| 1 |
commit: 12bb0798022e7c77ccb830b66c647e2dfb215c4a |
| 2 |
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
| 3 |
AuthorDate: Tue Jan 3 20:54:04 2012 +0000 |
| 4 |
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
| 5 |
CommitDate: Tue Jan 3 20:54:04 2012 +0000 |
| 6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-dev.git;a=commit;h=12bb0798 |
| 7 |
|
| 8 |
sys-libs/pam: imported from git://git.overlays.gentoo.org/proj/embedded-cross.git |
| 9 |
|
| 10 |
--- |
| 11 |
...Linux-PAM-0.99.7.0-disable-regenerate-man.patch | 18 ++ |
| 12 |
sys-libs/pam/files/Linux-PAM-0.99.8.1-xtests.patch | 18 ++ |
| 13 |
sys-libs/pam/files/Linux-PAM-1.0.2-noyp.patch | 247 ++++++++++++++++++++ |
| 14 |
.../pam/files/Linux-PAM-1.0.4-cross-compile.patch | 35 +++ |
| 15 |
sys-libs/pam/files/Linux-PAM-1.0.4-fix-tests.patch | 13 + |
| 16 |
sys-libs/pam/files/Linux-PAM-1.1.0-debug.patch | 13 + |
| 17 |
sys-libs/pam/files/Linux-PAM-1.1.0-nonls.patch | 11 + |
| 18 |
sys-libs/pam/files/Linux-PAM-1.1.0-uclibc.patch | 82 +++++++ |
| 19 |
sys-libs/pam/files/Linux-PAM-1.1.0-xcrypt.patch | 16 ++ |
| 20 |
sys-libs/pam/files/Linux-PAM-1.1.1+berkdb-5.patch | 12 + |
| 21 |
sys-libs/pam/files/Linux-PAM-1.1.1-gentoodb.patch | 20 ++ |
| 22 |
sys-libs/pam/files/Linux-PAM-1.1.1-xcrypt.patch | 21 ++ |
| 23 |
sys-libs/pam/files/other.pamd | 6 + |
| 24 |
sys-libs/pam/files/system-auth.pamd.epam | 15 ++ |
| 25 |
sys-libs/pam/metadata.xml | 29 +++ |
| 26 |
sys-libs/pam/pam-1.0.4.ebuild | 188 +++++++++++++++ |
| 27 |
sys-libs/pam/pam-1.1.0.ebuild | 164 +++++++++++++ |
| 28 |
sys-libs/pam/pam-1.1.1-r2.ebuild | 186 +++++++++++++++ |
| 29 |
sys-libs/pam/pam-1.1.2.ebuild | 192 +++++++++++++++ |
| 30 |
19 files changed, 1286 insertions(+), 0 deletions(-) |
| 31 |
|
| 32 |
diff --git a/sys-libs/pam/files/Linux-PAM-0.99.7.0-disable-regenerate-man.patch b/sys-libs/pam/files/Linux-PAM-0.99.7.0-disable-regenerate-man.patch |
| 33 |
new file mode 100644 |
| 34 |
index 0000000..a988b18 |
| 35 |
--- /dev/null |
| 36 |
+++ b/sys-libs/pam/files/Linux-PAM-0.99.7.0-disable-regenerate-man.patch |
| 37 |
@@ -0,0 +1,18 @@ |
| 38 |
+Index: Linux-PAM-0.99.7.0/configure.in |
| 39 |
+=================================================================== |
| 40 |
+--- Linux-PAM-0.99.7.0.orig/configure.in |
| 41 |
++++ Linux-PAM-0.99.7.0/configure.in |
| 42 |
+@@ -420,10 +420,12 @@ AC_CHECK_FUNCS(inet_ntop inet_pton ruser |
| 43 |
+ AC_CHECK_FUNCS(unshare, [UNSHARE=yes], [UNSHARE=no]) |
| 44 |
+ AM_CONDITIONAL([HAVE_UNSHARE], [test "$UNSHARE" = yes]) |
| 45 |
+ |
| 46 |
++AC_ARG_ENABLE([regenerate-man], |
| 47 |
++ AC_HELP_STRING([--disable-regenerate-man], [Don't re-build manpages from XML souces]), |
| 48 |
++ [enable_man=$enableval], [enable_man=yes]) |
| 49 |
+ dnl |
| 50 |
+ dnl Check for xsltproc |
| 51 |
+ dnl |
| 52 |
+-enable_man=yes |
| 53 |
+ AC_PATH_PROG([XSLTPROC], [xsltproc]) |
| 54 |
+ if test -z "$XSLTPROC"; then |
| 55 |
+ enable_man=no |
| 56 |
|
| 57 |
diff --git a/sys-libs/pam/files/Linux-PAM-0.99.8.1-xtests.patch b/sys-libs/pam/files/Linux-PAM-0.99.8.1-xtests.patch |
| 58 |
new file mode 100644 |
| 59 |
index 0000000..2cd3e95 |
| 60 |
--- /dev/null |
| 61 |
+++ b/sys-libs/pam/files/Linux-PAM-0.99.8.1-xtests.patch |
| 62 |
@@ -0,0 +1,18 @@ |
| 63 |
+This patch makes sure that the xtests programs don't get build when running |
| 64 |
+'make all', as they might fail to build (for instance if GLIBC 2.3 is used). |
| 65 |
+ |
| 66 |
+Note that the tests are not executed by default at make check because they |
| 67 |
+are anyway broken. |
| 68 |
+Index: Linux-PAM-0.99.9.0/xtests/Makefile.am |
| 69 |
+=================================================================== |
| 70 |
+--- Linux-PAM-0.99.9.0.orig/xtests/Makefile.am |
| 71 |
++++ Linux-PAM-0.99.9.0/xtests/Makefile.am |
| 72 |
+@@ -29,7 +29,7 @@ XTESTS = tst-pam_dispatch1 tst-pam_dispa |
| 73 |
+ tst-pam_access4 tst-pam_limits1 tst-pam_succeed_if1 \ |
| 74 |
+ tst-pam_group1 |
| 75 |
+ |
| 76 |
+-noinst_PROGRAMS = $(XTESTS) |
| 77 |
++check_PROGRAMS = $(XTESTS) |
| 78 |
+ |
| 79 |
+ xtests: $(XTESTS) run-xtests.sh |
| 80 |
+ "$(srcdir)"/run-xtests.sh "$(srcdir)" ${XTESTS} |
| 81 |
|
| 82 |
diff --git a/sys-libs/pam/files/Linux-PAM-1.0.2-noyp.patch b/sys-libs/pam/files/Linux-PAM-1.0.2-noyp.patch |
| 83 |
new file mode 100644 |
| 84 |
index 0000000..a0457b6 |
| 85 |
--- /dev/null |
| 86 |
+++ b/sys-libs/pam/files/Linux-PAM-1.0.2-noyp.patch |
| 87 |
@@ -0,0 +1,247 @@ |
| 88 |
+Index: Linux-PAM-1.0.2/configure.in |
| 89 |
+=================================================================== |
| 90 |
+--- Linux-PAM-1.0.2.orig/configure.in |
| 91 |
++++ Linux-PAM-1.0.2/configure.in |
| 92 |
+@@ -399,12 +399,27 @@ fi |
| 93 |
+ AC_SUBST(LIBDB) |
| 94 |
+ AM_CONDITIONAL([HAVE_LIBDB], [test ! -z "$LIBDB"]) |
| 95 |
+ |
| 96 |
+-AC_CHECK_LIB([nsl],[yp_get_default_domain], LIBNSL="-lnsl", LIBNSL="") |
| 97 |
+-BACKUP_LIBS=$LIBS |
| 98 |
+-LIBS="$LIBS $LIBNSL" |
| 99 |
+-AC_CHECK_FUNCS(yp_get_default_domain) |
| 100 |
+-LIBS=$BACKUP_LIBS |
| 101 |
+-AC_SUBST(LIBNSL) |
| 102 |
++LIBNSL=""; AC_SUBST(LIBNSL) |
| 103 |
++have_nis="yes" |
| 104 |
++ |
| 105 |
++AC_CHECK_HEADERS([rpcsvc/ypclnt.h rpcsvc/yp_prot.h netdb.h], [:], |
| 106 |
++ [have_nis=no; break; ]) |
| 107 |
++ |
| 108 |
++AS_IF([test "x$have_nis" = "xyes"], [ |
| 109 |
++ AC_CHECK_FUNCS([yp_get_default_domain], [:], |
| 110 |
++ AC_CHECK_LIB([nsl], [yp_get_default_domain], [LIBNSL="-lnsl"], |
| 111 |
++ [have_nis=no])) |
| 112 |
++]) |
| 113 |
++ |
| 114 |
++AS_IF([test "x$have_nis" = "xyes"], [ |
| 115 |
++ AC_CHECK_FUNCS([innetgr], [:], [have_nis=no; break;]) |
| 116 |
++]) |
| 117 |
++ |
| 118 |
++AS_IF([test "x$have_nis" = "xyes"], [ |
| 119 |
++ AC_DEFINE([HAVE_NIS], [1], [Define this if you have NIS support]) |
| 120 |
++]) |
| 121 |
++ |
| 122 |
++AM_CONDITIONAL([HAVE_NIS], [test "x$have_nis" = "xyes"]) |
| 123 |
+ |
| 124 |
+ AC_ARG_ENABLE([selinux], |
| 125 |
+ AC_HELP_STRING([--disable-selinux],[do not use SELinux]), |
| 126 |
+Index: Linux-PAM-1.0.2/modules/pam_access/pam_access.c |
| 127 |
+=================================================================== |
| 128 |
+--- Linux-PAM-1.0.2.orig/modules/pam_access/pam_access.c |
| 129 |
++++ Linux-PAM-1.0.2/modules/pam_access/pam_access.c |
| 130 |
+@@ -41,7 +41,9 @@ |
| 131 |
+ #include <errno.h> |
| 132 |
+ #include <ctype.h> |
| 133 |
+ #include <sys/utsname.h> |
| 134 |
++#ifdef HAVE_NIS |
| 135 |
+ #include <rpcsvc/ypclnt.h> |
| 136 |
++#endif |
| 137 |
+ #include <arpa/inet.h> |
| 138 |
+ #include <netdb.h> |
| 139 |
+ #include <sys/socket.h> |
| 140 |
+@@ -471,11 +473,11 @@ static char *myhostname(void) |
| 141 |
+ } |
| 142 |
+ |
| 143 |
+ /* netgroup_match - match group against machine or user */ |
| 144 |
+- |
| 145 |
+ static int |
| 146 |
+ netgroup_match (pam_handle_t *pamh, const char *netgroup, |
| 147 |
+ const char *machine, const char *user, int debug) |
| 148 |
+ { |
| 149 |
++#ifdef HAVE_NIS |
| 150 |
+ char *mydomain = NULL; |
| 151 |
+ int retval; |
| 152 |
+ |
| 153 |
+@@ -490,7 +492,12 @@ netgroup_match (pam_handle_t *pamh, cons |
| 154 |
+ machine ? machine : "NULL", |
| 155 |
+ user ? user : "NULL", mydomain ? mydomain : "NULL"); |
| 156 |
+ return retval; |
| 157 |
++#else |
| 158 |
++ pam_syslog(pamh, LOG_DEBUG, |
| 159 |
++ "netgroup match: no YellowPages support."); |
| 160 |
+ |
| 161 |
++ return NO; |
| 162 |
++#endif |
| 163 |
+ } |
| 164 |
+ |
| 165 |
+ /* user_match - match a username against one token */ |
| 166 |
+Index: Linux-PAM-1.0.2/modules/pam_unix/Makefile.am |
| 167 |
+=================================================================== |
| 168 |
+--- Linux-PAM-1.0.2.orig/modules/pam_unix/Makefile.am |
| 169 |
++++ Linux-PAM-1.0.2/modules/pam_unix/Makefile.am |
| 170 |
