diff options
Diffstat (limited to 'meta/recipes-extended/pam/libpam_1.5.3.bb')
-rw-r--r-- | meta/recipes-extended/pam/libpam_1.5.3.bb | 184 |
1 files changed, 184 insertions, 0 deletions
diff --git a/meta/recipes-extended/pam/libpam_1.5.3.bb b/meta/recipes-extended/pam/libpam_1.5.3.bb new file mode 100644 index 0000000000..c8f1e16459 --- /dev/null +++ b/meta/recipes-extended/pam/libpam_1.5.3.bb | |||
@@ -0,0 +1,184 @@ | |||
1 | DISABLE_STATIC = "" | ||
2 | SUMMARY = "Linux-PAM (Pluggable Authentication Modules)" | ||
3 | DESCRIPTION = "Linux-PAM (Pluggable Authentication Modules for Linux), a flexible mechanism for authenticating users" | ||
4 | HOMEPAGE = "https://fedorahosted.org/linux-pam/" | ||
5 | BUGTRACKER = "https://fedorahosted.org/linux-pam/newticket" | ||
6 | SECTION = "base" | ||
7 | # PAM is dual licensed under GPL and BSD. | ||
8 | # /etc/pam.d comes from Debian libpam-runtime in 2009-11 (at that time | ||
9 | # libpam-runtime-1.0.1 is GPL-2.0-or-later), by openembedded | ||
10 | LICENSE = "GPL-2.0-or-later | BSD-3-Clause" | ||
11 | LIC_FILES_CHKSUM = "file://COPYING;md5=7eb5c1bf854e8881005d673599ee74d3 \ | ||
12 | file://libpamc/License;md5=a4da476a14c093fdc73be3c3c9ba8fb3 \ | ||
13 | " | ||
14 | |||
15 | SRC_URI = "${GITHUB_BASE_URI}/download/v${PV}/Linux-PAM-${PV}.tar.xz \ | ||
16 | file://99_pam \ | ||
17 | file://pam.d/common-account \ | ||
18 | file://pam.d/common-auth \ | ||
19 | file://pam.d/common-password \ | ||
20 | file://pam.d/common-session \ | ||
21 | file://pam.d/common-session-noninteractive \ | ||
22 | file://pam.d/other \ | ||
23 | file://libpam-xtests.patch \ | ||
24 | file://run-ptest \ | ||
25 | file://pam-volatiles.conf \ | ||
26 | " | ||
27 | |||
28 | SRC_URI[sha256sum] = "7ac4b50feee004a9fa88f1dfd2d2fa738a82896763050cd773b3c54b0a818283" | ||
29 | |||
30 | DEPENDS = "bison-native flex-native cracklib libxml2-native virtual/crypt" | ||
31 | |||
32 | EXTRA_OECONF = "--includedir=${includedir}/security \ | ||
33 | --libdir=${base_libdir} \ | ||
34 | --with-systemdunitdir=${systemd_system_unitdir} \ | ||
35 | --disable-nis \ | ||
36 | --disable-regenerate-docu \ | ||
37 | --disable-doc \ | ||
38 | --disable-prelude" | ||
39 | |||
40 | CFLAGS:append = " -fPIC " | ||
41 | |||
42 | S = "${WORKDIR}/Linux-PAM-${PV}" | ||
43 | |||
44 | inherit autotools gettext pkgconfig systemd ptest github-releases | ||
45 | |||
46 | PACKAGECONFIG ??= "" | ||
47 | PACKAGECONFIG[audit] = "--enable-audit,--disable-audit,audit," | ||
48 | PACKAGECONFIG[userdb] = "--enable-db=db,--enable-db=no,db," | ||
49 | |||
50 | PACKAGES += "${PN}-runtime ${PN}-xtests" | ||
51 | FILES:${PN} = "${base_libdir}/lib*${SOLIBS}" | ||
52 | FILES:${PN}-dev += "${base_libdir}/security/*.la ${base_libdir}/*.la ${base_libdir}/lib*${SOLIBSDEV}" | ||
