[gentoo-commits] proj/kde:master commit in: sys-auth/pambase/files/, sys-auth/pambase/ - gentoo-commits

From:	Dennis Schridde <devurandom@×××.net>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] proj/kde:master commit in: sys-auth/pambase/files/, sys-auth/pambase/
Date:	Wed, 21 Nov 2012 14:00:39
Message-Id:	`1353505996.23983c0b56e5619339c85eff017db88536e980c0.devurandom@gentoo`

1

commit:     23983c0b56e5619339c85eff017db88536e980c0

2

Author:     Dennis Schridde <devurandom <AT> gmx <DOT> net>

3

AuthorDate: Wed Nov 21 13:53:16 2012 +0000

4

Commit:     Dennis Schridde <devurandom <AT> gmx <DOT> net>

5

CommitDate: Wed Nov 21 13:53:16 2012 +0000

6

URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/kde.git;a=commit;h=23983c0b

7

8

[sys-auth/pambase] Fix KDE autologin (bug #422495)

9

10

Was showing lastlog dialogue box on every login, delaying the time until the system becomes usable unnecessarily.

11

12

pam_lastlog is now silent by default and only for login shells it shows a message.

13

14

Thanks to Andrei Mihăilă and Egor Y. Egorov!

15

16

Bug: #422495

17

18

Package-Manager: portage-2.2.0_alpha142

19

20

---

21

 .../files/pambase-20120417-lastlog-silent.patch    |   20 ++++

22

 .../pambase/files/pambase-20120417-systemd.patch   |   29 ++++++

23

 sys-auth/pambase/metadata.xml                      |   84 ++++++++++++++++

24

 sys-auth/pambase/pambase-20120417-r2.ebuild        |  106 ++++++++++++++++++++

25

 4 files changed, 239 insertions(+), 0 deletions(-)

26

27

diff --git a/sys-auth/pambase/files/pambase-20120417-lastlog-silent.patch b/sys-auth/pambase/files/pambase-20120417-lastlog-silent.patch

28

new file mode 100644

29

index 0000000..79266a7

30

--- /dev/null

31

+++ b/sys-auth/pambase/files/pambase-20120417-lastlog-silent.patch

32

@@ -0,0 +1,20 @@

33

+--- pambase-20120417/login.in.orig	2012-11-21 14:31:49.031948988 +0100

34

++++ pambase-20120417/login.in	2012-11-21 14:32:41.172330601 +0100

35

+@@ -3,4 +3,6 @@

36

+

37

+ account    include	system-local-login

38

+ password   include	system-local-login

39

++

40

++session    optional pam_lastlog.so DEBUG

41

+ session    include	system-local-login

42

+--- pambase-20120417/system-login.in.orig	2012-11-21 14:31:42.232160039 +0100

43

++++ pambase-20120417/system-login.in	2012-11-21 14:35:20.738025880 +0100

44

+@@ -41,7 +41,7 @@

45

+ session		required	pam_env.so DEBUG

46

+ #endif

47

+ #if HAVE_LASTLOG

48

+-session		optional	pam_lastlog.so DEBUG

49

++session		optional	pam_lastlog.so silent DEBUG

50

+ #endif

51

+ session		include		system-auth

52

+ #if HAVE_CONSOLEKIT

53

54

diff --git a/sys-auth/pambase/files/pambase-20120417-systemd.patch b/sys-auth/pambase/files/pambase-20120417-systemd.patch

55

new file mode 100644

56

index 0000000..047fb41

57

--- /dev/null

58

+++ b/sys-auth/pambase/files/pambase-20120417-systemd.patch

59

@@ -0,0 +1,29 @@

60

+http://bugs.gentoo.org/372229

61

+

62

+--- Makefile

63

++++ Makefile

64

+@@ -28,6 +28,10 @@

65

+ PAMFLAGS += -DHAVE_CONSOLEKIT=1

66

+ endif

67

+

68

++ifeq "$(SYSTEMD)" "yes"

69

++PAMFLAGS += -DHAVE_SYSTEMD=1

70

++endif

71

++

72

+ ifeq "$(GNOME_KEYRING)" "yes"