+@@ -40,7 +40,11 @@ noinst_PROGRAMS = bigcrypt |
| 171 |
+ |
| 172 |
+ pam_unix_la_SOURCES = bigcrypt.c pam_unix_acct.c \ |
| 173 |
+ pam_unix_auth.c pam_unix_passwd.c pam_unix_sess.c support.c \ |
| 174 |
+- passverify.c yppasswd_xdr.c md5_good.c md5_broken.c |
| 175 |
++ passverify.c md5_good.c md5_broken.c |
| 176 |
++ |
| 177 |
++if HAVE_NIS |
| 178 |
++pam_unix_la_SOURCES += yppasswd_xdr.c |
| 179 |
++endif |
| 180 |
+ |
| 181 |
+ bigcrypt_SOURCES = bigcrypt.c bigcrypt_main.c |
| 182 |
+ bigcrypt_CFLAGS = $(AM_CFLAGS) |
| 183 |
+Index: Linux-PAM-1.0.2/modules/pam_unix/pam_unix_passwd.c |
| 184 |
+=================================================================== |
| 185 |
+--- Linux-PAM-1.0.2.orig/modules/pam_unix/pam_unix_passwd.c |
| 186 |
++++ Linux-PAM-1.0.2/modules/pam_unix/pam_unix_passwd.c |
| 187 |
+@@ -55,8 +55,10 @@ |
| 188 |
+ #include <sys/time.h> |
| 189 |
+ #include <sys/stat.h> |
| 190 |
+ #include <rpc/rpc.h> |
| 191 |
++#ifdef HAVE_NIS |
| 192 |
+ #include <rpcsvc/yp_prot.h> |
| 193 |
+ #include <rpcsvc/ypclnt.h> |
| 194 |
++#endif |
| 195 |
+ |
| 196 |
+ #include <signal.h> |
| 197 |
+ #include <errno.h> |
| 198 |
+@@ -103,6 +105,7 @@ extern int getrpcport(const char *host, |
| 199 |
+ |
| 200 |
+ #define MAX_PASSWD_TRIES 3 |
| 201 |
+ |
| 202 |
++#ifdef HAVE_NIS |
| 203 |
+ static char *getNISserver(pam_handle_t *pamh) |
| 204 |
+ { |
| 205 |
+ char *master; |
| 206 |
+@@ -132,6 +135,7 @@ static char *getNISserver(pam_handle_t * |
| 207 |
+ } |
| 208 |
+ return master; |
| 209 |
+ } |
| 210 |
++#endif |
| 211 |
+ |
| 212 |
+ #ifdef WITH_SELINUX |
| 213 |
+ |
| 214 |
+@@ -299,6 +303,7 @@ static int _do_setpass(pam_handle_t* pam |
| 215 |
+ goto done; |
| 216 |
+ } |
| 217 |
+ |
| 218 |
++#ifdef HAVE_NIS |
| 219 |
+ if (on(UNIX_NIS, ctrl) && _unix_comesfromsource(pamh, forwho, 0, 1)) { |
| 220 |
+ if ((master=getNISserver(pamh)) != NULL) { |
| 221 |
+ struct timeval timeout; |
| 222 |
+@@ -366,6 +371,7 @@ static int _do_setpass(pam_handle_t* pam |
| 223 |
+ retval = PAM_TRY_AGAIN; |
| 224 |
+ } |
| 225 |
+ } |
| 226 |
++#endif |
| 227 |
+ |
| 228 |
+ if (_unix_comesfromsource(pamh, forwho, 1, 0)) { |
| 229 |
+ if(unlocked) { |
| 230 |
+Index: Linux-PAM-1.0.2/modules/pam_unix/support.c |
| 231 |
+=================================================================== |
| 232 |
+--- Linux-PAM-1.0.2.orig/modules/pam_unix/support.c |
| 233 |
++++ Linux-PAM-1.0.2/modules/pam_unix/support.c |
| 234 |
+@@ -19,7 +19,9 @@ |
| 235 |
+ #include <ctype.h> |
| 236 |
+ #include <syslog.h> |
| 237 |
+ #include <sys/resource.h> |
| 238 |
++#ifdef HAVE_NIS |
| 239 |
+ #include <rpcsvc/ypclnt.h> |
| 240 |
++#endif |
| 241 |
+ |
| 242 |
+ #include <security/_pam_macros.h> |
| 243 |
+ #include <security/pam_modules.h> |
| 244 |
+@@ -263,6 +265,7 @@ int _unix_getpwnam(pam_handle_t *pamh, c |
| 245 |
+ } |
| 246 |
+ } |
| 247 |
+ |
| 248 |
++#ifdef HAVE_NIS |
| 249 |
+ if (!matched && nis) { |
| 250 |
+ char *userinfo = NULL, *domain = NULL; |
| 251 |
+ int len = 0, i; |
| 252 |
+@@ -281,6 +284,7 @@ int _unix_getpwnam(pam_handle_t *pamh, c |
| 253 |
+ } |
| 254 |
+ } |
| 255 |
+ } |
| 256 |
++#endif |
| 257 |
+ |
| 258 |
+ if (matched && (ret != NULL)) { |
| 259 |
+ *ret = NULL; |
| 260 |
+Index: Linux-PAM-1.0.2/modules/pam_group/pam_group.c |
| 261 |
+=================================================================== |
| 262 |
+--- Linux-PAM-1.0.2.orig/modules/pam_group/pam_group.c |
| 263 |
++++ Linux-PAM-1.0.2/modules/pam_group/pam_group.c |
| 264 |
+@@ -659,7 +659,11 @@ static int check_account(pam_handle_t *p |
| 265 |
+ } |
| 266 |
+ /* If buffer starts with @, we are using netgroups */ |
| 267 |
+ if (buffer[0] == '@') |
| 268 |
++#ifdef HAVE_NIS |
| 269 |
+ good &= innetgr (&buffer[1], NULL, user, NULL); |
| 270 |
++#else |
| 271 |
++ good = 0; |
| 272 |
++#endif |
| 273 |
+ else |
| 274 |
+ good &= logic_field(pamh,user, buffer, count, is_same); |
| 275 |
+ D(("with user: %s", good ? "passes":"fails" )); |
| 276 |
+Index: Linux-PAM-1.0.2/modules/pam_succeed_if/pam_succeed_if.c |
| 277 |
+=================================================================== |
| 278 |
+--- Linux-PAM-1.0.2.orig/modules/pam_succeed_if/pam_succeed_if.c |
| 279 |
++++ Linux-PAM-1.0.2/modules/pam_succeed_if/pam_succeed_if.c |
| 280 |
+@@ -229,6 +229,7 @@ evaluate_notingroup(pam_handle_t *pamh, |
| 281 |
+ return PAM_SUCCESS; |
| 282 |
+ return PAM_AUTH_ERR; |
| 283 |
+ } |
| 284 |
++#ifdef HAVE_NIS |
| 285 |
+ /* Return PAM_SUCCESS if the (host,user) is in the netgroup. */ |
| 286 |
+ static int |
| 287 |
+ evaluate_innetgr(const char *host, const char *user, const char *group) |
| 288 |
+@@ -245,6 +246,7 @@ evaluate_notinnetgr(const char *host, co |
| 289 |
+ return PAM_SUCCESS; |
| 290 |
+ return PAM_AUTH_ERR; |
| 291 |
+ } |
| 292 |
++#endif |
| 293 |
+ |
| 294 |
+ /* Match a triple. */ |
| 295 |
+ static int |
| 296 |
+@@ -356,6 +358,7 @@ evaluate(pam_handle_t *pamh, int debug, |
| 297 |
+ if (strcasecmp(qual, "notingroup") == 0) { |
| 298 |
+ return evaluate_notingroup(pamh, pwd->pw_name, right); |
| 299 |
+ } |
| 300 |
++#ifdef HAVE_NIS |
| 301 |
+ /* (Rhost, user) is in this netgroup. */ |
| 302 |
+ if (strcasecmp(qual, "innetgr") == 0) { |
| 303 |
+ const void *rhost; |
| 304 |
+@@ -370,6 +373,14 @@ evaluate(pam_handle_t *pamh, int debug, |
| 305 |
+ rhost = NULL; |
| 306 |
+ return evaluate_notinnetgr(rhost, pwd->pw_name, right); |
| 307 |
+ } |
| 308 |
++#else |
| 309 |
++ if (strcasecmp(qual, "innetgr") == 0 || |
| 310 |
++ strcasecmp(qual, "notinnetgr") == 0) { |
| 311 |
++ pam_syslog(pamh, LOG_CRIT, "option \"%s\" not supported as no NIS support is present", qual); |
| 312 |
++ return PAM_SERVICE_ERR; |
| 313 |
++ } |
| 314 |
++#endif |
| 315 |
++ |
| 316 |
+ /* Fail closed. */ |
| 317 |
+ return PAM_SERVICE_ERR; |
| 318 |
+ } |
| 319 |
+Index: Linux-PAM-1.0.2/modules/pam_time/pam_time.c |
| 320 |
+=================================================================== |
| 321 |
+--- Linux-PAM-1.0.2.orig/modules/pam_time/pam_time.c |
| 322 |
++++ Linux-PAM-1.0.2/modules/pam_time/pam_time.c |
| 323 |
+@@ -555,7 +555,11 @@ check_account(pam_handle_t *pamh, const |
| 324 |
+ } |
| 325 |
+ /* If buffer starts with @, we are using netgroups */ |
| 326 |
+ if (buffer[0] == '@') |
| 327 |
++#ifdef HAVE_NIS |
| 328 |
+ good &= innetgr (&buffer[1], NULL, user, NULL); |
| 329 |
++#else |
| 330 |
++ good = 0; |
| 331 |
++#endif |
| 332 |
+ else |
| 333 |
+ good &= logic_field(pamh, user, buffer, count, is_same); |
| 334 |
+ D(("with user: %s", good ? "passes":"fails" )); |
| 335 |
|
| 336 |
diff --git a/sys-libs/pam/files/Linux-PAM-1.0.4-cross-compile.patch b/sys-libs/pam/files/Linux-PAM-1.0.4-cross-compile.patch |
| 337 |
new file mode 100644 |
| 338 |
index 0000000..23a830b |
| 339 |
--- /dev/null |
| 340 |
+++ b/sys-libs/pam/files/Linux-PAM-1.0.4-cross-compile.patch |
| 341 |
@@ -0,0 +1,35 @@ |
| 342 |
+--- configure.in 2009-05-28 17:05:03.000000000 +0000 |
| 343 |
++++ configure.in.new 2009-05-28 17:05:25.000000000 +0000 |
| 344 |
+@@ -129,6 +129,21 @@ |
| 345 |
+ AC_C___ATTRIBUTE__ |
| 346 |
+ |
| 347 |
+ dnl |
| 348 |
++dnl Get the host compiler if cross-compiling |
| 349 |
++dnl |
| 350 |
++AM_CONDITIONAL(CROSS_COMPILING, [ test $cross_compiling = yes ]) |
| 351 |
++AC_MSG_CHECKING([for CC_FOR_BUILD]) |
| 352 |
++if test "x${CC_FOR_BUILD+set}" != "xset" ; then |
| 353 |
++ if test "x$cross_compiling" = "xyes" ; then |
| 354 |
++ CC_FOR_BUILD=${CC_FOR_BUILD-gcc} |
| 355 |
++ else |
| 356 |
++ CC_FOR_BUILD=${CC} |
| 357 |
++ fi |
| 358 |
++fi |
| 359 |
++AC_MSG_RESULT([$CC_FOR_BUILD]) |
| 360 |
++AC_SUBST(CC_FOR_BUILD) |
| 361 |
++ |
| 362 |
++dnl |
| 363 |
+ dnl Check if --version-script is supported by ld |
| 364 |
+ dnl |
| 365 |