53 | FILES:${PN}-runtime = "${sysconfdir} ${sbindir} ${systemd_system_unitdir}" | ||
54 | FILES:${PN}-xtests = "${datadir}/Linux-PAM/xtests" | ||
55 | |||
56 | PACKAGES_DYNAMIC += "^${MLPREFIX}pam-plugin-.*" | ||
57 | |||
58 | def get_multilib_bit(d): | ||
59 | baselib = d.getVar('baselib') or '' | ||
60 | return baselib.replace('lib', '') | ||
61 | |||
62 | libpam_suffix = "suffix${@get_multilib_bit(d)}" | ||
63 | |||
64 | RPROVIDES:${PN} += "${PN}-${libpam_suffix}" | ||
65 | RPROVIDES:${PN}-runtime += "${PN}-runtime-${libpam_suffix}" | ||
66 | |||
67 | RDEPENDS:${PN}-runtime = "${PN}-${libpam_suffix} \ | ||
68 | ${MLPREFIX}pam-plugin-deny-${libpam_suffix} \ | ||
69 | ${MLPREFIX}pam-plugin-permit-${libpam_suffix} \ | ||
70 | ${MLPREFIX}pam-plugin-warn-${libpam_suffix} \ | ||
71 | ${MLPREFIX}pam-plugin-unix-${libpam_suffix} \ | ||
72 | " | ||
73 | RDEPENDS:${PN}-xtests = "${PN}-${libpam_suffix} \ | ||
74 | ${MLPREFIX}pam-plugin-access-${libpam_suffix} \ | ||
75 | ${MLPREFIX}pam-plugin-debug-${libpam_suffix} \ | ||
76 | ${MLPREFIX}pam-plugin-pwhistory-${libpam_suffix} \ | ||
77 | ${MLPREFIX}pam-plugin-succeed-if-${libpam_suffix} \ | ||
78 | ${MLPREFIX}pam-plugin-time-${libpam_suffix} \ | ||
79 | bash coreutils" | ||
80 | |||
81 | # FIXME: Native suffix breaks here, disable it for now | ||
82 | RRECOMMENDS:${PN} = "${PN}-runtime-${libpam_suffix}" | ||
83 | RRECOMMENDS:${PN}:class-native = "" | ||
84 | |||
85 | python populate_packages:prepend () { | ||
86 | def pam_plugin_hook(file, pkg, pattern, format, basename): | ||
87 | pn = d.getVar('PN') | ||
88 | libpam_suffix = d.getVar('libpam_suffix') | ||
89 | |||
90 | rdeps = d.getVar('RDEPENDS:' + pkg) | ||
91 | if rdeps: | ||
92 | rdeps = rdeps + " " + pn + "-" + libpam_suffix | ||
93 | else: | ||
94 | rdeps = pn + "-" + libpam_suffix | ||
95 | d.setVar('RDEPENDS:' + pkg, rdeps) | ||
96 | |||
97 | provides = d.getVar('RPROVIDES:' + pkg) | ||
98 | if provides: | ||
99 | provides = provides + " " + pkg + "-" + libpam_suffix | ||
100 | else: | ||
101 | provides = pkg + "-" + libpam_suffix | ||
102 | d.setVar('RPROVIDES:' + pkg, provides) | ||
103 | |||
104 | mlprefix = d.getVar('MLPREFIX') or '' | ||
105 | dvar = d.expand('${WORKDIR}/package') | ||
106 | pam_libdir = d.expand('${base_libdir}/security') | ||
107 | pam_sbindir = d.expand('${sbindir}') | ||
108 | pam_filterdir = d.expand('${base_libdir}/security/pam_filter') | ||
109 | pam_pkgname = mlprefix + 'pam-plugin%s' | ||
110 | |||
111 | do_split_packages(d, pam_libdir, r'^pam(.*)\.so$', pam_pkgname, | ||
112 | 'PAM plugin for %s', hook=pam_plugin_hook, extra_depends='') | ||
113 | do_split_packages(d, pam_filterdir, r'^(.*)$', 'pam-filter-%s', 'PAM filter for %s', extra_depends='') | ||
114 | } | ||
115 | |||
116 | do_compile_ptest() { | ||
