1 files changed, 191 insertions, 0 deletions
diff --git a/meta/recipes-extended/pam/libpam_1.6.0.bb b/meta/recipes-extended/pam/libpam_1.6.0.bb
new file mode 100644
index 0000000000..e1ed940d1e
--- /dev/null
+++ b/meta/recipes-extended/pam/libpam_1.6.0.bb
@@ -0,0 +1,191 @@
+DISABLE_STATIC = ""
+SUMMARY = "Linux-PAM (Pluggable Authentication Modules)"
+DESCRIPTION = "Linux-PAM (Pluggable Authentication Modules for Linux), a flexible mechanism for authenticating users"
+HOMEPAGE = "https://fedorahosted.org/linux-pam/"
+BUGTRACKER = "https://fedorahosted.org/linux-pam/newticket"
+SECTION = "base"
+# PAM is dual licensed under GPL and BSD.
+# /etc/pam.d comes from Debian libpam-runtime in 2009-11 (at that time
+# libpam-runtime-1.0.1 is GPL-2.0-or-later), by openembedded
+LICENSE = "GPL-2.0-or-later | BSD-3-Clause"
+LIC_FILES_CHKSUM = "file://COPYING;md5=7eb5c1bf854e8881005d673599ee74d3 \
+                    file://libpamc/License;md5=a4da476a14c093fdc73be3c3c9ba8fb3 \
+                    "
+SRC_URI = "${GITHUB_BASE_URI}/download/v${PV}/Linux-PAM-${PV}.tar.xz \
+           file://99_pam \
+           file://pam.d/common-account \
+           file://pam.d/common-auth \
+           file://pam.d/common-password \
+           file://pam.d/common-session \
+           file://pam.d/common-session-noninteractive \
+           file://pam.d/other \
+           file://libpam-xtests.patch \
+           file://run-ptest \
+           file://pam-volatiles.conf \
+           file://0001-pam_namespace-include-stdint-h.patch \
+           "
+SRC_URI[sha256sum] = "fff4a34e5bbee77e2e8f1992f27631e2329bcbf8a0563ddeb5c3389b4e3169ad"
+DEPENDS = "bison-native flex-native cracklib libxml2-native virtual/crypt"
+EXTRA_OECONF = "--includedir=${includedir}/security \
+                --libdir=${base_libdir} \
+                --with-systemdunitdir=${systemd_system_unitdir} \
+                --disable-nis \
+                --disable-regenerate-docu \
+                --disable-doc \
+                --disable-prelude"
+CFLAGS:append = " -fPIC "
+S = "${WORKDIR}/Linux-PAM-${PV}"
+inherit autotools gettext pkgconfig systemd ptest github-releases
+PACKAGECONFIG ??= ""
+PACKAGECONFIG[audit] = "--enable-audit,--disable-audit,audit,"
+PACKAGECONFIG[userdb] = "--enable-db=db,--enable-db=no,db,"
+PACKAGES += "${PN}-runtime ${PN}-xtests"
+FILES:${PN} = " \
+    ${base_libdir}/lib*${SOLIBS} \
+    ${nonarch_libdir}/tmpfiles.d/*.conf \
+"
+FILES:${PN}-dev += "${base_libdir}/security/*.la ${base_libdir}/*.la ${base_libdir}/lib*${SOLIBSDEV}"
+FILES:${PN}-runtime = "${sysconfdir} ${sbindir} ${systemd_system_unitdir}"
+FILES:${PN}-xtests = "${datadir}/Linux-PAM/xtests"
+# libpam installs /etc/environment for use with the pam_env plugin. Make sure it is
+# packaged with the pam-plugin-env package to avoid breaking installations which
+# install that file via other packages
+FILES:pam-plugin-env = "${sysconfdir}/environment"
+PACKAGES_DYNAMIC += "^${MLPREFIX}pam-plugin-.*"
+def get_multilib_bit(d):
