2 files changed, 236 insertions, 1 deletions
diff --git a/meta/recipes-extended/pam/libpam/use-utmpx.patch b/meta/recipes-extended/pam/libpam/use-utmpx.patch
new file mode 100644
index 0000000000..dd04bbb844
--- /dev/null
+++ b/meta/recipes-extended/pam/libpam/use-utmpx.patch
@@ -0,0 +1,233 @@
+utmp() may not be configured in and use posix compliant utmpx always
+UTMP is SVID legacy, UTMPX is mandated by POSIX
+Upstream-Status: Pending
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+Index: Linux-PAM-1.2.1/libpam/pam_modutil_getlogin.c
+===================================================================
+--- Linux-PAM-1.2.1.orig/libpam/pam_modutil_getlogin.c
+++ Linux-PAM-1.2.1/libpam/pam_modutil_getlogin.c
+@@ -10,8 +10,7 @@
+ 
+ #include <stdlib.h>
+ #include <unistd.h>
+-#include <utmp.h>
+-
+#include <utmpx.h>
+ #define _PAMMODUTIL_GETLOGIN "_pammodutil_getlogin"
+ 
+ const char *
+@@ -22,7 +21,7 @@ pam_modutil_getlogin(pam_handle_t *pamh)
+     const void *void_curr_tty;
+     const char *curr_tty;
+     char *curr_user;
+-    struct utmp *ut, line;
+    struct utmpx *ut, line;
+ 
+     status = pam_get_data(pamh, _PAMMODUTIL_GETLOGIN, &logname);
+     if (status == PAM_SUCCESS) {
+@@ -48,10 +47,10 @@ pam_modutil_getlogin(pam_handle_t *pamh)
+     }
+     logname = NULL;
+ 
+-    setutent();
+    setutxent();
+     strncpy(line.ut_line, curr_tty, sizeof(line.ut_line));
+ 
+-    if ((ut = getutline(&line)) == NULL) {
+    if ((ut = getutxline(&line)) == NULL) {
+        goto clean_up_and_go_home;
+     }
+ 
+@@ -74,7 +73,7 @@ pam_modutil_getlogin(pam_handle_t *pamh)
+ 
+ clean_up_and_go_home:
+ 
+-    endutent();
+    endutxent();
+ 
+     return logname;
+ }
+Index: Linux-PAM-1.2.1/modules/pam_issue/pam_issue.c
+===================================================================
+--- Linux-PAM-1.2.1.orig/modules/pam_issue/pam_issue.c
+++ Linux-PAM-1.2.1/modules/pam_issue/pam_issue.c
+@@ -25,7 +25,7 @@
+ #include <string.h>
+ #include <unistd.h>
+ #include <sys/utsname.h>
+-#include <utmp.h>
+#include <utmpx.h>
+ #include <time.h>
+ #include <syslog.h>
+ 
+@@ -246,13 +246,13 @@ read_issue_quoted(pam_handle_t *pamh, FI
+              case 'U':
+                {
+                    unsigned int users = 0;
+-                   struct utmp *ut;
+-                   setutent();
+-                   while ((ut = getutent())) {
+                   struct utmpx *ut;
+                   setutxent();
+                   while ((ut = getutxent())) {
+                        if (ut->ut_type == USER_PROCESS)
+                            ++users;
+                    }
+-                   endutent();
+                   endutxent();
+                    if (c == 'U')
+                        snprintf (buf, sizeof buf, "%u %s", users,
+                                  (users == 1) ? "user" : "users");
+Index: Linux-PAM-1.2.1/modules/pam_lastlog/pam_lastlog.c
+===================================================================
+--- Linux-PAM-1.2.1.orig/modules/pam_lastlog/pam_lastlog.c
+++ Linux-PAM-1.2.1/modules/pam_lastlog/pam_lastlog.c
+@@ -15,8 +15,9 @@
+ #include <errno.h>
+ #ifdef HAVE_UTMP_H
+ # include <utmp.h>
+-#else
+-# include <lastlog.h>
+#endif
+#ifdef HAVE_UTMPX_H
+# include <utmpx.h>
+ #endif
+ #include <pwd.h>
+ #include <stdlib.h>
+@@ -27,6 +28,12 @@
+ #include <syslog.h>
+ #include <unistd.h>
+ 
+#ifndef HAVE_UTMP_H
+#define UT_LINESIZE 32
+#define UT_HOSTSIZE 32
