diff options
author | Martin Schlemmer <azarah@gentoo.org> | 2005-03-07 19:32:39 +0000 |
---|---|---|
committer | Martin Schlemmer <azarah@gentoo.org> | 2005-03-07 19:32:39 +0000 |
commit | 56089715afe12b6a447b12e0f9296de46ea8392e (patch) | |
tree | 0e468d08aaabcd3bc9446b7a29dfdfdcba64b731 /sys-libs | |
parent | Stable on sparc (diff) | |
download | gentoo-2-56089715afe12b6a447b12e0f9296de46ea8392e.tar.gz gentoo-2-56089715afe12b6a447b12e0f9296de46ea8392e.tar.bz2 gentoo-2-56089715afe12b6a447b12e0f9296de46ea8392e.zip |
Do not link cracklib and pwdb static, bug #83899. Add /dev/dri/\* to
console.perms, bug #55833. Add NIS patche from Peter S. Mazinger
<ps.m@gmx.net>.
(Portage version: 2.0.51.19)
Diffstat (limited to 'sys-libs')
-rw-r--r-- | sys-libs/pam/ChangeLog | 9 | ||||
-rw-r--r-- | sys-libs/pam/Manifest | 3 | ||||
-rw-r--r-- | sys-libs/pam/files/digest-pam-0.78-r1 | 3 | ||||
-rw-r--r-- | sys-libs/pam/pam-0.78-r1.ebuild | 339 |
4 files changed, 353 insertions, 1 deletions
diff --git a/sys-libs/pam/ChangeLog b/sys-libs/pam/ChangeLog index 7b992d1fc064..9ba88d4c30ad 100644 --- a/sys-libs/pam/ChangeLog +++ b/sys-libs/pam/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for sys-libs/pam # Copyright 2002-2005 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-libs/pam/ChangeLog,v 1.64 2005/02/26 21:09:45 azarah Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-libs/pam/ChangeLog,v 1.65 2005/03/07 19:32:39 azarah Exp $ + +*pam-0.78-r1 (07 Mar 2005) + + 07 Mar 2005; Martin Schlemmer <azarah@gentoo.org> +pam-0.78-r1.ebuild: + Do not link cracklib and pwdb static, bug #83899. Add /dev/dri/\* to + console.perms, bug #55833. Add NIS patche from Peter S. Mazinger + <ps.m@gmx.net>. 26 Feb 2005; Martin Schlemmer <azarah@gentoo.org> pam-0.78.ebuild: Use econf and some tweaking to fix some man pages installing into /man, bug diff --git a/sys-libs/pam/Manifest b/sys-libs/pam/Manifest index 01e1c345b918..df04130c5a5f 100644 --- a/sys-libs/pam/Manifest +++ b/sys-libs/pam/Manifest @@ -9,6 +9,8 @@ MD5 1d05f0436f1c273d7862099f309afe4d metadata.xml 156 MD5 9c0c3cf85b94ae623375fb05294b924a pam-0.77-r8.ebuild 8212 MD5 cb547fcc1f1893c82cbf6edcd41a2258 pam-0.77-r2.ebuild 7764 MD5 58cc195d9abe8e8403cfb54ef40d4c80 pam-0.78.ebuild 9536 +MD5 0117b5a70df45350b4748586bd92a609 pam-0.78-r1.ebuild 9798 +MD5 90580074895266204e824caff40930b3 .pam-0.78-r1.ebuild.swp 24576 MD5 652f6b0ebdc63b0aa9ca6e1783c468a1 files/pam_env.conf 2980 MD5 7abfe66b5996b628696d244d462e47b0 files/digest-pam-0.77-r3 201 MD5 028c285db4076f549774c258d0eddcfc files/digest-pam-0.77-r1 201 @@ -19,6 +21,7 @@ MD5 693d0527279f95e01ad9a5ba6ef45389 files/digest-pam-0.77-r8 201 MD5 b38aa656e6c205427dd4c4ba7d6d3f97 files/digest-pam-0.77-r6 201 MD5 c3f9e8ddddd908bd83aa6859d279dd7d files/README.pam_console 2096 MD5 92aced5acf4c59db3039da332ca1c47e files/digest-pam-0.78 200 +MD5 21390b7acb42d4c22215492782e98f5e files/digest-pam-0.78-r1 200 MD5 69f8cfad7f241eb669085eaa753cd9dd files/pam-0.77-console-reset.patch 1826 MD5 7abfe66b5996b628696d244d462e47b0 files/digest-pam-0.77-r2 201 MD5 344d17a865edc40adebe07797853c839 files/pam.d/other 198 diff --git a/sys-libs/pam/files/digest-pam-0.78-r1 b/sys-libs/pam/files/digest-pam-0.78-r1 new file mode 100644 index 000000000000..073eaf178043 --- /dev/null +++ b/sys-libs/pam/files/digest-pam-0.78-r1 @@ -0,0 +1,3 @@ +MD5 58cd055892e97648651d5a318888f3a0 Linux-PAM-0.78.tar.gz 