1 files changed, 190 insertions, 0 deletions
diff --git a/meta/recipes-extended/pam/libpam_1.6.1.bb b/meta/recipes-extended/pam/libpam_1.6.1.bb
new file mode 100644
index 0000000000..9f2106ea73
--- /dev/null
+++ b/meta/recipes-extended/pam/libpam_1.6.1.bb
@@ -0,0 +1,190 @@
+DISABLE_STATIC = ""
+SUMMARY = "Linux-PAM (Pluggable Authentication Modules)"
+DESCRIPTION = "Linux-PAM (Pluggable Authentication Modules for Linux), a flexible mechanism for authenticating users"
+HOMEPAGE = "https://fedorahosted.org/linux-pam/"
+BUGTRACKER = "https://fedorahosted.org/linux-pam/newticket"
+SECTION = "base"
+# PAM is dual licensed under GPL and BSD.
+# /etc/pam.d comes from Debian libpam-runtime in 2009-11 (at that time
+# libpam-runtime-1.0.1 is GPL-2.0-or-later), by openembedded
+LICENSE = "GPL-2.0-or-later | BSD-3-Clause"
+LIC_FILES_CHKSUM = "file://COPYING;md5=7eb5c1bf854e8881005d673599ee74d3 \
+                    file://libpamc/License;md5=a4da476a14c093fdc73be3c3c9ba8fb3 \
+                    "
+SRC_URI = "${GITHUB_BASE_URI}/download/v${PV}/Linux-PAM-${PV}.tar.xz \
+           file://99_pam \
+           file://pam.d/common-account \
+           file://pam.d/common-auth \
+           file://pam.d/common-password \
+           file://pam.d/common-session \
+           file://pam.d/common-session-noninteractive \
+           file://pam.d/other \
+           file://libpam-xtests.patch \
+           file://run-ptest \
+           file://pam-volatiles.conf \
+           "
+SRC_URI[sha256sum] = "f8923c740159052d719dbfc2a2f81942d68dd34fcaf61c706a02c9b80feeef8e"
+DEPENDS = "bison-native flex-native cracklib libxml2-native virtual/crypt"
+EXTRA_OECONF = "--includedir=${includedir}/security \
+                --libdir=${base_libdir} \
+                --with-systemdunitdir=${systemd_system_unitdir} \
+                --disable-nis \
+                --disable-regenerate-docu \
+                --disable-doc \
+                --disable-prelude"
+CFLAGS:append = " -fPIC "
+S = "${WORKDIR}/Linux-PAM-${PV}"
+inherit autotools gettext pkgconfig systemd ptest github-releases
+PACKAGECONFIG ??= ""
+PACKAGECONFIG[audit] = "--enable-audit,--disable-audit,audit,"
+PACKAGECONFIG[userdb] = "--enable-db=db,--enable-db=no,db,"
+PACKAGES += "${PN}-runtime ${PN}-xtests"
+FILES:${PN} = " \
+    ${base_libdir}/lib*${SOLIBS} \
+    ${nonarch_libdir}/tmpfiles.d/*.conf \
+"
+FILES:${PN}-dev += "${base_libdir}/security/*.la ${base_libdir}/*.la ${base_libdir}/lib*${SOLIBSDEV}"
+FILES:${PN}-runtime = "${sysconfdir} ${sbindir} ${systemd_system_unitdir}"
+FILES:${PN}-xtests = "${datadir}/Linux-PAM/xtests"
+# libpam installs /etc/environment for use with the pam_env plugin. Make sure it is
+# packaged with the pam-plugin-env package to avoid breaking installations which
+# install that file via other packages
+FILES:pam-plugin-env = "${sysconfdir}/environment"
+PACKAGES_DYNAMIC += "^${MLPREFIX}pam-plugin-.*"
+def get_multilib_bit(d):
+    baselib = d.getVar('baselib') or ''
