diff options
author | Martin Schlemmer <azarah@gentoo.org> | 2004-11-08 18:33:46 +0000 |
---|---|---|
committer | Martin Schlemmer <azarah@gentoo.org> | 2004-11-08 18:33:46 +0000 |
commit | 2cb60cc355ca381adcb798e33ad476daa341ef04 (patch) | |
tree | 90b69446e825246b0b6313c2f2ff3a791293cf73 /sys-libs/pam | |
parent | arm KEYWORDS (diff) | |
download | historical-2cb60cc355ca381adcb798e33ad476daa341ef04.tar.gz historical-2cb60cc355ca381adcb798e33ad476daa341ef04.tar.bz2 historical-2cb60cc355ca381adcb798e33ad476daa341ef04.zip |
Install again pam.d files for rexec, rlogin and rsh. Update
/etc/security/pam_env.conf to allow su to export DISPLAY and XAUTHORITY if
needed, bug #69925.
Diffstat (limited to 'sys-libs/pam')
-rw-r--r-- | sys-libs/pam/ChangeLog | 10 | ||||
-rw-r--r-- | sys-libs/pam/Manifest | 24 | ||||
-rw-r--r-- | sys-libs/pam/files/digest-pam-0.77-r1 | 3 | ||||
-rw-r--r-- | sys-libs/pam/files/digest-pam-0.77-r3 | 3 | ||||
-rw-r--r-- | sys-libs/pam/files/pam_env.conf | 77 | ||||
-rw-r--r-- | sys-libs/pam/pam-0.77-r1.ebuild | 293 | ||||
-rw-r--r-- | sys-libs/pam/pam-0.77-r3.ebuild | 300 |
7 files changed, 696 insertions, 14 deletions
diff --git a/sys-libs/pam/ChangeLog b/sys-libs/pam/ChangeLog index 54bc47fa6add..c8be7d736b76 100644 --- a/sys-libs/pam/ChangeLog +++ b/sys-libs/pam/ChangeLog @@ -1,6 +1,14 @@ # ChangeLog for sys-libs/pam # Copyright 2002-2004 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-libs/pam/ChangeLog,v 1.57 2004/10/31 16:08:21 azarah Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-libs/pam/ChangeLog,v 1.58 2004/11/08 18:33:46 azarah Exp $ + +*pam-0.77-r3 (08 Nov 2004) + + 08 Nov 2004; Martin Schlemmer <azarah@gentoo.org> +files/pam_env.conf, + +pam-0.77-r1.ebuild, +pam-0.77-r3.ebuild: + Install again pam.d files for rexec, rlogin and rsh. Update + /etc/security/pam_env.conf to allow su to export DISPLAY and XAUTHORITY if + needed, bug #69925. *pam-0.77-r2 (31 Oct 2004) diff --git a/sys-libs/pam/Manifest b/sys-libs/pam/Manifest index 6cec96a09498..e786dfaafae2 100644 --- a/sys-libs/pam/Manifest +++ b/sys-libs/pam/Manifest @@ -1,17 +1,15 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA1 - -MD5 1fb1663f841e5afe50da00cdbd22e439 ChangeLog 8330 -MD5 1d05f0436f1c273d7862099f309afe4d metadata.xml 156 +MD5 4de5d5a06089ac9d455256ae2b906c3c pam-0.77-r3.ebuild 7811 +MD5 5081ec4a1bcd7753c147d389d92dbd00 pam-0.77-r1.ebuild 7473 +MD5 bed333a6a95abef3642b9094ef51a2a6 ChangeLog 8637 MD5 d9e4ca42b79c105aa47283786d511446 pam-0.77.ebuild 7422 +MD5 1d05f0436f1c273d7862099f309afe4d metadata.xml 156 MD5 301cd084cd567f57a9679687e7691491 pam-0.77-r2.ebuild 7762 -MD5 69f8cfad7f241eb669085eaa753cd9dd files/pam-0.77-console-reset.patch 1826 +MD5 7cc3ab359689ec8b0ca27852f57b1ff7 files/pam_env.conf 3024 +MD5 7abfe66b5996b628696d244d462e47b0 files/digest-pam-0.77-r3 201 +MD5 028c285db4076f549774c258d0eddcfc files/digest-pam-0.77-r1 201 MD5 