+ AC_CACHE_CHECK(for .symver assembler directive, libc_cv_asm_symver_directive, |
| 366 |
+--- doc/specs/Makefile.am 2009-05-28 17:05:03.000000000 +0000 |
| 367 |
++++ doc/specs/Makefile.am.new 2009-05-28 17:06:06.000000000 +0000 |
| 368 |
+@@ -19,4 +19,8 @@ |
| 369 |
+ |
| 370 |
+ padout_LDADD = @LEXLIB@ |
| 371 |
+ |
| 372 |
++CC = @CC_FOR_BUILD@ |
| 373 |
++CFLAGS = |
| 374 |
++LDFLAGS = |
| 375 |
++ |
| 376 |
+ doc_DATA = draft-morgan-pam-current.txt rfc86.0.txt |
| 377 |
|
| 378 |
diff --git a/sys-libs/pam/files/Linux-PAM-1.0.4-fix-tests.patch b/sys-libs/pam/files/Linux-PAM-1.0.4-fix-tests.patch |
| 379 |
new file mode 100644 |
| 380 |
index 0000000..b705f36 |
| 381 |
--- /dev/null |
| 382 |
+++ b/sys-libs/pam/files/Linux-PAM-1.0.4-fix-tests.patch |
| 383 |
@@ -0,0 +1,13 @@ |
| 384 |
+Index: Linux-PAM-1.0.4/tests/tst-pam_mkargv.c |
| 385 |
+=================================================================== |
| 386 |
+--- Linux-PAM-1.0.4.orig/tests/tst-pam_mkargv.c |
| 387 |
++++ Linux-PAM-1.0.4/tests/tst-pam_mkargv.c |
| 388 |
+@@ -35,7 +35,7 @@ int main(void) |
| 389 |
+ printf ("\n"); |
| 390 |
+ #endif |
| 391 |
+ |
| 392 |
+- if (argvlen != 333) |
| 393 |
++ if (argvlen != ( 37 + ( 37 * sizeof(char*) ) )) |
| 394 |
+ return 1; |
| 395 |
+ |
| 396 |
+ if (myargc != 4) |
| 397 |
|
| 398 |
diff --git a/sys-libs/pam/files/Linux-PAM-1.1.0-debug.patch b/sys-libs/pam/files/Linux-PAM-1.1.0-debug.patch |
| 399 |
new file mode 100644 |
| 400 |
index 0000000..ec9f99b |
| 401 |
--- /dev/null |
| 402 |
+++ b/sys-libs/pam/files/Linux-PAM-1.1.0-debug.patch |
| 403 |
@@ -0,0 +1,13 @@ |
| 404 |
+Index: Linux-PAM-1.1.0/modules/pam_env/pam_env.c |
| 405 |
+=================================================================== |
| 406 |
+--- Linux-PAM-1.1.0.orig/modules/pam_env/pam_env.c |
| 407 |
++++ Linux-PAM-1.1.0/modules/pam_env/pam_env.c |
| 408 |
+@@ -120,7 +120,7 @@ _pam_parse (const pam_handle_t *pamh, in |
| 409 |
+ "user_envfile= specification missing argument - ignored"); |
| 410 |
+ } else { |
| 411 |
+ *user_envfile = 13+*argv; |
| 412 |
+- D(("new User Env File: %s", *user_env_file)); |
| 413 |
++ D(("new User Env File: %s", *user_envfile)); |
| 414 |
+ } |
| 415 |
+ } else if (!strncmp(*argv,"readenv=",8)) |
| 416 |
+ *readenv = atoi(8+*argv); |
| 417 |
|
| 418 |
diff --git a/sys-libs/pam/files/Linux-PAM-1.1.0-nonls.patch b/sys-libs/pam/files/Linux-PAM-1.1.0-nonls.patch |
| 419 |
new file mode 100644 |
| 420 |
index 0000000..d52b6a0 |
| 421 |
--- /dev/null |
| 422 |
+++ b/sys-libs/pam/files/Linux-PAM-1.1.0-nonls.patch |
| 423 |
@@ -0,0 +1,11 @@ |
| 424 |
+--- Linux-PAM-1.1.0/modules/pam_lastlog/pam_lastlog.c.orig |
| 425 |
++++ Linux-PAM-1.1.0/modules/pam_lastlog/pam_lastlog.c |
| 426 |
+@@ -471,7 +471,7 @@ last_login_failed(pam_handle_t *pamh, in |
| 427 |
+ failed), |
| 428 |
+ failed); |
| 429 |
+ #else |
| 430 |
+- if (daysleft == 1) |
| 431 |
++ if (failed == 1) |
| 432 |
+ retval = asprintf(&line, |
| 433 |
+ _("There was %d failed login attempt since the last successful login."), |
| 434 |
+ failed); |
| 435 |
|
| 436 |
diff --git a/sys-libs/pam/files/Linux-PAM-1.1.0-uclibc.patch b/sys-libs/pam/files/Linux-PAM-1.1.0-uclibc.patch |
| 437 |
new file mode 100644 |
| 438 |
index 0000000..6b8fa25 |
| 439 |
--- /dev/null |
| 440 |
+++ b/sys-libs/pam/files/Linux-PAM-1.1.0-uclibc.patch |
| 441 |
@@ -0,0 +1,82 @@ |
| 442 |
+Index: Linux-PAM-1.1.0/modules/pam_pwhistory/opasswd.c |
| 443 |
+=================================================================== |
| 444 |
+--- Linux-PAM-1.1.0.orig/modules/pam_pwhistory/opasswd.c |
| 445 |
++++ Linux-PAM-1.1.0/modules/pam_pwhistory/opasswd.c |
| 446 |
+@@ -94,6 +94,23 @@ parse_entry (char *line, opwd *data) |
| 447 |
+ return 0; |
| 448 |
+ } |
| 449 |
+ |
| 450 |
++static int |
| 451 |
++compare_password(const char *newpass, const char *oldpass) |
| 452 |
++{ |
| 453 |
++ char *outval; |
| 454 |
++#ifdef HAVE_CRYPT_R |
| 455 |
++ struct crypt_data output; |
| 456 |
++ |
| 457 |
++ output.initialized = 0; |
| 458 |
++ |
| 459 |
++ outval = crypt_r (newpass, oldpass, &output); |
| 460 |
++#else |
| 461 |
++ outval = crypt (newpass, oldpass); |
| 462 |
++#endif |
| 463 |
++ |
| 464 |
++ return strcmp(outval, oldpass) == 0; |
| 465 |
++} |
| 466 |
++ |
| 467 |
+ /* Check, if the new password is already in the opasswd file. */ |
| 468 |
+ int |
| 469 |
+ check_old_password (pam_handle_t *pamh, const char *user, |
| 470 |
+@@ -167,12 +184,9 @@ check_old_password (pam_handle_t *pamh, |
| 471 |
+ if (found) |
| 472 |
+ { |
| 473 |
+ const char delimiters[] = ","; |
| 474 |
+- struct crypt_data output; |
| 475 |
+ char *running; |
| 476 |
+ char *oldpass; |
| 477 |
+ |
| 478 |
+- memset (&output, 0, sizeof (output)); |
| 479 |
+- |
| 480 |
+ running = strdupa (entry.old_passwords); |
| 481 |
+ if (running == NULL) |
| 482 |
+ return PAM_BUF_ERR; |
| 483 |
+@@ -180,7 +194,7 @@ check_old_password (pam_handle_t *pamh, |
| 484 |
+ do { |
| 485 |
+ oldpass = strsep (&running, delimiters); |
| 486 |
+ if (oldpass && strlen (oldpass) > 0 && |
| 487 |
+- strcmp (crypt_r (newpass, oldpass, &output), oldpass) == 0) |
| 488 |
++ compare_password(newpass, oldpass) ) |
| 489 |
+ { |
| 490 |
+ if (debug) |
| 491 |
+ pam_syslog (pamh, LOG_DEBUG, "New password already used"); |
| 492 |
+Index: Linux-PAM-1.1.0/configure.in |
| 493 |
+=================================================================== |
| 494 |
+--- Linux-PAM-1.1.0.orig/configure.in |
| 495 |
++++ Linux-PAM-1.1.0/configure.in |
| 496 |
+@@ -458,7 +458,7 @@ AC_FUNC_MEMCMP |
| 497 |
+ AC_FUNC_VPRINTF |
| 498 |
+ AC_CHECK_FUNCS(fseeko gethostname gettimeofday lckpwdf mkdir select) |
| 499 |
+ AC_CHECK_FUNCS(strcspn strdup strspn strstr strtol uname) |
| 500 |
+-AC_CHECK_FUNCS(getpwnam_r getpwuid_r getgrnam_r getgrgid_r getspnam_r) |
| 501 |
++AC_CHECK_FUNCS(getutent_r getpwnam_r getpwuid_r getgrnam_r getgrgid_r getspnam_r) |
| 502 |
+ AC_CHECK_FUNCS(getgrouplist getline getdelim) |
| 503 |
+ AC_CHECK_FUNCS(inet_ntop inet_pton ruserok_af) |
| 504 |
+ |
| 505 |
+Index: Linux-PAM-1.1.0/modules/pam_timestamp/pam_timestamp.c |
| 506 |
+=================================================================== |
| 507 |
+--- Linux-PAM-1.1.0.orig/modules/pam_timestamp/pam_timestamp.c |
| 508 |
++++ Linux-PAM-1.1.0/modules/pam_timestamp/pam_timestamp.c |
| 509 |
+@@ -200,7 +200,13 @@ check_login_time(const char *ruser, time |
| 510 |
+ time_t oldest_login = 0; |
| 511 |
+ |
| 512 |
+ setutent(); |
| 513 |
+- while(!getutent_r(&utbuf, &ut)) { |
| 514 |
++ while( |
| 515 |
++#ifdef HAVE_GETUTENT_R |
| 516 |
++ !getutent_r(&utbuf, &ut) |
| 517 |
++#else |
| 518 |
++ (ut = getutent()) != NULL |
| 519 |
++#endif |
| 520 |
++ ) { |
| 521 |
+ if (ut->ut_type != USER_PROCESS) { |
| 522 |
+ continue; |
| 523 |
+ } |
| 524 |
|
| 525 |
diff --git a/sys-libs/pam/files/Linux-PAM-1.1.0-xcrypt.patch b/sys-libs/pam/files/Linux-PAM-1.1.0-xcrypt.patch |
| 526 |
new file mode 100644 |
| 527 |
index 0000000..4f4872d |
| 528 |
--- /dev/null |
| 529 |
+++ b/sys-libs/pam/files/Linux-PAM-1.1.0-xcrypt.patch |
| 530 |
@@ -0,0 +1,16 @@ |
| 531 |
+Index: Linux-PAM-1.1.1/configure.in |
| 532 |
+=================================================================== |
| 533 |
+--- Linux-PAM-1.1.1.orig/configure.in |
| 534 |
++++ Linux-PAM-1.1.1/configure.in |
| 535 |
+@@ -360,6 +360,10 @@ AC_SUBST(LIBAUDIT) |
| 536 |
+ AC_CHECK_HEADERS(xcrypt.h crypt.h) |
| 537 |
++AS_IF([test "x$ac_cv_header_xcrypt_h" = "xyes"], |
| 538 |
++ [crypt_libs="xcrypt crypt"], |
| 539 |
++ [crypt_libs="crypt"]) |
| 540 |
++ |
| 541 |
+ BACKUP_LIBS=$LIBS |
| 542 |
+-AC_SEARCH_LIBS([crypt],[xcrypt crypt], LIBCRYPT="-l$ac_lib", LIBCRYPT="") |
| 543 |
++AC_SEARCH_LIBS([crypt],[$crypt_libs], LIBCRYPT="-l$ac_lib", LIBCRYPT="") |
| 544 |
+ AC_CHECK_FUNCS(crypt_r crypt_gensalt_rn) |