73

+ PAMFLAGS += -DHAVE_GNOME_KEYRING=1

74

+ endif

75

+--- system-login.in

76

++++ system-login.in

77

+@@ -45,7 +45,10 @@

78

+ #endif

79

+ session		include		system-auth

80

+ #if HAVE_CONSOLEKIT

81

+-session		optional	pam_ck_connector.so nox11

82

++-session	optional	pam_ck_connector.so nox11

83

++#endif

84

++#if HAVE_SYSTEMD

85

++-session	optional	pam_systemd.so

86

+ #endif

87

+ #if HAVE_GNOME_KEYRING

88

+ session		optional	pam_gnome_keyring.so auto_start

89

90

diff --git a/sys-auth/pambase/metadata.xml b/sys-auth/pambase/metadata.xml

91

new file mode 100644

92

index 0000000..7a35775

93

--- /dev/null

94

+++ b/sys-auth/pambase/metadata.xml

95

@@ -0,0 +1,84 @@

96

+<?xml version="1.0" encoding="UTF-8"?>

97

+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">

98

+<pkgmetadata>

99

+  <herd>pam</herd>

100

+  <maintainer>

101

+    <email>pam-bugs@g.o</email>

102

+  </maintainer>

103

+  <use>

104

+    <flag name="cracklib">

105

+      Enable pam_cracklib module on system authentication stack. This

106

+      produces warnings when changing password to something easily

107

+      crackable. It requires the same USE flag to be enabled on

108

+      <pkg>sys-libs/pam</pkg> or system login might be impossible.

109

+    </flag>

110

+    <flag name="consolekit">

111

+      Enable pam_ck_connector module on local system logins. This

112

+      allows for console logins to make use of ConsoleKit

113

+      authorization.

114

+    </flag>

115

+    <flag name="systemd">

116

+      Use pam_systemd module to register user sessions in the systemd

117

+      control group hierarchy.

118

+    </flag>

119

+    <flag name="gnome-keyring">

120

+      Enable pam_gnome_keyring module on system login stack. This

121

+      enables proper Gnome Keyring access to logins, whether they are

122

+      done with the login shell, a Desktop Manager or a remote login

123

+      systems such as SSH.

124

+    </flag>

125

+    <flag name="debug">

126

+      Enable debug information logging on syslog(3) for all the

127

+      modules supporting this in the system authentication and system

128

+      login stacks.

129

+    </flag>

130

+    <flag name="passwdqc">

131

+      Enable pam_passwdqc module on system auth stack for password

132

+      quality validation. This is an alternative to pam_cracklib

133

+      producing warnings, rejecting or providing example passwords

134

+      when changing your system password. It is used by default by

135

+      OpenWall GNU/*/Linux and by FreeBSD.

136

+    </flag>

137

+    <flag name="mktemp">

138

+      Enable pam_mktemp module on system auth stack for session

139

+      handling. This module creates a private temporary directory for

140

+      the user, and sets TMP and TMPDIR accordingly.

141

+    </flag>

142

+    <flag name="pam_ssh">

143

+      Enable pam_ssh module on system auth stack for authentication

144

+      and session handling. This module will accept as password the

145

+      passphrase of a private SSH key (one of ~/.ssh/id_rsa,

146

+      ~/.ssh/id_dsa or ~/.ssh/identity), and will spawn an ssh-agent

147

+      instance to cache the open key.

148

+    </flag>

149

+    <flag name="sha512">

150

+      Switch Linux-PAM's pam_unix module to use sha512 for passwords

151

+      hashes rather than MD5. This option requires

152

+      <pkg>&gt;=sys-libs/pam-1.0.1</pkg> built against

153

+      <pkg>&gt;=sys-libs/glibc-2.7</pkg>, if it's built against an

154

+      earlier version, it will silently be ignored, and MD5 hashes

155

+      will be used. All the passwords changed after this USE flag is

156

+      enabled will be saved to the shadow file hashed using SHA512

157

+      function. The password previously saved will be left

158

+      untouched. Please note that while SHA512-hashed passwords will

159

+      still be recognised if the USE flag is removed, the shadow file

160

+      will not be compatible with systems using an earlier glibc

161

+      version.

