1 |
commit: e7e2a601e277bbede4f3f4aaf05cc1e49392458c |
2 |
Author: Michał Górny <mgorny <AT> gentoo <DOT> org> |
3 |
AuthorDate: Thu Mar 28 06:00:05 2019 +0000 |
4 |
Commit: Michał Górny <mgorny <AT> gentoo <DOT> org> |
5 |
CommitDate: Thu Mar 28 06:00:05 2019 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e7e2a601 |
7 |
|
8 |
sys-auth/pambase: Add zlogene as primary maint |
9 |
|
10 |
Signed-off-by: Michał Górny <mgorny <AT> gentoo.org> |
11 |
|
12 |
sys-auth/pambase/metadata.xml | 186 +++++++++++++++++++++--------------------- |
13 |
1 file changed, 95 insertions(+), 91 deletions(-) |
14 |
|
15 |
diff --git a/sys-auth/pambase/metadata.xml b/sys-auth/pambase/metadata.xml |
16 |
index 7cd2dea5abe..ac1a717271f 100644 |
17 |
--- a/sys-auth/pambase/metadata.xml |
18 |
+++ b/sys-auth/pambase/metadata.xml |
19 |
@@ -1,95 +1,99 @@ |
20 |
<?xml version="1.0" encoding="UTF-8"?> |
21 |
<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> |
22 |
<pkgmetadata> |
23 |
- <maintainer type="project"> |
24 |
- <email>pam-bugs@g.o</email> |
25 |
- </maintainer> |
26 |
- <use> |
27 |
- <flag name="cracklib"> |
28 |
- Enable pam_cracklib module on system authentication stack. This |
29 |
- produces warnings when changing password to something easily |
30 |
- crackable. It requires the same USE flag to be enabled on |
31 |
- <pkg>sys-libs/pam</pkg> or system login might be impossible. |
32 |
- </flag> |
33 |
- <flag name="consolekit"> |
34 |
- Enable pam_ck_connector module on local system logins. This |
35 |
- allows for console logins to make use of ConsoleKit |
36 |
- authorization. |
37 |
- </flag> |
38 |
- <flag name="elogind"> |
39 |
- Use pam_elogind module to register user sessions with elogind. |
40 |
- </flag> |
41 |
- <flag name="systemd"> |
42 |
- Use pam_systemd module to register user sessions in the systemd |
43 |
- control group hierarchy. |
44 |
- </flag> |
45 |
- <flag name="gnome-keyring"> |
46 |
- Enable pam_gnome_keyring module on system login stack. This |
47 |
- enables proper Gnome Keyring access to logins, whether they are |
48 |
- done with the login shell, a Desktop Manager or a remote login |
49 |
- systems such as SSH. |
50 |
- </flag> |
51 |
- <flag name="debug"> |
52 |
- Enable debug information logging on syslog(3) for all the |
53 |
- modules supporting this in the system authentication and system |
54 |
- login stacks. |
55 |
- </flag> |
56 |
- <flag name="passwdqc"> |
57 |
- Enable pam_passwdqc module on system auth stack for password |
58 |
- quality validation. This is an alternative to pam_cracklib |
59 |
- producing warnings, rejecting or providing example passwords |
60 |
- when changing your system password. It is used by default by |
61 |
- OpenWall GNU/*/Linux and by FreeBSD. |
62 |
- </flag> |
63 |
- <flag name="mktemp"> |
64 |
- Enable pam_mktemp module on system auth stack for session |
65 |
- handling. This module creates a private temporary directory for |
66 |
- the user, and sets TMP and TMPDIR accordingly. |
67 |
- </flag> |
68 |
- <flag name="pam_ssh"> |
69 |
- Enable pam_ssh module on system auth stack for authentication |
70 |
- and session handling. This module will accept as password the |
71 |
- passphrase of a private SSH key (one of ~/.ssh/id_rsa, |
72 |
- ~/.ssh/id_dsa or ~/.ssh/identity), and will spawn an ssh-agent |
73 |
- instance to cache the open key. |
74 |
- </flag> |
75 |
- <flag name="sha512"> |