| 545 |
+ LIBS=$BACKUP_LIBS |
| 546 |
+ AC_SUBST(LIBCRYPT) |
| 547 |
|
| 548 |
diff --git a/sys-libs/pam/files/Linux-PAM-1.1.1+berkdb-5.patch b/sys-libs/pam/files/Linux-PAM-1.1.1+berkdb-5.patch |
| 549 |
new file mode 100644 |
| 550 |
index 0000000..ece9211 |
| 551 |
--- /dev/null |
| 552 |
+++ b/sys-libs/pam/files/Linux-PAM-1.1.1+berkdb-5.patch |
| 553 |
@@ -0,0 +1,12 @@ |
| 554 |
+Index: Linux-PAM-1.1.1/modules/pam_userdb/pam_userdb.c |
| 555 |
+=================================================================== |
| 556 |
+--- Linux-PAM-1.1.1.orig/modules/pam_userdb/pam_userdb.c |
| 557 |
++++ Linux-PAM-1.1.1/modules/pam_userdb/pam_userdb.c |
| 558 |
+@@ -30,6 +30,7 @@ |
| 559 |
+ #else |
| 560 |
+ # ifdef HAVE_DB_H |
| 561 |
+ # define DB_DBM_HSEARCH 1 /* use the dbm interface */ |
| 562 |
++# define HAVE_DBM /* for BerkDB 5.0 and later */ |
| 563 |
+ # include <db.h> |
| 564 |
+ # else |
| 565 |
+ # error "failed to find a libdb or equivalent" |
| 566 |
|
| 567 |
diff --git a/sys-libs/pam/files/Linux-PAM-1.1.1-gentoodb.patch b/sys-libs/pam/files/Linux-PAM-1.1.1-gentoodb.patch |
| 568 |
new file mode 100644 |
| 569 |
index 0000000..0334496 |
| 570 |
--- /dev/null |
| 571 |
+++ b/sys-libs/pam/files/Linux-PAM-1.1.1-gentoodb.patch |
| 572 |
@@ -0,0 +1,20 @@ |
| 573 |
+Index: Linux-PAM-1.1.1/configure.in |
| 574 |
+=================================================================== |
| 575 |
+--- Linux-PAM-1.1.1.orig/configure.in |
| 576 |
++++ Linux-PAM-1.1.1/configure.in |
| 577 |
+@@ -389,10 +389,11 @@ AC_ARG_WITH([db-uniquename], |
| 578 |
+ AS_HELP_STRING([--with-db-uniquename=extension],[Unique name for db libraries and functions.])) |
| 579 |
+ if test x"$WITH_DB" != xno ; then |
| 580 |
+ if test x"$WITH_DB" = xyes -o x"$WITH_DB" = xdb ; then |
| 581 |
+- AC_CHECK_LIB([db$with_db_uniquename], [db_create$with_db_uniquename], LIBDB="-ldb$with_db_uniquename", LIBDB="") |
| 582 |
+- if test -z "$LIBDB" ; then |
| 583 |
+- AC_CHECK_LIB([db$with_db_uniquename], [dbm_store$with_db_uniquename], LIBDB="-ldb$with_db_uniquename", LIBDB="") |
| 584 |
+- fi |
| 585 |
++ old_libs=$LIBS |
| 586 |
++ LIBS="$LIBS -ldb$with_db_uniquename" |
| 587 |
++ AC_CHECK_FUNCS([db_create$with_db_uniquename db_create dbm_store$with_db_uniquename dbm_store], |
| 588 |
++ [LIBDB="-ldb$with_db_uniquename"; break]) |
| 589 |
++ LIBS=$old_libs |
| 590 |
+ fi |
| 591 |
+ if test -z "$LIBDB" ; then |
| 592 |
+ AC_CHECK_LIB([ndbm],[dbm_store], LIBDB="-lndbm", LIBDB="") |
| 593 |
|
| 594 |
diff --git a/sys-libs/pam/files/Linux-PAM-1.1.1-xcrypt.patch b/sys-libs/pam/files/Linux-PAM-1.1.1-xcrypt.patch |
| 595 |
new file mode 100644 |
| 596 |
index 0000000..f842da7 |
| 597 |
--- /dev/null |
| 598 |
+++ b/sys-libs/pam/files/Linux-PAM-1.1.1-xcrypt.patch |
| 599 |
@@ -0,0 +1,21 @@ |
| 600 |
+Index: Linux-PAM-1.1.1/configure.in |
| 601 |
+=================================================================== |
| 602 |
+--- Linux-PAM-1.1.1.orig/configure.in |
| 603 |
++++ Linux-PAM-1.1.1/configure.in |
| 604 |
+@@ -361,10 +361,14 @@ AM_CONDITIONAL([HAVE_AUDIT_TTY_STATUS], |
| 605 |
+ [test "x$HAVE_AUDIT_TTY_STATUS" = xyes]) |
| 606 |
+ |
| 607 |
+ AC_CHECK_HEADERS(xcrypt.h crypt.h) |
| 608 |
++AS_IF([test "x$ac_cv_header_xcrypt_h" = "xyes"], |
| 609 |
++ [crypt_libs="xcrypt crypt"], |
| 610 |
++ [crypt_libs="crypt"]) |
| 611 |
++ |
| 612 |
+ BACKUP_LIBS=$LIBS |
| 613 |
+-AC_SEARCH_LIBS([crypt],[xcrypt crypt], LIBCRYPT="-l$ac_lib", LIBCRYPT="") |
| 614 |
++AC_SEARCH_LIBS([crypt],[$crypt_libs], LIBCRYPT="-l$ac_lib", LIBCRYPT="") |
| 615 |
+ AC_CHECK_FUNCS(crypt_r crypt_gensalt_r) |
| 616 |
+-Libs=$BACKUP_LIBS |
| 617 |
++LIBS=$BACKUP_LIBS |
| 618 |
+ AC_SUBST(LIBCRYPT) |
| 619 |
+ if test "$LIBCRYPT" = "-lxcrypt" -a "$ac_cv_header_xcrypt_h" = "yes" ; then |
| 620 |
+ AC_DEFINE([HAVE_LIBXCRYPT], 1, [Define to 1 if xcrypt support should be compiled in.]) |
| 621 |
|
| 622 |
diff --git a/sys-libs/pam/files/other.pamd b/sys-libs/pam/files/other.pamd |
| 623 |
new file mode 100644 |
| 624 |
index 0000000..85ca04e |
| 625 |
--- /dev/null |
| 626 |
+++ b/sys-libs/pam/files/other.pamd |
| 627 |
@@ -0,0 +1,6 @@ |
| 628 |
+#%PAM-1.0 |
| 629 |
+ |
| 630 |
+auth required pam_deny.so |
| 631 |
+account required pam_deny.so |
| 632 |
+password required pam_deny.so |
| 633 |
+session required pam_deny.so |
| 634 |
|
| 635 |
diff --git a/sys-libs/pam/files/system-auth.pamd.epam b/sys-libs/pam/files/system-auth.pamd.epam |
| 636 |
new file mode 100644 |
| 637 |
index 0000000..bdee6f4 |
| 638 |
--- /dev/null |
| 639 |
+++ b/sys-libs/pam/files/system-auth.pamd.epam |
| 640 |
@@ -0,0 +1,15 @@ |
| 641 |
+#%PAM-1.0 |
| 642 |
+ |
| 643 |
+auth required pam_env.so |
| 644 |
+auth sufficient pam_unix.so try_first_pass likeauth nullok |
| 645 |
+auth required pam_deny.so |
| 646 |
+ |
| 647 |
+account required pam_unix.so |
| 648 |
+ |
| 649 |
+#%EPAM-Use-Flag:cracklib%#password required pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 try_first_pass retry=3 |
| 650 |
+#%EPAM-Use-Flag:cracklib%#password sufficient pam_unix.so try_first_pass use_authtok nullok md5 shadow |
| 651 |
+#%EPAM-Use-Flag:!cracklib%#password sufficient pam_unix.so try_first_pass nullok md5 shadow |
| 652 |
+password required pam_deny.so |
| 653 |
+ |
| 654 |
+session required pam_limits.so |
| 655 |
+session required pam_unix.so |
| 656 |
|
| 657 |
diff --git a/sys-libs/pam/metadata.xml b/sys-libs/pam/metadata.xml |
| 658 |
new file mode 100644 |
| 659 |
index 0000000..e5b58f5 |
| 660 |
--- /dev/null |
| 661 |
+++ b/sys-libs/pam/metadata.xml |
| 662 |
@@ -0,0 +1,29 @@ |
| 663 |
+<?xml version="1.0" encoding="UTF-8"?> |
| 664 |
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> |
| 665 |
+<pkgmetadata> |
| 666 |
+ <herd>pam</herd> |
| 667 |
+ <maintainer> |
| 668 |
+ <email>pam-bugs@g.o</email> |
| 669 |
+ </maintainer> |
| 670 |
+ <use> |
| 671 |
+ <flag name='audit'>Enable support for <pkg>sys-process/audit</pkg></flag> |
| 672 |
+ |
| 673 |
+ <flag name="berkdb"> |
| 674 |
+ Build the pam_userdb module, that allows to authenticate users |
| 675 |
+ against a Berkeley DB file. Please note that enabling this USE |
| 676 |
+ flag will create a PAM module that links to the Berkeley DB (as |
| 677 |
+ provided by <pkg>sys-libs/db</pkg>) installed in /usr/lib and |
| 678 |
+ will thus not work for boot-critical services authentication. |
| 679 |
+ </flag> |
| 680 |
+ |
| 681 |
+ <flag name="cracklib"> |
| 682 |
+ Build the pam_cracklib module, that allows to verify the chosen |
| 683 |
+ passwords' strength through the use of |
| 684 |
+ <pkg>sys-libs/cracklib</pkg>. Please note that simply enabling |
| 685 |
+ the USE flag on this package will not make use of pam_cracklib |
| 686 |
+ by default, you should also enable it in |
| 687 |
+ <pkg>sys-auth/pambase</pkg> as well as update your configuration |
| 688 |
+ files. |
| 689 |
+ </flag> |
| 690 |
+ </use> |
| 691 |
+</pkgmetadata> |
| 692 |
|
| 693 |
diff --git a/sys-libs/pam/pam-1.0.4.ebuild b/sys-libs/pam/pam-1.0.4.ebuild |
| 694 |
new file mode 100644 |
| 695 |
index 0000000..1632431 |
| 696 |
--- /dev/null |
| 697 |
+++ b/sys-libs/pam/pam-1.0.4.ebuild |
| 698 |
@@ -0,0 +1,188 @@ |
| 699 |
+# Copyright 1999-2009 Gentoo Foundation |
| 700 |
+# Distributed under the terms of the GNU General Public License v2 |
| 701 |
+# $Header: /var/cvsroot/gentoo-x86/sys-libs/pam/pam-1.0.4.ebuild,v 1.11 2009/03/27 17:08:40 armin76 Exp $ |
| 702 |
+ |
| 703 |
+WANT_AUTOCONF="latest" |
| 704 |
+WANT_AUTOMAKE="latest" |
| 705 |
+ |
| 706 |
+inherit libtool multilib eutils autotools pam toolchain-funcs flag-o-matic |
| 707 |
+ |
| 708 |
+MY_PN="Linux-PAM" |
| 709 |
+MY_P="${MY_PN}-${PV}" |
| 710 |
+ |
| 711 |
+HOMEPAGE="http://www.kernel.org/pub/linux/libs/pam/" |
| 712 |
