From 698cef8322e5a5f18e50ce62f6c9d1f1f846677a Mon Sep 17 00:00:00 2001 From: Scott Garman Date: Tue, 23 Nov 2010 16:41:49 -0800 Subject: libpam: upgrade to version 1.1.3 * Removed obsolete crossbinary patch * Added source checksums * Added LIC_FILES_CHKSUM and SUMMARY entries Signed-off-by: Scott Garman --- meta/recipes-extended/pam/libpam-1.1.1/99_pam | 1 - .../pam/libpam-1.1.1/disable_crossbinary.patch | 34 ---------- .../pam/libpam-1.1.1/pam.d/common-account | 25 ------- .../pam/libpam-1.1.1/pam.d/common-auth | 18 ----- .../pam/libpam-1.1.1/pam.d/common-password | 26 ------- .../pam/libpam-1.1.1/pam.d/common-session | 19 ------ .../pam.d/common-session-noninteractive | 19 ------ meta/recipes-extended/pam/libpam-1.1.1/pam.d/other | 27 -------- meta/recipes-extended/pam/libpam/99_pam | 1 + .../pam/libpam/pam.d/common-account | 25 +++++++ meta/recipes-extended/pam/libpam/pam.d/common-auth | 18 +++++ .../pam/libpam/pam.d/common-password | 26 +++++++ .../pam/libpam/pam.d/common-session | 19 ++++++ .../pam/libpam/pam.d/common-session-noninteractive | 19 ++++++ meta/recipes-extended/pam/libpam/pam.d/other | 27 ++++++++ meta/recipes-extended/pam/libpam_1.1.1.bb | 75 -------------------- meta/recipes-extended/pam/libpam_1.1.3.bb | 79 ++++++++++++++++++++++ 17 files changed, 214 insertions(+), 244 deletions(-) delete mode 100644 meta/recipes-extended/pam/libpam-1.1.1/99_pam delete mode 100644 meta/recipes-extended/pam/libpam-1.1.1/disable_crossbinary.patch delete mode 100644 meta/recipes-extended/pam/libpam-1.1.1/pam.d/common-account delete mode 100644 meta/recipes-extended/pam/libpam-1.1.1/pam.d/common-auth delete mode 100644 meta/recipes-extended/pam/libpam-1.1.1/pam.d/common-password delete mode 100644 meta/recipes-extended/pam/libpam-1.1.1/pam.d/common-session delete mode 100644 meta/recipes-extended/pam/libpam-1.1.1/pam.d/common-session-noninteractive delete mode 100644 meta/recipes-extended/pam/libpam-1.1.1/pam.d/other create mode 100644 meta/recipes-extended/pam/libpam/99_pam create mode 100644 meta/recipes-extended/pam/libpam/pam.d/common-account create mode 100644 meta/recipes-extended/pam/libpam/pam.d/common-auth create mode 100644 meta/recipes-extended/pam/libpam/pam.d/common-password create mode 100644 meta/recipes-extended/pam/libpam/pam.d/common-session create mode 100644 meta/recipes-extended/pam/libpam/pam.d/common-session-noninteractive create mode 100644 meta/recipes-extended/pam/libpam/pam.d/other delete mode 100644 meta/recipes-extended/pam/libpam_1.1.1.bb create mode 100644 meta/recipes-extended/pam/libpam_1.1.3.bb (limited to 'meta/recipes-extended/pam') diff --git a/meta/recipes-extended/pam/libpam-1.1.1/99_pam b/meta/recipes-extended/pam/libpam-1.1.1/99_pam deleted file mode 100644 index 97e990d10b..0000000000 --- a/meta/recipes-extended/pam/libpam-1.1.1/99_pam +++ /dev/null @@ -1 +0,0 @@ -d root root 0755 /var/run/sepermit none diff --git a/meta/recipes-extended/pam/libpam-1.1.1/disable_crossbinary.patch b/meta/recipes-extended/pam/libpam-1.1.1/disable_crossbinary.patch deleted file mode 100644 index 43359b08fe..0000000000 --- a/meta/recipes-extended/pam/libpam-1.1.1/disable_crossbinary.patch +++ /dev/null @@ -1,34 +0,0 @@ -padout should be compiled using the native compiler but isn't. -Disable this piece of documentation for now. - -RP - -Index: Linux-PAM-1.0.2/doc/specs/Makefile.am -=================================================================== ---- Linux-PAM-1.0.2.orig/doc/specs/Makefile.am 2008-11-04 21:06:23.000000000 +0000 -+++ Linux-PAM-1.0.2/doc/specs/Makefile.am 2008-11-04 