1 |
commit: 8e54876e8e58c8672126959876d0bc21542f0671 |
2 |
Author: Mikle Kolyada <zlogene <AT> gentoo <DOT> org> |
3 |
AuthorDate: Thu Sep 17 21:13:17 2020 +0000 |
4 |
Commit: Mikle Kolyada <zlogene <AT> gentoo <DOT> org> |
5 |
CommitDate: Thu Sep 17 21:15:01 2020 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8e54876e |
7 |
|
8 |
sys-auth/pambase: Version bump (v20200917) |
9 |
|
10 |
* swith pam_passwdqc and pam_pwquality to its config files |
11 |
* add optional pam_pwhistory module |
12 |
|
13 |
Package-Manager: Portage-3.0.4, Repoman-3.0.1 |
14 |
Signed-off-by: Mikle Kolyada <zlogene <AT> gentoo.org> |
15 |
|
16 |
sys-auth/pambase/Manifest | 1 + |
17 |
sys-auth/pambase/metadata.xml | 15 +++-- |
18 |
sys-auth/pambase/pambase-20200917.ebuild | 99 ++++++++++++++++++++++++++++++++ |
19 |
3 files changed, 110 insertions(+), 5 deletions(-) |
20 |
|
21 |
diff --git a/sys-auth/pambase/Manifest b/sys-auth/pambase/Manifest |
22 |
index 5d95b8277c1..0ced4f4d7b6 100644 |
23 |
--- a/sys-auth/pambase/Manifest |
24 |
+++ b/sys-auth/pambase/Manifest |
25 |
@@ -1,2 +1,3 @@ |
26 |
DIST pambase-20200304.tar.gz 3466 BLAKE2B e4d406460d435403ed7a46d517f9006cacc54a94f5019a573c81b331731c88679ed6d388354b5946894bdfada556b4c73735c3f4de88fc7678cd831c68ab46c3 SHA512 c2a7f3fd143637fbdf5c0a3c58ba5a3c23c5e8adb1f057d02b4b9d64660435fc529031a0f710a9e5fc7091710f78dcb2f3e1ff48f033fb491ddd0399ef05b189 |
27 |
DIST pambase-20200817.tar.gz 3340 BLAKE2B 76a9afbf29ab9ee6f7d25943de8c7c7bdd3413ade64d7a7623d5aec297cd864c1696a6442179d8d7c52f4df00644d80486e0dc61255454aa72b18eb9ae901ed8 SHA512 5448335da1437776f6097e591a1bd52dc62fb1847622c19077f14cdf8a677bc916f220903e4c6e924d43360fec0010a23b9cdf62aeba2a617ef6208eac2438eb |
28 |
+DIST pambase-20200917.tar.gz 3342 BLAKE2B 4dde3a6a4a22f02464a2a703a2385038c53c05398904dc47431880a16d7dd1ba89c8f5fdf19a7d50406f2487f8bdf90264ca2941cc6a2ad9d404e89c3d73edca SHA512 0cae27f7cd7ef258771b61110ba3ce5a44a0f9d71030670b2a40aa47a609d30ae3e3d7bc0649dcce25a2cfe2e1259e6d9ff435118ab1d2db771a162898ab5143 |
29 |
|
30 |
diff --git a/sys-auth/pambase/metadata.xml b/sys-auth/pambase/metadata.xml |
31 |
index bb8fe728126..f64b1660560 100644 |
32 |
--- a/sys-auth/pambase/metadata.xml |
33 |
+++ b/sys-auth/pambase/metadata.xml |
34 |
@@ -39,6 +39,12 @@ |
35 |
or providing example passwords when changing your system password. |
36 |
It is used by default by OpenWall GNU/*/Linux and by FreeBSD. |
37 |
</flag> |
38 |
+ <flag name="pwhistory"> |
39 |
+ Enable pam_pwhistory module on system auth stack to save |
40 |
+ the last passwords for each user in order to force password |
41 |
+ change history and keep the user from alternating between |
42 |
+ the same password too frequently. |
43 |
+ </flag> |
44 |
<flag name="pwquality"> |
45 |
Enable pam_pwquality module on system auth stack for passwd |
46 |
quality validation. It is used be dafault by Fedora GNU/*/Linux. |
47 |
@@ -78,11 +84,10 @@ |
48 |
</flag> |
49 |
<flag name="minimal"> |
50 |
Disables the standard PAM modules that provide extra information |
51 |
- to users on login; this includes pam_tally (and pam_tally2 for |
52 |
- Linux PAM 1.1 and later), pam_lastlog, pam_motd and other |
53 |
- similar modules. This might not be a good idea on a multi-user |
54 |
- system but could reduce slightly the overhead on single-user |
55 |
- non-networked systems. |
56 |
+ to users on login; this includes pam_lastlog, pam_motd, pam_mail |
57 |
+ and other similar modules. This might not be a good idea on |
58 |
+ a multi-user system but could reduce slightly the overhead on |
59 |
+ single-user non-networked systems. |
60 |
</flag> |
61 |
<flag name="nullok"> |
62 |
