1 |
flameeyes 08/08/01 17:23:18 |
2 |
|
3 |
Modified: ChangeLog metadata.xml |
4 |
Added: pambase-20080801.ebuild |
5 |
Log: |
6 |
New pambase with optional support for SHA512-hashed passwords (enabled by default). This will deprecated sys-auth/pam_sha512. |
7 |
(Portage version: 2.2_rc5/cvs/Linux 2.6.26-gentoo x86_64) |
8 |
|
9 |
Revision Changes Path |
10 |
1.48 sys-auth/pambase/ChangeLog |
11 |
|
12 |
file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/sys-auth/pambase/ChangeLog?rev=1.48&view=markup |
13 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/sys-auth/pambase/ChangeLog?rev=1.48&content-type=text/plain |
14 |
diff : http://sources.gentoo.org/viewcvs.py/gentoo-x86/sys-auth/pambase/ChangeLog?r1=1.47&r2=1.48 |
15 |
|
16 |
Index: ChangeLog |
17 |
=================================================================== |
18 |
RCS file: /var/cvsroot/gentoo-x86/sys-auth/pambase/ChangeLog,v |
19 |
retrieving revision 1.47 |
20 |
retrieving revision 1.48 |
21 |
diff -u -r1.47 -r1.48 |
22 |
--- ChangeLog 31 Jul 2008 10:41:42 -0000 1.47 |
23 |
+++ ChangeLog 1 Aug 2008 17:23:18 -0000 1.48 |
24 |
@@ -1,6 +1,13 @@ |
25 |
# ChangeLog for sys-auth/pambase |
26 |
# Copyright 1999-2008 Gentoo Foundation; Distributed under the GPL v2 |
27 |
-# $Header: /var/cvsroot/gentoo-x86/sys-auth/pambase/ChangeLog,v 1.47 2008/07/31 10:41:42 caster Exp $ |
28 |
+# $Header: /var/cvsroot/gentoo-x86/sys-auth/pambase/ChangeLog,v 1.48 2008/08/01 17:23:18 flameeyes Exp $ |
29 |
+ |
30 |
+*pambase-20080801 (01 Aug 2008) |
31 |
+ |
32 |
+ 01 Aug 2008; Diego Pettenò <flameeyes@g.o> metadata.xml, |
33 |
+ +pambase-20080801.ebuild: |
34 |
+ New pambase with optional support for SHA512-hashed passwords (enabled by |
35 |
+ default). This will deprecated sys-auth/pam_sha512. |
36 |
|
37 |
31 Jul 2008; Vlastimil Babka <caster@g.o> ChangeLog: |
38 |
Fix distfile size and hashes in Manifest, bug #233462. |
39 |
|
40 |
|
41 |
|
42 |
1.7 sys-auth/pambase/metadata.xml |
43 |
|
44 |
file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/sys-auth/pambase/metadata.xml?rev=1.7&view=markup |
45 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/sys-auth/pambase/metadata.xml?rev=1.7&content-type=text/plain |
46 |
diff : http://sources.gentoo.org/viewcvs.py/gentoo-x86/sys-auth/pambase/metadata.xml?r1=1.6&r2=1.7 |
47 |
|
48 |
Index: metadata.xml |
49 |
=================================================================== |
50 |
RCS file: /var/cvsroot/gentoo-x86/sys-auth/pambase/metadata.xml,v |
51 |
retrieving revision 1.6 |
52 |
retrieving revision 1.7 |
53 |
diff -u -r1.6 -r1.7 |
54 |
--- metadata.xml 22 Jul 2008 22:27:37 -0000 1.6 |
55 |
+++ metadata.xml 1 Aug 2008 17:23:18 -0000 1.7 |
56 |
@@ -47,5 +47,19 @@ |
57 |
~/.ssh/id_dsa or ~/.ssh/identity), and will spawn an ssh-agent |
58 |
instance to cache the open key. |
59 |
</flag> |
60 |
+ <flag name="sha512"> |
61 |
+ Switch Linux-PAM's pam_unix module to use sha512 for passwords |
62 |
+ hashes rather than MD5. This option requires |
63 |
+ <pkg>>=sys-libs/pam-1.0.1</pkg> built against |
64 |
+ <pkg>>=sys-libs/glibc-2.7</pkg>, if it's built against an |
65 |
+ earlier version, it will silently be ignored, and MD5 hashes |
66 |
+ will be used. All the passwords changed after this USE flag is |
67 |
+ enabled will be saved to the shadow file hashed using SHA512 |
68 |
+ function. The password previously saved will be left |
69 |
+ untouched. Please note that while SHA512-hashed passwords will |
70 |
+ still be recognised if the USE flag is removed, the shadow file |
71 |
+ will not be compatible with systems using an earlier glibc |
72 |
+ version. |
73 |
+ </flag> |
74 |
</use> |
75 |
</pkgmetadata> |
76 |
|
77 |
|
78 |
|
79 |
1.1 sys-auth/pambase/pambase-20080801.ebuild |
80 |
|
81 |
file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/sys-auth/pambase/pambase-20080801.ebuild?rev=1.1&view=markup |
82 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/sys-auth/pambase/pambase-20080801.ebuild?rev=1.1&content-type=text/plain |
83 |
|
84 |
Index: pambase-20080801.ebuild |
85 |
=================================================================== |
86 |