21:07:06.000000000 +0000 -@@ -2,21 +2,8 @@ - # Copyright (c) 2005, 2006 Thorsten Kukuk - # - --CLEANFILES = draft-morgan-pam-current.txt *~ -+CLEANFILES = *~ - --EXTRA_DIST = draft-morgan-pam.raw std-agent-id.raw rfc86.0.txt -+EXTRA_DIST = std-agent-id.raw rfc86.0.txt - --draft-morgan-pam-current.txt: padout draft-morgan-pam.raw -- ./padout < $(srcdir)/draft-morgan-pam.raw > draft-morgan-pam-current.txt -- --AM_YFLAGS = -d -- --BUILT_SOURCES = parse_y.h -- --noinst_PROGRAMS = padout -- --padout_SOURCES = parse_l.l parse_y.y -- --padout_LDADD = @LEXLIB@ -- --doc_DATA = draft-morgan-pam-current.txt rfc86.0.txt -+doc_DATA = rfc86.0.txt diff --git a/meta/recipes-extended/pam/libpam-1.1.1/pam.d/common-account b/meta/recipes-extended/pam/libpam-1.1.1/pam.d/common-account deleted file mode 100644 index 316b17337b..0000000000 --- a/meta/recipes-extended/pam/libpam-1.1.1/pam.d/common-account +++ /dev/null @@ -1,25 +0,0 @@ -# -# /etc/pam.d/common-account - authorization settings common to all services -# -# This file is included from other service-specific PAM config files, -# and should contain a list of the authorization modules that define -# the central access policy for use on the system. The default is to -# only deny service to users whose accounts are expired in /etc/shadow. -# -# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. -# To take advantage of this, it is recommended that you configure any -# local modules either before or after the default block, and use -# pam-auth-update to manage selection of other modules. See -# pam-auth-update(8) for details. -# - -# here are the per-package modules (the "Primary" block) -account [success=1 new_authtok_reqd=done default=ignore] pam_unix.so -# here's the fallback if no module succeeds -account requisite pam_deny.so -# prime the stack with a positive return value if there isn't one already; -# this avoids us returning an error just because nothing sets a success code -# since the modules above will each just jump around -account required pam_permit.so -# and here are more per-package modules (the "Additional" block) -# end of pam-auth-update config diff --git a/meta/recipes-extended/pam/libpam-1.1.1/pam.d/common-auth b/meta/recipes-extended/pam/libpam-1.1.1/pam.d/common-auth deleted file mode 100644 index 460b69f198..0000000000 --- a/meta/recipes-extended/pam/libpam-1.1.1/pam.d/common-auth +++ /dev/null @@ -1,18 +0,0 @@ -# -# /etc/pam.d/common-auth - authentication settings common to all services -# -# This file is included from other service-specific PAM config files, -# and should contain a list of the authentication modules that define -# the central authentication scheme for use on the system -# (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the -# traditional Unix authentication mechanisms. - -# here are the per-package modules (the "Primary" block) -auth [success=1 default=ignore] pam_unix.so nullok_secure -# here's the fallback if no module succeeds -auth requisite pam_deny.so -# prime the stack with a positive return value if there isn't one already; -# this avoids us returning an error just because nothing sets a success code -# since the modules above will each just jump around -auth required pam_permit.so -# and here are more per-package modules (the "Additional" block) diff --git a/meta/recipes-extended/pam/libpam-1.1.1/pam.d/common-password b/meta/recipes-extended/pam/libpam-1.1.1/pam.d/common-password deleted file mode 100644 index 3896057328..0000000000 --- a/meta/recipes-extended/pam/libpam-1.1.1/pam.d/common-password +++ /dev/null @@ -1,26 +0,0 @@ -# -# /etc/pam.d/common-password - password-related modules common to all services -# -# This file is included from other service-specific PAM config files, -# and should contain a list of modules that define the services to be -# used to change user passwords. The default is pam_unix. - -# Explanation of pam_unix options: -# -# The "sha512" option enables salted SHA512 passwords. Without this option, -# the default is Unix crypt. Prior releases used the option "md5". -# -# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in -# login.defs. -# -# See the pam_unix manpage for other options. - -# here are the per-package modules (the "Primary" block) -password [success=1 default=ignore] pam_unix.so obscure sha512 -# here's the fallback if no module succeeds -password requisite pam_deny.so -# prime the stack with a positive return value if there isn't one already; -# this avoids us returning an error just because nothing sets a success code -# since the modules above will each just jump around -password required pam_permit.so -# and here are more per-package modules (the "Additional" block) diff --git a/meta/recipes-extended/pam/libpam-1.1.1/pam.d/common-session b/meta/recipes-extended/pam/libpam-1.1.1/pam.d/common-session deleted file mode 100644 index a594dd9d90..0000000000 --- a/meta/recipes-extended/pam/libpam-1.1.1/pam.d/common-session +++ /dev/null @@ -1,19 +0,0 @@ -# -# /etc/pam.d/common-session - session-related modules common to all services -# -# This file is included from other service-specific PAM config files, -# and should contain a list of modules that define tasks to be performed -# at the start and end of sessions of *any* kind (both interactive and -# non-interactive). -# - -# here are the per-package modules (the "Primary" block) -session [default=1] pam_permit.so -# here's the fallback if no module succeeds -session requisite pam_deny.so -# prime the stack with a positive return value if there isn't one already; -# this avoids us returning an error just because nothing sets a success code -# since the modules above will each just jump around -session required pam_permit.so -# and here are more per-package modules (the "Additional" block) -session required pam_unix.so diff --git a/meta/recipes-extended/pam/libpam-1.1.1/pam.d/common-session-noninteractive b/meta/recipes-extended/pam/libpam-1.1.1/pam.d/common-session-noninteractive deleted file mode 100644 index b110bb2b49..0000000000 --- a/meta/recipes-extended/pam/libpam-1.1.1/pam.d/common-session-noninteractive +++ /dev/null @@ -1,19 +0,0 @@ -# -# /etc/pam.d/common-session-noninteractive - session-related modules -# common to all non-interactive services -# -# This file is included from other service-specific PAM config files, -# and should contain a list of modules that define tasks to be performed -# at the start and end of all non-interactive sessions. -# - -# here are the per-package modules (the "Primary" block) -session [default=1] pam_permit.so -# here's the fallback if no module succeeds -session requisite pam_deny.so -# prime the stack with a positive return value if there isn't one already; -# this avoids us returning an error just because nothing sets a success code -# since the modules above will each just jump around -session required pam_permit.so -# and here are more per-package modules (the "Additional" block) -session required pam_unix.so diff --git a/meta/recipes-extended/pam/libpam-1.1.1/pam.d/other b/meta/recipes-extended/pam/libpam-1.1.1/pam.d/other deleted file mode 100644 index 6e40cd0c02..0000000000 --- a/meta/recipes-extended/pam/libpam-1.1.1/pam.d/other +++ /dev/null @@ -1,27 +0,0 @@ -# -# /etc/pam.d/other - specify the PAM fallback behaviour -# -# Note that this file is used for any unspecified service; for example -#if /etc/pam.d/cron specifies no session modules but cron calls -#pam_open_session, the session module out of /etc/pam.d/other is -#used. - -#If you really want nothing to happen then use pam_permit.so or -#pam_deny.so as appropriate. - -# We use pam_warn.so to generate syslog notes that the 'other' -#fallback rules are being used (as a hint to suggest you should setup -#specific PAM rules for the service and aid to debugging). We then -#fall back to the system default in /etc/pam.d/common-* - -auth required pam_warn.so -auth include common-auth - -account required pam_warn.so -account include common-account - -password required pam_warn.so -password include common-password - -session required pam_warn.so -session include common-session diff --git a/meta/recipes-extended/pam/libpam/99_pam b/meta/recipes-extended/pam/libpam/99_pam new file mode 100644 index 0000000000..97e990d10b --- /dev/null +++ b/meta/recipes-extended/pam/libpam/99_pam @@ -0,0 +1 @@ +d root root 0755 /var/run/sepermit none diff --git a/meta/recipes-extended/pam/libpam/pam.d/common-account b/meta/recipes-extended/pam/libpam/pam.d/common-account new file mode 100644 index 0000000000..316b17337b --- /dev/null +++ b/meta/recipes-extended/pam/libpam/pam.d/common-account @@ -0,0 +1,25 @@ +# +# /etc/pam.d/common-account - authorization settings common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of the authorization modules that define +# the central access policy for use on the system. The default is to +# only deny service to users whose accounts are expired in /etc/shadow. +# +# As of pam 1.0.1-6, this file is managed by pam-auth-update by default. +# To take advantage of this, it is recommended that you configure any +# local modules either before or after the default block, and use +# pam-auth-update to manage selection of other modules. See +# pam-auth-update(8) for details. +# + +# here are the per-package modules (the "Primary" block) +account [success=1 new_authtok_reqd=done default=ignore] pam_unix.so +# here's the fallback if no module succeeds +account requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +account required pam_permit.so +# and here are more per-package modules (the "Additional" block) +# end of pam-auth-update config diff --git a/meta/recipes-extended/pam/libpam/pam.d/common-auth b/meta/recipes-extended/pam/libpam/pam.d/common-auth new file mode 100644 index 0000000000..460b69f198 --- /dev/null +++ b/meta/recipes-extended/pam/libpam/pam.d/common-auth @@ -0,0 +1,18 @@ +# +# /etc/pam.d/common-auth - authentication settings common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of the authentication modules that define +# the central authentication scheme for use on the system +# (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the +# traditional Unix authentication mechanisms. + +# here are the per-package modules (the "Primary" block) +auth [success=1 default=ignore] pam_unix.so nullok_secure +# here's the fallback if no module succeeds +auth requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +auth required pam_permit.so +# and here are more per-package modules (the "Additional" block) diff --git a/meta/recipes-extended/pam/libpam/pam.d/common-password b/meta/recipes-extended/pam/libpam/pam.d/common-password new file mode 100644 index 0000000000..3896057328 --- /dev/null +++ b/meta/recipes-extended/pam/libpam/pam.d/common-password @@ -0,0 +1,26 @@ +# +# /etc/pam.d/common-password - password-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define the services to be +# used to change user passwords. The default is pam_unix. + +# Explanation of pam_unix options: +# +# The "sha512" option enables salted SHA512 passwords. Without this option, +# the default is Unix crypt. Prior releases used the option "md5". +# +# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in +# login.defs. +# +# See the pam_unix manpage for other options. + +# here are the per-package modules (the "Primary" block) +password [success=1 default=ignore] pam_unix.so obscure sha512 +# here's the fallback if no module succeeds +password requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +password required pam_permit.so +# and here are more per-package modules (the "Additional" block) diff --git a/meta/recipes-extended/pam/libpam/pam.d/common-session b/meta/recipes-extended/pam/libpam/pam.d/common-session new file mode 100644 index 0000000000..a594dd9d90 --- /dev/null +++ b/meta/recipes-extended/pam/libpam/pam.d/common-session @@ -0,0 +1,19 @@ +# +# /etc/pam.d/common-session - session-related modules common to all services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define tasks to be performed +# at the start and end of sessions of *any* kind (both interactive and +# non-interactive). +# + +# here are the per-package modules (the "Primary" block) +session [default=1] pam_permit.so +# here's the fallback if no module succeeds +session requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +session required pam_permit.so +# and here are more per-package modules (the "Additional" block) +session required pam_unix.so diff --git a/meta/recipes-extended/pam/libpam/pam.d/common-session-noninteractive b/meta/recipes-extended/pam/libpam/pam.d/common-session-noninteractive new file mode 100644 index 0000000000..b110bb2b49 --- /dev/null +++ b/meta/recipes-extended/pam/libpam/pam.d/common-session-noninteractive @@ -0,0 +1,19 @@ +# +# /etc/pam.d/common-session-noninteractive - session-related modules +# common to all non-interactive services +# +# This file is included from other service-specific PAM config files, +# and should contain a list of modules that define tasks to be performed +# at the start and end of all non-interactive sessions. +# + +# here are the per-package modules (the "Primary" block) +session [default=1] pam_permit.so +# here's the fallback if no module succeeds +session requisite pam_deny.so +# prime the stack with a positive return value if there isn't one already; +# this avoids us returning an error just because nothing sets a success code +# since the modules above will each just jump around +session required pam_permit.so +# and here are more per-package modules (the "Additional" block) +session required pam_unix.so diff --git a/meta/recipes-extended/pam/libpam/pam.d/other b/meta/recipes-extended/pam/libpam/pam.d/other new file mode 100644 index 0000000000..6e40cd0c02 --- /dev/null +++ b/meta/recipes-extended/pam/libpam/pam.d/other @@ -0,0 +1,27 @@ +# +# /etc/pam.d/other - specify the PAM fallback behaviour +# +# Note that this file is used for any unspecified service; for example +#if /etc/pam.d/cron specifies no session modules but cron calls +#pam_open_session, the session module out of /etc/pam.d/other is +#used. + +#If you really want nothing to happen then use pam_permit.so or +#pam_deny.so as appropriate. + +# We use pam_warn.so to generate syslog notes that the 