162

+    </flag>

163

+    <flag name="pam_krb5">

164

+      Enable pam_krb5 module on system auth stack, as an alternative

165

+      to pam_unix. If Kerberos authentication succeed, only pam_unix

166

+      will be ignore, and all the other modules will proceed as usual,

167

+      including Gnome Keyring and other session modules. It requires

168

+      <pkg>sys-libs/pam</pkg> as PAM implementation.

169

+    </flag>

170

+    <flag name="minimal">

171

+      Disables the standard PAM modules that provide extra information

172

+      to users on login; this includes pam_tally (and pam_tally2 for

173

+      Linux PAM 1.1 and later), pam_lastlog, pam_motd and other

174

+      similar modules. This might not be a good idea on a multi-user

175

+      system but could reduce slightly the overhead on single-user

176

+      non-networked systems.

177

+    </flag>

178

+  </use>

179

+</pkgmetadata>

180

181

diff --git a/sys-auth/pambase/pambase-20120417-r2.ebuild b/sys-auth/pambase/pambase-20120417-r2.ebuild

182

new file mode 100644

183

index 0000000..2fe7d41

184

--- /dev/null

185

+++ b/sys-auth/pambase/pambase-20120417-r2.ebuild

186

@@ -0,0 +1,106 @@

187

+# Copyright 1999-2012 Gentoo Foundation

188

+# Distributed under the terms of the GNU General Public License v2

189

+# $Header: /var/cvsroot/gentoo-x86/sys-auth/pambase/pambase-20120417-r1.ebuild,v 1.1 2012/06/19 07:55:53 ssuominen Exp $

190

+

191

+EAPI=4

192

+inherit eutils

193

+

194

+DESCRIPTION="PAM base configuration files"

195

+HOMEPAGE="http://www.gentoo.org/proj/en/base/pam/"

196

+SRC_URI="http://dev.gentoo.org/~flameeyes/${PN}/${P}.tar.bz2

197

+	http://dev.gentoo.org/~phajdan.jr/${PN}/${P}.tar.bz2"

198

+

199

+LICENSE="GPL-2"

200

+SLOT="0"

201

+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 -sparc-fbsd -x86-fbsd ~x86-freebsd ~amd64-linux ~ia64-linux ~x86-linux"

202

+IUSE="consolekit cracklib debug gnome-keyring minimal mktemp pam_krb5 pam_ssh passwdqc selinux +sha512 systemd"

203

+

204

+RESTRICT=binchecks

205

+

206

+MIN_PAM_REQ=1.1.3

207

+

208

+RDEPEND="

209

+	|| (

210

+		>=sys-libs/pam-${MIN_PAM_REQ}

211

+		( sys-auth/openpam || ( sys-freebsd/freebsd-pam-modules sys-netbsd/netbsd-pam-modules ) )

212

+		)

213

+	consolekit? ( >=sys-auth/consolekit-0.4.5_p2012[pam] )

214

+	cracklib? ( >=sys-libs/pam-${MIN_PAM_REQ}[cracklib] )

215

+	gnome-keyring? ( >=gnome-base/gnome-keyring-2.32[pam] )

216

+	mktemp? ( sys-auth/pam_mktemp )

217

+	pam_krb5? (

218

+		>=sys-libs/pam-${MIN_PAM_REQ}

219

+		>=sys-auth/pam_krb5-4.3

220

+		)

221

+	pam_ssh? ( sys-auth/pam_ssh )

222

+	passwdqc? ( >=sys-auth/pam_passwdqc-1.0.4 )

223

+	selinux? ( >=sys-libs/pam-${MIN_PAM_REQ}[selinux] )

224

+	sha512? ( >=sys-libs/pam-${MIN_PAM_REQ} )

225

+	systemd? ( >=sys-apps/systemd-44-r1[pam] )

226

+	!<sys-apps/shadow-4.1.5-r1

227

+	!<sys-freebsd/freebsd-pam-modules-6.2-r1

228

+	!<sys-libs/pam-0.99.9.0-r1"

229

+DEPEND="app-portage/portage-utils"

230

+

231

+src_prepare() {

232

+	epatch "${FILESDIR}"/${P}-systemd.patch

233

+	epatch "${FILESDIR}"/${P}-lastlog-silent.patch

234

+}

235

+

236

+src_compile() {

237

+	local implementation=

238

+	local linux_pam_version=

239

+	if has_version sys-libs/pam; then

240

+		implementation=linux-pam

241

+		local ver_str=$(qatom `best_version sys-libs/pam` | cut -d ' ' -f 3)