+    baselib = d.getVar('baselib') or ''
+    return baselib.replace('lib', '')
+libpam_suffix = "suffix${@get_multilib_bit(d)}"
+RPROVIDES:${PN} += "${PN}-${libpam_suffix}"
+RPROVIDES:${PN}-runtime += "${PN}-runtime-${libpam_suffix}"
+RDEPENDS:${PN}-runtime = "${PN}-${libpam_suffix} \
+    ${MLPREFIX}pam-plugin-deny-${libpam_suffix} \
+    ${MLPREFIX}pam-plugin-permit-${libpam_suffix} \
+    ${MLPREFIX}pam-plugin-warn-${libpam_suffix} \
+    ${MLPREFIX}pam-plugin-unix-${libpam_suffix} \
+    "
+RDEPENDS:${PN}-xtests = "${PN}-${libpam_suffix} \
+    ${MLPREFIX}pam-plugin-access-${libpam_suffix} \
+    ${MLPREFIX}pam-plugin-debug-${libpam_suffix} \
+    ${MLPREFIX}pam-plugin-pwhistory-${libpam_suffix} \
+    ${MLPREFIX}pam-plugin-succeed-if-${libpam_suffix} \
+    ${MLPREFIX}pam-plugin-time-${libpam_suffix} \
+    bash coreutils"
+# FIXME: Native suffix breaks here, disable it for now
+RRECOMMENDS:${PN} = "${PN}-runtime-${libpam_suffix}"
+RRECOMMENDS:${PN}:class-native = ""
+python populate_packages:prepend () {
+    def pam_plugin_hook(file, pkg, pattern, format, basename):
+        pn = d.getVar('PN')
+        libpam_suffix = d.getVar('libpam_suffix')
+        rdeps = d.getVar('RDEPENDS:' + pkg)
+        if rdeps:
+            rdeps = rdeps + " " + pn + "-" + libpam_suffix
+        else:
+            rdeps = pn + "-" + libpam_suffix
+        d.setVar('RDEPENDS:' + pkg, rdeps)
+        provides = d.getVar('RPROVIDES:' + pkg)
+        if provides:
+            provides = provides + " " + pkg + "-" + libpam_suffix
+        else:
+            provides = pkg + "-" + libpam_suffix
+        d.setVar('RPROVIDES:' + pkg, provides)
+    mlprefix = d.getVar('MLPREFIX') or ''
+    dvar = d.expand('${WORKDIR}/package')
+    pam_libdir = d.expand('${base_libdir}/security')
+    pam_sbindir = d.expand('${sbindir}')
+    pam_filterdir = d.expand('${base_libdir}/security/pam_filter')
+    pam_pkgname = mlprefix + 'pam-plugin%s'
+    do_split_packages(d, pam_libdir, r'^pam(.*)\.so$', pam_pkgname,
+                      'PAM plugin for %s', hook=pam_plugin_hook, extra_depends='', prepend=True)
+    do_split_packages(d, pam_filterdir, r'^(.*)$', 'pam-filter-%s', 'PAM filter for %s', extra_depends='')
+}
+do_compile_ptest() {
+        cd tests
+        sed -i -e 's/$(MAKE) $(AM_MAKEFLAGS) check-TESTS//' Makefile
+        oe_runmake check-am
+        cd -
+}
+do_install() {
+        autotools_do_install
+        # don't install /var/run when populating rootfs. Do it through volatile
+        rm -rf ${D}${localstatedir}
+        if ${@bb.utils.contains('DISTRO_FEATURES','sysvinit','false','true',d)}; then
+            rm -rf ${D}${sysconfdir}/init.d/
+            rm -rf ${D}${sysconfdir}/rc*
+            install -d ${D}${nonarch_libdir}/tmpfiles.d
+            install -m 0644 ${WORKDIR}/pam-volatiles.conf \
+                    ${D}${nonarch_libdir}/tmpfiles.d/pam.conf
+        else
+            install -d ${D}${sysconfdir}/default/volatiles
+            install -m 0644 ${WORKDIR}/99_pam \