'other' +#fallback rules are being used (as a hint to suggest you should setup +#specific PAM rules for the service and aid to debugging). We then +#fall back to the system default in /etc/pam.d/common-* + +auth required pam_warn.so +auth include common-auth + +account required pam_warn.so +account include common-account + +password required pam_warn.so +password include common-password + +session required pam_warn.so +session include common-session diff --git a/meta/recipes-extended/pam/libpam_1.1.1.bb b/meta/recipes-extended/pam/libpam_1.1.1.bb deleted file mode 100644 index e6cd172c78..0000000000 --- a/meta/recipes-extended/pam/libpam_1.1.1.bb +++ /dev/null @@ -1,75 +0,0 @@ -DESCRIPTION = "Linux-PAM (Pluggable Authentication Modules for Linux), Basically, it is a flexible mechanism for authenticating users" -HOMEPAGE = "http://www.kernel.org/pub/linux/libs/pam/" -BUGTRACKER = "http://sourceforge.net/projects/pam/support" -# PAM allows dual licensed under GPL and BSD. -# /etc/pam.d comes from Debian libpam-runtime in 2009-11 (at that time -# libpam-runtime-1.0.1 is GPLv2+), by openembedded -LICENSE = "GPLv2+ | BSD" -LIC_FILES_CHKSUM = "file://COPYING;md5=ca0395de9a86191a078b8b79302e3083 \ - file://modules/pam_loginuid/pam_loginuid.c;endline=23;md5=db84479f04f9afb6dd4dd022a0143997" -PR = "r1" - -DEPENDS = "bison flex" -RDEPENDS_${PN}-runtime = "libpam pam-plugin-deny pam-plugin-permit pam-plugin-warn pam-plugin-unix" -RRECOMMENDS_${PN} = "libpam-runtime" - -SRC_URI = "http://www.kernel.org/pub/linux/libs/pam/library/Linux-PAM-${PV}.tar.bz2 \ - file://disable_crossbinary.patch \ - file://99_pam \ - file://pam.d/*" - -EXTRA_OECONF = "--with-db-uniquename=_pam \ - --includedir=${includedir}/security \ - --libdir=${base_libdir} \ - --disable-regenerate-docu" -CFLAGS_append = " -fPIC " - -S = "${WORKDIR}/Linux-PAM-${PV}" - -inherit autotools gettext - -PACKAGES += "${PN}-runtime" -FILES_${PN} = "${base_libdir}/lib*${SOLIBS}" -FILES_${PN}-dbg += "${base_libdir}/security/.debug \ - ${base_libdir}/security/pam_filter/.debug" -FILES_${PN}-dev += "${base_libdir}/security/*.la ${base_libdir}/*.la ${base_libdir}/lib*${SOLIBSDEV}" -FILES_${PN}-runtime = "${sysconfdir}" - -PACKAGES_DYNAMIC += " pam-plugin-*" - -python populate_packages_prepend () { - import os.path - - def pam_plugin_append_file(pn, dir, file): - nf = os.path.join(dir, file) - of = bb.data.getVar('FILES_' + pn, d, True) - if of: - nf = of + " " + nf - bb.data.setVar('FILES_' + pn, nf, d) - - dvar = bb.data.expand('${WORKDIR}/package', d, True) - pam_libdir = bb.data.expand('${base_libdir}/security', d) - pam_sbindir = bb.data.expand('${sbindir}', d) - pam_filterdir = bb.data.expand('${base_libdir}/security/pam_filter', d) - - do_split_packages(d, pam_libdir, '^pam(.*)\.so$', 'pam-plugin%s', 'PAM plugin for %s', extra_depends='') - pam_plugin_append_file('pam-plugin-unix', pam_sbindir, 'unix_chkpwd') - pam_plugin_append_file('pam-plugin-unix', pam_sbindir, 'unix_update') - pam_plugin_append_file('pam-plugin-tally', pam_sbindir, 'pam_tally') - pam_plugin_append_file('pam-plugin-tally2', pam_sbindir, 'pam_tally2') - pam_plugin_append_file('pam-plugin-timestamp', pam_sbindir, 'pam_timestamp_check') - pam_plugin_append_file('pam-plugin-mkhomedir', pam_sbindir, 'mkhomedir_helper') - do_split_packages(d, pam_filterdir, '^(.