summaryrefslogtreecommitdiffstats
path: root/meta/recipes-extended/pam
Commit message (Collapse)AuthorAgeFilesLines
* libpam: Avoid host contamination issue w. libpreludeDavid Nyström2013-09-241-1/+2
| | | | | | | | | | | | | | Since we dont use prelude in OE, we just disable autodetection of prelude in the libpam configuration. Seems like an old bug: http://lists.openembedded.org/pipermail/openembedded-devel/2012-March/083804.html (From OE-Core rev: 9096c6a46cf2467c90873c235b4533faf97d6175) Signed-off-by: David Nyström <david.nystrom@enea.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libpam: only use pam_systemd.so if systemd is enabledRoss Burton2013-09-222-2/+4
| | | | | | | | | | | | So that sysvinit images don't warn on every login only add it to common-session if systemd is a DISTRO_FEATURE. [ YOCTO #3805 ] (From OE-Core rev: 3ccb0855a7a6b147e5025855c6376747ba72986a) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libpam: add PACKAGECONFIG data concerning auditJoe Slater2013-08-261-0/+2
| | | | | | | | | | | | | We do not want libpam to build using audit just because it happens to be lying around, so we create PACKAGECONFIG[] data to give us explicit control. (From OE-Core rev: 4db6aa2094447f8d2a9c234089a80ddcd78fcbd0) Signed-off-by: Joe Slater <jslater@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libpam: deny all services for the OTHER entriesMing Liu2013-07-311-9/+6
| | | | | | | | | | | To be secure, change behavior of the OTHER entries to warn and deny access to everything by stating pam_deny.so on all services. (From OE-Core rev: 4ca0af699b5b4b3cf95b3e76482651949fd922ac) Signed-off-by: Ming Liu <ming.liu@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libpam: add a new 'nullok_secure' option support to pam_unixMing Liu2013-07-243-1/+425
| | | | | | | | | | | | | | | | | | | | Debian patch to add a new 'nullok_secure' option to pam_unix, which accepts users with null passwords only when the applicant is connected from a tty listed in /etc/securetty. The original pam_unix.so was configured with nullok_secure in meta/recipes-extended/pam/libpam/pam.d/common-auth, but no such code exists actually. The patch set comes from: http://patch-tracker.debian.org/patch/series/view/pam/1.1.3-7.1/054_pam_security_abstract_securetty_handling http://patch-tracker.debian.org/patch/series/view/pam/1.1.3-7.1/055_pam_unix_nullok_secure (From OE-Core rev: 10cdd66fe800cffe3f2cbf5c95550b4f7902a311) Signed-off-by: Ming Liu <ming.liu@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libpam: inherit pkgconfigMartin Jansa2013-07-101-1/+1
| | | | | | | | | | | | | | | | | | | * missing dependency on pkgconfig-native was causing that PKG_CHECK_MODULES(DBUS, dbus-1) stayed unexpanded in configure script: checking for dbm_store in -lndbm... no libpam/1.1.6-r2/Linux-PAM-1.1.6/configure: line 14217: syntax error near unexpected token `libtirpc,' libpam/1.1.6-r2/Linux-PAM-1.1.6/configure: line 14217: ` PKG_CHECK_MODULES(libtirpc, libtirpc,' Configure failed. The contents of all config.log files follows to aid debugging (From OE-Core rev: d8d230a164b4e98dbb3a9e6d9bb567c2aabee7f9) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libpam: check if PAM is enabled when buildingRoss Burton2013-06-251-0/+6
| | | | | | | | (From OE-Core rev: fd9bad3e48a605e9fd28c129413300ff6b548788) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libpam: fix whitespace in shell functionRoss Burton2013-06-251-2/+2
| | | | | | | | (From OE-Core rev: 1b4b25d3cebab90398db208281d54e7442d43bcd) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libpam: Fix for CVE-2010-4708Wenzong Fan2013-06-192-0/+42
| | | | | | | | | | | | | | | | Change default for user_readenv to 0 and document the new default for user_readenv. This fix from: http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/modules/pam_env /pam_env.c?r1=1.22&r2=1.23&view=patch http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/modules/pam_env /pam_env.8.xml?r1=1.7&r2=1.8&view=patch (From OE-Core rev: 871ae7a6453b3b66610fd8bbaa770c92be850e19) Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libpam: Avoid wildcards in the SRC_URIMark Hatle2013-05-291-1/+6