+                    ${D}${sysconfdir}/default/volatiles/
+        fi
+        install -d ${D}${sysconfdir}/pam.d/
+        install -m 0644 ${WORKDIR}/pam.d/* ${D}${sysconfdir}/pam.d/
+        # The lsb requires unix_chkpwd has setuid permission
+        chmod 4755 ${D}${sbindir}/unix_chkpwd
+        if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then
+                echo "session optional pam_systemd.so" >> ${D}${sysconfdir}/pam.d/common-session
+        fi
+        if ${@bb.utils.contains('DISTRO_FEATURES','usrmerge','false','true',d)}; then
+                install -d ${D}/${libdir}/
+                mv ${D}/${base_libdir}/pkgconfig ${D}/${libdir}/
+        fi
+}
+do_install_ptest() {
+    mkdir -p ${D}${PTEST_PATH}/tests
+    install -m 0755 ${B}/tests/.libs/* ${D}${PTEST_PATH}/tests
+    install -m 0644 ${S}/tests/confdir ${D}${PTEST_PATH}/tests
+}
+pkg_postinst:${PN}() {
+         if [ -z "$D" ] && [ -e /etc/init.d/populate-volatile.sh ] ; then
+                 /etc/init.d/populate-volatile.sh update
+         fi
+}
+inherit features_check
+ANY_OF_DISTRO_FEATURES = "pam systemd"
+BBCLASSEXTEND = "nativesdk native"
+CONFFILES:${PN}-runtime += "${sysconfdir}/pam.d/common-session"
+CONFFILES:${PN}-runtime += "${sysconfdir}/pam.d/common-auth"
+CONFFILES:${PN}-runtime += "${sysconfdir}/pam.d/common-password"
+CONFFILES:${PN}-runtime += "${sysconfdir}/pam.d/common-session-noninteractive"
+CONFFILES:${PN}-runtime += "${sysconfdir}/pam.d/common-account"
+CONFFILES:${PN}-runtime += "${sysconfdir}/security/limits.conf"
+GITHUB_BASE_URI = "https://github.com/linux-pam/linux-pam/releases"
+CVE_PRODUCT = "linux-pam"

diff --git a/meta/recipes-extended/pam/libpam_1.6.0.bb b/meta/recipes-extended/pam/libpam_1.6.0.bb new file mode 100644 index 0000000000..e1ed940d1e --- /dev/null +++ b/meta/recipes-extended/pam/libpam_1.6.0.bb
@@ -0,0 +1,191 @@
	1	DISABLE_STATIC = ""
	2	SUMMARY = "Linux-PAM (Pluggable Authentication Modules)"
	3	DESCRIPTION = "Linux-PAM (Pluggable Authentication Modules for Linux), a flexible mechanism for authenticating users"
	4	HOMEPAGE = "https://fedorahosted.org/linux-pam/"
	5	BUGTRACKER = "https://fedorahosted.org/linux-pam/newticket"
	6	SECTION = "base"
	7	# PAM is dual licensed under GPL and BSD.
	8	# /etc/pam.d comes from Debian libpam-runtime in 2009-11 (at that time
	9	# libpam-runtime-1.0.1 is GPL-2.0-or-later), by openembedded
	10	LICENSE = "GPL-2.0-or-later \| BSD-3-Clause"
	11	LIC_FILES_CHKSUM = "file://COPYING;md5=7eb5c1bf854e8881005d673599ee74d3 \
	12	file://libpamc/License;md5=a4da476a14c093fdc73be3c3c9ba8fb3 \
	13	"
	14
	15	SRC_URI = "${GITHUB_BASE_URI}/download/v${PV}/Linux-PAM-${PV}.tar.xz \
	16	file://99_pam \
	17	file://pam.d/common-account \
	18	file://pam.d/common-auth \
	19	file://pam.d/common-password \
	20	file://pam.d/common-session \
	21	file://pam.d/common-session-noninteractive \
	22	file://pam.d/other \
	23	file://libpam-xtests.patch \
	24	file://run-ptest \
	25	file://pam-volatiles.conf \
	26	file://0001-pam_namespace-include-stdint-h.patch \
