1 |
flameeyes 10/10/30 16:22:53 |
2 |
|
3 |
Modified: metadata.xml ChangeLog |
4 |
Added: pam_pkcs11-0.6.5-r1.ebuild |
5 |
Removed: pam_pkcs11-0.6.5.ebuild pam_pkcs11-0.6.4.ebuild |
6 |
Log: |
7 |
Revision bump to fix config file; also add OpenSC to the dependencies (since it's always used), add an nss USE flag to use nss as upstream allows (but make sure to have a compatible curl if requested). Update metadata to add pam to the list of maintainers and to update the documentation of pcsc-lite USE flag (now enabled by default). |
8 |
|
9 |
(Portage version: 2.2.0_alpha2/cvs/Linux x86_64) |
10 |
|
11 |
Revision Changes Path |
12 |
1.3 sys-auth/pam_pkcs11/metadata.xml |
13 |
|
14 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-auth/pam_pkcs11/metadata.xml?rev=1.3&view=markup |
15 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-auth/pam_pkcs11/metadata.xml?rev=1.3&content-type=text/plain |
16 |
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-auth/pam_pkcs11/metadata.xml?r1=1.2&r2=1.3 |
17 |
|
18 |
Index: metadata.xml |
19 |
=================================================================== |
20 |
RCS file: /var/cvsroot/gentoo-x86/sys-auth/pam_pkcs11/metadata.xml,v |
21 |
retrieving revision 1.2 |
22 |
retrieving revision 1.3 |
23 |
diff -u -r1.2 -r1.3 |
24 |
--- metadata.xml 16 Aug 2008 03:45:51 -0000 1.2 |
25 |
+++ metadata.xml 30 Oct 2010 16:22:53 -0000 1.3 |
26 |
@@ -1,9 +1,16 @@ |
27 |
<?xml version="1.0" encoding="UTF-8"?> |
28 |
<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> |
29 |
<pkgmetadata> |
30 |
-<herd>crypto</herd> |
31 |
-<use> |
32 |
- <flag name='pcsc-lite'>build with <pkg>sys-apps/pcsc-lite</pkg> instead of |
33 |
- <pkg>dev-libs/openct</pkg></flag> |
34 |
-</use> |
35 |
+ <herd>crypto</herd> |
36 |
+ <herd>pam</herd> |
37 |
+ <use> |
38 |
+ <flag name='pcsc-lite'> |
39 |
+ Build the card_eventmanager binary used to detect card removal and lock the sessions. This |
40 |
+ needs <pkg>sys-apps/pcsc-lite</pkg>. |
41 |
+ </flag> |
42 |
+ <flag name='nss'> |
43 |
+ Use Mozilla NSS (<pkg>dev-libs/nss</pkg>) as provider for PKCS#11 access, rather than using |
44 |
+ OpenSSL with a custom implementation of the PKC#11 protocol. |
45 |
+ </flag> |
46 |
+ </use> |
47 |
</pkgmetadata> |
48 |
|
49 |
|
50 |
|
51 |
1.18 sys-auth/pam_pkcs11/ChangeLog |
52 |
|
53 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-auth/pam_pkcs11/ChangeLog?rev=1.18&view=markup |
54 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-auth/pam_pkcs11/ChangeLog?rev=1.18&content-type=text/plain |
55 |
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-auth/pam_pkcs11/ChangeLog?r1=1.17&r2=1.18 |
56 |
|
57 |
Index: ChangeLog |
58 |
=================================================================== |
59 |
RCS file: /var/cvsroot/gentoo-x86/sys-auth/pam_pkcs11/ChangeLog,v |
60 |
retrieving revision 1.17 |
61 |
retrieving revision 1.18 |
62 |
