1 |
commit: 12bb0798022e7c77ccb830b66c647e2dfb215c4a |
2 |
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
3 |
AuthorDate: Tue Jan 3 20:54:04 2012 +0000 |
4 |
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
5 |
CommitDate: Tue Jan 3 20:54:04 2012 +0000 |
6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-dev.git;a=commit;h=12bb0798 |
7 |
|
8 |
sys-libs/pam: imported from git://git.overlays.gentoo.org/proj/embedded-cross.git |
9 |
|
10 |
--- |
11 |
...Linux-PAM-0.99.7.0-disable-regenerate-man.patch | 18 ++ |
12 |
sys-libs/pam/files/Linux-PAM-0.99.8.1-xtests.patch | 18 ++ |
13 |
sys-libs/pam/files/Linux-PAM-1.0.2-noyp.patch | 247 ++++++++++++++++++++ |
14 |
.../pam/files/Linux-PAM-1.0.4-cross-compile.patch | 35 +++ |
15 |
sys-libs/pam/files/Linux-PAM-1.0.4-fix-tests.patch | 13 + |
16 |
sys-libs/pam/files/Linux-PAM-1.1.0-debug.patch | 13 + |
17 |
sys-libs/pam/files/Linux-PAM-1.1.0-nonls.patch | 11 + |
18 |
sys-libs/pam/files/Linux-PAM-1.1.0-uclibc.patch | 82 +++++++ |
19 |
sys-libs/pam/files/Linux-PAM-1.1.0-xcrypt.patch | 16 ++ |
20 |
sys-libs/pam/files/Linux-PAM-1.1.1+berkdb-5.patch | 12 + |
21 |
sys-libs/pam/files/Linux-PAM-1.1.1-gentoodb.patch | 20 ++ |
22 |
sys-libs/pam/files/Linux-PAM-1.1.1-xcrypt.patch | 21 ++ |
23 |
sys-libs/pam/files/other.pamd | 6 + |
24 |
sys-libs/pam/files/system-auth.pamd.epam | 15 ++ |
25 |
sys-libs/pam/metadata.xml | 29 +++ |
26 |
sys-libs/pam/pam-1.0.4.ebuild | 188 +++++++++++++++ |
27 |
sys-libs/pam/pam-1.1.0.ebuild | 164 +++++++++++++ |
28 |
sys-libs/pam/pam-1.1.1-r2.ebuild | 186 +++++++++++++++ |
29 |
sys-libs/pam/pam-1.1.2.ebuild | 192 +++++++++++++++ |
30 |
19 files changed, 1286 insertions(+), 0 deletions(-) |
31 |
|
32 |
diff --git a/sys-libs/pam/files/Linux-PAM-0.99.7.0-disable-regenerate-man.patch b/sys-libs/pam/files/Linux-PAM-0.99.7.0-disable-regenerate-man.patch |
33 |
new file mode 100644 |
34 |
index 0000000..a988b18 |
35 |
--- /dev/null |
36 |
+++ b/sys-libs/pam/files/Linux-PAM-0.99.7.0-disable-regenerate-man.patch |
37 |
@@ -0,0 +1,18 @@ |
38 |
+Index: Linux-PAM-0.99.7.0/configure.in |
39 |
+=================================================================== |
40 |
+--- Linux-PAM-0.99.7.0.orig/configure.in |
41 |
++++ Linux-PAM-0.99.7.0/configure.in |
42 |
+@@ -420,10 +420,12 @@ AC_CHECK_FUNCS(inet_ntop inet_pton ruser |
43 |
+ AC_CHECK_FUNCS(unshare, [UNSHARE=yes], [UNSHARE=no]) |
44 |
+ AM_CONDITIONAL([HAVE_UNSHARE], [test "$UNSHARE" = yes]) |
45 |
+ |
46 |
++AC_ARG_ENABLE([regenerate-man], |
47 |
++ AC_HELP_STRING([--disable-regenerate-man], [Don't re-build manpages from XML souces]), |
48 |
++ [enable_man=$enableval], [enable_man=yes]) |
49 |
+ dnl |
50 |
+ dnl Check for xsltproc |
51 |
+ dnl |
52 |
+-enable_man=yes |
53 |
+ AC_PATH_PROG([XSLTPROC], [xsltproc]) |
54 |
+ if test -z "$XSLTPROC"; then |
55 |
+ enable_man=no |
56 |
|
57 |
diff --git a/sys-libs/pam/files/Linux-PAM-0.99.8.1-xtests.patch b/sys-libs/pam/files/Linux-PAM-0.99.8.1-xtests.patch |
58 |
new file mode 100644 |
59 |
index 0000000..2cd3e95 |
60 |
--- /dev/null |
61 |
+++ b/sys-libs/pam/files/Linux-PAM-0.99.8.1-xtests.patch |
62 |
@@ -0,0 +1,18 @@ |
63 |
+This patch makes sure that the xtests programs don't get build when running |
64 |
+'make all', as they might fail to build (for instance if GLIBC 2.3 is used). |
65 |
+ |
66 |
+Note that the tests are not executed by default at make check because they |
67 |
+are anyway broken. |
68 |
+Index: Linux-PAM-0.99.9.0/xtests/Makefile.am |
69 |
+=================================================================== |
70 |
+--- Linux-PAM-0.99.9.0.orig/xtests/Makefile.am |
71 |
++++ Linux-PAM-0.99.9.0/xtests/Makefile.am |
72 |
+@@ -29,7 +29,7 @@ XTESTS = tst-pam_dispatch1 tst-pam_dispa |
73 |
+ tst-pam_access4 tst-pam_limits1 tst-pam_succeed_if1 \ |
74 |
+ tst-pam_group1 |
75 |
+ |
76 |
+-noinst_PROGRAMS = $(XTESTS) |
77 |
++check_PROGRAMS = $(XTESTS) |
78 |
+ |
79 |
+ xtests: $(XTESTS) run-xtests.sh |
80 |
+ "$(srcdir)"/run-xtests.sh "$(srcdir)" ${XTESTS} |
81 |
|
82 |
diff --git a/sys-libs/pam/files/Linux-PAM-1.0.2-noyp.patch b/sys-libs/pam/files/Linux-PAM-1.0.2-noyp.patch |
83 |
new file mode 100644 |
84 |
index 0000000..a0457b6 |
85 |
--- /dev/null |
86 |
+++ b/sys-libs/pam/files/Linux-PAM-1.0.2-noyp.patch |
87 |
@@ -0,0 +1,247 @@ |
88 |
+Index: Linux-PAM-1.0.2/configure.in |
89 |
+=================================================================== |
90 |
+--- Linux-PAM-1.0.2.orig/configure.in |
91 |
++++ Linux-PAM-1.0.2/configure.in |
92 |
+@@ -399,12 +399,27 @@ fi |
93 |
+ AC_SUBST(LIBDB) |
94 |
+ AM_CONDITIONAL([HAVE_LIBDB], [test ! -z "$LIBDB"]) |
95 |
+ |
96 |
+-AC_CHECK_LIB([nsl],[yp_get_default_domain], LIBNSL="-lnsl", LIBNSL="") |
97 |
+-BACKUP_LIBS=$LIBS |
98 |
+-LIBS="$LIBS $LIBNSL" |
99 |
+-AC_CHECK_FUNCS(yp_get_default_domain) |
100 |
+-LIBS=$BACKUP_LIBS |
101 |
+-AC_SUBST(LIBNSL) |
102 |
++LIBNSL=""; AC_SUBST(LIBNSL) |
103 |
++have_nis="yes" |
104 |
++ |
105 |
++AC_CHECK_HEADERS([rpcsvc/ypclnt.h rpcsvc/yp_prot.h netdb.h], [:], |
106 |
++ [have_nis=no; break; ]) |
107 |
++ |
108 |
++AS_IF([test "x$have_nis" = "xyes"], [ |
109 |
++ AC_CHECK_FUNCS([yp_get_default_domain], [:], |
110 |
++ AC_CHECK_LIB([nsl], [yp_get_default_domain], [LIBNSL="-lnsl"], |
111 |
++ [have_nis=no])) |
112 |
++]) |
113 |
++ |
114 |
++AS_IF([test "x$have_nis" = "xyes"], [ |
115 |
++ AC_CHECK_FUNCS([innetgr], [:], [have_nis=no; break;]) |
116 |
++]) |
117 |
++ |
118 |
++AS_IF([test "x$have_nis" = "xyes"], [ |
119 |
++ AC_DEFINE([HAVE_NIS], [1], [Define this if you have NIS support]) |
120 |
++]) |
121 |
++ |
122 |
++AM_CONDITIONAL([HAVE_NIS], [test "x$have_nis" = "xyes"]) |
123 |
+ |
124 |
+ AC_ARG_ENABLE([selinux], |
125 |
+ AC_HELP_STRING([--disable-selinux],[do not use SELinux]), |
126 |
+Index: Linux-PAM-1.0.2/modules/pam_access/pam_access.c |
127 |
+=================================================================== |
128 |
+--- Linux-PAM-1.0.2.orig/modules/pam_access/pam_access.c |
129 |
++++ Linux-PAM-1.0.2/modules/pam_access/pam_access.c |
130 |
+@@ -41,7 +41,9 @@ |
131 |
+ #include <errno.h> |
132 |
+ #include <ctype.h> |
133 |
+ #include <sys/utsname.h> |
134 |
++#ifdef HAVE_NIS |
135 |
+ #include <rpcsvc/ypclnt.h> |
136 |
++#endif |
137 |
+ #include <arpa/inet.h> |
138 |
+ #include <netdb.h> |
139 |
+ #include <sys/socket.h> |
140 |
+@@ -471,11 +473,11 @@ static char *myhostname(void) |
141 |
+ } |
142 |
+ |
143 |
+ /* netgroup_match - match group against machine or user */ |
144 |
+- |
145 |
+ static int |
146 |
+ netgroup_match (pam_handle_t *pamh, const char *netgroup, |
147 |
+ const char *machine, const char *user, int debug) |
148 |
+ { |
149 |
++#ifdef HAVE_NIS |
150 |
+ char *mydomain = NULL; |
151 |
+ int retval; |
152 |
+ |
153 |
+@@ -490,7 +492,12 @@ netgroup_match (pam_handle_t *pamh, cons |
154 |
+ machine ? machine : "NULL", |
155 |
+ user ? user : "NULL", mydomain ? mydomain : "NULL"); |
156 |
+ return retval; |
157 |
++#else |
158 |
++ pam_syslog(pamh, LOG_DEBUG, |
159 |
++ "netgroup match: no YellowPages support."); |
160 |
+ |
161 |
++ return NO; |
162 |
++#endif |
163 |
+ } |
164 |
+ |
165 |
+ /* user_match - match a username against one token */ |
166 |
+Index: Linux-PAM-1.0.2/modules/pam_unix/Makefile.am |
167 |
+=================================================================== |
168 |
+--- Linux-PAM-1.0.2.orig/modules/pam_unix/Makefile.am |
169 |
++++ Linux-PAM-1.0.2/modules/pam_unix/Makefile.am |