+    return baselib.replace('lib', '')
+libpam_suffix = "suffix${@get_multilib_bit(d)}"
+RPROVIDES:${PN} += "${PN}-${libpam_suffix}"
+RPROVIDES:${PN}-runtime += "${PN}-runtime-${libpam_suffix}"
+RDEPENDS:${PN}-runtime = "${PN}-${libpam_suffix} \
+    ${MLPREFIX}pam-plugin-deny-${libpam_suffix} \
+    ${MLPREFIX}pam-plugin-permit-${libpam_suffix} \
+    ${MLPREFIX}pam-plugin-warn-${libpam_suffix} \
+    ${MLPREFIX}pam-plugin-unix-${libpam_suffix} \
+    "
+RDEPENDS:${PN}-xtests = "${PN}-${libpam_suffix} \
+    ${MLPREFIX}pam-plugin-access-${libpam_suffix} \
+    ${MLPREFIX}pam-plugin-debug-${libpam_suffix} \
+    ${MLPREFIX}pam-plugin-pwhistory-${libpam_suffix} \
+    ${MLPREFIX}pam-plugin-succeed-if-${libpam_suffix} \
+    ${MLPREFIX}pam-plugin-time-${libpam_suffix} \
+    bash coreutils"
+# FIXME: Native suffix breaks here, disable it for now
+RRECOMMENDS:${PN} = "${PN}-runtime-${libpam_suffix}"
+RRECOMMENDS:${PN}:class-native = ""
+python populate_packages:prepend () {
+    def pam_plugin_hook(file, pkg, pattern, format, basename):
+        pn = d.getVar('PN')
+        libpam_suffix = d.getVar('libpam_suffix')
+        rdeps = d.getVar('RDEPENDS:' + pkg)
+        if rdeps:
+            rdeps = rdeps + " " + pn + "-" + libpam_suffix
+        else:
+            rdeps = pn + "-" + libpam_suffix
+        d.setVar('RDEPENDS:' + pkg, rdeps)
+        provides = d.getVar('RPROVIDES:' + pkg)
+        if provides:
+            provides = provides + " " + pkg + "-" + libpam_suffix
+        else:
+            provides = pkg + "-" + libpam_suffix
+        d.setVar('RPROVIDES:' + pkg, provides)
+    mlprefix = d.getVar('MLPREFIX') or ''
+    dvar = d.expand('${WORKDIR}/package')
+    pam_libdir = d.expand('${base_libdir}/security')
+    pam_sbindir = d.expand('${sbindir}')
+    pam_filterdir = d.expand('${base_libdir}/security/pam_filter')
+    pam_pkgname = mlprefix + 'pam-plugin%s'
+    do_split_packages(d, pam_libdir, r'^pam(.*)\.so$', pam_pkgname,
+                      'PAM plugin for %s', hook=pam_plugin_hook, extra_depends='', prepend=True)
+    do_split_packages(d, pam_filterdir, r'^(.*)$', 'pam-filter-%s', 'PAM filter for %s', extra_depends='')
+}
+do_compile_ptest() {
+        cd tests
+        sed -i -e 's/$(MAKE) $(AM_MAKEFLAGS) check-TESTS//' Makefile
+        oe_runmake check-am
+        cd -
+}
+do_install() {
+        autotools_do_install
+        # don't install /var/run when populating rootfs. Do it through volatile
+        rm -rf ${D}${localstatedir}
+        if ${@bb.utils.contains('DISTRO_FEATURES','sysvinit','false','true',d)}; then
+            rm -rf ${D}${sysconfdir}/init.d/
+            rm -rf ${D}${sysconfdir}/rc*
+            install -d ${D}${nonarch_libdir}/tmpfiles.d
+            install -m 0644 ${UNPACKDIR}/pam-volatiles.conf \
+                    ${D}${nonarch_libdir}/tmpfiles.d/pam.conf
+        else
+            install -d ${D}${sysconfdir}/default/volatiles
+            install -m 0644 ${UNPACKDIR}/99_pam \
+                    ${D}${sysconfdir}/default/volatiles/