diff -u -r1.17 -r1.18 |
63 |
--- ChangeLog 24 Oct 2010 11:05:20 -0000 1.17 |
64 |
+++ ChangeLog 30 Oct 2010 16:22:53 -0000 1.18 |
65 |
@@ -1,6 +1,17 @@ |
66 |
# ChangeLog for sys-auth/pam_pkcs11 |
67 |
# Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2 |
68 |
-# $Header: /var/cvsroot/gentoo-x86/sys-auth/pam_pkcs11/ChangeLog,v 1.17 2010/10/24 11:05:20 arfrever Exp $ |
69 |
+# $Header: /var/cvsroot/gentoo-x86/sys-auth/pam_pkcs11/ChangeLog,v 1.18 2010/10/30 16:22:53 flameeyes Exp $ |
70 |
+ |
71 |
+*pam_pkcs11-0.6.5-r1 (30 Oct 2010) |
72 |
+ |
73 |
+ 30 Oct 2010; Diego E. Pettenò <flameeyes@g.o> |
74 |
+ -pam_pkcs11-0.6.4.ebuild, -pam_pkcs11-0.6.5.ebuild, |
75 |
+ +pam_pkcs11-0.6.5-r1.ebuild, metadata.xml: |
76 |
+ Revision bump to fix config file; also add OpenSC to the dependencies |
77 |
+ (since it's always used), add an nss USE flag to use nss as upstream |
78 |
+ allows (but make sure to have a compatible curl if requested). Update |
79 |
+ metadata to add pam to the list of maintainers and to update the |
80 |
+ documentation of pcsc-lite USE flag (now enabled by default). |
81 |
|
82 |
*pam_pkcs11-0.6.5 (24 Oct 2010) |
83 |
|
84 |
|
85 |
|
86 |
|
87 |
1.1 sys-auth/pam_pkcs11/pam_pkcs11-0.6.5-r1.ebuild |
88 |
|
89 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-auth/pam_pkcs11/pam_pkcs11-0.6.5-r1.ebuild?rev=1.1&view=markup |
90 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-auth/pam_pkcs11/pam_pkcs11-0.6.5-r1.ebuild?rev=1.1&content-type=text/plain |
91 |
|
92 |
Index: pam_pkcs11-0.6.5-r1.ebuild |
93 |
=================================================================== |
94 |
# Copyright 1999-2010 Gentoo Foundation |
95 |
# Distributed under the terms of the GNU General Public License v2 |
96 |
# $Header: /var/cvsroot/gentoo-x86/sys-auth/pam_pkcs11/pam_pkcs11-0.6.5-r1.ebuild,v 1.1 2010/10/30 16:22:53 flameeyes Exp $ |
97 |
|
98 |
EAPI="3" |
99 |
|
100 |
inherit autotools eutils multilib pam |
101 |
|
102 |
DESCRIPTION="PKCS#11 PAM library" |
103 |
HOMEPAGE="http://www.opensc-project.org/pam_pkcs11" |
104 |
SRC_URI="http://www.opensc-project.org/files/pam_pkcs11/${P}.tar.gz" |
105 |
|
106 |
LICENSE="LGPL-2.1" |
107 |
SLOT="0" |
108 |
KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" |
109 |
IUSE="curl ldap +pcsc-lite nss" |
110 |
|
111 |
RDEPEND="sys-libs/pam |
112 |
!nss? ( |
113 |
dev-libs/openssl |
114 |
curl? ( || ( net-misc/curl[-ssl] net-misc/curl[ssl,-nss,-gnutls] ) ) |
115 |
) |
116 |
nss? ( |
117 |
dev-libs/nss |
118 |
curl? ( || ( net-misc/curl[-ssl] net-misc/curl[ssl,nss,-gnutls] ) ) |
119 |
) |
120 |
curl? ( net-misc/curl ) |
121 |
ldap? ( net-nds/openldap ) |
122 |
pcsc-lite? ( sys-apps/pcsc-lite )" |
123 |
DEPEND="${RDEPEND} |
124 |
dev-util/pkgconfig" |
125 |
RDEPEND="${RDEPEND} |
126 |
dev-libs/opensc" |
127 |
|
128 |
src_prepare() { |
129 |
# Fix the example files to be somewhat decent, and usable as |
130 |