170 |
+@@ -40,7 +40,11 @@ noinst_PROGRAMS = bigcrypt |
171 |
+ |
172 |
+ pam_unix_la_SOURCES = bigcrypt.c pam_unix_acct.c \ |
173 |
+ pam_unix_auth.c pam_unix_passwd.c pam_unix_sess.c support.c \ |
174 |
+- passverify.c yppasswd_xdr.c md5_good.c md5_broken.c |
175 |
++ passverify.c md5_good.c md5_broken.c |
176 |
++ |
177 |
++if HAVE_NIS |
178 |
++pam_unix_la_SOURCES += yppasswd_xdr.c |
179 |
++endif |
180 |
+ |
181 |
+ bigcrypt_SOURCES = bigcrypt.c bigcrypt_main.c |
182 |
+ bigcrypt_CFLAGS = $(AM_CFLAGS) |
183 |
+Index: Linux-PAM-1.0.2/modules/pam_unix/pam_unix_passwd.c |
184 |
+=================================================================== |
185 |
+--- Linux-PAM-1.0.2.orig/modules/pam_unix/pam_unix_passwd.c |
186 |
++++ Linux-PAM-1.0.2/modules/pam_unix/pam_unix_passwd.c |
187 |
+@@ -55,8 +55,10 @@ |
188 |
+ #include <sys/time.h> |
189 |
+ #include <sys/stat.h> |
190 |
+ #include <rpc/rpc.h> |
191 |
++#ifdef HAVE_NIS |
192 |
+ #include <rpcsvc/yp_prot.h> |
193 |
+ #include <rpcsvc/ypclnt.h> |
194 |
++#endif |
195 |
+ |
196 |
+ #include <signal.h> |
197 |
+ #include <errno.h> |
198 |
+@@ -103,6 +105,7 @@ extern int getrpcport(const char *host, |
199 |
+ |
200 |
+ #define MAX_PASSWD_TRIES 3 |
201 |
+ |
202 |
++#ifdef HAVE_NIS |
203 |
+ static char *getNISserver(pam_handle_t *pamh) |
204 |
+ { |
205 |
+ char *master; |
206 |
+@@ -132,6 +135,7 @@ static char *getNISserver(pam_handle_t * |
207 |
+ } |
208 |
+ return master; |
209 |
+ } |
210 |
++#endif |
211 |
+ |
212 |
+ #ifdef WITH_SELINUX |
213 |
+ |
214 |
+@@ -299,6 +303,7 @@ static int _do_setpass(pam_handle_t* pam |
215 |
+ goto done; |
216 |
+ } |
217 |
+ |
218 |
++#ifdef HAVE_NIS |
219 |
+ if (on(UNIX_NIS, ctrl) && _unix_comesfromsource(pamh, forwho, 0, 1)) { |
220 |
+ if ((master=getNISserver(pamh)) != NULL) { |
221 |
+ struct timeval timeout; |
222 |
+@@ -366,6 +371,7 @@ static int _do_setpass(pam_handle_t* pam |
223 |
+ retval = PAM_TRY_AGAIN; |
224 |
+ } |
225 |
+ } |
226 |
++#endif |
227 |
+ |
228 |
+ if (_unix_comesfromsource(pamh, forwho, 1, 0)) { |
229 |
+ if(unlocked) { |
230 |
+Index: Linux-PAM-1.0.2/modules/pam_unix/support.c |
231 |
+=================================================================== |
232 |
+--- Linux-PAM-1.0.2.orig/modules/pam_unix/support.c |
233 |
++++ Linux-PAM-1.0.2/modules/pam_unix/support.c |
234 |
+@@ -19,7 +19,9 @@ |
235 |
+ #include <ctype.h> |
236 |
+ #include <syslog.h> |
237 |
+ #include <sys/resource.h> |
238 |
++#ifdef HAVE_NIS |
239 |
+ #include <rpcsvc/ypclnt.h> |
240 |
++#endif |
241 |
+ |
242 |
+ #include <security/_pam_macros.h> |
243 |
+ #include <security/pam_modules.h> |
244 |
+@@ -263,6 +265,7 @@ int _unix_getpwnam(pam_handle_t *pamh, c |
245 |
+ } |
246 |
+ } |
247 |
+ |
248 |
++#ifdef HAVE_NIS |
249 |
+ if (!matched && nis) { |
250 |
+ char *userinfo = NULL, *domain = NULL; |
251 |
+ int len = 0, i; |
252 |
+@@ -281,6 +284,7 @@ int _unix_getpwnam(pam_handle_t *pamh, c |
253 |
+ } |
254 |
+ } |
255 |
+ } |
256 |
++#endif |
257 |
+ |
258 |
+ if (matched && (ret != NULL)) { |
259 |
+ *ret = NULL; |
260 |
+Index: Linux-PAM-1.0.2/modules/pam_group/pam_group.c |
261 |
+=================================================================== |
262 |
+--- Linux-PAM-1.0.2.orig/modules/pam_group/pam_group.c |
263 |
++++ Linux-PAM-1.0.2/modules/pam_group/pam_group.c |
264 |
+@@ -659,7 +659,11 @@ static int check_account(pam_handle_t *p |
265 |
+ } |
266 |
+ /* If buffer starts with @, we are using netgroups */ |
267 |
+ if (buffer[0] == '@') |
268 |
++#ifdef HAVE_NIS |
269 |
+ good &= innetgr (&buffer[1], NULL, user, NULL); |
270 |
++#else |
271 |
++ good = 0; |
272 |
++#endif |
273 |
+ else |
274 |
+ good &= logic_field(pamh,user, buffer, count, is_same); |
275 |
+ D(("with user: %s", good ? "passes":"fails" )); |
276 |
+Index: Linux-PAM-1.0.2/modules/pam_succeed_if/pam_succeed_if.c |
277 |
+=================================================================== |
278 |
+--- Linux-PAM-1.0.2.orig/modules/pam_succeed_if/pam_succeed_if.c |
279 |
++++ Linux-PAM-1.0.2/modules/pam_succeed_if/pam_succeed_if.c |
280 |
+@@ -229,6 +229,7 @@ evaluate_notingroup(pam_handle_t *pamh, |
281 |
+ return PAM_SUCCESS; |
282 |
+ return PAM_AUTH_ERR; |
283 |
+ } |
284 |
++#ifdef HAVE_NIS |
285 |
+ /* Return PAM_SUCCESS if the (host,user) is in the netgroup. */ |
286 |
+ static int |
287 |
+ evaluate_innetgr(const char *host, const char *user, const char *group) |
288 |
+@@ -245,6 +246,7 @@ evaluate_notinnetgr(const char *host, co |
289 |
+ return PAM_SUCCESS; |
290 |
+ return PAM_AUTH_ERR; |
291 |
+ } |
292 |
++#endif |
293 |
+ |
294 |
+ /* Match a triple. */ |
295 |
+ static int |
296 |
+@@ -356,6 +358,7 @@ evaluate(pam_handle_t *pamh, int debug, |
297 |
+ if (strcasecmp(qual, "notingroup") == 0) { |
298 |
+ return evaluate_notingroup(pamh, pwd->pw_name, right); |
299 |
+ } |
300 |
++#ifdef HAVE_NIS |
301 |
+ /* (Rhost, user) is in this netgroup. */ |
302 |
+ if (strcasecmp(qual, "innetgr") == 0) { |
303 |
+ const void *rhost; |
304 |
+@@ -370,6 +373,14 @@ evaluate(pam_handle_t *pamh, int debug, |
305 |
+ rhost = NULL; |
306 |
+ return evaluate_notinnetgr(rhost, pwd->pw_name, right); |
307 |
+ } |
308 |
++#else |
309 |
++ if (strcasecmp(qual, "innetgr") == 0 || |
310 |
++ strcasecmp(qual, "notinnetgr") == 0) { |
311 |
++ pam_syslog(pamh, LOG_CRIT, "option \"%s\" not supported as no NIS support is present", qual); |
312 |
++ return PAM_SERVICE_ERR; |
313 |
++ } |
314 |
++#endif |
315 |
++ |
316 |
+ /* Fail closed. */ |
317 |
+ return PAM_SERVICE_ERR; |
318 |
+ } |
319 |
+Index: Linux-PAM-1.0.2/modules/pam_time/pam_time.c |
320 |
+=================================================================== |
321 |
+--- Linux-PAM-1.0.2.orig/modules/pam_time/pam_time.c |
322 |
++++ Linux-PAM-1.0.2/modules/pam_time/pam_time.c |
323 |
+@@ -555,7 +555,11 @@ check_account(pam_handle_t *pamh, const |
324 |
+ } |
325 |
+ /* If buffer starts with @, we are using netgroups */ |
326 |
+ if (buffer[0] == '@') |
327 |
++#ifdef HAVE_NIS |
328 |
+ good &= innetgr (&buffer[1], NULL, user, NULL); |
329 |
++#else |
330 |
++ good = 0; |
331 |
++#endif |
332 |
+ else |
333 |
+ good &= logic_field(pamh, user, buffer, count, is_same); |
334 |
+ D(("with user: %s", good ? "passes":"fails" )); |
335 |
|
336 |
diff --git a/sys-libs/pam/files/Linux-PAM-1.0.4-cross-compile.patch b/sys-libs/pam/files/Linux-PAM-1.0.4-cross-compile.patch |
337 |
new file mode 100644 |
338 |
index 0000000..23a830b |
339 |
--- /dev/null |
340 |
+++ b/sys-libs/pam/files/Linux-PAM-1.0.4-cross-compile.patch |
341 |
@@ -0,0 +1,35 @@ |
342 |
+--- configure.in 2009-05-28 17:05:03.000000000 +0000 |
343 |
++++ configure.in.new 2009-05-28 17:05:25.000000000 +0000 |
344 |
+@@ -129,6 +129,21 @@ |
345 |
+ AC_C___ATTRIBUTE__ |
346 |
+ |
347 |
+ dnl |
348 |
++dnl Get the host compiler if cross-compiling |
349 |
++dnl |
350 |
++AM_CONDITIONAL(CROSS_COMPILING, [ test $cross_compiling = yes ]) |
351 |
++AC_MSG_CHECKING([for CC_FOR_BUILD]) |
352 |
++if test "x${CC_FOR_BUILD+set}" != "xset" ; then |
353 |
++ if test "x$cross_compiling" = "xyes" ; then |
354 |
++ CC_FOR_BUILD=${CC_FOR_BUILD-gcc} |
355 |
++ else |
356 |
++ CC_FOR_BUILD=${CC} |
357 |
++ fi |
358 |
++fi |
359 |
++AC_MSG_RESULT([$CC_FOR_BUILD]) |
360 |
++AC_SUBST(CC_FOR_BUILD) |
361 |
++ |
362 |
++dnl |
363 |
+ dnl Check if --version-script is supported by ld |
364 |
+ dnl |
365 |