488936 +MD5 d461852d4c762ee7f403539c5d4f8b96 pam-0.78-patches-1.1.tar.bz2 86318 +MD5 fcc481d52c3b80e20a328f8c0cb042bd db-4.3.27.tar.gz 5921872 diff --git a/sys-libs/pam/pam-0.78-r1.ebuild b/sys-libs/pam/pam-0.78-r1.ebuild new file mode 100644 index 000000000000..b7697ae1f338 --- /dev/null +++ b/sys-libs/pam/pam-0.78-r1.ebuild @@ -0,0 +1,339 @@ +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-libs/pam/pam-0.78-r1.ebuild,v 1.1 2005/03/07 19:32:39 azarah Exp $ + +FORCE_SYSTEMAUTH_UPDATE="no" + +# BDB is internalized to get a non-threaded lib for pam_userdb.so to +# be built with. The runtime-only dependency on BDB suggests the user +# will use the system-installed db_load to create pam_userdb databases. +# PWDB is internalized because it is specifically designed to work +# with Linux-PAM. I'm not really certain how pervasive the Radius +# and NIS services of PWDB are at this point. + +PATCH_LEVEL="1.1" +BDB_VER="4.3.27" +BDB_VER2="4.1.25" +PAM_REDHAT_VER="0.78-3" + +HOMEPAGE="http://www.kernel.org/pub/linux/libs/pam/" +DESCRIPTION="Pluggable Authentication Modules" + +S="${WORKDIR}/Linux-PAM-${PV}" +S2="${WORKDIR}/pam-${PV}-patches" +SRC_URI="http://www.kernel.org/pub/linux/libs/pam/pre/library/Linux-PAM-${PV}.tar.gz + mirror://gentoo/${P}-patches-${PATCH_LEVEL}.tar.bz2 + http://dev.gentoo.org/~seemant/distfiles/${P}-patches-${PATCH_LEVEL}.tar.bz2 + berkdb? ( http://downloads.sleepycat.com/db-${BDB_VER}.tar.gz )" + +LICENSE="PAM" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86" +IUSE="berkdb pwdb selinux pam_chroot pam_console pam_timestamp nis" + +RDEPEND=">=sys-libs/cracklib-2.7-r8 + selinux? ( sys-libs/libselinux ) + berkdb? ( >=sys-libs/db-${BDB_VER2} )" + +# Note that we link to static versions of glib (pam_console.so) +# and pwdb (pam_pwdb.so), so we need glib-2.6.2-r1 or later ... +DEPEND="${RDEPEND} + dev-lang/perl + pam_console? ( >=dev-libs/glib-2.6.2-r1 ) + >=sys-devel/autoconf-2.59 + >=sys-devel/automake-1.6 + >=sys-devel/flex-2.5.4a-r5 + pwdb? ( >=sys-libs/pwdb-0.62 )" + +# Have python sandbox issues currently ... +# doc? ( app-text/sgmltools-lite ) + +#inherit needs to be after DEPEND definition to protect RDEPEND +inherit gcc eutils flag-o-matic gnuconfig + +apply_pam_patches() { + local x= + local y= + local patches="${T}/patches.$$" + + for x in redhat gentoo; do + rm -f "${patches}" + + # Need to be a '| while read x', as some lines may have spaces ... + grep -v '^#' "${S2}/list.${x}-patches" | grep -v '^$' | while read y; do + # Remove the 'Patch[0-9]*: ' from the redhat list + echo "${y}" | sed -e 's|^Patch.*: \(.*\)|\1|' >> "${patches}" + done + for y in $(cat "${patches}"); do + epatch "${S2}/${x}-patches/${y}" + done + done +} + +pkg_setup() { + local x= + + #if use pwdb; then + # for x in libpwdb.a libcrack.a; do + # if [ ! -f "${ROOT}/usr/$(get_libdir)/${x}" ]; then + # eerror "Could not find /usr/$(get_libdir)/${x} needed to build Linux-PAM!" + # die "Could not find /usr/$(get_libdir)/${x} needed to build Linux-PAM!" + # fi + # done + #fi + if use pam_console; then + x="libglib-2.0.a" + if [ ! -f "${ROOT}/usr/$(get_libdir)/${x}" ]; then + eerror "Could not find /usr/$(get_libdir)/${x} needed to build Linux-PAM!" + eerror "Please remerge glib-2.6.