# default configuration |
131 |
sed -i \ |
132 |
-e '/try_first_pass/s:false:true:' \ |
133 |
-e '/debug =/s:true:false:' \ |
134 |
-e 's:\(/usr\|\${exec_prefix}\)/lib/:/usr/'$(get_libdir)/':g' \ |
135 |
etc/pam_pkcs11.conf.example.in \ |
136 |
etc/pkcs11_eventmgr.conf.example || die "sed failed" |
137 |
|
138 |
epatch "${FILESDIR}/${P}-pcsclite_detection.patch" |
139 |
eautoreconf |
140 |
} |
141 |
|
142 |
src_configure() { |
143 |
econf \ |
144 |
$(use_with curl) \ |
145 |
$(use_with pcsc-lite pcsclite) \ |
146 |
$(use_with ldap) \ |
147 |
$(use_with nss) \ |
148 |
--docdir=/usr/share/doc/${PF} |
149 |
} |
150 |
|
151 |
src_install() { |
152 |
emake DESTDIR="${D}" pamdir="$(getpam_mod_dir)" install || die "emake install failed" |
153 |
|
154 |
# These are all dlopened plugins, so .la files are useless. |
155 |
find "${D}" -name '*.la' -delete || die |
156 |
|
157 |
dodoc AUTHORS ChangeLog NEWS README TODO || die |
158 |
|
159 |
# Move the make_hash_link script somehwere safe, it's _way_ too |
160 |
# generic of a name to use. |
161 |
dodir /usr/share/${PN} |
162 |
mv "${D}"/usr/bin/make_hash_link.sh "${D}"/usr/share/${PN} || die |
163 |
|
164 |
# Provide some basic configuration |
165 |
keepdir /etc/pam_pkcs11{,/{cacerts,crl}} |
166 |
|
167 |
insinto /etc/pam_pkcs11 |
168 |
newins etc/pam_pkcs11.conf.example pam_pkcs11.conf || die |
169 |
newins etc/pkcs11_eventmgr.conf.example pkcs11_eventmgr.conf || die |
170 |
} |
171 |
|
172 |
pkg_config() { |
173 |
local dir |
174 |
for dir in "${ROOT}"/etc/${PN}/{cacerts,crl}; do |
175 |
pushd "${dir}" &> /dev/null |
176 |
ebegin "Creating hash links in '${dir}'" |
177 |
"${ROOT}"/usr/share/${PN}/make_hash_link.sh || die |
178 |
eend $? |
179 |
popd &> /dev/null |
180 |
done |
181 |
} |
182 |
|
183 |
pkg_postinst() { |
184 |
elog "You probably want to configure the /etc/${PN}/${PN}.conf file." |
185 |
elog "with the settings for your pkcs11 provider." |
186 |
elog "" |
187 |
elog "You might also want to set up /etc/${PN}/pkcs11_eventmgr.conf" |
188 |
elog "with the settings for the event manager, and start it up at" |
189 |
elog "user login." |
190 |
} |
191 |
|
192 |
# TODO list! |
193 |
# |
194 |
# - we need to find a way allow the user to choose whether to start the |
195 |
# event manager at _all_ the logins, and if that's the case, lock all |
196 |
# kind of sessions (terminal _and_ X); |
197 |
# - upstream should probably migrate the configuration of the event |
198 |
# manager on a per-user basis, since it makes little sense to be _all_ |
199 |
# system-level configuration; |
200 |
# - we should probably provide some better config support that ensures |
201 |
# the configuration to be valid, as well as creating the symlinks; |
202 |
# - we should probably add support for nss; |
203 |
# - we should move the configuration in /etc/security as for the rest |
204 |
# of PAM-related configuration. |