+ AC_CACHE_CHECK(for .symver assembler directive, libc_cv_asm_symver_directive, |
366 |
+--- doc/specs/Makefile.am 2009-05-28 17:05:03.000000000 +0000 |
367 |
++++ doc/specs/Makefile.am.new 2009-05-28 17:06:06.000000000 +0000 |
368 |
+@@ -19,4 +19,8 @@ |
369 |
+ |
370 |
+ padout_LDADD = @LEXLIB@ |
371 |
+ |
372 |
++CC = @CC_FOR_BUILD@ |
373 |
++CFLAGS = |
374 |
++LDFLAGS = |
375 |
++ |
376 |
+ doc_DATA = draft-morgan-pam-current.txt rfc86.0.txt |
377 |
|
378 |
diff --git a/sys-libs/pam/files/Linux-PAM-1.0.4-fix-tests.patch b/sys-libs/pam/files/Linux-PAM-1.0.4-fix-tests.patch |
379 |
new file mode 100644 |
380 |
index 0000000..b705f36 |
381 |
--- /dev/null |
382 |
+++ b/sys-libs/pam/files/Linux-PAM-1.0.4-fix-tests.patch |
383 |
@@ -0,0 +1,13 @@ |
384 |
+Index: Linux-PAM-1.0.4/tests/tst-pam_mkargv.c |
385 |
+=================================================================== |
386 |
+--- Linux-PAM-1.0.4.orig/tests/tst-pam_mkargv.c |
387 |
++++ Linux-PAM-1.0.4/tests/tst-pam_mkargv.c |
388 |
+@@ -35,7 +35,7 @@ int main(void) |
389 |
+ printf ("\n"); |
390 |
+ #endif |
391 |
+ |
392 |
+- if (argvlen != 333) |
393 |
++ if (argvlen != ( 37 + ( 37 * sizeof(char*) ) )) |
394 |
+ return 1; |
395 |
+ |
396 |
+ if (myargc != 4) |
397 |
|
398 |
diff --git a/sys-libs/pam/files/Linux-PAM-1.1.0-debug.patch b/sys-libs/pam/files/Linux-PAM-1.1.0-debug.patch |
399 |
new file mode 100644 |
400 |
index 0000000..ec9f99b |
401 |
--- /dev/null |
402 |
+++ b/sys-libs/pam/files/Linux-PAM-1.1.0-debug.patch |
403 |
@@ -0,0 +1,13 @@ |
404 |
+Index: Linux-PAM-1.1.0/modules/pam_env/pam_env.c |
405 |
+=================================================================== |
406 |
+--- Linux-PAM-1.1.0.orig/modules/pam_env/pam_env.c |
407 |
++++ Linux-PAM-1.1.0/modules/pam_env/pam_env.c |
408 |
+@@ -120,7 +120,7 @@ _pam_parse (const pam_handle_t *pamh, in |
409 |
+ "user_envfile= specification missing argument - ignored"); |
410 |
+ } else { |
411 |
+ *user_envfile = 13+*argv; |
412 |
+- D(("new User Env File: %s", *user_env_file)); |
413 |
++ D(("new User Env File: %s", *user_envfile)); |
414 |
+ } |
415 |
+ } else if (!strncmp(*argv,"readenv=",8)) |
416 |
+ *readenv = atoi(8+*argv); |
417 |
|
418 |
diff --git a/sys-libs/pam/files/Linux-PAM-1.1.0-nonls.patch b/sys-libs/pam/files/Linux-PAM-1.1.0-nonls.patch |
419 |
new file mode 100644 |
420 |
index 0000000..d52b6a0 |
421 |
--- /dev/null |
422 |
+++ b/sys-libs/pam/files/Linux-PAM-1.1.0-nonls.patch |
423 |
@@ -0,0 +1,11 @@ |
424 |
+--- Linux-PAM-1.1.0/modules/pam_lastlog/pam_lastlog.c.orig |
425 |
++++ Linux-PAM-1.1.0/modules/pam_lastlog/pam_lastlog.c |
426 |
+@@ -471,7 +471,7 @@ last_login_failed(pam_handle_t *pamh, in |
427 |
+ failed), |
428 |
+ failed); |
429 |
+ #else |
430 |
+- if (daysleft == 1) |
431 |
++ if (failed == 1) |
432 |
+ retval = asprintf(&line, |
433 |
+ _("There was %d failed login attempt since the last successful login."), |
434 |
+ failed); |
435 |
|
436 |
diff --git a/sys-libs/pam/files/Linux-PAM-1.1.0-uclibc.patch b/sys-libs/pam/files/Linux-PAM-1.1.0-uclibc.patch |
437 |
new file mode 100644 |
438 |
index 0000000..6b8fa25 |
439 |
--- /dev/null |
440 |
+++ b/sys-libs/pam/files/Linux-PAM-1.1.0-uclibc.patch |
441 |
@@ -0,0 +1,82 @@ |
442 |
+Index: Linux-PAM-1.1.0/modules/pam_pwhistory/opasswd.c |
443 |
+=================================================================== |
444 |
+--- Linux-PAM-1.1.0.orig/modules/pam_pwhistory/opasswd.c |
445 |
++++ Linux-PAM-1.1.0/modules/pam_pwhistory/opasswd.c |
446 |
+@@ -94,6 +94,23 @@ parse_entry (char *line, opwd *data) |
447 |
+ return 0; |
448 |
+ } |
449 |
+ |
450 |
++static int |
451 |
++compare_password(const char *newpass, const char *oldpass) |
452 |
++{ |
453 |
++ char *outval; |
454 |
++#ifdef HAVE_CRYPT_R |
455 |
++ struct crypt_data output; |
456 |
++ |
457 |
++ output.initialized = 0; |
458 |
++ |
459 |
++ outval = crypt_r (newpass, oldpass, &output); |
460 |
++#else |
461 |
++ outval = crypt (newpass, oldpass); |
462 |
++#endif |
463 |
++ |
464 |
++ return strcmp(outval, oldpass) == 0; |
465 |
++} |
466 |
++ |
467 |
+ /* Check, if the new password is already in the opasswd file. */ |
468 |
+ int |
469 |
+ check_old_password (pam_handle_t *pamh, const char *user, |
470 |
+@@ -167,12 +184,9 @@ check_old_password (pam_handle_t *pamh, |
471 |
+ if (found) |
472 |
+ { |
473 |
+ const char delimiters[] = ","; |
474 |
+- struct crypt_data output; |
475 |
+ char *running; |
476 |
+ char *oldpass; |
477 |
+ |
478 |
+- memset (&output, 0, sizeof (output)); |
479 |
+- |
480 |
+ running = strdupa (entry.old_passwords); |
481 |
+ if (running == NULL) |
482 |
+ return PAM_BUF_ERR; |
483 |
+@@ -180,7 +194,7 @@ check_old_password (pam_handle_t *pamh, |
484 |
+ do { |
485 |
+ oldpass = strsep (&running, delimiters); |
486 |
+ if (oldpass && strlen (oldpass) > 0 && |
487 |
+- strcmp (crypt_r (newpass, oldpass, &output), oldpass) == 0) |
488 |
++ compare_password(newpass, oldpass) ) |
489 |
+ { |
490 |
+ if (debug) |
491 |
+ pam_syslog (pamh, LOG_DEBUG, "New password already used"); |
492 |
+Index: Linux-PAM-1.1.0/configure.in |
493 |
+=================================================================== |
494 |
+--- Linux-PAM-1.1.0.orig/configure.in |
495 |
++++ Linux-PAM-1.1.0/configure.in |
496 |
+@@ -458,7 +458,7 @@ AC_FUNC_MEMCMP |
497 |
+ AC_FUNC_VPRINTF |
498 |
+ AC_CHECK_FUNCS(fseeko gethostname gettimeofday lckpwdf mkdir select) |
499 |
+ AC_CHECK_FUNCS(strcspn strdup strspn strstr strtol uname) |
500 |
+-AC_CHECK_FUNCS(getpwnam_r getpwuid_r getgrnam_r getgrgid_r getspnam_r) |
501 |
++AC_CHECK_FUNCS(getutent_r getpwnam_r getpwuid_r getgrnam_r getgrgid_r getspnam_r) |
502 |
+ AC_CHECK_FUNCS(getgrouplist getline getdelim) |
503 |
+ AC_CHECK_FUNCS(inet_ntop inet_pton ruserok_af) |
504 |
+ |
505 |
+Index: Linux-PAM-1.1.0/modules/pam_timestamp/pam_timestamp.c |
506 |
+=================================================================== |
507 |
+--- Linux-PAM-1.1.0.orig/modules/pam_timestamp/pam_timestamp.c |
508 |
++++ Linux-PAM-1.1.0/modules/pam_timestamp/pam_timestamp.c |
509 |
+@@ -200,7 +200,13 @@ check_login_time(const char *ruser, time |
510 |
+ time_t oldest_login = 0; |
511 |
+ |
512 |
+ setutent(); |
513 |
+- while(!getutent_r(&utbuf, &ut)) { |
514 |
++ while( |
515 |
++#ifdef HAVE_GETUTENT_R |
516 |
++ !getutent_r(&utbuf, &ut) |
517 |
++#else |
518 |
++ (ut = getutent()) != NULL |
519 |
++#endif |
520 |
++ ) { |
521 |
+ if (ut->ut_type != USER_PROCESS) { |
522 |
+ continue; |
523 |
+ } |
524 |
|
525 |
diff --git a/sys-libs/pam/files/Linux-PAM-1.1.0-xcrypt.patch b/sys-libs/pam/files/Linux-PAM-1.1.0-xcrypt.patch |
526 |
new file mode 100644 |
527 |
index 0000000..4f4872d |
528 |
--- /dev/null |
529 |
+++ b/sys-libs/pam/files/Linux-PAM-1.1.0-xcrypt.patch |
530 |
@@ -0,0 +1,16 @@ |
531 |
+Index: Linux-PAM-1.1.1/configure.in |
532 |
+=================================================================== |
533 |
+--- Linux-PAM-1.1.1.orig/configure.in |
534 |
++++ Linux-PAM-1.1.1/configure.in |
535 |
+@@ -360,6 +360,10 @@ AC_SUBST(LIBAUDIT) |
536 |
+ AC_CHECK_HEADERS(xcrypt.h crypt.h) |
537 |
++AS_IF([test "x$ac_cv_header_xcrypt_h" = "xyes"], |
538 |
++ [crypt_libs="xcrypt crypt"], |
539 |
++ [crypt_libs="crypt"]) |
540 |
++ |
541 |
+ BACKUP_LIBS=$LIBS |
542 |
+-AC_SEARCH_LIBS([crypt],[xcrypt crypt], LIBCRYPT="-l$ac_lib", LIBCRYPT="") |
543 |
++AC_SEARCH_LIBS([crypt],[$crypt_libs], LIBCRYPT="-l$ac_lib", LIBCRYPT="") |
544 |
+ AC_CHECK_FUNCS(crypt_r crypt_gensalt_rn) |