	27	"
	28
	29	SRC_URI[sha256sum] = "fff4a34e5bbee77e2e8f1992f27631e2329bcbf8a0563ddeb5c3389b4e3169ad"
	30
	31	DEPENDS = "bison-native flex-native cracklib libxml2-native virtual/crypt"
	32
	33	EXTRA_OECONF = "--includedir=${includedir}/security \
	34	--libdir=${base_libdir} \
	35	--with-systemdunitdir=${systemd_system_unitdir} \
	36	--disable-nis \
	37	--disable-regenerate-docu \
	38	--disable-doc \
	39	--disable-prelude"
	40
	41	CFLAGS:append = " -fPIC "
	42
	43	S = "${WORKDIR}/Linux-PAM-${PV}"
	44
	45	inherit autotools gettext pkgconfig systemd ptest github-releases
	46
	47	PACKAGECONFIG ??= ""
	48	PACKAGECONFIG[audit] = "--enable-audit,--disable-audit,audit,"
	49	PACKAGECONFIG[userdb] = "--enable-db=db,--enable-db=no,db,"
	50
	51	PACKAGES += "${PN}-runtime ${PN}-xtests"
	52	FILES:${PN} = " \
	53	${base_libdir}/lib*${SOLIBS} \
	54	${nonarch_libdir}/tmpfiles.d/*.conf \
	55	"
	56	FILES:${PN}-dev += "${base_libdir}/security/.la ${base_libdir}/.la ${base_libdir}/lib*${SOLIBSDEV}"
	57	FILES:${PN}-runtime = "${sysconfdir} ${sbindir} ${systemd_system_unitdir}"
	58	FILES:${PN}-xtests = "${datadir}/Linux-PAM/xtests"
	59
	60	# libpam installs /etc/environment for use with the pam_env plugin. Make sure it is
	61	# packaged with the pam-plugin-env package to avoid breaking installations which
	62	# install that file via other packages
	63	FILES:pam-plugin-env = "${sysconfdir}/environment"
	64
	65	PACKAGES_DYNAMIC += "^${MLPREFIX}pam-plugin-.*"
	66
	67	def get_multilib_bit(d):
	68	baselib = d.getVar('baselib') or ''
	69	return baselib.replace('lib', '')
	70
	71	libpam_suffix = "suffix${@get_multilib_bit(d)}"
	72
	73	RPROVIDES:${PN} += "${PN}-${libpam_suffix}"
	74	RPROVIDES:${PN}-runtime += "${PN}-runtime-${libpam_suffix}"
	75
	76	RDEPENDS:${PN}-runtime = "${PN}-${libpam_suffix} \
	77	${MLPREFIX}pam-plugin-deny-${libpam_suffix} \
	78	${MLPREFIX}pam-plugin-permit-${libpam_suffix} \
	79	${MLPREFIX}pam-plugin-warn-${libpam_suffix} \
	80	${MLPREFIX}pam-plugin-unix-${libpam_suffix} \
	81	"
	82	RDEPENDS:${PN}-xtests = "${PN}-${libpam_suffix} \
	83	${MLPREFIX}pam-plugin-access-${libpam_suffix} \
	84	${MLPREFIX}pam-plugin-debug-${libpam_suffix} \
	85	${MLPREFIX}pam-plugin-pwhistory-${libpam_suffix} \
	86	${MLPREFIX}pam-plugin-succeed-if-${libpam_suffix} \
	87	${MLPREFIX}pam-plugin-time-${libpam_suffix} \
	88	bash coreutils"
	89
	90	# FIXME: Native suffix breaks here, disable it for now
	91	RRECOMMENDS:${PN} = "${PN}-runtime-${libpam_suffix}"
	92	RRECOMMENDS:${PN}:class-native = ""
	93
	94	python populate_packages:prepend () {
	95	def pam_plugin_hook(file, pkg, pattern, format, basename):
	96	pn = d.getVar('PN')
	97	libpam_suffix = d.getVar('libpam_suffix')
	98
	99	rdeps = d.getVar('RDEPENDS:' + pkg)
	100	if rdeps:
	101	rdeps = rdeps + " " + pn + "-" + libpam_suffix
	102	else:
	103	rdeps = pn + "-" + libpam_suffix
	104	d.setVar('RDEPENDS:' + pkg, rdeps)
	105
	106	provides = d.getVar('RPROVIDES:' + pkg)
	107	if provides:
	108	provides = provides + " " + pkg + "-" + libpam_suffix
	109	else:
	110	provides = pkg + "-" + libpam_suffix
	111	d.setVar('RPROVIDES:' + pkg, provides)
	112
	113	mlprefix = d.getVar('MLPREFIX') or ''
	114	dvar = d.expand('${WORKDIR}/package')
	115	pam_libdir = d.expand('${base_libdir}/security')
	116	pam_sbindir = d.expand('${sbindir}')
	117	pam_filterdir = d.expand('${base_libdir}/security/pam_filter')
	118	pam_pkgname = mlprefix + 'pam-plugin%s'
	119
	120	do_split_packages(d, pam_libdir, r'^pam(.*)\.so$', pam_pkgname,
	121	'PAM plugin for %s', hook=pam_plugin_hook, extra_depends='', prepend=True)
	122	do_split_packages(d, pam_filterdir, r'^(.*)$', 'pam-filter-%s', 'PAM filter for %s', extra_depends='')
	123	}
	124
	125	do_compile_ptest() {
	126	cd tests
	127	sed -i -e 's/$(MAKE) $(AM_MAKEFLAGS) check-TESTS//' Makefile
	128	oe_runmake check-am
	129	cd -
	130	}
	131
	132	do_install() {
	133	autotools_do_install
	134
	135	# don't install /var/run when populating rootfs. Do it through volatile
	136	rm -rf ${D}${localstatedir}
	137
	138	if ${@bb.utils.contains('DISTRO_FEATURES','sysvinit','false','true',d)}; then
	139	rm -rf ${D}${sysconfdir}/init.d/
	140	rm -rf ${D}${sysconfdir}/rc*
	141	install -d ${D}${nonarch_libdir}/tmpfiles.d
	142	install -m 0644 ${WORKDIR}/pam-volatiles.conf \
	143	${D}${nonarch_libdir}/tmpfiles.d/pam.conf
	144	else
	145	install -d ${D}${sysconfdir}/default/volatiles
	146	install -m 0644 ${WORKDIR}/99_pam \
	147	${D}${sysconfdir}/default/volatiles/
	148	fi
	149
	150	install -d ${D}${sysconfdir}/pam.d/
	151	install -m 0644 ${WORKDIR}/pam.d/* ${D}${sysconfdir}/pam.d/
	152
	153	# The lsb requires unix_chkpwd has setuid permission
	154	chmod 4755 ${D}${sbindir}/unix_chkpwd
	155
	156	if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then
	157	echo "session optional pam_systemd.so" >> ${D}${sysconfdir}/pam.d/common-session
	158	fi
	159	if ${@bb.utils.contains('DISTRO_FEATURES','usrmerge','false','true',d)}; then
	160	install -d ${D}/${libdir}/
	161	mv ${D}/${base_libdir}/pkgconfig ${D}/${libdir}/
	162	fi
	163	}
	164
	165	do_install_ptest() {
	166	mkdir -p ${D}${PTEST_PATH}/tests
	167	install -m 0755 ${B}/tests/.libs/* ${D}${PTEST_PATH}/tests
	168	install -m 0644 ${S}/tests/confdir ${D}${PTEST_PATH}/tests
	169	}
	170
	171	pkg_postinst:${PN}() {
	172	if [ -z "$D" ] && [ -e /etc/init.d/populate-volatile.sh ] ; then
	173	/etc/init.d/populate-volatile.sh update
	174	fi
	175	}
	176
	177	inherit features_check
	178	ANY_OF_DISTRO_FEATURES = "pam systemd"
	179
	180	BBCLASSEXTEND = "nativesdk native"
	181
	182	CONFFILES:${PN}-runtime += "${sysconfdir}/pam.d/common-session"
	183	CONFFILES:${PN}-runtime += "${sysconfdir}/pam.d/common-auth"
	184	CONFFILES:${PN}-runtime += "${sysconfdir}/pam.d/common-password"
	185	CONFFILES:${PN}-runtime += "${sysconfdir}/pam.d/common-session-noninteractive"
	186	CONFFILES:${PN}-runtime += "${sysconfdir}/pam.d/common-account"
	187	CONFFILES:${PN}-runtime += "${sysconfdir}/security/limits.conf"
	188
	189	GITHUB_BASE_URI = "https://github.com/linux-pam/linux-pam/releases"
	190
	191	CVE_PRODUCT = "linux-pam"