local-login",

143

-		"system-remote-login",

144

-		"su",

145

-		"system-auth",

146

-		"system-login",

147

-		"system-services"

148

-	]

149

+    templates = [

150

+        "login",

151

+        "other",

152

+        "passwd",

153

+        "system-local-login",

154

+        "system-remote-login",

155

+        "su",

156

+        "system-auth",

157

+        "system-login",

158

+        "system-services"

159

+    ]

160

161

-	for template_name in templates:

162

-		template = env.get_template('templates/{0}.tpl'.format(template_name))

163

+    for template_name in templates:

164

+        template = env.get_template('templates/{0}.tpl'.format(template_name))

165

166

-		with open('stack/{0}'.format(template_name), "w+") as output:

167

-			rendered_template = template.render(processed_args)

168

+        with open('stack/{0}'.format(template_name), "w+") as output:

169

+            rendered_template = template.render(processed_args)

170

171

-			# Strip all intermediate lines to not worry about appeasing Jinja

172

-			lines = rendered_template.split("\n")

173

-			lines = [line.strip() for line in lines if line]

174

-			rendered_template = "\n".join(lines)

175

+            # Strip all intermediate lines to not worry about appeasing Jinja

176

+            lines = rendered_template.split("\n")

177

+            lines = [line.strip() for line in lines if line]

178

+            rendered_template = "\n".join(lines)

179

180

-			if rendered_template:

181

-				output.write(rendered_template + "\n")

182

+            if rendered_template:

183

+                output.write(rendered_template + "\n")

184

185

186

 if __name__ == "__main__":

187

-	main()

188

+    main()