545 |
+ LIBS=$BACKUP_LIBS |
546 |
+ AC_SUBST(LIBCRYPT) |
547 |
|
548 |
diff --git a/sys-libs/pam/files/Linux-PAM-1.1.1+berkdb-5.patch b/sys-libs/pam/files/Linux-PAM-1.1.1+berkdb-5.patch |
549 |
new file mode 100644 |
550 |
index 0000000..ece9211 |
551 |
--- /dev/null |
552 |
+++ b/sys-libs/pam/files/Linux-PAM-1.1.1+berkdb-5.patch |
553 |
@@ -0,0 +1,12 @@ |
554 |
+Index: Linux-PAM-1.1.1/modules/pam_userdb/pam_userdb.c |
555 |
+=================================================================== |
556 |
+--- Linux-PAM-1.1.1.orig/modules/pam_userdb/pam_userdb.c |
557 |
++++ Linux-PAM-1.1.1/modules/pam_userdb/pam_userdb.c |
558 |
+@@ -30,6 +30,7 @@ |
559 |
+ #else |
560 |
+ # ifdef HAVE_DB_H |
561 |
+ # define DB_DBM_HSEARCH 1 /* use the dbm interface */ |
562 |
++# define HAVE_DBM /* for BerkDB 5.0 and later */ |
563 |
+ # include <db.h> |
564 |
+ # else |
565 |
+ # error "failed to find a libdb or equivalent" |
566 |
|
567 |
diff --git a/sys-libs/pam/files/Linux-PAM-1.1.1-gentoodb.patch b/sys-libs/pam/files/Linux-PAM-1.1.1-gentoodb.patch |
568 |
new file mode 100644 |
569 |
index 0000000..0334496 |
570 |
--- /dev/null |
571 |
+++ b/sys-libs/pam/files/Linux-PAM-1.1.1-gentoodb.patch |
572 |
@@ -0,0 +1,20 @@ |
573 |
+Index: Linux-PAM-1.1.1/configure.in |
574 |
+=================================================================== |
575 |
+--- Linux-PAM-1.1.1.orig/configure.in |
576 |
++++ Linux-PAM-1.1.1/configure.in |
577 |
+@@ -389,10 +389,11 @@ AC_ARG_WITH([db-uniquename], |
578 |
+ AS_HELP_STRING([--with-db-uniquename=extension],[Unique name for db libraries and functions.])) |
579 |
+ if test x"$WITH_DB" != xno ; then |
580 |
+ if test x"$WITH_DB" = xyes -o x"$WITH_DB" = xdb ; then |
581 |
+- AC_CHECK_LIB([db$with_db_uniquename], [db_create$with_db_uniquename], LIBDB="-ldb$with_db_uniquename", LIBDB="") |
582 |
+- if test -z "$LIBDB" ; then |
583 |
+- AC_CHECK_LIB([db$with_db_uniquename], [dbm_store$with_db_uniquename], LIBDB="-ldb$with_db_uniquename", LIBDB="") |
584 |
+- fi |
585 |
++ old_libs=$LIBS |
586 |
++ LIBS="$LIBS -ldb$with_db_uniquename" |
587 |
++ AC_CHECK_FUNCS([db_create$with_db_uniquename db_create dbm_store$with_db_uniquename dbm_store], |
588 |
++ [LIBDB="-ldb$with_db_uniquename"; break]) |
589 |
++ LIBS=$old_libs |
590 |
+ fi |
591 |
+ if test -z "$LIBDB" ; then |
592 |
+ AC_CHECK_LIB([ndbm],[dbm_store], LIBDB="-lndbm", LIBDB="") |
593 |
|
594 |
diff --git a/sys-libs/pam/files/Linux-PAM-1.1.1-xcrypt.patch b/sys-libs/pam/files/Linux-PAM-1.1.1-xcrypt.patch |
595 |
new file mode 100644 |
596 |
index 0000000..f842da7 |
597 |
--- /dev/null |
598 |
+++ b/sys-libs/pam/files/Linux-PAM-1.1.1-xcrypt.patch |
599 |
@@ -0,0 +1,21 @@ |
600 |
+Index: Linux-PAM-1.1.1/configure.in |
601 |
+=================================================================== |
602 |
+--- Linux-PAM-1.1.1.orig/configure.in |
603 |
++++ Linux-PAM-1.1.1/configure.in |
604 |
+@@ -361,10 +361,14 @@ AM_CONDITIONAL([HAVE_AUDIT_TTY_STATUS], |
605 |
+ [test "x$HAVE_AUDIT_TTY_STATUS" = xyes]) |
606 |
+ |
607 |
+ AC_CHECK_HEADERS(xcrypt.h crypt.h) |
608 |
++AS_IF([test "x$ac_cv_header_xcrypt_h" = "xyes"], |
609 |
++ [crypt_libs="xcrypt crypt"], |
610 |
++ [crypt_libs="crypt"]) |
611 |
++ |
612 |
+ BACKUP_LIBS=$LIBS |
613 |
+-AC_SEARCH_LIBS([crypt],[xcrypt crypt], LIBCRYPT="-l$ac_lib", LIBCRYPT="") |
614 |
++AC_SEARCH_LIBS([crypt],[$crypt_libs], LIBCRYPT="-l$ac_lib", LIBCRYPT="") |
615 |
+ AC_CHECK_FUNCS(crypt_r crypt_gensalt_r) |
616 |
+-Libs=$BACKUP_LIBS |
617 |
++LIBS=$BACKUP_LIBS |
618 |
+ AC_SUBST(LIBCRYPT) |
619 |
+ if test "$LIBCRYPT" = "-lxcrypt" -a "$ac_cv_header_xcrypt_h" = "yes" ; then |
620 |
+ AC_DEFINE([HAVE_LIBXCRYPT], 1, [Define to 1 if xcrypt support should be compiled in.]) |
621 |
|
622 |
diff --git a/sys-libs/pam/files/other.pamd b/sys-libs/pam/files/other.pamd |
623 |
new file mode 100644 |
624 |
index 0000000..85ca04e |
625 |
--- /dev/null |
626 |
+++ b/sys-libs/pam/files/other.pamd |
627 |
@@ -0,0 +1,6 @@ |
628 |
+#%PAM-1.0 |
629 |
+ |
630 |
+auth required pam_deny.so |
631 |
+account required pam_deny.so |
632 |
+password required pam_deny.so |
633 |
+session required pam_deny.so |
634 |
|
635 |
diff --git a/sys-libs/pam/files/system-auth.pamd.epam b/sys-libs/pam/files/system-auth.pamd.epam |
636 |
new file mode 100644 |
637 |
index 0000000..bdee6f4 |
638 |
--- /dev/null |
639 |
+++ b/sys-libs/pam/files/system-auth.pamd.epam |
640 |
@@ -0,0 +1,15 @@ |
641 |
+#%PAM-1.0 |
642 |
+ |
643 |
+auth required pam_env.so |
644 |
+auth sufficient pam_unix.so try_first_pass likeauth nullok |
645 |
+auth required pam_deny.so |
646 |
+ |
647 |
+account required pam_unix.so |
648 |
+ |
649 |
+#%EPAM-Use-Flag:cracklib%#password required pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 try_first_pass retry=3 |
650 |
+#%EPAM-Use-Flag:cracklib%#password sufficient pam_unix.so try_first_pass use_authtok nullok md5 shadow |
651 |
+#%EPAM-Use-Flag:!cracklib%#password sufficient pam_unix.so try_first_pass nullok md5 shadow |
652 |
+password required pam_deny.so |
653 |
+ |
654 |
+session required pam_limits.so |
655 |
+session required pam_unix.so |
656 |
|
657 |
diff --git a/sys-libs/pam/metadata.xml b/sys-libs/pam/metadata.xml |
658 |
new file mode 100644 |
659 |
index 0000000..e5b58f5 |
660 |
--- /dev/null |
661 |
+++ b/sys-libs/pam/metadata.xml |
662 |
@@ -0,0 +1,29 @@ |
663 |
+<?xml version="1.0" encoding="UTF-8"?> |
664 |
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> |
665 |
+<pkgmetadata> |
666 |
+ <herd>pam</herd> |
667 |
+ <maintainer> |
668 |
+ <email>pam-bugs@g.o</email> |
669 |
+ </maintainer> |
670 |
+ <use> |
671 |
+ <flag name='audit'>Enable support for <pkg>sys-process/audit</pkg></flag> |
672 |
+ |
673 |
+ <flag name="berkdb"> |
674 |
+ Build the pam_userdb module, that allows to authenticate users |
675 |
+ against a Berkeley DB file. Please note that enabling this USE |
676 |
+ flag will create a PAM module that links to the Berkeley DB (as |
677 |
+ provided by <pkg>sys-libs/db</pkg>) installed in /usr/lib and |
678 |
+ will thus not work for boot-critical services authentication. |
679 |
+ </flag> |
680 |
+ |
681 |
+ <flag name="cracklib"> |
682 |
+ Build the pam_cracklib module, that allows to verify the chosen |
683 |
+ passwords' strength through the use of |
684 |
+ <pkg>sys-libs/cracklib</pkg>. Please note that simply enabling |
685 |
+ the USE flag on this package will not make use of pam_cracklib |
686 |
+ by default, you should also enable it in |
687 |
+ <pkg>sys-auth/pambase</pkg> as well as update your configuration |
688 |
+ files. |
689 |
+ </flag> |
690 |
+ </use> |
691 |
+</pkgmetadata> |
692 |
|
693 |
diff --git a/sys-libs/pam/pam-1.0.4.ebuild b/sys-libs/pam/pam-1.0.4.ebuild |
694 |
new file mode 100644 |
695 |
index 0000000..1632431 |
696 |
--- /dev/null |
697 |
+++ b/sys-libs/pam/pam-1.0.4.ebuild |
698 |
@@ -0,0 +1,188 @@ |
699 |
+# Copyright 1999-2009 Gentoo Foundation |
700 |
+# Distributed under the terms of the GNU General Public License v2 |
701 |
+# $Header: /var/cvsroot/gentoo-x86/sys-libs/pam/pam-1.0.4.ebuild,v 1.11 2009/03/27 17:08:40 armin76 Exp $ |
702 |
+ |
703 |
+WANT_AUTOCONF="latest" |
704 |
+WANT_AUTOMAKE="latest" |
705 |
+ |
706 |
+inherit libtool multilib eutils autotools pam toolchain-funcs flag-o-matic |
707 |
+ |
708 |
+MY_PN="Linux-PAM" |
709 |
+MY_P="${MY_PN}-${PV}" |
710 |
+ |
711 |
+HOMEPAGE="http://www.kernel.org/pub/linux/libs/pam/" |