028c285db4076f549774c258d0eddcfc files/digest-pam-0.77 201 +MD5 69f8cfad7f241eb669085eaa753cd9dd files/pam-0.77-console-reset.patch 1826 MD5 7abfe66b5996b628696d244d462e47b0 files/digest-pam-0.77-r2 201 ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1.9.10 (GNU/Linux) - -iD8DBQFBiwDcHTu7gpaalycRAh1OAKDcw7TnddTM7L7rmrjKd+Fc+yrVpgCgx5QW -GaFeaUoh+U0cVfaZaDQeVO0= -=nrGd ------END PGP SIGNATURE----- +MD5 849aa086002eda305d4d6d59a94fadd8 files/pam.d/rexec 457 +MD5 ec3d6de902670c90897507f4a098f668 files/pam.d/rlogin 580 +MD5 7b9d8d0930734500608538c166d0179a files/pam.d/rsh 445 diff --git a/sys-libs/pam/files/digest-pam-0.77-r1 b/sys-libs/pam/files/digest-pam-0.77-r1 new file mode 100644 index 000000000000..b369b6cb73ab --- /dev/null +++ b/sys-libs/pam/files/digest-pam-0.77-r1 @@ -0,0 +1,3 @@ +MD5 be5a470e553ba71c20e9bbc7665f3754 Linux-PAM-0.77.tar.gz 442569 +MD5 ec1150f6d16428c30f9c65a5b5212edd pam-0.77-patches-1.2.tar.bz2 114371 +MD5 df71961002b552c0e72c6e4e358f27e1 db-4.1.25.tar.gz 3080234 diff --git a/sys-libs/pam/files/digest-pam-0.77-r3 b/sys-libs/pam/files/digest-pam-0.77-r3 new file mode 100644 index 000000000000..2b18e5cd4d85 --- /dev/null +++ b/sys-libs/pam/files/digest-pam-0.77-r3 @@ -0,0 +1,3 @@ +MD5 be5a470e553ba71c20e9bbc7665f3754 Linux-PAM-0.77.tar.gz 442569 +MD5 a92c0fc8ccdcb23687600b3dc60732f3 pam-0.77-patches-1.3.tar.bz2 114508 +MD5 df71961002b552c0e72c6e4e358f27e1 db-4.1.25.tar.gz 3080234 diff --git a/sys-libs/pam/files/pam_env.conf b/sys-libs/pam/files/pam_env.conf new file mode 100644 index 000000000000..91fdad2070b4 --- /dev/null +++ b/sys-libs/pam/files/pam_env.conf @@ -0,0 +1,77 @@ +# $Date: 2004/11/08 18:33:46 $ +# $Author: azarah $ +# $Id: pam_env.conf,v 1.1 2004/11/08 18:33:46 azarah Exp $ +# +# This is the configuration file for pam_env, a PAM module to load in +# a configurable list of environment variables for a +# +# The original idea for this came from Andrew G. Morgan ... +#<quote> +# Mmm. Perhaps you might like to write a pam_env module that reads a +# default environment from a file? I can see that as REALLY +# useful... Note it would be an "auth" module that returns PAM_IGNORE +# for the auth part and sets the environment returning PAM_SUCCESS in +# the setcred function... +#</quote> +# +# What I wanted was the REMOTEHOST variable set, purely for selfish +# reasons, and AGM didn't want it added to the SimpleApps login +# program (which is where I added the patch). So, my first concern is +# that variable, from there there are numerous others that might/would +# be useful to be set: NNTPSERVER, LESS, PATH, PAGER, MANPAGER ..... +# +# Of course, these are a different kind of variable than REMOTEHOST in +# that they are things that are likely to be configured by +# administrators rather than set by logging in, how to treat them both +# in the same config file? +# +# Here is my idea: +# +# Each line starts with the