+DESCRIPTION="Linux-PAM (Pluggable Authentication Modules)" |
| 713 |
+ |
| 714 |
+SRC_URI="mirror://kernel/linux/libs/pam/library/${MY_P}.tar.bz2" |
| 715 |
+ |
| 716 |
+LICENSE="|| ( BSD GPL-2 )" |
| 717 |
+SLOT="0" |
| 718 |
+KEYWORDS="~amd64 ~x86" |
| 719 |
+IUSE="cracklib nls elibc_FreeBSD selinux vim-syntax audit test elibc_glibc" |
| 720 |
+ |
| 721 |
+RDEPEND="nls? ( virtual/libintl ) |
| 722 |
+ cracklib? ( >=sys-libs/cracklib-2.8.3 ) |
| 723 |
+ audit? ( sys-process/audit ) |
| 724 |
+ selinux? ( >=sys-libs/libselinux-1.28 )" |
| 725 |
+DEPEND="${RDEPEND} |
| 726 |
+ sys-devel/flex |
| 727 |
+ test? ( elibc_glibc? ( >=sys-libs/glibc-2.4 ) ) |
| 728 |
+ nls? ( sys-devel/gettext )" |
| 729 |
+PDEPEND="sys-auth/pambase |
| 730 |
+ vim-syntax? ( app-vim/pam-syntax )" |
| 731 |
+ |
| 732 |
+S="${WORKDIR}/${MY_P}" |
| 733 |
+ |
| 734 |
+PROVIDE="virtual/pam" |
| 735 |
+ |
| 736 |
+check_old_modules() { |
| 737 |
+ local retval="0" |
| 738 |
+ |
| 739 |
+ if sed -e 's:#.*::' "${ROOT}"/etc/pam.d/* 2>/dev/null | fgrep -q pam_stack.so; then |
| 740 |
+ eerror "" |
| 741 |
+ eerror "Your current setup is using the pam_stack module." |
| 742 |
+ eerror "This module is deprecated and no longer supported, and since version" |
| 743 |
+ eerror "0.99 is no longer installed, nor provided by any other package." |
| 744 |
+ eerror "The package will be built (to allow binary package builds), but will" |
| 745 |
+ eerror "not be installed." |
| 746 |
+ eerror "Please replace pam_stack usage with proper include directive usage," |
| 747 |
+ eerror "following the PAM Upgrade guide at the following URL" |
| 748 |
+ eerror " http://www.gentoo.org/proj/en/base/pam/upgrade-0.99.xml" |
| 749 |
+ eerror "" |
| 750 |
+ ebeep 15 |
| 751 |
+ |
| 752 |
+ retval=1 |
| 753 |
+ fi |
| 754 |
+ |
| 755 |
+ if sed -e 's:#.*::' "${ROOT}"/etc/pam.d/* 2>/dev/null | egrep -q 'pam_(pwdb|timestamp|console)'; then |
| 756 |
+ eerror "" |
| 757 |
+ eerror "Your current setup is using one or more of the following modules," |
| 758 |
+ eerror "that are not built or supported anymore:" |
| 759 |
+ eerror "pam_pwdb, pam_timestamp, pam_console" |
| 760 |
+ eerror "If you are in real need for these modules, please contact the maintainers" |
| 761 |
+ eerror "of PAM through http://bugs.gentoo.org/ providing information about its" |
| 762 |
+ eerror "use cases." |
| 763 |
+ eerror "Please also make sure to read the PAM Upgrade guide at the following URL:" |
| 764 |
+ eerror " http://www.gentoo.org/proj/en/base/pam/upgrade-0.99.xml" |
| 765 |
+ eerror "" |
| 766 |
+ ebeep 10 |
| 767 |
+ |
| 768 |
+ retval=1 |
| 769 |
+ fi |
| 770 |
+ |
| 771 |
+ # Produce the warnings only during upgrade, for the following two |
| 772 |
+ has_version '<sys-libs/pam-0.99' || return $retval |
| 773 |
+ |
| 774 |
+ # This works only for those modules that are moved to sys-auth/$module, or the |
| 775 |
+ # message will be wrong. |
| 776 |
+ for module in pam_chroot pam_userdb pam_radius; do |
| 777 |
+ if sed -e 's:#.*::' "${ROOT}"/etc/pam.d/* 2>/dev/null | fgrep -q ${module}.so; then |
| 778 |
+ ewarn "" |
| 779 |
+ ewarn "Your current setup is using the ${module} module." |
| 780 |
+ ewarn "Since version 0.99, ${CATEGORY}/${PN} does not provide this module" |
| 781 |
+ ewarn "anymore; if you want to continue using this module, you should install" |
| 782 |
+ ewarn "sys-auth/${module}." |
| 783 |
+ ewarn "" |
| 784 |
+ ebeep 5 |
| 785 |
+ fi |
| 786 |
+ done |
| 787 |
+ |
| 788 |
+ return $retval |
| 789 |
+} |
| 790 |
+ |
| 791 |
+pkg_setup() { |
| 792 |
+ check_old_modules |
| 793 |
+} |
| 794 |
+ |
| 795 |
+src_unpack() { |
| 796 |
+ unpack ${A} |
| 797 |
+ cd "${S}" |
| 798 |
+ |
| 799 |
+ mkdir -p doc/txts |
| 800 |
+ for readme in modules/pam_*/README; do |
| 801 |
+ cp -f "${readme}" doc/txts/README.$(dirname "${readme}" | \ |
| 802 |
+ sed -e 's|^modules/||') |
| 803 |
+ done |
| 804 |
+ |
| 805 |
+ epatch "${FILESDIR}/${MY_PN}-0.99.7.0-disable-regenerate-man.patch" |
| 806 |
+ epatch "${FILESDIR}/${MY_PN}-0.99.8.1-xtests.patch" |
| 807 |
+ |
| 808 |
+ # Remove NIS dependencies, see bug #235431 |
| 809 |
+ epatch "${FILESDIR}/${MY_PN}-1.0.2-noyp.patch" |
| 810 |
+ |
| 811 |
+ # Fix building of doc/specs |
| 812 |
+ epatch "${FILESDIR}/${MY_PN}-1.0.4-cross-compile.patch" |
| 813 |
+ |
| 814 |
+ # Fix tests on systems where sizeof(void*) != 8 |
| 815 |
+ epatch "${FILESDIR}/${MY_PN}-1.0.4-fix-tests.patch" |
| 816 |
+ |
| 817 |
+ # Remove libtool-2 libtool macros, see bug 261167 |
| 818 |
+ rm m4/libtool.m4 m4/lt*.m4 || die "rm libtool macros failed." |
| 819 |
+ |
| 820 |
+ AT_M4DIR="m4" eautoreconf |
| 821 |
+ |
| 822 |
+ elibtoolize |
| 823 |
+} |
| 824 |
+ |
| 825 |
+src_compile() { |
| 826 |
+ local myconf |
| 827 |
+ |
| 828 |
+ if use hppa || use elibc_FreeBSD; then |
| 829 |
+ myconf="${myconf} --disable-pie" |
| 830 |
+ fi |
| 831 |
+ |
| 832 |
+ # KEEP COMMENTED OUT! It seems like it fails to build with USE=debug! |
| 833 |
+ # Do _not_ move this to $(use_enable) without checking if the |
| 834 |
+ # configure.in has been fixed. As of 2009/03/03 it's still broken |
| 835 |
+ # on upstream's CVS, and --disable-debug means --enable-debug too. |
| 836 |
+ # if use debug; then |
| 837 |
+ # myconf="${myconf} --enable-debug" |
| 838 |
+ # fi |
| 839 |
+ |
| 840 |
+ econf \ |
| 841 |
+ --libdir=/usr/$(get_libdir) \ |
| 842 |
+ --docdir=/usr/share/doc/${PF} \ |
| 843 |
+ --htmldir=/usr/share/doc/${PF}/html \ |
| 844 |
+ --enable-securedir=/$(get_libdir)/security \ |
| 845 |
+ --enable-isadir=/$(get_libdir)/security \ |
| 846 |
+ $(use_enable nls) \ |
| 847 |
+ $(use_enable selinux) \ |
| 848 |
+ $(use_enable cracklib) \ |
| 849 |
+ $(use_enable audit) \ |
| 850 |
+ --disable-db \ |
| 851 |
+ --disable-dependency-tracking \ |
| 852 |
+ --disable-prelude \ |
| 853 |
+ --disable-regenerate-man \ |
| 854 |
+ ${myconf} || die "econf failed" |
| 855 |
+ emake sepermitlockdir="/var/run/sepermit" || die "emake failed" |
| 856 |
+} |
| 857 |
+ |
| 858 |
+src_install() { |
| 859 |
+ emake DESTDIR="${D}" install \ |
| 860 |
+ sepermitlockdir="/var/run/sepermit" || die "make install failed" |
| 861 |
+ |
| 862 |
+ # Need to be suid |
| 863 |
+ fperms u+s /sbin/unix_chkpwd |
| 864 |
+ |
| 865 |
+ dodir /$(get_libdir) |
| 866 |
+ mv "${D}/usr/$(get_libdir)/libpam.so"* "${D}/$(get_libdir)/" |
| 867 |
+ mv "${D}/usr/$(get_libdir)/libpamc.so"* "${D}/$(get_libdir)/" |
| 868 |
+ mv "${D}/usr/$(get_libdir)/libpam_misc.so"* "${D}/$(get_libdir)/" |
| 869 |
+ gen_usr_ldscript libpam.so libpamc.so libpam_misc.so |
| 870 |
+ |
| 871 |
+ dodoc CHANGELOG ChangeLog README AUTHORS Copyright |
| 872 |
+ docinto modules ; dodoc doc/txts/README.* |
| 873 |
+ |
| 874 |
+ # Remove the wrongly installed manpages |
| 875 |
+ rm "${D}"/usr/share/man/man8/pam_userdb.8* |
| 876 |
+ use cracklib || rm "${D}"/usr/share/man/man8/pam_cracklib.8* |
| 877 |
+ |
| 878 |
+ # Get rid of the .la files. We certainly don't need them for PAM |
| 879 |
+ # modules, and libpam is installed as a shared object only, so we |
| 880 |
+ # don't ned them for static linking either. |
| 881 |
+ find "${D}" -name '*.la' -delete |
| 882 |
+} |
| 883 |
+ |
| 884 |
+pkg_preinst() { |
| 885 |
+ check_old_modules || die "deprecated PAM modules still used" |
| 886 |
+} |
| 887 |
|
| 888 |
diff --git a/sys-libs/pam/pam-1.1.0.ebuild b/sys-libs/pam/pam-1.1.0.ebuild |
| 889 |
new file mode 100644 |
| 890 |
index 0000000..8b1a1d2 |
| 891 |
--- /dev/null |
| 892 |
+++ b/sys-libs/pam/pam-1.1.0.ebuild |
| 893 |
@@ -0,0 +1,164 @@ |
| 894 |
+# Copyright 1999-2009 Gentoo Foundation |
| 895 |
+# Distributed under the terms of the GNU General Public License v2 |
| 896 |
+# $Header: /var/cvsroot/gentoo-x86/sys-libs/pam/pam-1.1.0.ebuild,v 1.5 2009/06/21 16:50:28 flameeyes Exp $ |
| 897 |