*)$', 'pam-filter-%s', 'PAM filter for %s', extra_depends='') -} - -do_install() { - autotools_do_install - - # don't install /var/run when populating rootfs. Do it through volatile - rm -rf ${D}/var - install -d ${D}${sysconfdir}/default/volatiles - install -m 0644 ${WORKDIR}/99_pam ${D}/etc/default/volatiles - - install -d ${D}${sysconfdir}/pam.d/ - install -m 0644 ${WORKDIR}/pam.d/* ${D}${sysconfdir}/pam.d/ -} diff --git a/meta/recipes-extended/pam/libpam_1.1.3.bb b/meta/recipes-extended/pam/libpam_1.1.3.bb new file mode 100644 index 0000000000..7a8b29a93c --- /dev/null +++ b/meta/recipes-extended/pam/libpam_1.1.3.bb @@ -0,0 +1,79 @@ +SUMMARY = "Linux-PAM (Pluggable Authentication Modules)" +DESCRIPTION = "Linux-PAM (Pluggable Authentication Modules for Linux), Basically, it is a flexible mechanism for authenticating users" +HOMEPAGE = "http://www.kernel.org/pub/linux/libs/pam/" +BUGTRACKER = "http://sourceforge.net/projects/pam/support" +SECTION = "base" +# PAM is dual licensed under GPL and BSD. +# /etc/pam.d comes from Debian libpam-runtime in 2009-11 (at that time +# libpam-runtime-1.0.1 is GPLv2+), by openembedded +LICENSE = "GPLv2+ | BSD" +LIC_FILES_CHKSUM = "file://COPYING;md5=ca0395de9a86191a078b8b79302e3083" + +PR = "r0" + +DEPENDS = "bison flex" +RDEPENDS_${PN}-runtime = "libpam pam-plugin-deny pam-plugin-permit pam-plugin-warn pam-plugin-unix" +RRECOMMENDS_${PN} = "libpam-runtime" + +SRC_URI = "http://www.kernel.org/pub/linux/libs/pam/library/Linux-PAM-${PV}.tar.bz2 \ + file://99_pam \ + file://pam.d/*" + +SRC_URI[md5sum] = "6db7fcb5db6253350e3a4648ceac40e7" +SRC_URI[sha256sum] = "17b268789b935a76e736a1150210dd12f156972973e79347668f828d43632652" + +EXTRA_OECONF = "--with-db-uniquename=_pam \ + --includedir=${includedir}/security \ + --libdir=${base_libdir} \ + --disable-regenerate-docu" +CFLAGS_append = " -fPIC " + +S = "${WORKDIR}/Linux-PAM-${PV}" + +inherit autotools gettext + +PACKAGES += "${PN}-runtime" +FILES_${PN} = "${base_libdir}/lib*${SOLIBS}" +FILES_${PN}-dbg += "${base_libdir}/security/.debug \ + ${base_libdir}/security/pam_filter/.debug" +FILES_${PN}-dev += "${base_libdir}/security/*.la ${base_libdir}/*.la ${base_libdir}/lib*${SOLIBSDEV}" +FILES_${PN}-runtime = "${sysconfdir}" + +PACKAGES_DYNAMIC += " pam-plugin-*" + +python populate_packages_prepend () { + import os.path + + def pam_plugin_append_file(pn, dir, file): + nf = os.path.join(dir, file) + of = bb.data.getVar('FILES_' + pn, d, True) + if of: + nf = of + " " + nf + bb.data.setVar('FILES_' + pn, nf, d) + + dvar = bb.data.expand('${WORKDIR}/package', d, True) + pam_libdir = bb.data.expand('${base_libdir}/security', d) + pam_sbindir = bb.data.expand('${sbindir}', d) + pam_filterdir = bb.data.expand('${base_libdir}/security/pam_filter', d) + + do_split_packages(d, pam_libdir, '^pam(.*)\.so$', 'pam-plugin%s', 'PAM plugin for %s', extra_depends='') + pam_plugin_append_file('pam-plugin-unix', pam_sbindir, 'unix_chkpwd') + pam_plugin_append_file('pam-plugin-unix', pam_sbindir, 'unix_update') + pam_plugin_append_file('pam-plugin-tally', pam_sbindir, 'pam_tally') + pam_plugin_append_file('pam-plugin-tally2', pam_sbindir, 'pam_tally2') + pam_plugin_append_file('pam-plugin-timestamp', pam_sbindir, 'pam_timestamp_check') + pam_plugin_append_file('pam-plugin-mkhomedir', pam_sbindir, 'mkhomedir_helper') + do_split_packages(d, pam_filterdir, '^(.*)$', 'pam-filter-%s', 'PAM filter for %s', extra_depends='') +} + +do_install() { + autotools_do_install + + # don't install /var/run when populating rootfs. Do it through volatile + rm -rf ${D}/var + install -d ${D}${sysconfdir}/default/volatiles + install -m 0644 ${WORKDIR}/99_pam ${D}/etc/default/volatiles + + install -d ${D}${sysconfdir}/pam.d/ + install -m 0644 ${WORKDIR}/pam.d/* ${D}${sysconfdir}/pam.d/ +} -- cgit v1.2.3-54-g00ecf