variable name, there are then two possible +# options for each variable DEFAULT and OVERRIDE. +# DEFAULT allows and administrator to set the value of the +# variable to some default value, if none is supplied then the empty +# string is assumed. The OVERRIDE option tells pam_env that it should +# enter in its value (overriding the default value) if there is one +# to use. OVERRIDE is not used, "" is assumed and no override will be +# done. +# +# VARIABLE [DEFAULT=[value]] [OVERRIDE=[value]] +# +# (Possibly non-existent) environment variables may be used in values +# using the ${string} syntax and (possibly non-existent) PAM_ITEMs may +# be used in values using the @{string} syntax. Both the $ and @ +# characters can be backslash escaped to be used as literal values +# values can be delimited with "", escaped " not supported. +# +# +# First, some special variables +# +# Set the REMOTEHOST variable for any hosts that are remote, default +# to "localhost" rather than not being set at all +# Note: Rather set default to "", as DISPLAY=localhost:0.0 do not work +# here at least. +REMOTEHOST DEFAULT= OVERRIDE=@{PAM_RHOST} +# +# Set the DISPLAY variable if it seems reasonable +DISPLAY DEFAULT=${REMOTEHOST}:0.0 OVERRIDE=${DISPLAY} +# +# Set the XAUTHORITY variable if pam_xauth is used +XAUTHORITY DEFAULT= OVERRIDE=@{XAUTHORITY} +# +# +# Now some simple variables +# +#PAGER DEFAULT=less +#MANPAGER DEFAULT=less +#LESS DEFAULT="M q e h15 z23 b80" +#NNTPSERVER DEFAULT=localhost +#PATH DEFAULT=${HOME}/bin:/usr/local/bin:/bin\:/usr/bin:/usr/local/bin/X11:/usr/bin/X11 +# +# silly examples of escaped variables, just to show how they work. +# +#DOLLAR DEFAULT=\$ +#DOLLARDOLLAR DEFAULT= OVERRIDE=\$${DOLLAR} +#DOLLARPLUS DEFAULT=\${REMOTEHOST}${REMOTEHOST} +#ATSIGN DEFAULT="" OVERRIDE=\@ + diff --git a/sys-libs/pam/pam-0.77-r1.ebuild b/sys-libs/pam/pam-0.77-r1.ebuild new file mode 100644 index 000000000000..1b6e9b306306 --- /dev/null +++ b/sys-libs/pam/pam-0.77-r1.ebuild @@ -0,0 +1,293 @@ +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-libs/pam/pam-0.77-r1.ebuild,v 1.12 2004/11/08 18:33:46 azarah Exp $ + +PATCH_LEVEL="1.2" +BDB_VER="4.1.25" +PAM_REDHAT_VER="0.77-4" + +RDEPEND=">=sys-libs/cracklib-2.7-r8 + selinux? ( sys-libs/libselinux ) + berkdb? ( >=sys-libs/db-${BDB_VER} )" + +DEPEND="$RDEPEND + dev-lang/perl + =dev-libs/glib-1.2* + >=sys-devel/autoconf-2.58 + >=sys-devel/automake-1.6 + >=sys-devel/flex-2.5.4a-r5 + pwdb? ( >=sys-libs/pwdb-0.62 )" + +# Have python sandbox issues currently ... +# doc? ( app-text/sgmltools-lite ) + +# BDB is internalized to get a non-threaded lib for pam_userdb.so to +# be built with. The runtime-only dependency on BDB suggests the user +# will use the system-installed db_load to create pam_userdb databases. +# PWDB is internalized because it is specifically designed to work +# with Linux-PAM. I'm not really certain how pervasive