117 | cd tests | ||
118 | sed -i -e 's/$(MAKE) $(AM_MAKEFLAGS) check-TESTS//' Makefile | ||
119 | oe_runmake check-am | ||
120 | cd - | ||
121 | } | ||
122 | |||
123 | do_install() { | ||
124 | autotools_do_install | ||
125 | |||
126 | # don't install /var/run when populating rootfs. Do it through volatile | ||
127 | rm -rf ${D}${localstatedir} | ||
128 | |||
129 | if ${@bb.utils.contains('DISTRO_FEATURES','sysvinit','false','true',d)}; then | ||
130 | rm -rf ${D}${sysconfdir}/init.d/ | ||
131 | rm -rf ${D}${sysconfdir}/rc* | ||
132 | install -d ${D}${sysconfdir}/tmpfiles.d | ||
133 | install -m 0644 ${WORKDIR}/pam-volatiles.conf \ | ||
134 | ${D}${sysconfdir}/tmpfiles.d/pam.conf | ||
135 | else | ||
136 | install -d ${D}${sysconfdir}/default/volatiles | ||
137 | install -m 0644 ${WORKDIR}/99_pam \ | ||
138 | ${D}${sysconfdir}/default/volatiles/ | ||
139 | fi | ||
140 | |||
141 | install -d ${D}${sysconfdir}/pam.d/ | ||
142 | install -m 0644 ${WORKDIR}/pam.d/* ${D}${sysconfdir}/pam.d/ | ||
143 | |||
144 | # The lsb requires unix_chkpwd has setuid permission | ||
145 | chmod 4755 ${D}${sbindir}/unix_chkpwd | ||
146 | |||
147 | if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then | ||
148 | echo "session optional pam_systemd.so" >> ${D}${sysconfdir}/pam.d/common-session | ||
149 | fi | ||
150 | if ${@bb.utils.contains('DISTRO_FEATURES','usrmerge','false','true',d)}; then | ||
151 | install -d ${D}/${libdir}/ | ||
152 | mv ${D}/${base_libdir}/pkgconfig ${D}/${libdir}/ | ||
153 | fi | ||
154 | } | ||
155 | |||
156 | do_install_ptest() { | ||
157 | if [ ${PTEST_ENABLED} = "1" ]; then | ||
158 | mkdir -p ${D}${PTEST_PATH}/tests | ||
159 | install -m 0755 ${B}/tests/.libs/* ${D}${PTEST_PATH}/tests | ||
160 | install -m 0644 ${S}/tests/confdir ${D}${PTEST_PATH}/tests | ||
161 | fi | ||
162 | } | ||
163 | |||
164 | pkg_postinst:${PN}() { | ||
165 | if [ -z "$D" ] && [ -e /etc/init.d/populate-volatile.sh ] ; then | ||
166 | /etc/init.d/populate-volatile.sh update | ||
167 | fi | ||
168 | } | ||
169 | |||
170 | inherit features_check | ||
171 | REQUIRED_DISTRO_FEATURES = "pam" | ||
172 | |||
173 | BBCLASSEXTEND = "nativesdk native" | ||
174 | |||
175 | CONFFILES:${PN}-runtime += "${sysconfdir}/pam.d/common-session" | ||
176 | CONFFILES:${PN}-runtime += "${sysconfdir}/pam.d/common-auth" | ||
177 | CONFFILES:${PN}-runtime += "${sysconfdir}/pam.d/common-password" | ||
178 | CONFFILES:${PN}-runtime += "${sysconfdir}/pam.d/common-session-noninteractive" | ||
179 | CONFFILES:${PN}-runtime += "${sysconfdir}/pam.d/common-account" | ||
180 | CONFFILES:${PN}-runtime += "${sysconfdir}/security/limits.conf" | ||
181 | |||
182 | GITHUB_BASE_URI = "https://github.com/linux-pam/linux-pam/releases" | ||
183 | |||
184 | CVE_PRODUCT = "linux-pam" | ||