+ |
| 898 |
+inherit libtool multilib eutils autotools pam toolchain-funcs flag-o-matic |
| 899 |
+ |
| 900 |
+MY_PN="Linux-PAM" |
| 901 |
+MY_P="${MY_PN}-${PV}" |
| 902 |
+ |
| 903 |
+HOMEPAGE="http://www.kernel.org/pub/linux/libs/pam/" |
| 904 |
+DESCRIPTION="Linux-PAM (Pluggable Authentication Modules)" |
| 905 |
+ |
| 906 |
+SRC_URI="mirror://kernel/linux/libs/pam/library/${MY_P}.tar.bz2 |
| 907 |
+ mirror://kernel/linux/libs/pam/documentation/${MY_P}-docs.tar.bz2" |
| 908 |
+ |
| 909 |
+LICENSE="|| ( BSD GPL-2 )" |
| 910 |
+SLOT="0" |
| 911 |
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" |
| 912 |
+IUSE="cracklib nls elibc_FreeBSD selinux vim-syntax audit test elibc_glibc debug" |
| 913 |
+ |
| 914 |
+RDEPEND="nls? ( virtual/libintl ) |
| 915 |
+ cracklib? ( >=sys-libs/cracklib-2.8.3 ) |
| 916 |
+ audit? ( sys-process/audit ) |
| 917 |
+ selinux? ( >=sys-libs/libselinux-1.28 ) |
| 918 |
+ elibc_glibc? ( >=sys-libs/glibc-2.7 )" |
| 919 |
+DEPEND="${RDEPEND} |
| 920 |
+ sys-devel/flex |
| 921 |
+ nls? ( sys-devel/gettext )" |
| 922 |
+PDEPEND="sys-auth/pambase |
| 923 |
+ vim-syntax? ( app-vim/pam-syntax )" |
| 924 |
+ |
| 925 |
+S="${WORKDIR}/${MY_P}" |
| 926 |
+ |
| 927 |
+PROVIDE="virtual/pam" |
| 928 |
+ |
| 929 |
+check_old_modules() { |
| 930 |
+ local retval="0" |
| 931 |
+ |
| 932 |
+ if sed -e 's:#.*::' "${ROOT}"/etc/pam.d/* 2>/dev/null | fgrep -q pam_stack.so; then |
| 933 |
+ eerror "" |
| 934 |
+ eerror "Your current setup is using the pam_stack module." |
| 935 |
+ eerror "This module is deprecated and no longer supported, and since version" |
| 936 |
+ eerror "0.99 is no longer installed, nor provided by any other package." |
| 937 |
+ eerror "The package will be built (to allow binary package builds), but will" |
| 938 |
+ eerror "not be installed." |
| 939 |
+ eerror "Please replace pam_stack usage with proper include directive usage," |
| 940 |
+ eerror "following the PAM Upgrade guide at the following URL" |
| 941 |
+ eerror " http://www.gentoo.org/proj/en/base/pam/upgrade-0.99.xml" |
| 942 |
+ eerror "" |
| 943 |
+ ebeep 15 |
| 944 |
+ |
| 945 |
+ retval=1 |
| 946 |
+ fi |
| 947 |
+ |
| 948 |
+ if sed -e 's:#.*::' "${ROOT}"/etc/pam.d/* 2>/dev/null | egrep -q 'pam_(pwdb|console)'; then |
| 949 |
+ eerror "" |
| 950 |
+ eerror "Your current setup is using one or more of the following modules," |
| 951 |
+ eerror "that are not built or supported anymore:" |
| 952 |
+ eerror "pam_pwdb, pam_console" |
| 953 |
+ eerror "If you are in real need for these modules, please contact the maintainers" |
| 954 |
+ eerror "of PAM through http://bugs.gentoo.org/ providing information about its" |
| 955 |
+ eerror "use cases." |
| 956 |
+ eerror "Please also make sure to read the PAM Upgrade guide at the following URL:" |
| 957 |
+ eerror " http://www.gentoo.org/proj/en/base/pam/upgrade-0.99.xml" |
| 958 |
+ eerror "" |
| 959 |
+ ebeep 10 |
| 960 |
+ |
| 961 |
+ retval=1 |
| 962 |
+ fi |
| 963 |
+ |
| 964 |
+ return $retval |
| 965 |
+} |
| 966 |
+ |
| 967 |
+pkg_setup() { |
| 968 |
+ check_old_modules |
| 969 |
+} |
| 970 |
+ |
| 971 |
+src_unpack() { |
| 972 |
+ unpack ${A} |
| 973 |
+ cd "${S}" |
| 974 |
+ |
| 975 |
+ # Avoid building xtests during "make all"; note that for what |
| 976 |
+ # we're concerned xtests are not even executed, so we should |
| 977 |
+ # probably use EXTRA_PROGRAMS. |
| 978 |
+ epatch "${FILESDIR}/${MY_PN}-0.99.8.1-xtests.patch" |
| 979 |
+ |
| 980 |
+ # Remove NIS dependencies, see bug #235431 |
| 981 |
+ epatch "${FILESDIR}/${MY_PN}-1.0.2-noyp.patch" |
| 982 |
+ |
| 983 |
+ # Fix building with debug USE flag enabled |
| 984 |
+ epatch "${FILESDIR}/${MY_PN}-1.1.0-debug.patch" |
| 985 |
+ |
| 986 |
+ # Fix building with nls USE flag disabled |
| 987 |
+ epatch "${FILESDIR}/${MY_PN}-1.1.0-nonls.patch" |
| 988 |
+ |
| 989 |
+ # Fix building of doc/specs |
| 990 |
+ epatch "${FILESDIR}/${MY_PN}-1.0.4-cross-compile.patch" |
| 991 |
+ |
| 992 |
+ # Remove libtool-2 libtool macros, see bug 261167 |
| 993 |
+ rm m4/libtool.m4 m4/lt*.m4 || die "rm libtool macros failed." |
| 994 |
+ |
| 995 |
+ AT_M4DIR="m4" eautoreconf |
| 996 |
+ |
| 997 |
+ elibtoolize |
| 998 |
+} |
| 999 |
+ |
| 1000 |
+src_compile() { |
| 1001 |
+ local myconf |
| 1002 |
+ |
| 1003 |
+ if use hppa || use elibc_FreeBSD; then |
| 1004 |
+ myconf="${myconf} --disable-pie" |
| 1005 |
+ fi |
| 1006 |
+ |
| 1007 |
+ econf \ |
| 1008 |
+ --libdir=/usr/$(get_libdir) \ |
| 1009 |
+ --docdir=/usr/share/doc/${PF} \ |
| 1010 |
+ --htmldir=/usr/share/doc/${PF}/html \ |
| 1011 |
+ --enable-securedir=/$(get_libdir)/security \ |
| 1012 |
+ --enable-isadir=/$(get_libdir)/security \ |
| 1013 |
+ $(use_enable nls) \ |
| 1014 |
+ $(use_enable selinux) \ |
| 1015 |
+ $(use_enable cracklib) \ |
| 1016 |
+ $(use_enable audit) \ |
| 1017 |
+ $(use_enable debug) \ |
| 1018 |
+ --disable-db \ |
| 1019 |
+ --disable-dependency-tracking \ |
| 1020 |
+ --disable-prelude \ |
| 1021 |
+ ${myconf} || die "econf failed" |
| 1022 |
+ emake sepermitlockdir="/var/run/sepermit" || die "emake failed" |
| 1023 |
+} |
| 1024 |
+ |
| 1025 |
+src_install() { |
| 1026 |
+ emake DESTDIR="${D}" install \ |
| 1027 |
+ sepermitlockdir="/var/run/sepermit" || die "make install failed" |
| 1028 |
+ |
| 1029 |
+ # Need to be suid |
| 1030 |
+ fperms u+s /sbin/unix_chkpwd |
| 1031 |
+ |
| 1032 |
+ dodir /$(get_libdir) |
| 1033 |
+ mv "${D}/usr/$(get_libdir)/libpam.so"* "${D}/$(get_libdir)/" |
| 1034 |
+ mv "${D}/usr/$(get_libdir)/libpamc.so"* "${D}/$(get_libdir)/" |
| 1035 |
+ mv "${D}/usr/$(get_libdir)/libpam_misc.so"* "${D}/$(get_libdir)/" |
| 1036 |
+ gen_usr_ldscript libpam.so libpamc.so libpam_misc.so |
| 1037 |
+ |
| 1038 |
+ dodoc CHANGELOG ChangeLog README AUTHORS Copyright NEWS || die |
| 1039 |
+ |
| 1040 |
+ docinto modules |
| 1041 |
+ for dir in modules/pam_*; do |
| 1042 |
+ newdoc "${dir}"/README README."$(basename "${dir}")" |
| 1043 |
+ done |
| 1044 |
+ |
| 1045 |
+ # Remove the wrongly installed manpages |
| 1046 |
+ rm "${D}"/usr/share/man/man8/pam_userdb.8* |
| 1047 |
+ use cracklib || rm "${D}"/usr/share/man/man8/pam_cracklib.8* |
| 1048 |
+ |
| 1049 |
+ # Get rid of the .la files. We certainly don't need them for PAM |
| 1050 |
+ # modules, and libpam is installed as a shared object only, so we |
| 1051 |
+ # don't ned them for static linking either. |
| 1052 |
+ find "${D}" -name '*.la' -delete |
| 1053 |
+} |
| 1054 |
+ |
| 1055 |
+pkg_preinst() { |
| 1056 |
+ check_old_modules || die "deprecated PAM modules still used" |
| 1057 |
+} |
| 1058 |
|
| 1059 |
diff --git a/sys-libs/pam/pam-1.1.1-r2.ebuild b/sys-libs/pam/pam-1.1.1-r2.ebuild |
| 1060 |
new file mode 100644 |
| 1061 |
index 0000000..d5f433e |
| 1062 |
--- /dev/null |
| 1063 |
+++ b/sys-libs/pam/pam-1.1.1-r2.ebuild |
| 1064 |
@@ -0,0 +1,186 @@ |
| 1065 |
+# Copyright 1999-2010 Gentoo Foundation |
| 1066 |
+# Distributed under the terms of the GNU General Public License v2 |
| 1067 |
+# $Header: /var/cvsroot/gentoo-x86/sys-libs/pam/pam-1.1.1-r2.ebuild,v 1.4 2010/05/22 09:09:08 jlec Exp $ |
| 1068 |
+ |
| 1069 |
+EAPI="3" |
| 1070 |
+ |
| 1071 |
+inherit libtool multilib eutils autotools pam toolchain-funcs flag-o-matic db-use |
| 1072 |
+ |
| 1073 |
+MY_PN="Linux-PAM" |
| 1074 |
+MY_P="${MY_PN}-${PV}" |
| 1075 |
+ |
| 1076 |
+HOMEPAGE="http://www.kernel.org/pub/linux/libs/pam/" |
| 1077 |
+DESCRIPTION="Linux-PAM (Pluggable Authentication Modules)" |
| 1078 |
+ |
| 1079 |
+SRC_URI="mirror://kernel/linux/libs/pam/library/${MY_P}.tar.bz2 |
| 1080 |
+ mirror://kernel/linux/libs/pam/documentation/${MY_P}-docs.tar.bz2" |
| 1081 |
+ |
| 1082 |
+LICENSE="|| ( BSD GPL-2 )" |
| 1083 |
+SLOT="0" |
| 1084 |
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-linux ~ia64-linux ~x86-linux" |
| 1085 |