712 |
+DESCRIPTION="Linux-PAM (Pluggable Authentication Modules)" |
713 |
+ |
714 |
+SRC_URI="mirror://kernel/linux/libs/pam/library/${MY_P}.tar.bz2" |
715 |
+ |
716 |
+LICENSE="|| ( BSD GPL-2 )" |
717 |
+SLOT="0" |
718 |
+KEYWORDS="~amd64 ~x86" |
719 |
+IUSE="cracklib nls elibc_FreeBSD selinux vim-syntax audit test elibc_glibc" |
720 |
+ |
721 |
+RDEPEND="nls? ( virtual/libintl ) |
722 |
+ cracklib? ( >=sys-libs/cracklib-2.8.3 ) |
723 |
+ audit? ( sys-process/audit ) |
724 |
+ selinux? ( >=sys-libs/libselinux-1.28 )" |
725 |
+DEPEND="${RDEPEND} |
726 |
+ sys-devel/flex |
727 |
+ test? ( elibc_glibc? ( >=sys-libs/glibc-2.4 ) ) |
728 |
+ nls? ( sys-devel/gettext )" |
729 |
+PDEPEND="sys-auth/pambase |
730 |
+ vim-syntax? ( app-vim/pam-syntax )" |
731 |
+ |
732 |
+S="${WORKDIR}/${MY_P}" |
733 |
+ |
734 |
+PROVIDE="virtual/pam" |
735 |
+ |
736 |
+check_old_modules() { |
737 |
+ local retval="0" |
738 |
+ |
739 |
+ if sed -e 's:#.*::' "${ROOT}"/etc/pam.d/* 2>/dev/null | fgrep -q pam_stack.so; then |
740 |
+ eerror "" |
741 |
+ eerror "Your current setup is using the pam_stack module." |
742 |
+ eerror "This module is deprecated and no longer supported, and since version" |
743 |
+ eerror "0.99 is no longer installed, nor provided by any other package." |
744 |
+ eerror "The package will be built (to allow binary package builds), but will" |
745 |
+ eerror "not be installed." |
746 |
+ eerror "Please replace pam_stack usage with proper include directive usage," |
747 |
+ eerror "following the PAM Upgrade guide at the following URL" |
748 |
+ eerror " http://www.gentoo.org/proj/en/base/pam/upgrade-0.99.xml" |
749 |
+ eerror "" |
750 |
+ ebeep 15 |
751 |
+ |
752 |
+ retval=1 |
753 |
+ fi |
754 |
+ |
755 |
+ if sed -e 's:#.*::' "${ROOT}"/etc/pam.d/* 2>/dev/null | egrep -q 'pam_(pwdb|timestamp|console)'; then |
756 |
+ eerror "" |
757 |
+ eerror "Your current setup is using one or more of the following modules," |
758 |
+ eerror "that are not built or supported anymore:" |
759 |
+ eerror "pam_pwdb, pam_timestamp, pam_console" |
760 |
+ eerror "If you are in real need for these modules, please contact the maintainers" |
761 |
+ eerror "of PAM through http://bugs.gentoo.org/ providing information about its" |
762 |
+ eerror "use cases." |
763 |
+ eerror "Please also make sure to read the PAM Upgrade guide at the following URL:" |
764 |
+ eerror " http://www.gentoo.org/proj/en/base/pam/upgrade-0.99.xml" |
765 |
+ eerror "" |
766 |
+ ebeep 10 |
767 |
+ |
768 |
+ retval=1 |
769 |
+ fi |
770 |
+ |
771 |
+ # Produce the warnings only during upgrade, for the following two |
772 |
+ has_version '<sys-libs/pam-0.99' || return $retval |
773 |
+ |
774 |
+ # This works only for those modules that are moved to sys-auth/$module, or the |
775 |
+ # message will be wrong. |
776 |
+ for module in pam_chroot pam_userdb pam_radius; do |
777 |
+ if sed -e 's:#.*::' "${ROOT}"/etc/pam.d/* 2>/dev/null | fgrep -q ${module}.so; then |
778 |
+ ewarn "" |
779 |
+ ewarn "Your current setup is using the ${module} module." |
780 |
+ ewarn "Since version 0.99, ${CATEGORY}/${PN} does not provide this module" |
781 |
+ ewarn "anymore; if you want to continue using this module, you should install" |
782 |
+ ewarn "sys-auth/${module}." |
783 |
+ ewarn "" |
784 |
+ ebeep 5 |
785 |
+ fi |
786 |
+ done |
787 |
+ |
788 |
+ return $retval |
789 |
+} |
790 |
+ |
791 |
+pkg_setup() { |
792 |
+ check_old_modules |
793 |
+} |
794 |
+ |
795 |
+src_unpack() { |
796 |
+ unpack ${A} |
797 |
+ cd "${S}" |
798 |
+ |
799 |
+ mkdir -p doc/txts |
800 |
+ for readme in modules/pam_*/README; do |
801 |
+ cp -f "${readme}" doc/txts/README.$(dirname "${readme}" | \ |
802 |
+ sed -e 's|^modules/||') |
803 |
+ done |
804 |
+ |
805 |
+ epatch "${FILESDIR}/${MY_PN}-0.99.7.0-disable-regenerate-man.patch" |
806 |
+ epatch "${FILESDIR}/${MY_PN}-0.99.8.1-xtests.patch" |
807 |
+ |
808 |
+ # Remove NIS dependencies, see bug #235431 |
809 |
+ epatch "${FILESDIR}/${MY_PN}-1.0.2-noyp.patch" |
810 |
+ |
811 |
+ # Fix building of doc/specs |
812 |
+ epatch "${FILESDIR}/${MY_PN}-1.0.4-cross-compile.patch" |
813 |
+ |
814 |
+ # Fix tests on systems where sizeof(void*) != 8 |
815 |
+ epatch "${FILESDIR}/${MY_PN}-1.0.4-fix-tests.patch" |
816 |
+ |
817 |
+ # Remove libtool-2 libtool macros, see bug 261167 |
818 |
+ rm m4/libtool.m4 m4/lt*.m4 || die "rm libtool macros failed." |
819 |
+ |
820 |
+ AT_M4DIR="m4" eautoreconf |
821 |
+ |
822 |
+ elibtoolize |
823 |
+} |
824 |
+ |
825 |
+src_compile() { |
826 |
+ local myconf |
827 |
+ |
828 |
+ if use hppa || use elibc_FreeBSD; then |
829 |
+ myconf="${myconf} --disable-pie" |
830 |
+ fi |
831 |
+ |
832 |
+ # KEEP COMMENTED OUT! It seems like it fails to build with USE=debug! |
833 |
+ # Do _not_ move this to $(use_enable) without checking if the |
834 |
+ # configure.in has been fixed. As of 2009/03/03 it's still broken |
835 |
+ # on upstream's CVS, and --disable-debug means --enable-debug too. |
836 |
+ # if use debug; then |
837 |
+ # myconf="${myconf} --enable-debug" |
838 |
+ # fi |
839 |
+ |
840 |
+ econf \ |
841 |
+ --libdir=/usr/$(get_libdir) \ |
842 |
+ --docdir=/usr/share/doc/${PF} \ |
843 |
+ --htmldir=/usr/share/doc/${PF}/html \ |
844 |
+ --enable-securedir=/$(get_libdir)/security \ |
845 |
+ --enable-isadir=/$(get_libdir)/security \ |
846 |
+ $(use_enable nls) \ |
847 |
+ $(use_enable selinux) \ |
848 |
+ $(use_enable cracklib) \ |
849 |
+ $(use_enable audit) \ |
850 |
+ --disable-db \ |
851 |
+ --disable-dependency-tracking \ |
852 |
+ --disable-prelude \ |
853 |
+ --disable-regenerate-man \ |
854 |
+ ${myconf} || die "econf failed" |
855 |
+ emake sepermitlockdir="/var/run/sepermit" || die "emake failed" |
856 |
+} |
857 |
+ |
858 |
+src_install() { |
859 |
+ emake DESTDIR="${D}" install \ |
860 |
+ sepermitlockdir="/var/run/sepermit" || die "make install failed" |
861 |
+ |
862 |
+ # Need to be suid |
863 |
+ fperms u+s /sbin/unix_chkpwd |
864 |
+ |
865 |
+ dodir /$(get_libdir) |
866 |
+ mv "${D}/usr/$(get_libdir)/libpam.so"* "${D}/$(get_libdir)/" |
867 |
+ mv "${D}/usr/$(get_libdir)/libpamc.so"* "${D}/$(get_libdir)/" |
868 |
+ mv "${D}/usr/$(get_libdir)/libpam_misc.so"* "${D}/$(get_libdir)/" |
869 |
+ gen_usr_ldscript libpam.so libpamc.so libpam_misc.so |
870 |
+ |
871 |
+ dodoc CHANGELOG ChangeLog README AUTHORS Copyright |
872 |
+ docinto modules ; dodoc doc/txts/README.* |
873 |
+ |
874 |
+ # Remove the wrongly installed manpages |
875 |
+ rm "${D}"/usr/share/man/man8/pam_userdb.8* |
876 |
+ use cracklib || rm "${D}"/usr/share/man/man8/pam_cracklib.8* |
877 |
+ |
878 |
+ # Get rid of the .la files. We certainly don't need them for PAM |
879 |
+ # modules, and libpam is installed as a shared object only, so we |
880 |
+ # don't ned them for static linking either. |
881 |
+ find "${D}" -name '*.la' -delete |
882 |
+} |
883 |
+ |
884 |
+pkg_preinst() { |
885 |
+ check_old_modules || die "deprecated PAM modules still used" |
886 |
+} |
887 |
|
888 |
diff --git a/sys-libs/pam/pam-1.1.0.ebuild b/sys-libs/pam/pam-1.1.0.ebuild |
889 |
new file mode 100644 |
890 |
index 0000000..8b1a1d2 |
891 |
--- /dev/null |
892 |
+++ b/sys-libs/pam/pam-1.1.0.ebuild |
893 |
@@ -0,0 +1,164 @@ |
894 |
+# Copyright 1999-2009 Gentoo Foundation |
895 |
+# Distributed under the terms of the GNU General Public License v2 |
896 |
+# $Header: /var/cvsroot/gentoo-x86/sys-libs/pam/pam-1.1.0.ebuild,v 1.5 2009/06/21 16:50:28 flameeyes Exp $ |