242

+		linux_pam_version=$(printf "0x%02x%02x%02x" ${ver_str//\./ })

243

+	elif has_version sys-auth/openpam; then

244

+		implementation=openpam

245

+	else

246

+		die "PAM implementation not identified"

247

+	fi

248

+

249

+	use_var() {

250

+		local varname=$(echo $1 | tr [a-z] [A-Z])

251

+		local usename=${2-$(echo $1 | tr [A-Z] [a-z])}

252

+		local varvalue=$(usex $usename)

253

+		echo "${varname}=${varvalue}"

254

+	}

255

+

256

+	emake \

257

+		GIT=true \

258

+		$(use_var debug) \

259

+		$(use_var cracklib) \

260

+		$(use_var passwdqc) \

261

+		$(use_var consolekit) \

262

+		$(use_var systemd) \

263

+		$(use_var GNOME_KEYRING gnome-keyring) \

264

+		$(use_var selinux) \

265

+		$(use_var mktemp) \

266

+		$(use_var PAM_SSH pam_ssh) \

267

+		$(use_var sha512) \

268

+		$(use_var KRB5 pam_krb5) \

269

+		$(use_var minimal) \

270

+		IMPLEMENTATION=${implementation} \

271

+		LINUX_PAM_VERSION=${linux_pam_version}

272

+}

273

+

274

+src_test() { :; }

275

+

276

+src_install() {

277

+	emake GIT=true DESTDIR="${ED}" install

278

+}

279

+

280

+pkg_postinst() {

281

+	if use sha512; then

282

+		elog "Starting from version 20080801, pambase optionally enables"

283

+		elog "SHA512-hashed passwords. For this to work, you need sys-libs/pam-1.0.1"

284

+		elog "built against sys-libs/glibc-2.7 or later."

285

+		elog "If you don't have support for this, it will automatically fallback"

286

+		elog "to MD5-hashed passwords, just like before."

287

+		elog

288

+		elog "Please note that the change only affects the newly-changed passwords"

289

+		elog "and that SHA512-hashed passwords will not work on earlier versions"

290

+		elog "of glibc or Linux-PAM."