+        fi
+        install -d ${D}${sysconfdir}/pam.d/
+        install -m 0644 ${UNPACKDIR}/pam.d/* ${D}${sysconfdir}/pam.d/
+        # The lsb requires unix_chkpwd has setuid permission
+        chmod 4755 ${D}${sbindir}/unix_chkpwd
+        if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then
+                echo "session optional pam_systemd.so" >> ${D}${sysconfdir}/pam.d/common-session
+        fi
+        if ${@bb.utils.contains('DISTRO_FEATURES','usrmerge','false','true',d)}; then
+                install -d ${D}/${libdir}/
+                mv ${D}/${base_libdir}/pkgconfig ${D}/${libdir}/
+        fi
+}
+do_install_ptest() {
+    mkdir -p ${D}${PTEST_PATH}/tests
+    install -m 0755 ${B}/tests/.libs/* ${D}${PTEST_PATH}/tests
+    install -m 0644 ${S}/tests/confdir ${D}${PTEST_PATH}/tests
+}
+pkg_postinst:${PN}() {
+         if [ -z "$D" ] && [ -e /etc/init.d/populate-volatile.sh ] ; then
+                 /etc/init.d/populate-volatile.sh update
+         fi
+}
+inherit features_check
+ANY_OF_DISTRO_FEATURES = "pam systemd"
+BBCLASSEXTEND = "nativesdk native"
+CONFFILES:${PN}-runtime += "${sysconfdir}/pam.d/common-session"
+CONFFILES:${PN}-runtime += "${sysconfdir}/pam.d/common-auth"
+CONFFILES:${PN}-runtime += "${sysconfdir}/pam.d/common-password"
+CONFFILES:${PN}-runtime += "${sysconfdir}/pam.d/common-session-noninteractive"
+CONFFILES:${PN}-runtime += "${sysconfdir}/pam.d/common-account"
+CONFFILES:${PN}-runtime += "${sysconfdir}/security/limits.conf"
+GITHUB_BASE_URI = "https://github.com/linux-pam/linux-pam/releases"
+CVE_PRODUCT = "linux-pam"

diff --git a/meta/recipes-extended/pam/libpam_1.6.1.bb b/meta/recipes-extended/pam/libpam_1.6.1.bb new file mode 100644 index 0000000000..9f2106ea73 --- /dev/null +++ b/meta/recipes-extended/pam/libpam_1.6.1.bb
@@ -0,0 +1,190 @@
	1	DISABLE_STATIC = ""
	2	SUMMARY = "Linux-PAM (Pluggable Authentication Modules)"
	3	DESCRIPTION = "Linux-PAM (Pluggable Authentication Modules for Linux), a flexible mechanism for authenticating users"
	4	HOMEPAGE = "https://fedorahosted.org/linux-pam/"
	5	BUGTRACKER = "https://fedorahosted.org/linux-pam/newticket"
	6	SECTION = "base"
	7	# PAM is dual licensed under GPL and BSD.
	8	# /etc/pam.d comes from Debian libpam-runtime in 2009-11 (at that time
	9	# libpam-runtime-1.0.1 is GPL-2.0-or-later), by openembedded
	10	LICENSE = "GPL-2.0-or-later \| BSD-3-Clause"
	11	LIC_FILES_CHKSUM = "file://COPYING;md5=7eb5c1bf854e8881005d673599ee74d3 \
	12	file://libpamc/License;md5=a4da476a14c093fdc73be3c3c9ba8fb3 \
	13	"
	14
	15	SRC_URI = "${GITHUB_BASE_URI}/download/v${PV}/Linux-PAM-${PV}.tar.xz \
	16	file://99_pam \
	17	file://pam.d/common-account \
	18	file://pam.d/common-auth \
	19	file://pam.d/common-password \
	20	file://pam.d/common-session \
	21	file://pam.d/common-session-noninteractive \
	22	file://pam.d/other \
	23	file://libpam-xtests.patch \
	24	file://run-ptest \
	25	file://pam-volatiles.conf \
	26	"
	27