897 |
+ |
898 |
+inherit libtool multilib eutils autotools pam toolchain-funcs flag-o-matic |
899 |
+ |
900 |
+MY_PN="Linux-PAM" |
901 |
+MY_P="${MY_PN}-${PV}" |
902 |
+ |
903 |
+HOMEPAGE="http://www.kernel.org/pub/linux/libs/pam/" |
904 |
+DESCRIPTION="Linux-PAM (Pluggable Authentication Modules)" |
905 |
+ |
906 |
+SRC_URI="mirror://kernel/linux/libs/pam/library/${MY_P}.tar.bz2 |
907 |
+ mirror://kernel/linux/libs/pam/documentation/${MY_P}-docs.tar.bz2" |
908 |
+ |
909 |
+LICENSE="|| ( BSD GPL-2 )" |
910 |
+SLOT="0" |
911 |
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" |
912 |
+IUSE="cracklib nls elibc_FreeBSD selinux vim-syntax audit test elibc_glibc debug" |
913 |
+ |
914 |
+RDEPEND="nls? ( virtual/libintl ) |
915 |
+ cracklib? ( >=sys-libs/cracklib-2.8.3 ) |
916 |
+ audit? ( sys-process/audit ) |
917 |
+ selinux? ( >=sys-libs/libselinux-1.28 ) |
918 |
+ elibc_glibc? ( >=sys-libs/glibc-2.7 )" |
919 |
+DEPEND="${RDEPEND} |
920 |
+ sys-devel/flex |
921 |
+ nls? ( sys-devel/gettext )" |
922 |
+PDEPEND="sys-auth/pambase |
923 |
+ vim-syntax? ( app-vim/pam-syntax )" |
924 |
+ |
925 |
+S="${WORKDIR}/${MY_P}" |
926 |
+ |
927 |
+PROVIDE="virtual/pam" |
928 |
+ |
929 |
+check_old_modules() { |
930 |
+ local retval="0" |
931 |
+ |
932 |
+ if sed -e 's:#.*::' "${ROOT}"/etc/pam.d/* 2>/dev/null | fgrep -q pam_stack.so; then |
933 |
+ eerror "" |
934 |
+ eerror "Your current setup is using the pam_stack module." |
935 |
+ eerror "This module is deprecated and no longer supported, and since version" |
936 |
+ eerror "0.99 is no longer installed, nor provided by any other package." |
937 |
+ eerror "The package will be built (to allow binary package builds), but will" |
938 |
+ eerror "not be installed." |
939 |
+ eerror "Please replace pam_stack usage with proper include directive usage," |
940 |
+ eerror "following the PAM Upgrade guide at the following URL" |
941 |
+ eerror " http://www.gentoo.org/proj/en/base/pam/upgrade-0.99.xml" |
942 |
+ eerror "" |
943 |
+ ebeep 15 |
944 |
+ |
945 |
+ retval=1 |
946 |
+ fi |
947 |
+ |
948 |
+ if sed -e 's:#.*::' "${ROOT}"/etc/pam.d/* 2>/dev/null | egrep -q 'pam_(pwdb|console)'; then |
949 |
+ eerror "" |
950 |
+ eerror "Your current setup is using one or more of the following modules," |
951 |
+ eerror "that are not built or supported anymore:" |
952 |
+ eerror "pam_pwdb, pam_console" |
953 |
+ eerror "If you are in real need for these modules, please contact the maintainers" |
954 |
+ eerror "of PAM through http://bugs.gentoo.org/ providing information about its" |
955 |
+ eerror "use cases." |
956 |
+ eerror "Please also make sure to read the PAM Upgrade guide at the following URL:" |
957 |
+ eerror " http://www.gentoo.org/proj/en/base/pam/upgrade-0.99.xml" |
958 |
+ eerror "" |
959 |
+ ebeep 10 |
960 |
+ |
961 |
+ retval=1 |
962 |
+ fi |
963 |
+ |
964 |
+ return $retval |
965 |
+} |
966 |
+ |
967 |
+pkg_setup() { |
968 |
+ check_old_modules |
969 |
+} |
970 |
+ |
971 |
+src_unpack() { |
972 |
+ unpack ${A} |
973 |
+ cd "${S}" |
974 |
+ |
975 |
+ # Avoid building xtests during "make all"; note that for what |
976 |
+ # we're concerned xtests are not even executed, so we should |
977 |
+ # probably use EXTRA_PROGRAMS. |
978 |
+ epatch "${FILESDIR}/${MY_PN}-0.99.8.1-xtests.patch" |
979 |
+ |
980 |
+ # Remove NIS dependencies, see bug #235431 |
981 |
+ epatch "${FILESDIR}/${MY_PN}-1.0.2-noyp.patch" |
982 |
+ |
983 |
+ # Fix building with debug USE flag enabled |
984 |
+ epatch "${FILESDIR}/${MY_PN}-1.1.0-debug.patch" |
985 |
+ |
986 |
+ # Fix building with nls USE flag disabled |
987 |
+ epatch "${FILESDIR}/${MY_PN}-1.1.0-nonls.patch" |
988 |
+ |
989 |
+ # Fix building of doc/specs |
990 |
+ epatch "${FILESDIR}/${MY_PN}-1.0.4-cross-compile.patch" |
991 |
+ |
992 |
+ # Remove libtool-2 libtool macros, see bug 261167 |
993 |
+ rm m4/libtool.m4 m4/lt*.m4 || die "rm libtool macros failed." |
994 |
+ |
995 |
+ AT_M4DIR="m4" eautoreconf |
996 |
+ |
997 |
+ elibtoolize |
998 |
+} |
999 |
+ |
1000 |
+src_compile() { |
1001 |
+ local myconf |
1002 |
+ |
1003 |
+ if use hppa || use elibc_FreeBSD; then |
1004 |
+ myconf="${myconf} --disable-pie" |
1005 |
+ fi |
1006 |
+ |
1007 |
+ econf \ |
1008 |
+ --libdir=/usr/$(get_libdir) \ |
1009 |
+ --docdir=/usr/share/doc/${PF} \ |
1010 |
+ --htmldir=/usr/share/doc/${PF}/html \ |
1011 |
+ --enable-securedir=/$(get_libdir)/security \ |
1012 |
+ --enable-isadir=/$(get_libdir)/security \ |
1013 |
+ $(use_enable nls) \ |
1014 |
+ $(use_enable selinux) \ |
1015 |
+ $(use_enable cracklib) \ |
1016 |
+ $(use_enable audit) \ |
1017 |
+ $(use_enable debug) \ |
1018 |
+ --disable-db \ |
1019 |
+ --disable-dependency-tracking \ |
1020 |
+ --disable-prelude \ |
1021 |
+ ${myconf} || die "econf failed" |
1022 |
+ emake sepermitlockdir="/var/run/sepermit" || die "emake failed" |
1023 |
+} |
1024 |
+ |
1025 |
+src_install() { |
1026 |
+ emake DESTDIR="${D}" install \ |
1027 |
+ sepermitlockdir="/var/run/sepermit" || die "make install failed" |
1028 |
+ |
1029 |
+ # Need to be suid |
1030 |
+ fperms u+s /sbin/unix_chkpwd |
1031 |
+ |
1032 |
+ dodir /$(get_libdir) |
1033 |
+ mv "${D}/usr/$(get_libdir)/libpam.so"* "${D}/$(get_libdir)/" |
1034 |
+ mv "${D}/usr/$(get_libdir)/libpamc.so"* "${D}/$(get_libdir)/" |
1035 |
+ mv "${D}/usr/$(get_libdir)/libpam_misc.so"* "${D}/$(get_libdir)/" |
1036 |
+ gen_usr_ldscript libpam.so libpamc.so libpam_misc.so |
1037 |
+ |
1038 |
+ dodoc CHANGELOG ChangeLog README AUTHORS Copyright NEWS || die |
1039 |
+ |
1040 |
+ docinto modules |
1041 |
+ for dir in modules/pam_*; do |
1042 |
+ newdoc "${dir}"/README README."$(basename "${dir}")" |
1043 |
+ done |
1044 |
+ |
1045 |
+ # Remove the wrongly installed manpages |
1046 |
+ rm "${D}"/usr/share/man/man8/pam_userdb.8* |
1047 |
+ use cracklib || rm "${D}"/usr/share/man/man8/pam_cracklib.8* |
1048 |
+ |
1049 |
+ # Get rid of the .la files. We certainly don't need them for PAM |
1050 |
+ # modules, and libpam is installed as a shared object only, so we |
1051 |
+ # don't ned them for static linking either. |
1052 |
+ find "${D}" -name '*.la' -delete |
1053 |
+} |
1054 |
+ |
1055 |
+pkg_preinst() { |
1056 |
+ check_old_modules || die "deprecated PAM modules still used" |
1057 |
+} |
1058 |
|
1059 |
diff --git a/sys-libs/pam/pam-1.1.1-r2.ebuild b/sys-libs/pam/pam-1.1.1-r2.ebuild |
1060 |
new file mode 100644 |
1061 |
index 0000000..d5f433e |
1062 |
--- /dev/null |
1063 |
+++ b/sys-libs/pam/pam-1.1.1-r2.ebuild |
1064 |
@@ -0,0 +1,186 @@ |
1065 |
+# Copyright 1999-2010 Gentoo Foundation |
1066 |
+# Distributed under the terms of the GNU General Public License v2 |
1067 |
+# $Header: /var/cvsroot/gentoo-x86/sys-libs/pam/pam-1.1.1-r2.ebuild,v 1.4 2010/05/22 09:09:08 jlec Exp $ |
1068 |
+ |
1069 |
+EAPI="3" |
1070 |
+ |
1071 |
+inherit libtool multilib eutils autotools pam toolchain-funcs flag-o-matic db-use |
1072 |
+ |
1073 |
+MY_PN="Linux-PAM" |
1074 |
+MY_P="${MY_PN}-${PV}" |
1075 |
+ |
1076 |
+HOMEPAGE="http://www.kernel.org/pub/linux/libs/pam/" |
1077 |
+DESCRIPTION="Linux-PAM (Pluggable Authentication Modules)" |
1078 |
+ |
1079 |
+SRC_URI="mirror://kernel/linux/libs/pam/library/${MY_P}.tar.bz2 |
1080 |
+ mirror://kernel/linux/libs/pam/documentation/${MY_P}-docs.tar.bz2" |
1081 |
+ |
1082 |
+LICENSE="|| ( BSD GPL-2 )" |
1083 |
+SLOT="0" |
1084 |
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-linux ~ia64-linux ~x86-linux" |
1085 |