| | | | | | | | | | | | | | Remove the wildcard from the SRC_URI. This causes problems when you .bbappend and add a FILESEXTRAPATHS entry. The unpack task may be unable to find the files to unpack leading to an error. Avoid wildcards at all costs... (From OE-Core rev: 6d3705123dd2f808a9778326aa04a2854f7b5378) Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Mark Hatle <mark.hatle@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libpam: backport patches from upstreamKai Kang2013-04-173-0/+100
| | | | | | | | | | | | Backport patches from linux-pam git repo to fix test case tst-pam_pwhistory1 failure. [YOCTO #4107] (From OE-Core rev: 65e4a9f050ae588ec794808315a206d94ca7a861) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* pam: Fix case where ${B} != ${S}Richard Purdie2013-03-222-0/+25
| | | | | | (From OE-Core rev: 3d27366f17e597380fee738f14f119d880a77985) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libpam: register PAM session with logindKoen Kooi2013-01-201-1/+3
| | | | | | | | | | | This make screen/tmux/etc work as intended. (From OE-Core rev: 58731bbdbd4ab4cfd560f14758a65efdfad2e28f) Signed-off-by: Martin Donnelly <martin.donnelly@ge.com> Signed-off-by: Koen Kooi <koen@dominion.thruhere.net> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libpam: enable multilibConstantin Musca2013-01-071-7/+8
| | | | | | | | | | | | | | | | | Fix the following warning: WARNING: QA Issue: lib32-libpam: Files/directories were installed but not shipped /usr/sbin/unix_chkpwd /usr/sbin/pam_tally2 /usr/sbin/mkhomedir_helper /usr/sbin/unix_update /usr/sbin/pam_timestamp_check /usr/sbin/pam_tally (From OE-Core rev: 1dbb0bc048ceaf4cd2879362ae4a0f1398809349) Signed-off-by: Constantin Musca <constantinx.musca@intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* PACKAGES_DYNAMIC: use regexp not globMartin Jansa2012-10-191-1/+1
| | | | | | | | | | | * bitbake uses PACKAGES_DYNAMIC as regexp ^ could make matching faster (and it will be more clear that we're expecting regexp not glob) * made all those last '-' optional, use .* (or nothing) (From OE-Core rev: 2f3ebdfa5f42dae51063b043cc4b0fbe20b40064) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libpam: Fix missing DESTDIR for a mkdir causing build failuresRichard Purdie2012-08-192-0/+27
| | | | | | (From OE-Core rev: c39e823138cbf4210e17bdb95ca322ec0a6c8f78) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libpam: Update recipes from 1.1.5 -> 1.1.6Khem Raj2012-08-192-20/+4
| | | | | | | | | | | | Drop include-sys-resource.patch already fixed upstream LIC_FILE_CHKSUM change is due to deletion of space in COPYING file see http://git.fedorahosted.org/cgit/linux-pam.git/commit/COPYING?id=1814aec611a5f9e03eceee81237ad3a3f51c954a (From OE-Core rev: 619092b699bfd79e060755fa41645cac7ac4fd0d) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libpam: disable NIS to not link with libtirpc when it is availableMarcin Juszkiewicz2012-08-061-1/+2
| | | | | | | | | | | | | | | | | | | | | | I was checking ways to make incremental builds faster so I started using sstate-cache and SSTATE_MIRRORS. But this gave me some nasty bug: | Collected errors: | * satisfy_dependencies_for: Cannot satisfy the following dependencies for php-cgi: | * libtirpc1 (>= 0.2.2) * | * opkg_install_cmd: Cannot install package php-cgi. I checked details: In my previous build libtirpc got built before libpam so libpam found it and linked. As a result packages depend on libtirpc1 but as there is no such build dependency sstate handling code did not used libtirpc copy... (From OE-Core rev: e629bdcd1bcb51f2d2101fb53daeac0bd29ab637) Signed-off-by: Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libpam: use ${localstatedir} and ${sysconfdir} instead of /var and /etcJavier Martinez Canillas2012-08-061-3/+3