	28	SRC_URI[sha256sum] = "f8923c740159052d719dbfc2a2f81942d68dd34fcaf61c706a02c9b80feeef8e"
	29
	30	DEPENDS = "bison-native flex-native cracklib libxml2-native virtual/crypt"
	31
	32	EXTRA_OECONF = "--includedir=${includedir}/security \
	33	--libdir=${base_libdir} \
	34	--with-systemdunitdir=${systemd_system_unitdir} \
	35	--disable-nis \
	36	--disable-regenerate-docu \
	37	--disable-doc \
	38	--disable-prelude"
	39
	40	CFLAGS:append = " -fPIC "
	41
	42	S = "${WORKDIR}/Linux-PAM-${PV}"
	43
	44	inherit autotools gettext pkgconfig systemd ptest github-releases
	45
	46	PACKAGECONFIG ??= ""
	47	PACKAGECONFIG[audit] = "--enable-audit,--disable-audit,audit,"
	48	PACKAGECONFIG[userdb] = "--enable-db=db,--enable-db=no,db,"
	49
	50	PACKAGES += "${PN}-runtime ${PN}-xtests"
	51	FILES:${PN} = " \
	52	${base_libdir}/lib*${SOLIBS} \
	53	${nonarch_libdir}/tmpfiles.d/*.conf \
	54	"
	55	FILES:${PN}-dev += "${base_libdir}/security/.la ${base_libdir}/.la ${base_libdir}/lib*${SOLIBSDEV}"
	56	FILES:${PN}-runtime = "${sysconfdir} ${sbindir} ${systemd_system_unitdir}"
	57	FILES:${PN}-xtests = "${datadir}/Linux-PAM/xtests"
	58
	59	# libpam installs /etc/environment for use with the pam_env plugin. Make sure it is
	60	# packaged with the pam-plugin-env package to avoid breaking installations which
	61	# install that file via other packages
	62	FILES:pam-plugin-env = "${sysconfdir}/environment"
	63
	64	PACKAGES_DYNAMIC += "^${MLPREFIX}pam-plugin-.*"
	65
	66	def get_multilib_bit(d):
	67	baselib = d.getVar('baselib') or ''
	68	return baselib.replace('lib', '')
	69
	70	libpam_suffix = "suffix${@get_multilib_bit(d)}"
	71
	72	RPROVIDES:${PN} += "${PN}-${libpam_suffix}"
	73	RPROVIDES:${PN}-runtime += "${PN}-runtime-${libpam_suffix}"
	74
	75	RDEPENDS:${PN}-runtime = "${PN}-${libpam_suffix} \
	76	${MLPREFIX}pam-plugin-deny-${libpam_suffix} \
	77	${MLPREFIX}pam-plugin-permit-${libpam_suffix} \
	78	${MLPREFIX}pam-plugin-warn-${libpam_suffix} \
	79	${MLPREFIX}pam-plugin-unix-${libpam_suffix} \
	80	"
	81	RDEPENDS:${PN}-xtests = "${PN}-${libpam_suffix} \
	82	${MLPREFIX}pam-plugin-access-${libpam_suffix} \
	83	${MLPREFIX}pam-plugin-debug-${libpam_suffix} \
	84	${MLPREFIX}pam-plugin-pwhistory-${libpam_suffix} \
	85	${MLPREFIX}pam-plugin-succeed-if-${libpam_suffix} \
	86	${MLPREFIX}pam-plugin-time-${libpam_suffix} \
	87	bash coreutils"
	88
	89	# FIXME: Native suffix breaks here, disable it for now
	90	RRECOMMENDS:${PN} = "${PN}-runtime-${libpam_suffix}"
	91	RRECOMMENDS:${PN}:class-native = ""
	92
	93	python populate_packages:prepend () {
	94	def pam_plugin_hook(file, pkg, pattern, format, basename):
	95	pn = d.getVar('PN')
	96	libpam_suffix = d.getVar('libpam_suffix')
	97
	98	rdeps = d.getVar('RDEPENDS:' + pkg)
	99	if rdeps:
	100	rdeps = rdeps + " " + pn + "-" + libpam_suffix
	101	else:
	102	rdeps = pn + "-" + libpam_suffix
	103	d.setVar('RDEPENDS:' + pkg, rdeps)
	104
	105	provides = d.getVar('RPROVIDES:' + pkg)
	106	if provides:
	107	provides = provides + " " + pkg + "-" + libpam_suffix
	108	else:
	109	provides = pkg + "-" + libpam_suffix