76 |
- Switch Linux-PAM's pam_unix module to use sha512 for passwords |
77 |
- hashes rather than MD5. This option requires |
78 |
- <pkg>sys-libs/pam</pkg> version 1.0.1 built against |
79 |
- <pkg>sys-libs/glibc</pkg> version 2.7, if it's built against an |
80 |
- earlier version, it will silently be ignored, and MD5 hashes |
81 |
- will be used. All the passwords changed after this USE flag is |
82 |
- enabled will be saved to the shadow file hashed using SHA512 |
83 |
- function. The password previously saved will be left |
84 |
- untouched. Please note that while SHA512-hashed passwords will |
85 |
- still be recognised if the USE flag is removed, the shadow file |
86 |
- will not be compatible with systems using an earlier glibc |
87 |
- version. |
88 |
- </flag> |
89 |
- <flag name="pam_krb5"> |
90 |
- Enable pam_krb5 module on system auth stack, as an alternative |
91 |
- to pam_unix. If Kerberos authentication succeed, only pam_unix |
92 |
- will be ignore, and all the other modules will proceed as usual, |
93 |
- including Gnome Keyring and other session modules. It requires |
94 |
- <pkg>sys-libs/pam</pkg> as PAM implementation. |
95 |
- </flag> |
96 |
- <flag name="minimal"> |
97 |
- Disables the standard PAM modules that provide extra information |
98 |
- to users on login; this includes pam_tally (and pam_tally2 for |
99 |
- Linux PAM 1.1 and later), pam_lastlog, pam_motd and other |
100 |
- similar modules. This might not be a good idea on a multi-user |
101 |
- system but could reduce slightly the overhead on single-user |
102 |
- non-networked systems. |
103 |
- </flag> |
104 |
- <flag name="nullok"> |
105 |
- Enable the nullok option with the pam_unix module. This allows |
106 |
- people to login with blank passwords. |
107 |
- </flag> |
108 |
- <flag name="securetty"> |
109 |
- Enable pam_securetty module in the login stack. Not generally |
110 |
- relevant anymore as the login stack only refers to local logins |
111 |
- and local terminals imply secure access in the first place. |
112 |
- </flag> |
113 |
- </use> |
114 |
+ <maintainer type="person"> |
115 |
+ <email>zlogene@g.o</email> |
116 |
+ <name>Mikle Kolyada</name> |
117 |
+ </maintainer> |
118 |
+ <maintainer type="project"> |
119 |
+ <email>pam-bugs@g.o</email> |
120 |
+ </maintainer> |
121 |
+ <use> |
122 |
+ <flag name="cracklib"> |
123 |
+ Enable pam_cracklib module on system authentication stack. This |
124 |
+ produces warnings when changing password to something easily |
125 |
+ crackable. It requires the same USE flag to be enabled on |
126 |
+ <pkg>sys-libs/pam</pkg> or system login might be impossible. |
127 |
+ </flag> |
128 |
+ <flag name="consolekit"> |
129 |
+ Enable pam_ck_connector module on local system logins. This |
130 |
+ allows for console logins to make use of ConsoleKit |
131 |
+ authorization. |
132 |
+ </flag> |
133 |
+ <flag name="elogind"> |
134 |
+ Use pam_elogind module to register user sessions with elogind. |
135 |
+ </flag> |
136 |
+ <flag name="systemd"> |
137 |
+ Use pam_systemd module to register user sessions in the systemd |
138 |
+ control group hierarchy. |
139 |
+ </flag> |
140 |
+ <flag name="gnome-keyring"> |
141 |
+ Enable pam_gnome_keyring module on system login stack. This |
142 |
+ enables proper Gnome Keyring access to logins, whether they are |
143 |
+ done with the login shell, a Desktop Manager or a remote login |