the Radius +# and NIS services of PWDB are at this point. +# +# With all the arch's we support, I rather use external pwdb, and then +# link statically to it - <azarah@gentoo.org> (09 Nov 2003). + +#inherit needs to be after DEPEND definition to protect RDEPEND +inherit gcc eutils flag-o-matic gnuconfig + +# Note that we link to static versions of glib (pam_console.so) +# and pwdb (pam_pwdb.so) ... + +HOMEPAGE="http://www.kernel.org/pub/linux/libs/pam/" +DESCRIPTION="Pluggable Authentication Modules" + +S="${WORKDIR}/Linux-PAM-${PV}" +S2="${WORKDIR}/pam-${PV}-patches" +SRC_URI="http://www.kernel.org/pub/linux/libs/pam/pre/library/Linux-PAM-${PV}.tar.gz + mirror://gentoo/${P}-patches-${PATCH_LEVEL}.tar.bz2 + berkdb? ( http://www.sleepycat.com/update/snapshot/db-${BDB_VER}.tar.gz )" + +LICENSE="PAM" +KEYWORDS="amd64 x86 ppc sparc alpha mips hppa ia64 ppc64 s390" +SLOT="0" +IUSE="berkdb pwdb selinux" + +apply_pam_patches() { + local x= + local patch= + + for x in redhat gentoo + do + cat ${S2}/list.${x}-patches | grep -v '^#' | grep -v '^$' | while read X + do + patch="$(echo $X | sed -e 's|^Patch.*: \(.*\)|\1|')" + epatch ${S2}/${x}-patches/${patch} + done + done +} + +pkg_setup() { + local x= + + if use pwdb; then + for x in libpwdb.a libcrack.a; do + if [ ! -f "${ROOT}/usr/lib/${x}" ]; then + eerror "Could not find /usr/lib/${x} needed to build Linux-PAM!" + die "Could not find /usr/lib/${x} needed to build Linux-PAM!" + fi + done + fi + + return 0 +} + +src_unpack() { + unpack ${A} || die "Couldn't unpack ${A}" + + cd ${S} || die + tar -zxf ${S2}/pam-redhat-${PAM_REDHAT_VER}.tar.gz \ + || die "Couldn't unpack pam-redhat-${PAM_REDHAT_VER}.tar.gz" + + # Fix pam_console_apply -r segfaulting if a group used in + # /etc/security/console.perms are missing, bug #50315 + cp -f ${FILESDIR}/pam-0.77-console-reset.patch ${S2}/gentoo-patches/ + + apply_pam_patches + + use selinux && epatch ${S2}/gentoo-patches/pam-selinux.patch + + for readme in modules/pam_*/README ; do + cp -f "${readme}" doc/txts/README.$(dirname "${readme}" | \ + sed -e 's|^modules/||') + done + + cp /usr/share/automake/install-sh . || die + export WANT_AUTOCONF=2.5 + autoconf || die +} + +src_compile() { + export CFLAGS="${CFLAGS} -fPIC" + + if use berkdb + then + einfo "Building Berkley DB ${BDB_VER}..." + cd ${WORKDIR} + cd db-${BDB_VER}/dist || die + + # Pam uses berkdb, which db-4.1.x series can't detect mips64, so we fix it + if use mips; then + einfo "Updating berkdb config.