	110	d.setVar('RPROVIDES:' + pkg, provides)
	111
	112	mlprefix = d.getVar('MLPREFIX') or ''
	113	dvar = d.expand('${WORKDIR}/package')
	114	pam_libdir = d.expand('${base_libdir}/security')
	115	pam_sbindir = d.expand('${sbindir}')
	116	pam_filterdir = d.expand('${base_libdir}/security/pam_filter')
	117	pam_pkgname = mlprefix + 'pam-plugin%s'
	118
	119	do_split_packages(d, pam_libdir, r'^pam(.*)\.so$', pam_pkgname,
	120	'PAM plugin for %s', hook=pam_plugin_hook, extra_depends='', prepend=True)
	121	do_split_packages(d, pam_filterdir, r'^(.*)$', 'pam-filter-%s', 'PAM filter for %s', extra_depends='')
	122	}
	123
	124	do_compile_ptest() {
	125	cd tests
	126	sed -i -e 's/$(MAKE) $(AM_MAKEFLAGS) check-TESTS//' Makefile
	127	oe_runmake check-am
	128	cd -
	129	}
	130
	131	do_install() {
	132	autotools_do_install
	133
	134	# don't install /var/run when populating rootfs. Do it through volatile
	135	rm -rf ${D}${localstatedir}
	136
	137	if ${@bb.utils.contains('DISTRO_FEATURES','sysvinit','false','true',d)}; then
	138	rm -rf ${D}${sysconfdir}/init.d/
	139	rm -rf ${D}${sysconfdir}/rc*
	140	install -d ${D}${nonarch_libdir}/tmpfiles.d
	141	install -m 0644 ${UNPACKDIR}/pam-volatiles.conf \
	142	${D}${nonarch_libdir}/tmpfiles.d/pam.conf
	143	else
	144	install -d ${D}${sysconfdir}/default/volatiles
	145	install -m 0644 ${UNPACKDIR}/99_pam \
	146	${D}${sysconfdir}/default/volatiles/
	147	fi
	148
	149	install -d ${D}${sysconfdir}/pam.d/
	150	install -m 0644 ${UNPACKDIR}/pam.d/* ${D}${sysconfdir}/pam.d/
	151
	152	# The lsb requires unix_chkpwd has setuid permission
	153	chmod 4755 ${D}${sbindir}/unix_chkpwd
	154
	155	if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then
	156	echo "session optional pam_systemd.so" >> ${D}${sysconfdir}/pam.d/common-session
	157	fi
	158	if ${@bb.utils.contains('DISTRO_FEATURES','usrmerge','false','true',d)}; then
	159	install -d ${D}/${libdir}/
	160	mv ${D}/${base_libdir}/pkgconfig ${D}/${libdir}/
	161	fi
	162	}
	163
	164	do_install_ptest() {
	165	mkdir -p ${D}${PTEST_PATH}/tests
	166	install -m 0755 ${B}/tests/.libs/* ${D}${PTEST_PATH}/tests
	167	install -m 0644 ${S}/tests/confdir ${D}${PTEST_PATH}/tests
	168	}
	169
	170	pkg_postinst:${PN}() {
	171	if [ -z "$D" ] && [ -e /etc/init.d/populate-volatile.sh ] ; then
	172	/etc/init.d/populate-volatile.sh update
	173	fi
	174	}
	175
	176	inherit features_check
	177	ANY_OF_DISTRO_FEATURES = "pam systemd"
	178
	179	BBCLASSEXTEND = "nativesdk native"
	180
	181	CONFFILES:${PN}-runtime += "${sysconfdir}/pam.d/common-session"
	182	CONFFILES:${PN}-runtime += "${sysconfdir}/pam.d/common-auth"
	183	CONFFILES:${PN}-runtime += "${sysconfdir}/pam.d/common-password"
	184	CONFFILES:${PN}-runtime += "${sysconfdir}/pam.d/common-session-noninteractive"
	185	CONFFILES:${PN}-runtime += "${sysconfdir}/pam.d/common-account"
	186	CONFFILES:${PN}-runtime += "${sysconfdir}/security/limits.conf"
	187
	188	GITHUB_BASE_URI = "https://github.com/linux-pam/linux-pam/releases"
	189
	190	CVE_PRODUCT = "linux-pam"