+IUSE="cracklib nls elibc_FreeBSD selinux vim-syntax audit test elibc_glibc debug berkdb" |
1086 |
+ |
1087 |
+RDEPEND="nls? ( virtual/libintl ) |
1088 |
+ cracklib? ( >=sys-libs/cracklib-2.8.3 ) |
1089 |
+ audit? ( sys-process/audit ) |
1090 |
+ selinux? ( >=sys-libs/libselinux-1.28 ) |
1091 |
+ berkdb? ( sys-libs/db ) |
1092 |
+ elibc_glibc? ( >=sys-libs/glibc-2.7 )" |
1093 |
+DEPEND="${RDEPEND} |
1094 |
+ sys-devel/flex |
1095 |
+ nls? ( sys-devel/gettext )" |
1096 |
+PDEPEND="sys-auth/pambase |
1097 |
+ vim-syntax? ( app-vim/pam-syntax )" |
1098 |
+RDEPEND="${RDEPEND} |
1099 |
+ !sys-auth/pam_userdb" |
1100 |
+ |
1101 |
+S="${WORKDIR}/${MY_P}" |
1102 |
+ |
1103 |
+PROVIDE="virtual/pam" |
1104 |
+ |
1105 |
+check_old_modules() { |
1106 |
+ local retval="0" |
1107 |
+ |
1108 |
+ if sed -e 's:#.*::' "${EROOT}"/etc/pam.d/* 2>/dev/null | fgrep -q pam_stack.so; then |
1109 |
+ eerror "" |
1110 |
+ eerror "Your current setup is using the pam_stack module." |
1111 |
+ eerror "This module is deprecated and no longer supported, and since version" |
1112 |
+ eerror "0.99 is no longer installed, nor provided by any other package." |
1113 |
+ eerror "The package will be built (to allow binary package builds), but will" |
1114 |
+ eerror "not be installed." |
1115 |
+ eerror "Please replace pam_stack usage with proper include directive usage," |
1116 |
+ eerror "following the PAM Upgrade guide at the following URL" |
1117 |
+ eerror " http://www.gentoo.org/proj/en/base/pam/upgrade-0.99.xml" |
1118 |
+ eerror "" |
1119 |
+ |
1120 |
+ retval=1 |
1121 |
+ fi |
1122 |
+ |
1123 |
+ if sed -e 's:#.*::' "${EROOT}"/etc/pam.d/* 2>/dev/null | egrep -q 'pam_(pwdb|console)'; then |
1124 |
+ eerror "" |
1125 |
+ eerror "Your current setup is using one or more of the following modules," |
1126 |
+ eerror "that are not built or supported anymore:" |
1127 |
+ eerror "pam_pwdb, pam_console" |
1128 |
+ eerror "If you are in real need for these modules, please contact the maintainers" |
1129 |
+ eerror "of PAM through http://bugs.gentoo.org/ providing information about its" |
1130 |
+ eerror "use cases." |
1131 |
+ eerror "Please also make sure to read the PAM Upgrade guide at the following URL:" |
1132 |
+ eerror " http://www.gentoo.org/proj/en/base/pam/upgrade-0.99.xml" |
1133 |
+ eerror "" |
1134 |
+ |
1135 |
+ retval=1 |
1136 |
+ fi |
1137 |
+ |
1138 |
+ return $retval |
1139 |
+} |
1140 |
+ |
1141 |
+pkg_setup() { |
1142 |
+ check_old_modules |
1143 |
+} |
1144 |
+ |
1145 |
+src_prepare() { |
1146 |
+ # Avoid building xtests during "make all"; note that for what |
1147 |
+ # we're concerned xtests are not even executed, so we should |
1148 |
+ # probably use EXTRA_PROGRAMS. |
1149 |
+ epatch "${FILESDIR}/${MY_PN}-0.99.8.1-xtests.patch" |
1150 |
+ |
1151 |
+ # Fix building on uClibc; it is added since 1.1.1 but applies to |
1152 |
+ # 1.1.0 as well. |
1153 |
+ epatch "${FILESDIR}/${MY_PN}-1.1.0-uclibc.patch" |
1154 |
+ |
1155 |
+ # Fix tests to find Berkeley DB as installed by Gentoo (with a |
1156 |
+ # library suffix but no suffix on the ELF symbols). |
1157 |
+ epatch "${FILESDIR}/${MY_PN}-1.1.1-gentoodb.patch" |
1158 |
+ |
1159 |
+ # make it possible to skip libxcrypt detection if header is not |
1160 |
+ # found |
1161 |
+ epatch "${FILESDIR}/${MY_PN}-1.1.1-xcrypt.patch" |
1162 |
+ |
1163 |
+ # fix building with Berkeley DB 5.0 and later; now defining |
1164 |
+ # DB_DBM_HSEARCH is not enough; bug #319831 |
1165 |
+ epatch "${FILESDIR}/${MY_PN}-1.1.1+berkdb-5.patch" |
1166 |
+ |
1167 |
+ # Fix building of doc/specs |
1168 |
+ epatch "${FILESDIR}/${MY_PN}-1.0.4-cross-compile.patch" |
1169 |
+ |
1170 |
+ # Remove libtool-2 libtool macros, see bug 261167 |
1171 |
+ rm m4/libtool.m4 m4/lt*.m4 || die "rm libtool macros failed." |
1172 |
+ |
1173 |
+ eautoreconf |
1174 |
+ |
1175 |
+ elibtoolize |
1176 |
+} |
1177 |
+ |
1178 |
+src_configure() { |
1179 |
+ local myconf |
1180 |
+ |
1181 |
+ if use hppa || use elibc_FreeBSD; then |
1182 |
+ myconf="${myconf} --disable-pie" |
1183 |
+ fi |
1184 |
+ |
1185 |
+ # Disable automatic detection of libxcrypt; we _don't_ want the |
1186 |
+ # user to link libxcrypt in by default, since we won't track the |
1187 |
+ # dependency and allow to break PAM this way. |
1188 |
+ export ac_cv_header_xcrypt_h=no |
1189 |
+ |
1190 |
+ econf \ |
1191 |
+ --libdir="${EPREFIX}"/usr/$(get_libdir) \ |
1192 |
+ --docdir="${EPREFIX}"/usr/share/doc/${PF} \ |
1193 |
+ --htmldir="${EPREFIX}"/usr/share/doc/${PF}/html \ |
1194 |
+ --enable-securedir="${EPREFIX}"/$(get_libdir)/security \ |
1195 |
+ --enable-isadir="${EPREFIX}"/$(get_libdir)/security \ |
1196 |
+ $(use_enable nls) \ |
1197 |
+ $(use_enable selinux) \ |
1198 |
+ $(use_enable cracklib) \ |
1199 |
+ $(use_enable audit) \ |
1200 |
+ $(use_enable debug) \ |
1201 |
+ $(use_enable berkdb db) \ |
1202 |
+ --with-db-uniquename=-$(db_findver sys-libs/db) \ |
1203 |
+ --disable-dependency-tracking \ |
1204 |
+ --disable-prelude \ |
1205 |
+ ${myconf} |
1206 |
+} |
1207 |
+ |
1208 |
+src_compile() { |
1209 |
+ emake sepermitlockdir="${EPREFIX}/var/run/sepermit" || die "emake failed" |
1210 |
+} |
1211 |
+ |
1212 |
+src_test() { |
1213 |
+ # explicitly allow parallel-build during testing |
1214 |
+ emake sepermitlockdir="${EPREFIX}/var/run/sepermit" check || die "emake check failed" |
1215 |
+} |
1216 |
+ |
1217 |
+src_install() { |
1218 |
+ local lib |
1219 |
+ |
1220 |
+ emake DESTDIR="${D}" install \ |
1221 |
+ sepermitlockdir="${EPREFIX}/var/run/sepermit" || die "make install failed" |
1222 |
+ |
1223 |
+ # Need to be suid |
1224 |
+ fperms u+s /sbin/unix_chkpwd |
1225 |
+ |
1226 |
+ gen_usr_ldscript -a pam pamc pam_misc |
1227 |
+ |
1228 |
+ # create extra symlinks just in case something depends on them... |
1229 |
+ for lib in pam pamc pam_misc; do |
1230 |
+ if ! [[ -f "${ED}"/$(get_libdir)/lib${lib}$(get_libname) ]]; then |
1231 |
+ dosym lib${lib}$(get_libname 0) /$(get_libdir)/lib${lib}$(get_libname) |
1232 |
+ fi |
1233 |
+ done |
1234 |
+ |
1235 |
+ dodoc CHANGELOG ChangeLog README AUTHORS Copyright NEWS || die |
1236 |
+ |
1237 |
+ docinto modules |
1238 |
+ for dir in modules/pam_*; do |
1239 |
+ newdoc "${dir}"/README README."$(basename "${dir}")" |
1240 |
+ done |
1241 |
+ |
1242 |
+ # Get rid of the .la files. We certainly don't need them for PAM |
1243 |
+ # modules, and libpam is installed as a shared object only, so we |
1244 |
+ # don't ned them for static linking either. |
1245 |
+ find "${D}" -name '*.la' -delete |
1246 |
+} |
1247 |
+ |
1248 |
+pkg_preinst() { |
1249 |
+ check_old_modules || die "deprecated PAM modules still used" |
1250 |
+} |
1251 |
|
1252 |
diff --git a/sys-libs/pam/pam-1.1.2.ebuild b/sys-libs/pam/pam-1.1.2.ebuild |
1253 |
new file mode 100644 |
1254 |
index 0000000..90b6c6b |
1255 |
--- /dev/null |
1256 |
+++ b/sys-libs/pam/pam-1.1.2.ebuild |
1257 |
@@ -0,0 +1,192 @@ |
1258 |
+# Copyright 1999-2010 Gentoo Foundation |
1259 |
+# Distributed under the terms of the GNU General Public License v2 |
1260 |
+# $Header: /var/cvsroot/gentoo-x86/sys-libs/pam/pam-1.1.2.ebuild,v 1.1 2010/08/31 12:32:45 flameeyes Exp $ |
1261 |
+ |
1262 |
+EAPI="3" |
1263 |
+ |
1264 |
+inherit libtool multilib eutils autotools pam toolchain-funcs flag-o-matic db-use |
1265 |
+ |
1266 |
+MY_PN="Linux-PAM" |
1267 |
+MY_P="${MY_PN}-${PV}" |
1268 |
+ |
1269 |
+HOMEPAGE="http://www.kernel.org/pub/linux/libs/pam/" |
1270 |