{guess,sub} for mips" + local OLDS="${S}" + S="${WORKDIR}/db-${BDB_VER}/dist" + gnuconfig_update + S="${OLDS}" + fi + + echo db_cv_mutex=UNIX/fcntl > config.cache + ./s_config + ./configure \ + --cache-file=config.cache \ + --disable-compat185 \ + --disable-cxx \ + --disable-diagnostic \ + --disable-dump185 \ + --disable-java \ + --disable-rpc \ + --disable-tcl \ + --disable-shared \ + --with-pic \ + --with-uniquename=_pam \ + --prefix=${S} \ + --includedir=${S}/include \ + --libdir=${S}/lib || die "Bad BDB ./configure" + + # XXX hack out O_DIRECT support in db4 for now. + perl -pi -e 's/#define HAVE_O_DIRECT 1/#undef HAVE_O_DIRECT/' \ + db_config.h + + make || die "BDB build failed" + make install || die + + export CPPFLAGS="-I${S}/include" + export LDFLAGS="-L${S}/lib" + export LIBNAME="lib" + fi + + if [ "${ARCH}" = "alpha" ] + then + if [ ! -z "$(strings -a /usr/lib/libglib.a | grep -i 'Compaq Computer Corp.')" ] + then + # should be LDFLAGS, but this configure is screwy. + echo + einfo "It looks like you compiled glib with ccc, this is okay, but" + einfo "I'll need to force gcc to link with libots...." + echo + append-flags -lots + sed -i -e 's/$(CC) -o/$(CC) -lots -o/g' ${S}/modules/pam_pwdb/Makefile + fi + fi + + einfo "Building Linux-PAM ${PV}..." + cd ${S} + ./configure \ + --libdir=/lib \ + --enable-static-libpam \ + --enable-fakeroot=${D} \ + --enable-isadir=/lib/security \ + --host=${CHOST} || die + + # Python stuff in docs gives sandbox problems + sed -i -e 's|modules doc examples|modules|' Makefile + + # Fix warnings for gcc-2.95.3 + if [ "$(gcc-version)" = "2.95" ] + then + sed -i -e "s:-Wpointer-arith::" Make.Rules + fi + + if ! use berkdb + then + # Do not build pam_userdb.so ... + sed -i -e "s:^HAVE_NDBM_H=yes:HAVE_NDBM_H=no:" \ + -e "s:^HAVE_LIBNDBM=yes:HAVE_LIBNDBM=no:" \ + -e "s:^HAVE_LIBDB=yes:HAVE_LIBDB=no:" \ + Make.Rules + else + # Do not link pam_userdb.so to db-1.85 ... + sed -i -e "s:^HAVE_NDBM_H=yes:HAVE_NDBM_H=no:" \ + -e "s:^HAVE_LIBNDBM=yes:HAVE_LIBNDBM=no:" \ + Make.Rules + fi + + make || die "PAM build failed" +} + +src_install() { + local x= + + einfo "Installing Linux-PAM ${PV}..." + make FAKEROOT=${D} \ + LDCONFIG="" \ + install || die + + # Make sure every module built. + # Do not remove this, as some module can fail to build + # and effectively lock the user out of his system. + einfo "Checking if all modules were built..." + for x in ${S}/modules/pam_* + do + if [ -d ${x} ] + then + # Its OK if the module failed when we didnt ask for it anyway + if ! ls -1 ${D}/lib/security/$(basename ${x})*.so &> /dev/null + then + if ! use berkdb && [ "$(basename ${x})" = "pam_userdb" ] + then + continue + fi + if ! use pwdb && [ "$(basename ${x})" = "pam_pwdb" ] + then + continue + fi + if ! use pwdb && [ "$(basename ${x})" = "pam_radius" ] + then + continue + fi + eerror "ERROR: $(basename ${x}) module did not build." + exit 1 + else + # Remove the ones we didnt want if it ended up building ok anyways + if ! use berkdb && [ "$(basename ${x})" = "pam_userdb" ] + then + rm -f ${D}/lib/security/pam_userdb* + fi + if ! use pwdb && [ "$(basename ${x})" = "pam_pwdb" ] + then + rm -f ${D}/lib/security/pam_pwdb* + fi + if ! use pwdb && [ "$(basename ${x})" = "pam_radius" ] + then + rm -f ${D}/lib/security/pam_radius* + fi + fi + fi + done + + dodir /usr/lib + cd ${D}/lib + for x in pam pamc pam_misc + do + rm lib${x}.so + ln -s lib${x}.so.