291

+	fi

292

+}

1	commit: 23983c0b56e5619339c85eff017db88536e980c0
2	Author: Dennis Schridde <devurandom <AT> gmx <DOT> net>
3	AuthorDate: Wed Nov 21 13:53:16 2012 +0000
4	Commit: Dennis Schridde <devurandom <AT> gmx <DOT> net>
5	CommitDate: Wed Nov 21 13:53:16 2012 +0000
6	URL: http://git.overlays.gentoo.org/gitweb/?p=proj/kde.git;a=commit;h=23983c0b
7
8	[sys-auth/pambase] Fix KDE autologin (bug #422495)
9
10	Was showing lastlog dialogue box on every login, delaying the time until the system becomes usable unnecessarily.
11
12	pam_lastlog is now silent by default and only for login shells it shows a message.
13
14	Thanks to Andrei Mihăilă and Egor Y. Egorov!
15
16	Bug: #422495
17
18	Package-Manager: portage-2.2.0_alpha142
19
20	---
21	.../files/pambase-20120417-lastlog-silent.patch \| 20 ++++
22	.../pambase/files/pambase-20120417-systemd.patch \| 29 ++++++
23	sys-auth/pambase/metadata.xml \| 84 ++++++++++++++++
24	sys-auth/pambase/pambase-20120417-r2.ebuild \| 106 ++++++++++++++++++++
25	4 files changed, 239 insertions(+), 0 deletions(-)
26
27	diff --git a/sys-auth/pambase/files/pambase-20120417-lastlog-silent.patch b/sys-auth/pambase/files/pambase-20120417-lastlog-silent.patch
28	new file mode 100644
29	index 0000000..79266a7
30	--- /dev/null
31	+++ b/sys-auth/pambase/files/pambase-20120417-lastlog-silent.patch
32	@@ -0,0 +1,20 @@
33	+--- pambase-20120417/login.in.orig 2012-11-21 14:31:49.031948988 +0100
34	++++ pambase-20120417/login.in 2012-11-21 14:32:41.172330601 +0100
35	+@@ -3,4 +3,6 @@
36	+
37	+ account include system-local-login
38	+ password include system-local-login
39	++
40	++session optional pam_lastlog.so DEBUG
41	+ session include system-local-login
42	+--- pambase-20120417/system-login.in.orig 2012-11-21 14:31:42.232160039 +0100
43	++++ pambase-20120417/system-login.in 2012-11-21 14:35:20.738025880 +0100
44	+@@ -41,7 +41,7 @@
45	+ session required pam_env.so DEBUG
46	+ #endif
47	+ #if HAVE_LASTLOG
48	+-session optional pam_lastlog.so DEBUG
49	++session optional pam_lastlog.so silent DEBUG
50	+ #endif
51	+ session include system-auth
52	+ #if HAVE_CONSOLEKIT
53
54	diff --git a/sys-auth/pambase/files/pambase-20120417-systemd.patch b/sys-auth/pambase/files/pambase-20120417-systemd.patch
55	new file mode 100644
56	index 0000000..047fb41
57	--- /dev/null
58	+++ b/sys-auth/pambase/files/pambase-20120417-systemd.patch
59	@@ -0,0 +1,29 @@
60	+http://bugs.gentoo.org/372229
61	+
62	+--- Makefile
63	++++ Makefile
64	+@@ -28,6 +28,10 @@
65	+ PAMFLAGS += -DHAVE_CONSOLEKIT=1
66	+ endif
67	+
68	++ifeq "$(SYSTEMD)" "yes"
69	++PAMFLAGS += -DHAVE_SYSTEMD=1
70	++endif
71	++
72	+ ifeq "$(GNOME_KEYRING)" "yes"
73	+ PAMFLAGS += -DHAVE_GNOME_KEYRING=1
74	+ endif
75	+--- system-login.in
76	++++ system-login.in
77	+@@ -45,7 +45,10 @@
78	+ #endif
79	+ session include system-auth
80	+ #if HAVE_CONSOLEKIT
81	+-session optional pam_ck_connector.so nox11
82	++-session optional pam_ck_connector.so nox11
83	++#endif
84	++#if HAVE_SYSTEMD
85	++-session optional pam_systemd.so
86	+ #endif
87	+ #if HAVE_GNOME_KEYRING
88	+ session optional pam_gnome_keyring.so auto_start
89
90	diff --git a/sys-auth/pambase/metadata.xml b/sys-auth/pambase/metadata.xml
91	new file mode 100644
92	index 0000000..7a35775
93	--- /dev/null
94	+++ b/sys-auth/pambase/metadata.xml
95	@@ -0,0 +1,84 @@
96	+<?xml version="1.0" encoding="UTF-8"?>
97	+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
98	+<pkgmetadata>
99	+ <herd>pam</herd>
100	+ <maintainer>
101	+ <email>pam-bugs@g.o</email>
102	+ </maintainer>
103	+ <use>
104	+ <flag name="cracklib">
105	+ Enable pam_cracklib module on system authentication stack. This
106	+ produces warnings when changing password to something easily