189

190

diff --git a/templates/passwd.tpl b/templates/passwd.tpl

191

index 5f4f739..101a5fc 100644

192

--- a/templates/passwd.tpl

193

+++ b/templates/passwd.tpl

194

@@ -2,4 +2,7 @@ auth		sufficient	pam_rootok.so

195

 auth		include		system-auth

196

 account		include		system-auth

197

 password	include		system-auth

198

--password	optional	pam_gnome_keyring.so {{ unix_authtok }}

199

+

200

+{% if gnome_keyring %}

201

+password	optional	pam_gnome_keyring.so {{ unix_authtok }}

202

+{% endif %}

1	commit: ed4f15348fa950b02016154790bb6d180cccf5f9
2	Author: Mikle Kolyada <zlogene <AT> gentoo <DOT> org>
3	AuthorDate: Mon Aug 17 07:30:39 2020 +0000
4	Commit: Mikle Kolyada <zlogene <AT> gentoo <DOT> org>
5	CommitDate: Mon Aug 17 07:30:39 2020 +0000
6	URL: https://gitweb.gentoo.org/proj/pambase.git/commit/?id=ed4f1534
7
8	make pam_gnome_keyring optional
9
10	Signed-off-by: Mikle Kolyada <zlogene <AT> gentoo.org>
11
12	pambase.py \| 143 ++++++++++++++++++++++++++-------------------------
13	templates/passwd.tpl \| 5 +-
14	2 files changed, 76 insertions(+), 72 deletions(-)
15
16	diff --git a/pambase.py b/pambase.py
17	index 07e458d..83ee97c 100755
18	--- a/pambase.py
19	+++ b/pambase.py
20	@@ -6,96 +6,97 @@ import pathlib
21
22
23	def main():
24	- parser = argparse.ArgumentParser(description='basic Gentoo PAM configuration files')
25	- parser.add_argument('--libcap', action="store_true", help='enable pam_caps.so module')
26	- parser.add_argument('--passwdqc', action="store_true", help='enable pam_passwdqc.so module')
27	- parser.add_argument('--pwquality', action="store_true", help='enable pam_pwquality.so module')
28	- parser.add_argument('--elogind', action="store_true", help='enable pam_elogind.so module')
29	- parser.add_argument('--systemd', action="store_true", help='enable pam_systemd.so module')
30	- parser.add_argument('--selinux', action="store_true", help='enable pam_selinux.so module')
31	- parser.add_argument('--mktemp', action="store_true", help='enable pam_mktemp.so module')
32	- parser.add_argument('--pam-ssh', action="store_true", help='enable pam_ssh.so module')
33	- parser.add_argument('--securetty', action="store_true", help='enable pam_securetty.so module')
34	- parser.add_argument('--sha512', action="store_true", help='enable sha512 option for pam_unix.so module')
35	- parser.add_argument('--krb5', action="store_true", help='enable pam_krb5.so module')
36	- parser.add_argument('--minimal', action="store_true", help='install minimalistic PAM stack')
37	- parser.add_argument('--debug', action="store_true", help='enable debug for selected modules')
38	- parser.add_argument('--nullok', action="store_true", help='enable nullok option for pam_unix.so module')
39	-
40	- parsed_args = parser.parse_args()
41	- processed = process_args(parsed_args)
42	-
43	- parse_templates(processed)
44	+ parser = argparse.ArgumentParser(description='basic Gentoo PAM configuration files')
45	+ parser.add_argument('--gnome-keyring', action="store_true", help='enable pam_gnome_keyring.so module')
46	+ parser.add_argument('--libcap', action="store_true", help='enable pam_caps.so module')
47	+ parser.add_argument('--passwdqc', action="store_true", help='enable pam_passwdqc.so module')
48	+ parser.add_argument('--pwquality', action="store_true", help='enable pam_pwquality.so module')
49	+ parser.add_argument('--elogind', action="store_true", help='enable pam_elogind.so module')
50	+ parser.add_argument('--systemd', action="store_true", help='enable pam_systemd.so module')
51	+ parser.add_argument('--selinux', action="store_true", help='enable pam_selinux.so module')
52	+ parser.add_argument('--mktemp', action="store_true", help='enable pam_mktemp.so module')
53	+ parser.add_argument('--pam-ssh', action="store_true", help='enable pam_ssh.so module')
54	+ parser.add_argument('--securetty', action="store_true", help='enable pam_securetty.so module')
55	+ parser.add_argument('--sha512', action="store_true", help='enable sha512 option for pam_unix.so module')
56	+ parser.add_argument('--krb5', action="store_true", help='enable pam_krb5.so module')
57	+ parser.add_argument('--minimal', action="store_true", help='install minimalistic PAM stack')
58	+ parser.add_argument('--debug', action="store_true", help='enable debug for selected modules')
59	+ parser.add_argument('--nullok', action="store_true", help='enable nullok option for pam_unix.so module')
60	+
61	+ parsed_args = parser.parse_args()
62	+ processed = process_args(parsed_args)
63	+
64	+ parse_templates(processed)
65
66
67	def process_args(args):
68	- # make sure that output directory exists
69	- pathlib.Path("stack").mkdir(parents=True, exist_ok=True)
70	+ # make sure that output directory exists
71	+ pathlib.Path("stack").mkdir(parents=True, exist_ok=True)
72
73	- blank_variables = [
74	- "krb5_authtok",
75	- "unix_authtok",
76	- "unix_extended_encryption",
77	- "likeauth",
78	- "nullok"
79	- ]
80	+ blank_variables = [
81	+ "krb5_authtok",
82	+ "unix_authtok",
83	+ "unix_extended_encryption",
84	+ "likeauth",
85	+ "nullok"
86	+ ]
87
88	- # create a blank dictionary
89	- # then add in our parsed args
90	- output = dict.fromkeys(blank_variables, "")
91	- output.update(vars(args))
92	+ # create a blank dictionary
93	+ # then add in our parsed args
94	+ output = dict.fromkeys(blank_variables, "")
95	+ output.update(vars(args))
96
97	- # unconditional variables
98	- output["likeauth"] = "likeauth"
99	- output["unix_authtok"] = "use_authtok"
100	+ # unconditional variables
101	+ output["likeauth"] = "likeauth"
102	+ output["unix_authtok"] = "use_authtok"
103
104	- if args.debug:
105	- output["debug"] = "debug"
106	+ if args.debug:
107	+ output["debug"] = "debug"
108
109	- if args.nullok:
110	- output["nullok"] = "nullok"
111	+ if args.nullok:
112	+ output["nullok"] = "nullok"
113
114	- if args.krb5:
115	- output["krb5_params"] = "{0} ignore_root try_first_pass".format("debug").strip()
116	+ if args.krb5:
117	+ output["krb5_params"] = "{0} ignore_root try_first_pass".format("debug").strip()
118
119	- if args.sha512:
120	- output["unix_extended_encryption"] = "sha512 shadow"
121	- else:
122	- output["unix_extended_encryption"] = "md5 shadow"
123	+ if args.sha512:
124	+ output["unix_extended_encryption"] = "sha512 shadow"
125	+ else:
126	+ output["unix_extended_encryption"] = "md5 shadow"
127
128	- return output
129	+ return output
130
131
132	def parse_templates(processed_args):
133	- load = FileSystemLoader('')
134	- env = Environment(loader=load, trim_blocks=True, lstrip_blocks=True, keep_trailing_newline=True)
135	+ load = FileSystemLoader('')
136	+ env = Environment(loader=load, trim_blocks=True, lstrip_blocks=True, keep_trailing_newline=True)
137
138	- templates = [
139	- "login",
140	- "other",
141	- "passwd",
142	- "system-local-login",
143	- "system-remote-login",
144	- "su",
145	- "system-auth",
146	- "system-login",
147	- "system-services"
148	- ]
149	+ templates = [
150	+ "login",
151	+ "other",
152	+ "passwd",
153	+ "system-local-login",
154	+ "system-remote-login",
155	+ "su",
156	+ "system-auth",
157	+ "system-login",
158	+ "system-services"
159	+ ]
160
161	- for template_name in templates:
162	- template = env.get_template('templates/{0}.tpl'.format(template_name))
163	+ for template_name in templates:
164	+ template = env.get_template('templates/{0}.tpl'.format(template_name))
165
166	- with open('stack/{0}'.format(template_name), "w+") as output:
167	- rendered_template = template.render(processed_args)
168	+ with open('stack/{0}'.format(template_name), "w+") as output:
169	+ rendered_template = template.render(processed_args)
170
171	- # Strip all intermediate lines to not worry about appeasing Jinja
172	- lines = rendered_template.split("\n")
173	- lines = [line.strip() for line in lines if line]
174	- rendered_template = "\n".join(lines)
175	+ # Strip all intermediate lines to not worry about appeasing Jinja
176	+ lines = rendered_template.split("\n")
177	+ lines = [line.strip() for line in lines if line]
178	+ rendered_template = "\n".join(lines)
179
180	- if rendered_template:
181	- output.write(rendered_template + "\n")
182	+ if rendered_template:
183	+ output.write(rendered_template + "\n")
184
185
186	if __name__ == "__main__":
187	- main()
188	+ main()
189
190	diff --git a/templates/passwd.tpl b/templates/passwd.tpl
191	index 5f4f739..101a5fc 100644
192	--- a/templates/passwd.tpl
193	+++ b/templates/passwd.tpl
194	@@ -2,4 +2,7 @@ auth sufficient pam_rootok.so
195	auth include system-auth
196	account include system-auth
197	password include system-auth
198	--password optional pam_gnome_keyring.so {{ unix_authtok }}
199	+
200	+{% if gnome_keyring %}
201	+password optional pam_gnome_keyring.so {{ unix_authtok }}
202	+{% endif %}

Gentoo Archives: gentoo-commits