${PV} lib${x}.so + ln -s lib${x}.so.${PV} lib${x}.so.0 + mv lib${x}.a ${D}/usr/lib + # See bug #4411 + gen_usr_ldscript lib${x}.so + done + + cd ${S} + doman doc/man/*.[58] + + dodoc CHANGELOG Copyright README + docinto modules ; dodoc modules/README ; dodoc doc/txts/README.* + docinto txt ; dodoc doc/specs/*.txt #doc/txts/*.txt +# docinto print ; dodoc doc/ps/*.ps + +# docinto html +# dohtml -r doc/html/ + + # need this for pam_console + keepdir /var/run/console + + insinto /etc/pam.d + for x in ${FILESDIR}/pam.d/* + do + if [ -f ${x} ] + then + doins ${x} + fi + done + + insinto /etc/security + doins ${FILESDIR}/pam_env.conf +} diff --git a/sys-libs/pam/pam-0.77-r3.ebuild b/sys-libs/pam/pam-0.77-r3.ebuild new file mode 100644 index 000000000000..8d83e77d304f --- /dev/null +++ b/sys-libs/pam/pam-0.77-r3.ebuild @@ -0,0 +1,300 @@ +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-libs/pam/pam-0.77-r3.ebuild,v 1.1 2004/11/08 18:33:46 azarah Exp $ + +PATCH_LEVEL="1.3" +BDB_VER="4.1.25" +PAM_REDHAT_VER="0.77-4" + +RDEPEND=">=sys-libs/cracklib-2.7-r8 + selinux? ( sys-libs/libselinux ) + berkdb? ( >=sys-libs/db-${BDB_VER} )" + +DEPEND="$RDEPEND + dev-lang/perl + =dev-libs/glib-1.2* + >=sys-devel/autoconf-2.59 + >=sys-devel/automake-1.6 + >=sys-devel/flex-2.5.4a-r5 + pwdb? ( >=sys-libs/pwdb-0.62 )" + +# Have python sandbox issues currently ... +# doc? ( app-text/sgmltools-lite ) + +# BDB is internalized to get a non-threaded lib for pam_userdb.so to +# be built with. The runtime-only dependency on BDB suggests the user +# will use the system-installed db_load to create pam_userdb databases. +# PWDB is internalized because it is specifically designed to work +# with Linux-PAM. I'm not really certain how pervasive the Radius +# and NIS services of PWDB are at this point. +# +# With all the arch's we support, I rather use external pwdb, and then +# link statically to it - <azarah@gentoo.org> (09 Nov 2003). + +#inherit needs to be after DEPEND definition to protect RDEPEND +inherit gcc eutils flag-o-matic gnuconfig + +# Note that we link to static versions of glib (pam_console.so) +# and pwdb (pam_pwdb.so) ... + +HOMEPAGE="http://www.kernel.org/pub/linux/libs/pam/" +DESCRIPTION="Pluggable Authentication Modules" + +S="${WORKDIR}/Linux-PAM-${PV}" +S2="${WORKDIR}/pam-${PV}-patches" +SRC_URI="http://www.kernel.org/pub/linux/libs/pam/pre/library/Linux-PAM-${PV}.tar.gz + mirror://gentoo/${P}-patches-${PATCH_LEVEL}.tar.bz2 + berkdb? ( http://www.sleepycat.com/update/snapshot/db-${BDB_VER}.tar.gz )" + +LICENSE="PAM" +KEYWORDS="~x86 ~ppc ~sparc ~mips alpha arm ~hppa amd64 ia64 ~ppc64 s390" +SLOT="0" +IUSE="berkdb pwdb selinux" + +apply_pam_patches() { + local x= + local patch= + + for x in redhat gentoo + do + cat ${S2}/list.