+DESCRIPTION="Linux-PAM (Pluggable Authentication Modules)" |
1271 |
+ |
1272 |
+SRC_URI="mirror://kernel/linux/libs/pam/library/${MY_P}.tar.bz2 |
1273 |
+ mirror://kernel/linux/libs/pam/documentation/${MY_P}-docs.tar.bz2" |
1274 |
+ |
1275 |
+LICENSE="|| ( BSD GPL-2 )" |
1276 |
+SLOT="0" |
1277 |
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-linux ~ia64-linux ~x86-linux" |
1278 |
+IUSE="cracklib nls elibc_FreeBSD selinux vim-syntax audit test elibc_glibc debug berkdb" |
1279 |
+ |
1280 |
+RDEPEND="nls? ( virtual/libintl ) |
1281 |
+ cracklib? ( >=sys-libs/cracklib-2.8.3 ) |
1282 |
+ audit? ( sys-process/audit ) |
1283 |
+ selinux? ( >=sys-libs/libselinux-1.28 ) |
1284 |
+ berkdb? ( sys-libs/db ) |
1285 |
+ elibc_glibc? ( >=sys-libs/glibc-2.7 )" |
1286 |
+DEPEND="${RDEPEND} |
1287 |
+ sys-devel/flex |
1288 |
+ nls? ( sys-devel/gettext )" |
1289 |
+PDEPEND="sys-auth/pambase |
1290 |
+ vim-syntax? ( app-vim/pam-syntax )" |
1291 |
+RDEPEND="${RDEPEND} |
1292 |
+ !sys-auth/pam_userdb" |
1293 |
+ |
1294 |
+S="${WORKDIR}/${MY_P}" |
1295 |
+ |
1296 |
+PROVIDE="virtual/pam" |
1297 |
+ |
1298 |
+check_old_modules() { |
1299 |
+ local retval="0" |
1300 |
+ |
1301 |
+ if sed -e 's:#.*::' "${EROOT}"/etc/pam.d/* 2>/dev/null | fgrep -q pam_stack.so; then |
1302 |
+ eerror "" |
1303 |
+ eerror "Your current setup is using the pam_stack module." |
1304 |
+ eerror "This module is deprecated and no longer supported, and since version" |
1305 |
+ eerror "0.99 is no longer installed, nor provided by any other package." |
1306 |
+ eerror "The package will be built (to allow binary package builds), but will" |
1307 |
+ eerror "not be installed." |
1308 |
+ eerror "Please replace pam_stack usage with proper include directive usage," |
1309 |
+ eerror "following the PAM Upgrade guide at the following URL" |
1310 |
+ eerror " http://www.gentoo.org/proj/en/base/pam/upgrade-0.99.xml" |
1311 |
+ eerror "" |
1312 |
+ |
1313 |
+ retval=1 |
1314 |
+ fi |
1315 |
+ |
1316 |
+ if sed -e 's:#.*::' "${EROOT}"/etc/pam.d/* 2>/dev/null | egrep -q 'pam_(pwdb|console)'; then |
1317 |
+ eerror "" |
1318 |
+ eerror "Your current setup is using one or more of the following modules," |
1319 |
+ eerror "that are not built or supported anymore:" |
1320 |
+ eerror "pam_pwdb, pam_console" |
1321 |
+ eerror "If you are in real need for these modules, please contact the maintainers" |
1322 |
+ eerror "of PAM through http://bugs.gentoo.org/ providing information about its" |
1323 |
+ eerror "use cases." |
1324 |
+ eerror "Please also make sure to read the PAM Upgrade guide at the following URL:" |
1325 |
+ eerror " http://www.gentoo.org/proj/en/base/pam/upgrade-0.99.xml" |
1326 |
+ eerror "" |
1327 |
+ |
1328 |
+ retval=1 |
1329 |
+ fi |
1330 |
+ |
1331 |
+ return $retval |
1332 |
+} |
1333 |
+ |
1334 |
+pkg_setup() { |
1335 |
+ check_old_modules |
1336 |
+} |
1337 |
+ |
1338 |
+src_prepare() { |
1339 |
+ # Avoid building xtests during "make all"; note that for what |
1340 |
+ # we're concerned xtests are not even executed, so we should |
1341 |
+ # probably use EXTRA_PROGRAMS. |
1342 |
+ epatch "${FILESDIR}/${MY_PN}-0.99.8.1-xtests.patch" |
1343 |
+ |
1344 |
+ # Fix tests to find Berkeley DB as installed by Gentoo (with a |
1345 |
+ # library suffix but no suffix on the ELF symbols). |
1346 |
+ epatch "${FILESDIR}/${MY_PN}-1.1.1-gentoodb.patch" |
1347 |
+ |
1348 |
+ # Fix building of doc/specs, see bug 339174 |
1349 |
+ epatch "${FILESDIR}/${MY_PN}-1.0.4-cross-compile.patch" |
1350 |
+ |
1351 |
+ # Remove libtool-2 libtool macros, see bug 261167 |
1352 |
+ rm m4/libtool.m4 m4/lt*.m4 || die "rm libtool macros failed." |
1353 |
+ |
1354 |
+ eautoreconf |
1355 |
+ |
1356 |
+ elibtoolize |
1357 |
+} |
1358 |
+ |
1359 |
+src_configure() { |
1360 |
+ local myconf |
1361 |
+ |
1362 |
+ if use hppa || use elibc_FreeBSD; then |
1363 |
+ myconf="${myconf} --disable-pie" |
1364 |
+ fi |
1365 |
+ |
1366 |
+ # Disable automatic detection of libxcrypt; we _don't_ want the |
1367 |
+ # user to link libxcrypt in by default, since we won't track the |
1368 |
+ # dependency and allow to break PAM this way. |
1369 |
+ export ac_cv_header_xcrypt_h=no |
1370 |
+ |
1371 |
+ econf \ |
1372 |
+ --disable-dependency-tracking \ |
1373 |
+ --enable-fast-install \ |
1374 |
+ --libdir="${EPREFIX}"/usr/$(get_libdir) \ |
1375 |
+ --docdir="${EPREFIX}"/usr/share/doc/${PF} \ |
1376 |
+ --htmldir="${EPREFIX}"/usr/share/doc/${PF}/html \ |
1377 |
+ --enable-securedir="${EPREFIX}"/$(get_libdir)/security \ |
1378 |
+ --enable-isadir="${EPREFIX}"/$(get_libdir)/security \ |
1379 |
+ $(use_enable nls) \ |
1380 |
+ $(use_enable selinux) \ |
1381 |
+ $(use_enable cracklib) \ |
1382 |
+ $(use_enable audit) \ |
1383 |
+ $(use_enable debug) \ |
1384 |
+ $(use_enable berkdb db) \ |
1385 |
+ --with-db-uniquename=-$(db_findver sys-libs/db) \ |
1386 |
+ --disable-prelude \ |
1387 |
+ ${myconf} |
1388 |
+} |
1389 |
+ |
1390 |
+src_compile() { |
1391 |
+ emake sepermitlockdir="${EPREFIX}/var/run/sepermit" || die "emake failed" |
1392 |
+} |
1393 |
+ |
1394 |
+src_test() { |
1395 |
+ # explicitly allow parallel-build during testing |
1396 |
+ emake sepermitlockdir="${EPREFIX}/var/run/sepermit" check || die "emake check failed" |
1397 |
+} |
1398 |
+ |
1399 |
+src_install() { |
1400 |
+ local lib |
1401 |
+ |
1402 |
+ emake DESTDIR="${D}" install \ |
1403 |
+ sepermitlockdir="${EPREFIX}/var/run/sepermit" || die "make install failed" |
1404 |
+ |
1405 |
+ # Need to be suid |
1406 |
+ fperms u+s /sbin/unix_chkpwd |
1407 |
+ |
1408 |
+ gen_usr_ldscript -a pam pamc pam_misc |
1409 |
+ |
1410 |
+ # create extra symlinks just in case something depends on them... |
1411 |
+ for lib in pam pamc pam_misc; do |
1412 |
+ if ! [[ -f "${ED}"/$(get_libdir)/lib${lib}$(get_libname) ]]; then |
1413 |
+ dosym lib${lib}$(get_libname 0) /$(get_libdir)/lib${lib}$(get_libname) |
1414 |
+ fi |
1415 |
+ done |
1416 |
+ |
1417 |
+ dodoc CHANGELOG ChangeLog README AUTHORS Copyright NEWS || die |
1418 |
+ |
1419 |
+ docinto modules |
1420 |
+ for dir in modules/pam_*; do |
1421 |
+ newdoc "${dir}"/README README."$(basename "${dir}")" |
1422 |
+ done |
1423 |
+ |
1424 |
+ # Get rid of the .la files. We certainly don't need them for PAM |
1425 |
+ # modules, and libpam is installed as a shared object only, so we |
1426 |
+ # don't ned them for static linking either. |
1427 |
+ find "${D}" -name '*.la' -delete |
1428 |
+} |
1429 |
+ |
1430 |
+pkg_preinst() { |
1431 |
+ check_old_modules || die "deprecated PAM modules still used" |
1432 |
+} |
1433 |
+ |
1434 |
+pkg_postinst() { |
1435 |
+ ewarn "Some software with pre-loaded PAM libraries might experience" |
1436 |
+ ewarn "warnings or failures related to missing symbols and/or versions" |
1437 |
+ ewarn "after any update. While unfortunate this is a limit of the" |
1438 |
+ ewarn "implementation of PAM and the software, and it requires you to" |
1439 |
+ ewarn "restart the software manually after the update." |
1440 |
+ ewarn "" |
1441 |
+ ewarn "You can get a list of such software running a command like" |
1442 |
+ ewarn " lsof / | egrep 'DEL.*libpam\\.so'" |
1443 |
+ elog "" |
1444 |
+ elog "Because of a bug present up to version 1.1.1-r2, you might have" |
1445 |
+ elog "an executable /var/log/tallylog file. If it is so, you can safely" |
1446 |
+ elog "correct it by running the command" |
1447 |
+ elog " chmod -x /var/log/tallylog" |
1448 |
+ elog "" |
1449 |
+} |