* to make sure you have static changes." + die "Could not find /usr/$(get_libdir)/${x} needed to build Linux-PAM!" + fi + fi + + return 0 +} + +src_unpack() { + local x= + + unpack ${A} || die "Couldn't unpack ${A}" + + cd ${S} || die + tar -zxf ${S2}/pam-redhat-${PAM_REDHAT_VER}.tar.gz \ + || die "Couldn't unpack pam-redhat-${PAM_REDHAT_VER}.tar.gz" + # These ones we do not want, or do not work with non RH + rm -rf ${S}/modules/{pam_rps,pam_postgresok} + + apply_pam_patches + + if use selinux; then + epatch ${S2}/gentoo-patches/pam-0.78-selinux.patch + fi + + # Check which extra modules should be built + # (Do this after apply_pam_patches(), else some may fail) + for x in pam_chroot pam_console pam_timestamp; do + use "${x}" || rm -rf "${S}/modules/${x}" + done + use berkdb || rm -rf "${S}/modules/pam_userdb" + use pwdb || rm -rf "${S}/modules/pam_pwdb" + use pwdb || rm -rf "${S}/modules/pam_radius" + + for x in $(find ${S} -type f -name 'Makefile*'); do + use nis || sed -i -e 's: -DNIS::g' "${x}" + done + # NIS patch is broken for now + use nis && echo 'NIS=yes' >> "${S}/Make.Rules.in" + + # Fixup libdir for 64bit arches + sed -ie "s:@get_libdir:$(get_libdir):" ${S}/configure.in + + for readme in modules/pam_*/README; do + cp -f "${readme}" doc/txts/README.$(dirname "${readme}" | \ + sed -e 's|^modules/||') + done + + # Bug #80604 (If install-sh do not exist, touch it) + cp /usr/share/automake/install-sh ${S}/ 2>/dev/null || touch install-sh + export WANT_AUTOCONF=2.5 + autoconf || die +} + +src_compile() { + # Bug #70471 (Compile issues with other locales) + export LANG=C LC_ALL=C + + if use berkdb ; then + einfo "Building Berkley DB ${BDB_VER}..." + cd ${WORKDIR}/db-${BDB_VER}/build_unix || die + + # Pam uses berkdb, which db-4.1.x series can't detect mips64, so we fix it + if use mips ; then + einfo "Updating berkdb config.{guess,sub} for mips" + S="${WORKDIR}/db-${BDB_VER}/dist" \ + gnuconfig_update + fi + + #echo db_cv_mutex=UNIX/fcntl > config.cache + #./s_config + ../dist/configure \ + --cache-file=config.cache \ + --disable-compat185 \ + --disable-cxx \ + --disable-diagnostic \ + --disable-dump185 \ + --disable-java \ + --disable-rpc \ + --disable-tcl \ + --disable-shared \ + --disable-o_direct \ + --with-pic \ + --with-uniquename=_pam \ + --with-mutex="UNIX/fcntl" \ + --prefix="${S}" \ + --includedir="${S}/include" \ + --libdir="${S}/lib" || die "Bad BDB ./configure" + + # XXX: hack out O_DIRECT support in db4 for now. + # (Done above now with --disable-o_direct now) + + make || die "BDB build failed" + make install || die + + export CPPFLAGS="-I${S}/include" + export LDFLAGS="-L${S}/lib" + export LIBNAME="lib" + fi + + if [[ ${ARCH} = "alpha" ]] ; then + if [[ -n $(strings -a /usr/lib/libglib.a | grep -i 'Compaq Computer Corp.') ]] ; then + # Should be LDFLAGS, but this configure is screwy. + echo + einfo "It looks like you compiled glib with ccc, this is okay, but" + einfo "I'll need to force gcc to link with libots...." + echo + append-flags -lots + sed -i -e 's/$(CC) -o/$(CC) -lots -o/g' ${S}/modules/pam_pwdb/Makefile + fi + fi + + einfo "Building Linux-PAM ${PV}..." + cd ${S} + econf --enable-static-libpam \ + --enable-fakeroot="${D}" \ + --libdir="/$(get_libdir)" \ + --enable-isadir="../../$(get_libdir)/security" \ + || die + + # Python stuff in docs gives sandbox problems + sed -i -e 's|modules doc examples|modules|' Makefile + + # Fix warnings for gcc-2.95.3 + if [[ $(gcc-version) = "2.95" ]] ; then + sed -i -e "s:-Wpointer-arith::" Make.Rules + fi + + if ! use berkdb ; then + # Do not build pam_userdb.so ... + sed -i -e "s:^HAVE_NDBM_H=yes:HAVE_NDBM_H=no:" \ + -e "s:^HAVE_LIBNDBM=yes:HAVE_LIBNDBM=no:" \ + -e "s:^HAVE_LIBDB=yes:HAVE_LIBDB=no:" \ + Make.Rules + + # Also edit the configuration file else the wrong include files + # get used + sed -i -e "s:^#define HAVE_NDBM_H.