${x}-patches | grep -v '^#' | grep -v '^$' | while read X + do + patch="$(echo $X | sed -e 's|^Patch.*: \(.*\)|\1|')" + epatch ${S2}/${x}-patches/${patch} + done + done +} + +pkg_setup() { + local x= + + if use pwdb; then + for x in libpwdb.a libcrack.a; do + if [ ! -f "${ROOT}/usr/$(get_libdir)/${x}" ]; then + eerror "Could not find /usr/$(get_libdir)/${x} needed to build Linux-PAM!" + die "Could not find /usr/$(get_libdir)/${x} needed to build Linux-PAM!" + fi + done + fi + + return 0 +} + +src_unpack() { + unpack ${A} || die "Couldn't unpack ${A}" + + cd ${S} || die + tar -zxf ${S2}/pam-redhat-${PAM_REDHAT_VER}.tar.gz \ + || die "Couldn't unpack pam-redhat-${PAM_REDHAT_VER}.tar.gz" + + apply_pam_patches + + use selinux && epatch ${S2}/gentoo-patches/pam-selinux.patch + + for readme in modules/pam_*/README ; do + cp -f "${readme}" doc/txts/README.$(dirname "${readme}" | \ + sed -e 's|^modules/||') + done + + cp /usr/share/automake/install-sh . || die + export WANT_AUTOCONF=2.5 + autoconf || die +} + +src_compile() { + export CFLAGS="${CFLAGS} -fPIC" + + if use berkdb + then + einfo "Building Berkley DB ${BDB_VER}..." + cd ${WORKDIR} + cd db-${BDB_VER}/dist || die + + # Pam uses berkdb, which db-4.1.x series can't detect mips64, so we fix it + if use mips; then + einfo "Updating berkdb config.{guess,sub} for mips" + local OLDS="${S}" + S="${WORKDIR}/db-${BDB_VER}/dist" + gnuconfig_update + S="${OLDS}" + fi + + echo db_cv_mutex=UNIX/fcntl > config.cache + ./s_config + ./configure \ + --cache-file=config.cache \ + --disable-compat185 \ + --disable-cxx \ + --disable-diagnostic \ + --disable-dump185 \ + --disable-java \ + --disable-rpc \ + --disable-tcl \ + --disable-shared \ + --with-pic \ + --with-uniquename=_pam \ + --prefix=${S} \ + --includedir=${S}/include \ + --libdir=${S}/lib || die "Bad BDB ./configure" + + # XXX hack out O_DIRECT support in db4 for now. + perl -pi -e 's/#define HAVE_O_DIRECT 1/#undef HAVE_O_DIRECT/' \ + db_config.h + + make || die "BDB build failed" + make install || die + + export CPPFLAGS="-I${S}/include" + export LDFLAGS="-L${S}/lib" + export LIBNAME="lib" + fi + + if [ "${ARCH}" = "alpha" ] + then + if [ ! -z "$(strings -a /usr/lib/libglib.a | grep -i 'Compaq Computer Corp.')" ] + then + # should be LDFLAGS, but this configure is screwy. + echo + einfo "It looks like you compiled glib with ccc, this is okay, but" + einfo "I'll need to force gcc to link with libots...." + echo + append-flags -lots + sed -i -e 's/$(CC) -o/$(CC) -lots -o/g' ${S}/modules/pam_pwdb/Makefile + fi + fi + + einfo "Building Linux-PAM ${PV}..." + cd ${S} + ./configure \ + --libdir=/$(get_libdir) \ + --enable-static-libpam \ + --enable-fakeroot=${D} \ + --enable-isadir=/$(get_libdir)/security \ + --host=${CHOST} || die + + # Python stuff in docs gives sandbox problems + sed -i -e 's|modules doc examples|modules|' Makefile + + # Fix warnings for gcc-2.95.3 + if [ "$(gcc-version)" = "2.95" ] + then + sed -i -e "s:-Wpointer-arith::" Make.Rules + fi + + if ! use berkdb + then + # Do not build pam_userdb.so ... + sed -i -e "s:^HAVE_NDBM_H=yes:HAVE_NDBM_H=no:" \ + -e "s:^HAVE_LIBNDBM=yes:HAVE_LIBNDBM=no:" \ + -e "s:^HAVE_LIBDB=yes:HAVE_LIBDB=no:" \ + Make.Rules + + # Also edit the configuration file else the wrong include files + # get used + sed -i -e "s:^#define HAVE_NDBM_H.