107	+ crackable. It requires the same USE flag to be enabled on
108	+ <pkg>sys-libs/pam</pkg> or system login might be impossible.
109	+ </flag>
110	+ <flag name="consolekit">
111	+ Enable pam_ck_connector module on local system logins. This
112	+ allows for console logins to make use of ConsoleKit
113	+ authorization.
114	+ </flag>
115	+ <flag name="systemd">
116	+ Use pam_systemd module to register user sessions in the systemd
117	+ control group hierarchy.
118	+ </flag>
119	+ <flag name="gnome-keyring">
120	+ Enable pam_gnome_keyring module on system login stack. This
121	+ enables proper Gnome Keyring access to logins, whether they are
122	+ done with the login shell, a Desktop Manager or a remote login
123	+ systems such as SSH.
124	+ </flag>
125	+ <flag name="debug">
126	+ Enable debug information logging on syslog(3) for all the
127	+ modules supporting this in the system authentication and system
128	+ login stacks.
129	+ </flag>
130	+ <flag name="passwdqc">
131	+ Enable pam_passwdqc module on system auth stack for password
132	+ quality validation. This is an alternative to pam_cracklib
133	+ producing warnings, rejecting or providing example passwords
134	+ when changing your system password. It is used by default by
135	+ OpenWall GNU/*/Linux and by FreeBSD.
136	+ </flag>
137	+ <flag name="mktemp">
138	+ Enable pam_mktemp module on system auth stack for session
139	+ handling. This module creates a private temporary directory for
140	+ the user, and sets TMP and TMPDIR accordingly.
141	+ </flag>
142	+ <flag name="pam_ssh">
143	+ Enable pam_ssh module on system auth stack for authentication
144	+ and session handling. This module will accept as password the
145	+ passphrase of a private SSH key (one of ~/.ssh/id_rsa,
146	+ ~/.ssh/id_dsa or ~/.ssh/identity), and will spawn an ssh-agent
147	+ instance to cache the open key.
148	+ </flag>
149	+ <flag name="sha512">
150	+ Switch Linux-PAM's pam_unix module to use sha512 for passwords
151	+ hashes rather than MD5. This option requires
152	+ <pkg>>=sys-libs/pam-1.0.1</pkg> built against
153	+ <pkg>>=sys-libs/glibc-2.7</pkg>, if it's built against an
154	+ earlier version, it will silently be ignored, and MD5 hashes
155	+ will be used. All the passwords changed after this USE flag is
156	+ enabled will be saved to the shadow file hashed using SHA512
157	+ function. The password previously saved will be left
158	+ untouched. Please note that while SHA512-hashed passwords will
159	+ still be recognised if the USE flag is removed, the shadow file
160	+ will not be compatible with systems using an earlier glibc
161	+ version.
162	+ </flag>
163	+ <flag name="pam_krb5">
164	+ Enable pam_krb5 module on system auth stack, as an alternative
165	+ to pam_unix. If Kerberos authentication succeed, only pam_unix
166	+ will be ignore, and all the other modules will proceed as usual,
167	+ including Gnome Keyring and other session modules. It requires
168	+ <pkg>sys-libs/pam</pkg> as PAM implementation.
169	+ </flag>
170	+ <flag name="minimal">
171	+ Disables the standard PAM modules that provide extra information
172	+ to users on login; this includes pam_tally (and pam_tally2 for
173	+ Linux PAM 1.1 and later), pam_lastlog, pam_motd and other
174	+ similar modules. This might not be a good idea on a multi-user
175	+ system but could reduce slightly the overhead on single-user
176	+ non-networked systems.
177	+ </flag>
178	+ </use>
179	+</pkgmetadata>
180
181	diff --git a/sys-auth/pambase/pambase-20120417-r2.ebuild b/sys-auth/pambase/pambase-20120417-r2.ebuild
182	new file mode 100644
183	index 0000000..2fe7d41
184	--- /dev/null
185	+++ b/sys-auth/pambase/pambase-20120417-r2.ebuild
186	@@ -0,0 +1,106 @@
187	+# Copyright 1999-2012 Gentoo Foundation