| | | | | | | | | | It is considered good practice to use the build system provided variables instead of directly specify hardcoded paths. (From OE-Core rev: 7556e60bf23c07646594a1704b3db7dfc29e631d) Signed-off-by: Javier Martinez Canillas <javier@dowhile0.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Remove a number of unneeded import os/bb callsRichard Purdie2012-07-191-2/+0
| | | | | | | | | | The bb and os modules are always imported so having these extra import calls are a waste of space/execution time. They also set a bad example for people copy and pasting code so clean them up. (From OE-Core rev: 7d674820958be3a7051ea619effe1a6061d9cbe2) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Convert tab indentation in python functions into four-spaceRichard Purdie2012-07-191-22/+22
| | | | | | (From OE-Core rev: 604d46c686d06d62d5a07b9c7f4fa170f99307d8) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libpam: Fix build with eglibc 2.16Khem Raj2012-07-172-2/+16
| | | | | | | | | | | | | | | pam_unix_acct.c: In function '_unix_run_verify_binary': pam_unix_acct.c:97:19: error: storage size of 'rlim' isn't known pam_unix_acct.c:106:19: error: 'RLIMIT_NOFILE' undeclared (first use in this function) pam_unix_acct.c:106:19: note: each undeclared identifier is reported only once for each function it appears in (From OE-Core rev: e59a0bac95ce025a6b826be28ccc9e42ca4b5a29) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta: Replace bb.data.expand(xxx, d) -> d.expand(xxx)Richard Purdie2012-03-051-3/+3
| | | | | | | | sed \ -e 's:bb.data.\(expand([^,()]*\), *\([^) ]*\) *):\2.\1):g' \ -i `grep -ril bb.data.expand *` Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* V2 Fix libpam's chmodRobert Yang2012-03-021-6/+3
| | | | | | | | | | | | | | | | | | | | | | | | | The libpam's has an error when generating the rootfs: chmod: cannot access `/usr/sbin/unix_chkpwd': No such file or directory This is because the following code in libpam_1.1.5.bb: pkg_postinst_pam-plugin-unix () { # below is necessary to allow unix_chkpwd get user info from shadow file # on lsb images chmod 4755 ${sbindir}/unix_chkpwd } This is to set the setuid permission for unix_chkpwd (the lsb test requires this), but it lacks a "${D}", and we can do this in the install stage. [YOCTO #2049] (From OE-Core rev: 0725c7f01b173b1cc2090f4a03a274c7017b8a1a) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* recipes: bump PR to rebuild .la files without libz.laMartin Jansa2012-02-211-1/+1
| | | | | | | (From OE-Core rev: 1da6a2dbd5e7aeea6cd45ca05590bdd50b67bf89) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* zlib: Upgrade 1.2.5 -> 1.2.6Khem Raj2012-02-101-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | Dont use autotools, it really not so autoconf like. the configure script gets updated with every release of zlib and we overwrite that. Instead use the upstream provided configure copyright year was changed in zlib.h which caused change in LIC_FILE_CHECKSUM fix.inverted.LFS.logic.patch is already applied upstream so drop it Drop the configure.ac and Makefile.am scripts since we do not autoreconf anymore and do not inherit autotools anymore Bump PR for depending recipes so a rebuild it ensues so that they dont depend on .la anymore and add missing dependencies discovered during incremental build (From OE-Core rev: 50ad5230ea9e0982cdfda23fb9fcfccf89d28f29) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libpam: upgrade to 1.1.5Scott Garman2012-01-171-13/+14
| | | | | | | | | | | | Updated HOMEPAGE, BUGTRACKER, and SRC_URI fields to reflect new project hosting. Cleaned up some of the metadata ordering. (From OE-Core rev: 1fcd483e5ee5223f37c5edce26327f79b76bd01d) Signed-off-by: Scott Garman <scott.a.garman@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Convert to use direct access to the data store (instead of bb.data.*Var*())Richard Purdie2011-11-101-2/+2