*$:/* #undef HAVE_NDBM_H */:" \ + -e "s:^#define HAVE_DB_H.*$:/* #undef HAVE_DB_H */:" \ + _pam_aconf.h + + else + # Do not link pam_userdb.so to db-1.85 ... + sed -i -e "s:^HAVE_NDBM_H=yes:HAVE_NDBM_H=no:" \ + -e "s:^HAVE_LIBNDBM=yes:HAVE_LIBNDBM=no:" \ + Make.Rules + + # Also edit the configuration file else the wrong include files + # get used + sed -i -e "s:^#define HAVE_NDBM_H.*$:/* #undef HAVE_NDBM_H */:" \ + _pam_aconf.h + fi + + make || die "PAM build failed" +} + +src_install() { + local x= + + einfo "Installing Linux-PAM ${PV}..." + make FAKEROOT=${D} \ + LDCONFIG="" \ + install || die + + # Make sure every module built. + # Do not remove this, as some module can fail to build + # and effectively lock the user out of his system. + einfo "Checking if all modules were built..." + for x in ${S}/modules/pam_*; do + if [[ -d ${x} ]] ; then + local mod_name=$(basename "${x}") + local sec_dir="${D}/$(get_libdir)/security" + + if ! ls -1 "${sec_dir}/${mod_name}"*.so &> /dev/null ; then + echo + eerror "ERROR: ${mod_name} module did not build." + echo + die "${mod_name} module did not build." + fi + if [[ -n $(ldd "${sec_dir}/${mod_name}"*.so 2>&1 | grep '/usr/') ]] ; then + echo + eerror "ERROR: ${mod_name} have dependencies in /usr." + echo + die "${mod_name} have dependencies in /usr." + fi + fi + done + + dodir /usr/$(get_libdir) + cd ${D}/$(get_libdir) + for x in pam pamc pam_misc; do + rm lib${x}.so + ln -s lib${x}.so.${PV} lib${x}.so + ln -s lib${x}.so.${PV} lib${x}.so.0 + mv lib${x}.a ${D}/usr/$(get_libdir) + # See bug #4411 + gen_usr_ldscript lib${x}.so + done + + cd ${S} + + # need this for pam_console + keepdir /var/run/console + + for x in ${FILESDIR}/pam.d/*; do + [[ -f ${x} ]] && dopamd ${x} + done + + # Only add this one if needed. + if [[ ${FORCE_SYSTEMAUTH_UPDATE} = "yes" ]] ; then + newpamd ${FILESDIR}/pam.d/system-auth system-auth.new || \ + die "Failed to install system-auth.new!" + fi + + insinto /etc/security + doins ${FILESDIR}/pam_env.conf + doman doc/man/*.[0-9] + + dodoc CHANGELOG Copyright README + docinto modules ; dodoc modules/README ; dodoc doc/txts/README.* + # Install our own README.pam_console + docinto ; dodoc ${FILESDIR}/README.pam_console + docinto txt ; dodoc doc/specs/*.txt #doc/txts/*.txt +# docinto print ; dodoc doc/ps/*.ps + +# docinto html +# dohtml -r doc/html/ +} + +pkg_postinst() { + if [[ ${FORCE_SYSTEMAUTH_UPDATE} = "yes" ]] ; then + local CHECK1=$(md5sum ${ROOT}/etc/pam.d/system-auth | cut -d ' ' -f 1) + local CHECK2=$(md5sum ${ROOT}/etc/pam.d/system-auth.new | cut -d ' ' -f 1) + + if [[ ${CHECK1} != "${CHECK2}" ]] ; then + ewarn "Due to a security issue, ${ROOT}etc/pam.d/system-auth " + ewarn "is being updated automatically. Your old " + ewarn "system-auth will be backed up as:" + ewarn + ewarn " ${ROOT}etc/pam.d/system-auth.bak" + echo + + cp -a ${ROOT}/etc/pam.d/system-auth \ + ${ROOT}/etc/pam.d/system-auth.bak; + mv -f ${ROOT}/etc/pam.d/system-auth.new \ + ${ROOT}/etc/pam.d/system-auth + rm -f ${ROOT}/etc/pam.d/._cfg????_system-auth + else + rm -f ${ROOT}/etc/pam.d/system-auth.new + fi + fi +} |