+IUSE="cracklib nls elibc_FreeBSD selinux vim-syntax audit test elibc_glibc debug berkdb" |
| 1086 |
+ |
| 1087 |
+RDEPEND="nls? ( virtual/libintl ) |
| 1088 |
+ cracklib? ( >=sys-libs/cracklib-2.8.3 ) |
| 1089 |
+ audit? ( sys-process/audit ) |
| 1090 |
+ selinux? ( >=sys-libs/libselinux-1.28 ) |
| 1091 |
+ berkdb? ( sys-libs/db ) |
| 1092 |
+ elibc_glibc? ( >=sys-libs/glibc-2.7 )" |
| 1093 |
+DEPEND="${RDEPEND} |
| 1094 |
+ sys-devel/flex |
| 1095 |
+ nls? ( sys-devel/gettext )" |
| 1096 |
+PDEPEND="sys-auth/pambase |
| 1097 |
+ vim-syntax? ( app-vim/pam-syntax )" |
| 1098 |
+RDEPEND="${RDEPEND} |
| 1099 |
+ !sys-auth/pam_userdb" |
| 1100 |
+ |
| 1101 |
+S="${WORKDIR}/${MY_P}" |
| 1102 |
+ |
| 1103 |
+PROVIDE="virtual/pam" |
| 1104 |
+ |
| 1105 |
+check_old_modules() { |
| 1106 |
+ local retval="0" |
| 1107 |
+ |
| 1108 |
+ if sed -e 's:#.*::' "${EROOT}"/etc/pam.d/* 2>/dev/null | fgrep -q pam_stack.so; then |
| 1109 |
+ eerror "" |
| 1110 |
+ eerror "Your current setup is using the pam_stack module." |
| 1111 |
+ eerror "This module is deprecated and no longer supported, and since version" |
| 1112 |
+ eerror "0.99 is no longer installed, nor provided by any other package." |
| 1113 |
+ eerror "The package will be built (to allow binary package builds), but will" |
| 1114 |
+ eerror "not be installed." |
| 1115 |
+ eerror "Please replace pam_stack usage with proper include directive usage," |
| 1116 |
+ eerror "following the PAM Upgrade guide at the following URL" |
| 1117 |
+ eerror " http://www.gentoo.org/proj/en/base/pam/upgrade-0.99.xml" |
| 1118 |
+ eerror "" |
| 1119 |
+ |
| 1120 |
+ retval=1 |
| 1121 |
+ fi |
| 1122 |
+ |
| 1123 |
+ if sed -e 's:#.*::' "${EROOT}"/etc/pam.d/* 2>/dev/null | egrep -q 'pam_(pwdb|console)'; then |
| 1124 |
+ eerror "" |
| 1125 |
+ eerror "Your current setup is using one or more of the following modules," |
| 1126 |
+ eerror "that are not built or supported anymore:" |
| 1127 |
+ eerror "pam_pwdb, pam_console" |
| 1128 |
+ eerror "If you are in real need for these modules, please contact the maintainers" |
| 1129 |
+ eerror "of PAM through http://bugs.gentoo.org/ providing information about its" |
| 1130 |
+ eerror "use cases." |
| 1131 |
+ eerror "Please also make sure to read the PAM Upgrade guide at the following URL:" |
| 1132 |
+ eerror " http://www.gentoo.org/proj/en/base/pam/upgrade-0.99.xml" |
| 1133 |
+ eerror "" |
| 1134 |
+ |
| 1135 |
+ retval=1 |
| 1136 |
+ fi |
| 1137 |
+ |
| 1138 |
+ return $retval |
| 1139 |
+} |
| 1140 |
+ |
| 1141 |
+pkg_setup() { |
| 1142 |
+ check_old_modules |
| 1143 |
+} |
| 1144 |
+ |
| 1145 |
+src_prepare() { |
| 1146 |
+ # Avoid building xtests during "make all"; note that for what |
| 1147 |
+ # we're concerned xtests are not even executed, so we should |
| 1148 |
+ # probably use EXTRA_PROGRAMS. |
| 1149 |
+ epatch "${FILESDIR}/${MY_PN}-0.99.8.1-xtests.patch" |
| 1150 |
+ |
| 1151 |
+ # Fix building on uClibc; it is added since 1.1.1 but applies to |
| 1152 |
+ # 1.1.0 as well. |
| 1153 |
+ epatch "${FILESDIR}/${MY_PN}-1.1.0-uclibc.patch" |
| 1154 |
+ |
| 1155 |
+ # Fix tests to find Berkeley DB as installed by Gentoo (with a |
| 1156 |
+ # library suffix but no suffix on the ELF symbols). |
| 1157 |
+ epatch "${FILESDIR}/${MY_PN}-1.1.1-gentoodb.patch" |
| 1158 |
+ |
| 1159 |
+ # make it possible to skip libxcrypt detection if header is not |
| 1160 |
+ # found |
| 1161 |
+ epatch "${FILESDIR}/${MY_PN}-1.1.1-xcrypt.patch" |
| 1162 |
+ |
| 1163 |
+ # fix building with Berkeley DB 5.0 and later; now defining |
| 1164 |
+ # DB_DBM_HSEARCH is not enough; bug #319831 |
| 1165 |
+ epatch "${FILESDIR}/${MY_PN}-1.1.1+berkdb-5.patch" |
| 1166 |
+ |
| 1167 |
+ # Fix building of doc/specs |
| 1168 |
+ epatch "${FILESDIR}/${MY_PN}-1.0.4-cross-compile.patch" |
| 1169 |
+ |
| 1170 |
+ # Remove libtool-2 libtool macros, see bug 261167 |
| 1171 |
+ rm m4/libtool.m4 m4/lt*.m4 || die "rm libtool macros failed." |
| 1172 |
+ |
| 1173 |
+ eautoreconf |
| 1174 |
+ |
| 1175 |
+ elibtoolize |
| 1176 |
+} |
| 1177 |
+ |
| 1178 |
+src_configure() { |
| 1179 |
+ local myconf |
| 1180 |
+ |
| 1181 |
+ if use hppa || use elibc_FreeBSD; then |
| 1182 |
+ myconf="${myconf} --disable-pie" |
| 1183 |
+ fi |
| 1184 |
+ |
| 1185 |
+ # Disable automatic detection of libxcrypt; we _don't_ want the |
| 1186 |
+ # user to link libxcrypt in by default, since we won't track the |
| 1187 |
+ # dependency and allow to break PAM this way. |
| 1188 |
+ export ac_cv_header_xcrypt_h=no |
| 1189 |
+ |
| 1190 |
+ econf \ |
| 1191 |
+ --libdir="${EPREFIX}"/usr/$(get_libdir) \ |
| 1192 |
+ --docdir="${EPREFIX}"/usr/share/doc/${PF} \ |
| 1193 |
+ --htmldir="${EPREFIX}"/usr/share/doc/${PF}/html \ |
| 1194 |
+ --enable-securedir="${EPREFIX}"/$(get_libdir)/security \ |
| 1195 |
+ --enable-isadir="${EPREFIX}"/$(get_libdir)/security \ |
| 1196 |
+ $(use_enable nls) \ |
| 1197 |
+ $(use_enable selinux) \ |
| 1198 |
+ $(use_enable cracklib) \ |
| 1199 |
+ $(use_enable audit) \ |
| 1200 |
+ $(use_enable debug) \ |
| 1201 |
+ $(use_enable berkdb db) \ |
| 1202 |
+ --with-db-uniquename=-$(db_findver sys-libs/db) \ |
| 1203 |
+ --disable-dependency-tracking \ |
| 1204 |
+ --disable-prelude \ |
| 1205 |
+ ${myconf} |
| 1206 |
+} |
| 1207 |
+ |
| 1208 |
+src_compile() { |
| 1209 |
+ emake sepermitlockdir="${EPREFIX}/var/run/sepermit" || die "emake failed" |
| 1210 |
+} |
| 1211 |
+ |
| 1212 |
+src_test() { |
| 1213 |
+ # explicitly allow parallel-build during testing |
| 1214 |
+ emake sepermitlockdir="${EPREFIX}/var/run/sepermit" check || die "emake check failed" |
| 1215 |
+} |
| 1216 |
+ |
| 1217 |
+src_install() { |
| 1218 |
+ local lib |
| 1219 |
+ |
| 1220 |
+ emake DESTDIR="${D}" install \ |
| 1221 |
+ sepermitlockdir="${EPREFIX}/var/run/sepermit" || die "make install failed" |
| 1222 |
+ |
| 1223 |
+ # Need to be suid |
| 1224 |
+ fperms u+s /sbin/unix_chkpwd |
| 1225 |
+ |
| 1226 |
+ gen_usr_ldscript -a pam pamc pam_misc |
| 1227 |
+ |
| 1228 |
+ # create extra symlinks just in case something depends on them... |
| 1229 |
+ for lib in pam pamc pam_misc; do |
| 1230 |
+ if ! [[ -f "${ED}"/$(get_libdir)/lib${lib}$(get_libname) ]]; then |
| 1231 |
+ dosym lib${lib}$(get_libname 0) /$(get_libdir)/lib${lib}$(get_libname) |
| 1232 |
+ fi |
| 1233 |
+ done |
| 1234 |
+ |
| 1235 |
+ dodoc CHANGELOG ChangeLog README AUTHORS Copyright NEWS || die |
| 1236 |
+ |
| 1237 |
+ docinto modules |
| 1238 |
+ for dir in modules/pam_*; do |
| 1239 |
+ newdoc "${dir}"/README README."$(basename "${dir}")" |
| 1240 |
+ done |
| 1241 |
+ |
| 1242 |
+ # Get rid of the .la files. We certainly don't need them for PAM |
| 1243 |
+ # modules, and libpam is installed as a shared object only, so we |
| 1244 |
+ # don't ned them for static linking either. |
| 1245 |
+ find "${D}" -name '*.la' -delete |
| 1246 |
+} |
| 1247 |
+ |
| 1248 |
+pkg_preinst() { |
| 1249 |
+ check_old_modules || die "deprecated PAM modules still used" |
| 1250 |
+} |
| 1251 |
|
| 1252 |
diff --git a/sys-libs/pam/pam-1.1.2.ebuild b/sys-libs/pam/pam-1.1.2.ebuild |
| 1253 |
new file mode 100644 |
| 1254 |
index 0000000..90b6c6b |
| 1255 |
--- /dev/null |
| 1256 |
+++ b/sys-libs/pam/pam-1.1.2.ebuild |
| 1257 |
@@ -0,0 +1,192 @@ |
| 1258 |
+# Copyright 1999-2010 Gentoo Foundation |
| 1259 |
+# Distributed under the terms of the GNU General Public License v2 |
| 1260 |
+# $Header: /var/cvsroot/gentoo-x86/sys-libs/pam/pam-1.1.2.ebuild,v 1.1 2010/08/31 12:32:45 flameeyes Exp $ |
| 1261 |
+ |
| 1262 |
+EAPI="3" |
| 1263 |
+ |
| 1264 |
+inherit libtool multilib eutils autotools pam toolchain-funcs flag-o-matic db-use |
| 1265 |
+ |
| 1266 |
+MY_PN="Linux-PAM" |
| 1267 |
+MY_P="${MY_PN}-${PV}" |
| 1268 |
+ |
| 1269 |
+HOMEPAGE="http://www.kernel.org/pub/linux/libs/pam/" |
| 1270 |