Enable the nullok option with the pam_unix module. This allows |
63 |
|
64 |
diff --git a/sys-auth/pambase/pambase-20200917.ebuild b/sys-auth/pambase/pambase-20200917.ebuild |
65 |
new file mode 100644 |
66 |
index 00000000000..65f65bd0776 |
67 |
--- /dev/null |
68 |
+++ b/sys-auth/pambase/pambase-20200917.ebuild |
69 |
@@ -0,0 +1,99 @@ |
70 |
+# Copyright 1999-2020 Gentoo Authors |
71 |
+# Distributed under the terms of the GNU General Public License v2 |
72 |
+ |
73 |
+EAPI=7 |
74 |
+ |
75 |
+PYTHON_COMPAT=( python3_{7..9} ) |
76 |
+ |
77 |
+inherit pam python-any-r1 readme.gentoo-r1 |
78 |
+ |
79 |
+DESCRIPTION="PAM base configuration files" |
80 |
+HOMEPAGE="https://github.com/gentoo/pambase" |
81 |
+SRC_URI="https://github.com/gentoo/pambase/archive/${P}.tar.gz" |
82 |
+ |
83 |
+LICENSE="MIT" |
84 |
+SLOT="0" |
85 |
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux" |
86 |
+IUSE="caps debug elogind gnome-keyring minimal mktemp +nullok pam_krb5 pam_ssh +passwdqc pwhistory pwquality securetty selinux +sha512 systemd" |
87 |
+ |
88 |
+RESTRICT="binchecks" |
89 |
+ |
90 |
+REQUIRED_USE=" |
91 |
+ ?? ( elogind systemd ) |
92 |
+ ?? ( passwdqc pwquality ) |
93 |
+ pwhistory? ( || ( passwdqc pwquality ) ) |
94 |
+" |
95 |
+ |
96 |
+MIN_PAM_REQ=1.4.0 |
97 |
+ |
98 |
+RDEPEND=" |
99 |
+ >=sys-libs/pam-${MIN_PAM_REQ} |
100 |
+ elogind? ( sys-auth/elogind[pam] ) |
101 |
+ gnome-keyring? ( gnome-base/gnome-keyring[pam] ) |
102 |
+ mktemp? ( sys-auth/pam_mktemp ) |
103 |
+ pam_krb5? ( |
104 |
+ >=sys-libs/pam-${MIN_PAM_REQ} |
105 |
+ sys-auth/pam_krb5 |
106 |
+ ) |
107 |
+ caps? ( sys-libs/libcap[pam] ) |
108 |
+ pam_ssh? ( sys-auth/pam_ssh ) |
109 |
+ passwdqc? ( >=sys-auth/passwdqc-1.4.0-r1 ) |
110 |
+ pwquality? ( dev-libs/libpwquality[pam] ) |
111 |
+ selinux? ( sys-libs/pam[selinux] ) |
112 |
+ sha512? ( >=sys-libs/pam-${MIN_PAM_REQ} ) |
113 |
+ systemd? ( sys-apps/systemd[pam] ) |
114 |
+" |
115 |
+ |
116 |
+BDEPEND="$(python_gen_any_dep ' |
117 |
+ dev-python/jinja[${PYTHON_USEDEP}] |
118 |
+ ')" |
119 |
+ |
120 |
+python_check_deps() { |
121 |
+ has_version -b "dev-python/jinja[${PYTHON_USEDEP}]" |
122 |
+} |
123 |
+ |
124 |
+S="${WORKDIR}/${PN}-${P}" |
125 |
+ |
126 |
+src_configure() { |
127 |
+ ${EPYTHON} ./${PN}.py \ |
128 |
+ $(usex caps '--libcap' '') \ |
129 |
+ $(usex debug '--debug' '') \ |
130 |
+ $(usex elogind '--elogind' '') \ |
131 |
+ $(usex gnome-keyring '--gnome-keyring' '') \ |
132 |
+ $(usex minimal '--minimal' '') \ |
133 |
+ $(usex mktemp '--mktemp' '') \ |
134 |
+ $(usex nullok '--nullok' '') \ |
135 |
+ $(usex pam_krb5 '--krb5' '') \ |
136 |
+ $(usex pam_ssh '--pam-ssh' '') \ |
137 |
+ $(usex passwdqc '--passwdqc' '') \ |
138 |
+ $(usex pwhistory '--pwhistory' '') \ |
139 |
+ $(usex pwquality '--pwquality' '') \ |
140 |
+ $(usex securetty '--securetty' '') \ |
141 |
+ $(usex selinux '--selinux' '') \ |
142 |
+ $(usex sha512 '--sha512' '') \ |
143 |
+ $(usex systemd '--systemd' '') |
144 |
+} |
145 |
+ |
146 |
+src_test() { :; } |
147 |
+ |
148 |
+src_install() { |
149 |
+ local DOC_CONTENTS |
150 |
+ |
151 |
+ if use passwdqc; then |
152 |
+ DOC_CONTENTS="To amend the existing password policy please see the man 5 passwdqc.conf |
153 |
+ page and then edit the /etc/security/passwdqc.conf file" |
154 |
+ fi |
155 |
+ |
156 |
+ if use pwquality; then |
157 |
+ DOC_CONTENTS="To amend the existing password policy please see the man 5 pwquality.conf |
158 |
+ page and then edit the /etc/security/pwquality.conf file" |
159 |
+ fi |
160 |
+ |
161 |
+ readme.gentoo_create_doc |
162 |
+ |
163 |
+ dopamd -r stack/. |
164 |
+} |
165 |
+ |
166 |
+pkg_postinst() { |
167 |
+ readme.gentoo_print_elog |
168 |
+} |