144 |
+ systems such as SSH. |
145 |
+ </flag> |
146 |
+ <flag name="debug"> |
147 |
+ Enable debug information logging on syslog(3) for all the |
148 |
+ modules supporting this in the system authentication and system |
149 |
+ login stacks. |
150 |
+ </flag> |
151 |
+ <flag name="passwdqc"> |
152 |
+ Enable pam_passwdqc module on system auth stack for password |
153 |
+ quality validation. This is an alternative to pam_cracklib |
154 |
+ producing warnings, rejecting or providing example passwords |
155 |
+ when changing your system password. It is used by default by |
156 |
+ OpenWall GNU/*/Linux and by FreeBSD. |
157 |
+ </flag> |
158 |
+ <flag name="mktemp"> |
159 |
+ Enable pam_mktemp module on system auth stack for session |
160 |
+ handling. This module creates a private temporary directory for |
161 |
+ the user, and sets TMP and TMPDIR accordingly. |
162 |
+ </flag> |
163 |
+ <flag name="pam_ssh"> |
164 |
+ Enable pam_ssh module on system auth stack for authentication |
165 |
+ and session handling. This module will accept as password the |
166 |
+ passphrase of a private SSH key (one of ~/.ssh/id_rsa, |
167 |
+ ~/.ssh/id_dsa or ~/.ssh/identity), and will spawn an ssh-agent |
168 |
+ instance to cache the open key. |
169 |
+ </flag> |
170 |
+ <flag name="sha512"> |
171 |
+ Switch Linux-PAM's pam_unix module to use sha512 for passwords |
172 |
+ hashes rather than MD5. This option requires |
173 |
+ <pkg>sys-libs/pam</pkg> version 1.0.1 built against |
174 |
+ <pkg>sys-libs/glibc</pkg> version 2.7, if it's built against an |
175 |
+ earlier version, it will silently be ignored, and MD5 hashes |
176 |
+ will be used. All the passwords changed after this USE flag is |
177 |
+ enabled will be saved to the shadow file hashed using SHA512 |
178 |
+ function. The password previously saved will be left |
179 |
+ untouched. Please note that while SHA512-hashed passwords will |
180 |
+ still be recognised if the USE flag is removed, the shadow file |
181 |
+ will not be compatible with systems using an earlier glibc |
182 |
+ version. |
183 |
+ </flag> |
184 |
+ <flag name="pam_krb5"> |
185 |
+ Enable pam_krb5 module on system auth stack, as an alternative |
186 |
+ to pam_unix. If Kerberos authentication succeed, only pam_unix |
187 |
+ will be ignore, and all the other modules will proceed as usual, |
188 |
+ including Gnome Keyring and other session modules. It requires |
189 |
+ <pkg>sys-libs/pam</pkg> as PAM implementation. |
190 |
+ </flag> |
191 |
+ <flag name="minimal"> |
192 |
+ Disables the standard PAM modules that provide extra information |
193 |
+ to users on login; this includes pam_tally (and pam_tally2 for |
194 |
+ Linux PAM 1.1 and later), pam_lastlog, pam_motd and other |
195 |
+ similar modules. This might not be a good idea on a multi-user |
196 |
+ system but could reduce slightly the overhead on single-user |
197 |
+ non-networked systems. |
198 |
+ </flag> |
199 |
+ <flag name="nullok"> |
200 |
+ Enable the nullok option with the pam_unix module. This allows |
201 |
+ people to login with blank passwords. |
202 |
+ </flag> |
203 |
+ <flag name="securetty"> |
204 |
+ Enable pam_securetty module in the login stack. Not generally |
205 |
+ relevant anymore as the login stack only refers to local logins |
206 |
+ and local terminals imply secure access in the first place. |
207 |
+ </flag> |
208 |
+ </use> |
209 |
</pkgmetadata> |