+DESCRIPTION="Linux-PAM (Pluggable Authentication Modules)" |
| 1271 |
+ |
| 1272 |
+SRC_URI="mirror://kernel/linux/libs/pam/library/${MY_P}.tar.bz2 |
| 1273 |
+ mirror://kernel/linux/libs/pam/documentation/${MY_P}-docs.tar.bz2" |
| 1274 |
+ |
| 1275 |
+LICENSE="|| ( BSD GPL-2 )" |
| 1276 |
+SLOT="0" |
| 1277 |
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-linux ~ia64-linux ~x86-linux" |
| 1278 |
+IUSE="cracklib nls elibc_FreeBSD selinux vim-syntax audit test elibc_glibc debug berkdb" |
| 1279 |
+ |
| 1280 |
+RDEPEND="nls? ( virtual/libintl ) |
| 1281 |
+ cracklib? ( >=sys-libs/cracklib-2.8.3 ) |
| 1282 |
+ audit? ( sys-process/audit ) |
| 1283 |
+ selinux? ( >=sys-libs/libselinux-1.28 ) |
| 1284 |
+ berkdb? ( sys-libs/db ) |
| 1285 |
+ elibc_glibc? ( >=sys-libs/glibc-2.7 )" |
| 1286 |
+DEPEND="${RDEPEND} |
| 1287 |
+ sys-devel/flex |
| 1288 |
+ nls? ( sys-devel/gettext )" |
| 1289 |
+PDEPEND="sys-auth/pambase |
| 1290 |
+ vim-syntax? ( app-vim/pam-syntax )" |
| 1291 |
+RDEPEND="${RDEPEND} |
| 1292 |
+ !sys-auth/pam_userdb" |
| 1293 |
+ |
| 1294 |
+S="${WORKDIR}/${MY_P}" |
| 1295 |
+ |
| 1296 |
+PROVIDE="virtual/pam" |
| 1297 |
+ |
| 1298 |
+check_old_modules() { |
| 1299 |
+ local retval="0" |
| 1300 |
+ |
| 1301 |
+ if sed -e 's:#.*::' "${EROOT}"/etc/pam.d/* 2>/dev/null | fgrep -q pam_stack.so; then |
| 1302 |
+ eerror "" |
| 1303 |
+ eerror "Your current setup is using the pam_stack module." |
| 1304 |
+ eerror "This module is deprecated and no longer supported, and since version" |
| 1305 |
+ eerror "0.99 is no longer installed, nor provided by any other package." |
| 1306 |
+ eerror "The package will be built (to allow binary package builds), but will" |
| 1307 |
+ eerror "not be installed." |
| 1308 |
+ eerror "Please replace pam_stack usage with proper include directive usage," |
| 1309 |
+ eerror "following the PAM Upgrade guide at the following URL" |
| 1310 |
+ eerror " http://www.gentoo.org/proj/en/base/pam/upgrade-0.99.xml" |
| 1311 |
+ eerror "" |
| 1312 |
+ |
| 1313 |
+ retval=1 |
| 1314 |
+ fi |
| 1315 |
+ |
| 1316 |
+ if sed -e 's:#.*::' "${EROOT}"/etc/pam.d/* 2>/dev/null | egrep -q 'pam_(pwdb|console)'; then |
| 1317 |
+ eerror "" |
| 1318 |
+ eerror "Your current setup is using one or more of the following modules," |
| 1319 |
+ eerror "that are not built or supported anymore:" |
| 1320 |
+ eerror "pam_pwdb, pam_console" |
| 1321 |
+ eerror "If you are in real need for these modules, please contact the maintainers" |
| 1322 |
+ eerror "of PAM through http://bugs.gentoo.org/ providing information about its" |
| 1323 |
+ eerror "use cases." |
| 1324 |
+ eerror "Please also make sure to read the PAM Upgrade guide at the following URL:" |
| 1325 |
+ eerror " http://www.gentoo.org/proj/en/base/pam/upgrade-0.99.xml" |
| 1326 |
+ eerror "" |
| 1327 |
+ |
| 1328 |
+ retval=1 |
| 1329 |
+ fi |
| 1330 |
+ |
| 1331 |
+ return $retval |
| 1332 |
+} |
| 1333 |
+ |
| 1334 |
+pkg_setup() { |
| 1335 |
+ check_old_modules |
| 1336 |
+} |
| 1337 |
+ |
| 1338 |
+src_prepare() { |
| 1339 |
+ # Avoid building xtests during "make all"; note that for what |
| 1340 |
+ # we're concerned xtests are not even executed, so we should |
| 1341 |
+ # probably use EXTRA_PROGRAMS. |
| 1342 |
+ epatch "${FILESDIR}/${MY_PN}-0.99.8.1-xtests.patch" |
| 1343 |
+ |
| 1344 |
+ # Fix tests to find Berkeley DB as installed by Gentoo (with a |
| 1345 |
+ # library suffix but no suffix on the ELF symbols). |
| 1346 |
+ epatch "${FILESDIR}/${MY_PN}-1.1.1-gentoodb.patch" |
| 1347 |
+ |
| 1348 |
+ # Fix building of doc/specs, see bug 339174 |
| 1349 |
+ epatch "${FILESDIR}/${MY_PN}-1.0.4-cross-compile.patch" |
| 1350 |
+ |
| 1351 |
+ # Remove libtool-2 libtool macros, see bug 261167 |
| 1352 |
+ rm m4/libtool.m4 m4/lt*.m4 || die "rm libtool macros failed." |
| 1353 |
+ |
| 1354 |
+ eautoreconf |
| 1355 |
+ |
| 1356 |
+ elibtoolize |
| 1357 |
+} |
| 1358 |
+ |
| 1359 |
+src_configure() { |
| 1360 |
+ local myconf |
| 1361 |
+ |
| 1362 |
+ if use hppa || use elibc_FreeBSD; then |
| 1363 |
+ myconf="${myconf} --disable-pie" |
| 1364 |
+ fi |
| 1365 |
+ |
| 1366 |
+ # Disable automatic detection of libxcrypt; we _don't_ want the |
| 1367 |
+ # user to link libxcrypt in by default, since we won't track the |
| 1368 |
+ # dependency and allow to break PAM this way. |
| 1369 |
+ export ac_cv_header_xcrypt_h=no |
| 1370 |
+ |
| 1371 |
+ econf \ |
| 1372 |
+ --disable-dependency-tracking \ |
| 1373 |
+ --enable-fast-install \ |
| 1374 |
+ --libdir="${EPREFIX}"/usr/$(get_libdir) \ |
| 1375 |
+ --docdir="${EPREFIX}"/usr/share/doc/${PF} \ |
| 1376 |
+ --htmldir="${EPREFIX}"/usr/share/doc/${PF}/html \ |
| 1377 |
+ --enable-securedir="${EPREFIX}"/$(get_libdir)/security \ |
| 1378 |
+ --enable-isadir="${EPREFIX}"/$(get_libdir)/security \ |
| 1379 |
+ $(use_enable nls) \ |
| 1380 |
+ $(use_enable selinux) \ |
| 1381 |
+ $(use_enable cracklib) \ |
| 1382 |
+ $(use_enable audit) \ |
| 1383 |
+ $(use_enable debug) \ |
| 1384 |
+ $(use_enable berkdb db) \ |
| 1385 |
+ --with-db-uniquename=-$(db_findver sys-libs/db) \ |
| 1386 |
+ --disable-prelude \ |
| 1387 |
+ ${myconf} |
| 1388 |
+} |
| 1389 |
+ |
| 1390 |
+src_compile() { |
| 1391 |
+ emake sepermitlockdir="${EPREFIX}/var/run/sepermit" || die "emake failed" |
| 1392 |
+} |
| 1393 |
+ |
| 1394 |
+src_test() { |
| 1395 |
+ # explicitly allow parallel-build during testing |
| 1396 |
+ emake sepermitlockdir="${EPREFIX}/var/run/sepermit" check || die "emake check failed" |
| 1397 |
+} |
| 1398 |
+ |
| 1399 |
+src_install() { |
| 1400 |
+ local lib |
| 1401 |
+ |
| 1402 |
+ emake DESTDIR="${D}" install \ |
| 1403 |
+ sepermitlockdir="${EPREFIX}/var/run/sepermit" || die "make install failed" |
| 1404 |
+ |
| 1405 |
+ # Need to be suid |
| 1406 |
+ fperms u+s /sbin/unix_chkpwd |
| 1407 |
+ |
| 1408 |
+ gen_usr_ldscript -a pam pamc pam_misc |
| 1409 |
+ |
| 1410 |
+ # create extra symlinks just in case something depends on them... |
| 1411 |
+ for lib in pam pamc pam_misc; do |
| 1412 |
+ if ! [[ -f "${ED}"/$(get_libdir)/lib${lib}$(get_libname) ]]; then |
| 1413 |
+ dosym lib${lib}$(get_libname 0) /$(get_libdir)/lib${lib}$(get_libname) |
| 1414 |
+ fi |
| 1415 |
+ done |
| 1416 |
+ |
| 1417 |
+ dodoc CHANGELOG ChangeLog README AUTHORS Copyright NEWS || die |
| 1418 |
+ |
| 1419 |
+ docinto modules |
| 1420 |
+ for dir in modules/pam_*; do |
| 1421 |
+ newdoc "${dir}"/README README."$(basename "${dir}")" |
| 1422 |
+ done |
| 1423 |
+ |
| 1424 |
+ # Get rid of the .la files. We certainly don't need them for PAM |
| 1425 |
+ # modules, and libpam is installed as a shared object only, so we |
| 1426 |
+ # don't ned them for static linking either. |
| 1427 |
+ find "${D}" -name '*.la' -delete |
| 1428 |
+} |
| 1429 |
+ |
| 1430 |
+pkg_preinst() { |
| 1431 |
+ check_old_modules || die "deprecated PAM modules still used" |
| 1432 |
+} |
| 1433 |
+ |
| 1434 |
+pkg_postinst() { |
| 1435 |
+ ewarn "Some software with pre-loaded PAM libraries might experience" |
| 1436 |
+ ewarn "warnings or failures related to missing symbols and/or versions" |
| 1437 |
+ ewarn "after any update. While unfortunate this is a limit of the" |
| 1438 |
+ ewarn "implementation of PAM and the software, and it requires you to" |
| 1439 |
+ ewarn "restart the software manually after the update." |
| 1440 |
+ ewarn "" |
| 1441 |
+ ewarn "You can get a list of such software running a command like" |
| 1442 |
+ ewarn " lsof / | egrep 'DEL.*libpam\\.so'" |
| 1443 |
+ elog "" |
| 1444 |
+ elog "Because of a bug present up to version 1.1.1-r2, you might have" |
| 1445 |
+ elog "an executable /var/log/tallylog file. If it is so, you can safely" |
| 1446 |
+ elog "correct it by running the command" |
| 1447 |
+ elog " chmod -x /var/log/tallylog" |
| 1448 |
+ elog "" |
| 1449 |
+} |
Archives