188	+# Distributed under the terms of the GNU General Public License v2
189	+# $Header: /var/cvsroot/gentoo-x86/sys-auth/pambase/pambase-20120417-r1.ebuild,v 1.1 2012/06/19 07:55:53 ssuominen Exp $
190	+
191	+EAPI=4
192	+inherit eutils
193	+
194	+DESCRIPTION="PAM base configuration files"
195	+HOMEPAGE="http://www.gentoo.org/proj/en/base/pam/"
196	+SRC_URI="http://dev.gentoo.org/~flameeyes/${PN}/${P}.tar.bz2
197	+ http://dev.gentoo.org/~phajdan.jr/${PN}/${P}.tar.bz2"
198	+
199	+LICENSE="GPL-2"
200	+SLOT="0"
201	+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 -sparc-fbsd -x86-fbsd ~x86-freebsd ~amd64-linux ~ia64-linux ~x86-linux"
202	+IUSE="consolekit cracklib debug gnome-keyring minimal mktemp pam_krb5 pam_ssh passwdqc selinux +sha512 systemd"
203	+
204	+RESTRICT=binchecks
205	+
206	+MIN_PAM_REQ=1.1.3
207	+
208	+RDEPEND="
209	+ \|\| (
210	+ >=sys-libs/pam-${MIN_PAM_REQ}
211	+ ( sys-auth/openpam \|\| ( sys-freebsd/freebsd-pam-modules sys-netbsd/netbsd-pam-modules ) )
212	+ )
213	+ consolekit? ( >=sys-auth/consolekit-0.4.5_p2012[pam] )
214	+ cracklib? ( >=sys-libs/pam-${MIN_PAM_REQ}[cracklib] )
215	+ gnome-keyring? ( >=gnome-base/gnome-keyring-2.32[pam] )
216	+ mktemp? ( sys-auth/pam_mktemp )
217	+ pam_krb5? (
218	+ >=sys-libs/pam-${MIN_PAM_REQ}
219	+ >=sys-auth/pam_krb5-4.3
220	+ )
221	+ pam_ssh? ( sys-auth/pam_ssh )
222	+ passwdqc? ( >=sys-auth/pam_passwdqc-1.0.4 )
223	+ selinux? ( >=sys-libs/pam-${MIN_PAM_REQ}[selinux] )
224	+ sha512? ( >=sys-libs/pam-${MIN_PAM_REQ} )
225	+ systemd? ( >=sys-apps/systemd-44-r1[pam] )
226	+ !<sys-apps/shadow-4.1.5-r1
227	+ !<sys-freebsd/freebsd-pam-modules-6.2-r1
228	+ !<sys-libs/pam-0.99.9.0-r1"
229	+DEPEND="app-portage/portage-utils"
230	+
231	+src_prepare() {
232	+ epatch "${FILESDIR}"/${P}-systemd.patch
233	+ epatch "${FILESDIR}"/${P}-lastlog-silent.patch
234	+}
235	+
236	+src_compile() {
237	+ local implementation=
238	+ local linux_pam_version=
239	+ if has_version sys-libs/pam; then
240	+ implementation=linux-pam
241	+ local ver_str=$(qatom `best_version sys-libs/pam` \| cut -d ' ' -f 3)
242	+ linux_pam_version=$(printf "0x%02x%02x%02x" ${ver_str//\./ })
243	+ elif has_version sys-auth/openpam; then
244	+ implementation=openpam
245	+ else
246	+ die "PAM implementation not identified"
247	+ fi
248	+
249	+ use_var() {
250	+ local varname=$(echo $1 \| tr [a-z] [A-Z])
251	+ local usename=${2-$(echo $1 \| tr [A-Z] [a-z])}
252	+ local varvalue=$(usex $usename)
253	+ echo "${varname}=${varvalue}"
254	+ }
255	+
256	+ emake \
257	+ GIT=true \
258	+ $(use_var debug) \
259	+ $(use_var cracklib) \
260	+ $(use_var passwdqc) \
261	+ $(use_var consolekit) \
262	+ $(use_var systemd) \
263	+ $(use_var GNOME_KEYRING gnome-keyring) \
264	+ $(use_var selinux) \
265	+ $(use_var mktemp) \
266	+ $(use_var PAM_SSH pam_ssh) \
267	+ $(use_var sha512) \
268	+ $(use_var KRB5 pam_krb5) \
269	+ $(use_var minimal) \
270	+ IMPLEMENTATION=${implementation} \
271	+ LINUX_PAM_VERSION=${linux_pam_version}
272	+}
273	+
274	+src_test() { :; }
275	+
276	+src_install() {
277	+ emake GIT=true DESTDIR="${ED}" install
278	+}
279	+
280	+pkg_postinst() {
281	+ if use sha512; then
282	+ elog "Starting from version 20080801, pambase optionally enables"
283	+ elog "SHA512-hashed passwords. For this to work, you need sys-libs/pam-1.0.1"
284	+ elog "built against sys-libs/glibc-2.7 or later."
285	+ elog "If you don't have support for this, it will automatically fallback"
286	+ elog "to MD5-hashed passwords, just like before."
287	+ elog
288	+ elog "Please note that the change only affects the newly-changed passwords"
289	+ elog "and that SHA512-hashed passwords will not work on earlier versions"
290	+ elog "of glibc or Linux-PAM."
291	+ fi
292	+}

Gentoo Archives: gentoo-commits