| | | | | | | | | | | | | | | | | This is the result of running the following over the metadata: sed \ -e 's:bb.data.\(setVar([^,()]*,[^,()]*\), *\([^ )]*\) *):\2.\1):g' \ -e 's:bb.data.\(setVarFlag([^,()]*,[^,()]*,[^,()]*\), *\([^) ]*\) *):\2.\1):g' \ -e 's:bb.data.\(getVar([^,()]*\), *\([^(), ]*\) *,\([^)]*\)):\2.\1,\3):g' \ -e 's:bb.data.\(getVarFlag([^,()]*,[^,()]*\), *\([^(), ]*\) *,\([^)]*\)):\2.\1,\3):g' \ -e 's:bb.data.\(getVarFlag([^,()]*,[^,()]*\), *\([^() ]*\) *):\2.\1):g' \ -e 's:bb.data.\(getVar([^,()]*\), *\([^) ]*\) *):\2.\1):g' \ -i `grep -ril bb.data *` (From OE-Core rev: b22831fd63164c4db9c0b72934d7d734a6585251) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libpam: add flex-native to DEPENDSAndrew Gabbasov2011-09-281-1/+1
| | | | | | | | | | | flex-native is required for building libpam. Although this dependency is now fulfilled indirectly through bison recipe, having an explicit one would be preferable. (From OE-Core rev: 14018608277fe62e2a662711ff6177c93e9bc153) Signed-off-by: Andrew Gabbasov <andrew_gabbasov@mentor.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libpam: Setting suid bit for unix_chkpwdWenzong Fan2011-08-241-1/+7
| | | | | | | | | | | | | [YOCTO #1252] While pam_unix.so required by an application on lsb image, it will need to call the unix_chkpwd to get userinfo from shadow file. This fix get a normal user could read shadow file via unix_chkpwd. (From OE-Core rev: c23a3cd68385563a16d5bbc899e26f35cdc6c2cf) Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libpam 1.1.4: fix packagingKoen Kooi2011-07-271-2/+4
| | | | | | | | | | ERROR: QA Issue: non debug package contains .debug directory: libpam-xtests path /work/armv7a-angstrom-linux-gnueabi/libpam-1.1.4-r0/packages-split/libpam-xtests/usr/share/Linux-PAM/xtests/.debug/tst-pam_dispatch4 (From OE-Core rev: 4acbbefd67ac02322bb2ca455e6aaf5b78652dff) Signed-off-by: Koen Kooi <koen@dominion.thruhere.net> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libpam: update to 1.1.4 and add subpackage xtestsKang Kai2011-07-272-5/+44
| | | | | | | | | | | | Update libpam to 1.1.4, and add dependecy cracklib because run xtexts will need pam-plugin-cracklib. There are some additional checks under subdirectory xtests and make it as a subpackage libpam-xtests. (From OE-Core rev: f9158bf219479c2da56dd21a13ecee3176cd6f8a) Signed-off-by: Kang Kai <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* recipes: Add Upstream-Status to various recipe patchesScott Garman2011-05-171-0/+5
| | | | | | | | | | | | | | | | | | | Add Upstream-Status tag to patches for the following recipes: openssh dbus-glib expat opensp sgml-common at cpio (GPLv3 version) libpam icu (From OE-Core rev: 0702602332ad63c2cfaa207516497bb0b75bfdf3) Signed-off-by: Scott Garman <scott.a.garman@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libpam_1.1.3.bb: Fix compilation on uclibc when innetgr is absentKhem Raj2011-04-042-0/+94
| | | | | | | (From OE-Core rev: a0d441ec7c43fe1b4490c1c9b03a0cf5811109fd) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Various: Update KERNELORG_MIRROR for consistencyTom Rini2011-03-231-1/+1
| | | | | | | | | | | In mirrors.bbclass we point into /pub but we don't in bitbake.conf. All uses of KERNELORG_MIRROR look into /pub anyhow, so lets make use of that. (From OE-Core rev: 67a0c8f48b5ef2ae5fc712c9204e4e99818c8134) Signed-off-by: Tom Rini <tom_rini@mentor.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Various: Switch to KERNELORG_MIRRORTom Rini2011-03-231-1/+1
| | | | | | | (From OE-Core rev: a0eeed089a5c185ef721b11828d4a27f0c03791c) Signed-off-by: Tom Rini <tom_rini@mentor.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libpam: upgrade to version 1.1.3Scott Garman2010-11-249-39/+9
| | | | | | | | * Removed obsolete crossbinary patch * Added source checksums * Added LIC_FILES_CHKSUM and SUMMARY entries Signed-off-by: Scott Garman <scott.a.garman@intel.com>
* libpam:Add license checksum to bb fileMei Lei2010-11-241-0/+2
| | | | | | Add COPYING file and copyright information in pam_loginuid.c checksum to bb file Signed-off-by: Mei Lei <lei.mei@intel.com>
* packages: Separate out most of the remaining packages into recipesRichard Purdie2010-09-019-0/+242
Signed-off-by: Richard Purdie <rpurdie@linux.intel.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-05-24 20:34:51 +0000