# Copyright 1999-2008 Gentoo Foundation |
87 |
# Distributed under the terms of the GNU General Public License v2 |
88 |
# $Header: /var/cvsroot/gentoo-x86/sys-auth/pambase/pambase-20080801.ebuild,v 1.1 2008/08/01 17:23:18 flameeyes Exp $ |
89 |
|
90 |
EAPI=1 |
91 |
|
92 |
inherit eutils |
93 |
|
94 |
DESCRIPTION="PAM base configuration files" |
95 |
HOMEPAGE="http://www.gentoo.org/proj/en/base/pam/" |
96 |
SRC_URI="http://www.flameeyes.eu/gentoo-distfiles/${P}.tar.bz2" |
97 |
|
98 |
LICENSE="GPL-2" |
99 |
SLOT="0" |
100 |
KEYWORDS="~amd64 ~hppa ~ppc ~sparc ~x86 ~x86-fbsd" |
101 |
IUSE="debug cracklib passwdqc consolekit gnome-keyring selinux mktemp ssh +sha512" |
102 |
RESTRICT="binchecks" |
103 |
|
104 |
RDEPEND=" |
105 |
|| ( |
106 |
>=sys-libs/pam-0.99.9.0-r1 |
107 |
( sys-auth/openpam |
108 |
|| ( sys-freebsd/freebsd-pam-modules sys-netbsd/netbsd-pam-modules ) |
109 |
) |
110 |
) |
111 |
cracklib? ( >=sys-libs/pam-0.99 ) |
112 |
consolekit? ( sys-auth/consolekit ) |
113 |
gnome-keyring? ( >=gnome-base/gnome-keyring-2.20 ) |
114 |
selinux? ( >=sys-libs/pam-0.99 ) |
115 |
passwdqc? ( >=sys-auth/pam_passwdqc-1.0.4 ) |
116 |
mktemp? ( sys-auth/pam_mktemp ) |
117 |
ssh? ( sys-auth/pam_ssh ) |
118 |
sha512? ( >=sys-libs/pam-1.0.1 ) |
119 |
!<sys-freebsd/freebsd-pam-modules-6.2-r1 |
120 |
!<sys-libs/pam-0.99.9.0-r1" |
121 |
DEPEND="" |
122 |
|
123 |
pkg_setup() { |
124 |
if use cracklib && ! built_with_use sys-libs/pam cracklib; then |
125 |
eerror "To enable cracklib support in the main PAM configuration" |
126 |
eerror "you need to enable cracklib USE flag on sys-libs/pam" |
127 |
eerror "first." |
128 |
die "Missing pam_cracklib" |
129 |
fi |
130 |
|
131 |
if use selinux && ! built_with_use sys-libs/pam selinux; then |
132 |
eerror "To enable selinux support in the main PAM configuration" |
133 |
eerror "you need to enable selinux USE flag on sys-libs/pam" |
134 |
eerror "first." |
135 |
die "Missing pam_selinux" |
136 |
fi |
137 |
|
138 |
if use consolekit && ! built_with_use sys-auth/consolekit pam; then |
139 |
eerror "To enable ConsoleKit support in the main PAM configuration" |
140 |
eerror "you need to enable pam USE flag on sys-auth/consolekit" |
141 |
eerror "first." |
142 |
die "Missing pam_ck_connector" |
143 |
fi |
144 |
|
145 |
if use gnome-keyring && ! built_with_use gnome-base/gnome-keyring pam; then |
146 |
eerror "To enable GNOME Keyring support in the main PAM configuration" |
147 |
eerror "you need to enable pam USE flag on gnome-base/gnome-keyring" |
148 |
eerror "first." |
149 |
die "Missing pam_gnome_keyring" |
150 |
fi |
151 |
} |
152 |
|
153 |
src_compile() { |
154 |
has_version sys-libs/pam && implementation="linux-pam" |
155 |
has_version sys-auth/openpam && implementation="openpam" |
156 |
|
157 |
emake \ |
158 |
GIT=true \ |
159 |
DEBUG=$(use debug && echo yes || echo no) \ |
160 |
CRACKLIB=$(use cracklib && echo yes || echo no) \ |
161 |
PASSWDQC=$(use passwdqc && echo yes || echo no) \ |
162 |
CONSOLEKIT=$(use consolekit && echo yes || echo no) \ |
163 |
GNOME_KEYRING=$(use gnome-keyring && echo yes || echo no) \ |
164 |
SELINUX=$(use selinux && echo yes || echo no) \ |
165 |
MKTEMP=$(use mktemp && echo yes || echo no) \ |
166 |
PAM_SSH=$(use ssh && echo yes || echo no) \ |
167 |
SHA512=$(use sha512 && echo yes || echo no) \ |
168 |
IMPLEMENTATION=${implementation} \ |
169 |
|| die "emake failed" |
170 |
} |
171 |
|
172 |
src_install() { |
173 |
emake GIT=true DESTDIR="${D}" install || die "emake install failed" |
174 |
} |
175 |
|
176 |
pkg_postinst() { |
177 |
if use sha512; then |
178 |
elog "Starting from version 20080801, pambase optionally enables" |
179 |
elog "SHA512-hashed passwords. For this to work, you need sys-libs/pam-1.0.1" |
180 |
elog "built against sys-libs/glibc-2.7 or later." |
181 |
elog "If you don't have support for this, it will automatically fallback" |
182 |
elog "to MD5-hashed passwords, just like before." |
183 |
elog |
184 |
elog "Please note that the change only affects the newly-changed passwords" |
185 |
elog "and that SHA512-hashed passwords will not work on earlier versions" |
186 |
elog "of glibc or Linux-PAM." |
187 |
fi |
188 |
} |