*$:/* #undef HAVE_NDBM_H */:" \ + -e "s:^#define HAVE_DB_H.*$:/* #undef HAVE_DB_H */:" \ + _pam_aconf.h + + else + # Do not link pam_userdb.so to db-1.85 ... + sed -i -e "s:^HAVE_NDBM_H=yes:HAVE_NDBM_H=no:" \ + -e "s:^HAVE_LIBNDBM=yes:HAVE_LIBNDBM=no:" \ + Make.Rules + + # Also edit the configuration file else the wrong include files + # get used + sed -i -e "s:^#define HAVE_NDBM_H.*$:/* #undef HAVE_NDBM_H */:" _pam_aconf.h + fi + + make || die "PAM build failed" +} + +src_install() { + local x= + + einfo "Installing Linux-PAM ${PV}..." + make FAKEROOT=${D} \ + LDCONFIG="" \ + install || die + + # Make sure every module built. + # Do not remove this, as some module can fail to build + # and effectively lock the user out of his system. + einfo "Checking if all modules were built..." + for x in ${S}/modules/pam_* + do + if [ -d ${x} ] + then + # Its OK if the module failed when we didnt ask for it anyway + if ! ls -1 ${D}/$(get_libdir)/security/$(basename ${x})*.so &> /dev/null + then + if ! use berkdb && [ "$(basename ${x})" = "pam_userdb" ] + then + continue + fi + if ! use pwdb && [ "$(basename ${x})" = "pam_pwdb" ] + then + continue + fi + if ! use pwdb && [ "$(basename ${x})" = "pam_radius" ] + then + continue + fi + eerror "ERROR: $(basename ${x}) module did not build." + exit 1 + else + # Remove the ones we didnt want if it ended up building ok anyways + if ! use berkdb && [ "$(basename ${x})" = "pam_userdb" ] + then + rm -f ${D}/$(get_libdir)/security/pam_userdb* + fi + if ! use pwdb && [ "$(basename ${x})" = "pam_pwdb" ] + then + rm -f ${D}/$(get_libdir)/security/pam_pwdb* + fi + if ! use pwdb && [ "$(basename ${x})" = "pam_radius" ] + then + rm -f ${D}/$(get_libdir)/security/pam_radius* + fi + fi + fi + done + + dodir /usr/$(get_libdir) + cd ${D}/$(get_libdir) + for x in pam pamc pam_misc + do + rm lib${x}.so + ln -s lib${x}.so.${PV} lib${x}.so + ln -s lib${x}.so.${PV} lib${x}.so.0 + mv lib${x}.a ${D}/usr/$(get_libdir) + # See bug #4411 + gen_usr_ldscript lib${x}.so + done + + cd ${S} + doman doc/man/*.[58] + + dodoc CHANGELOG Copyright README + docinto modules ; dodoc modules/README ; dodoc doc/txts/README.* + docinto txt ; dodoc doc/specs/*.txt #doc/txts/*.txt +# docinto print ; dodoc doc/ps/*.ps + +# docinto html +# dohtml -r doc/html/ + + # need this for pam_console + keepdir /var/run/console + + insinto /etc/pam.d + for x in ${FILESDIR}/pam.d/* + do + if [ -f ${x} ] + then + doins ${x} + fi + done + + insinto /etc/security + doins ${FILESDIR}/pam_env.conf +} |