+#define UT_NAMESIZE 256
+#endif
+
+ #if defined(hpux) || defined(sunos) || defined(solaris)
+ # ifndef _PATH_LASTLOG
+ #  define _PATH_LASTLOG "/usr/adm/lastlog"
+@@ -38,7 +45,7 @@
+ #  define UT_LINESIZE 12
+ # endif /* UT_LINESIZE */
+ #endif
+-#if defined(hpux)
+#if defined(hpux) || !defined HAVE_UTMP_H
+ struct lastlog {
+     time_t  ll_time;
+     char    ll_line[UT_LINESIZE];
+@@ -447,8 +454,8 @@ last_login_failed(pam_handle_t *pamh, in
+ {
+     int retval;
+     int fd;
+-    struct utmp ut;
+-    struct utmp utuser;
+    struct utmpx ut;
+    struct utmpx utuser;
+     int failed = 0;
+     char the_time[256];
+     char *date = NULL;
+Index: Linux-PAM-1.2.1/modules/pam_limits/pam_limits.c
+===================================================================
+--- Linux-PAM-1.2.1.orig/modules/pam_limits/pam_limits.c
+++ Linux-PAM-1.2.1/modules/pam_limits/pam_limits.c
+@@ -33,7 +33,7 @@
+ #include <sys/resource.h>
+ #include <limits.h>
+ #include <glob.h>
+-#include <utmp.h>
+#include <utmpx.h>
+ #ifndef UT_USER  /* some systems have ut_name instead of ut_user */
+ #define UT_USER ut_user
+ #endif
+@@ -227,7 +227,7 @@ static int
+ check_logins (pam_handle_t *pamh, const char *name, int limit, int ctrl,
+               struct pam_limit_s *pl)
+ {
+-    struct utmp *ut;
+    struct utmpx *ut;
+     int count;
+ 
+     if (ctrl & PAM_DEBUG_ARG) {
+@@ -242,7 +242,7 @@ check_logins (pam_handle_t *pamh, const
+         return LOGIN_ERR;
+     }
+ 
+-    setutent();
+    setutxent();
+ 
+     /* Because there is no definition about when an application
+        actually adds a utmp entry, some applications bizarrely do the
+@@ -260,7 +260,7 @@ check_logins (pam_handle_t *pamh, const
+        count = 1;
+     }
+ 
+-    while((ut = getutent())) {
+    while((ut = getutxent())) {
+ #ifdef USER_PROCESS
+         if (ut->ut_type != USER_PROCESS) {
+             continue;
+@@ -296,7 +296,7 @@ check_logins (pam_handle_t *pamh, const
+            break;
+        }
+     }
+-    endutent();
+    endutxent();
+     if (count > limit) {
+        if (name) {
+            pam_syslog(pamh, LOG_WARNING,
+Index: Linux-PAM-1.2.1/modules/pam_timestamp/pam_timestamp.c
+===================================================================
+--- Linux-PAM-1.2.1.orig/modules/pam_timestamp/pam_timestamp.c
+++ Linux-PAM-1.2.1/modules/pam_timestamp/pam_timestamp.c
+@@ -56,7 +56,7 @@
+ #include <time.h>
+ #include <sys/time.h>
+ #include <unistd.h>
+-#include <utmp.h>
+#include <utmpx.h>
+ #include <syslog.h>
+ #include <paths.h>
+ #include "hmacsha1.h"
+@@ -197,15 +197,15 @@ timestamp_good(time_t then, time_t now,
+ static int
+ check_login_time(const char *ruser, time_t timestamp)
+ {
+-       struct utmp utbuf, *ut;
+       struct utmpx utbuf, *ut;
+        time_t oldest_login = 0;
+ 
+-       setutent();
+       setutxent();
+        while(
+ #ifdef HAVE_GETUTENT_R
+-             !getutent_r(&utbuf, &ut)
+             !getutxent_r(&utbuf, &ut)
+ #else
+-             (ut = getutent()) != NULL
+             (ut = getutxent()) != NULL
+ #endif
+              ) {
+                if (ut->ut_type != USER_PROCESS) {
+@@ -218,7 +218,7 @@ check_login_time(const char *ruser, time
+                        oldest_login = ut->ut_tv.tv_sec;
+                }
+        }
+-       endutent();
+       endutxent();
+        if(oldest_login == 0 || timestamp < oldest_login) {
+                return PAM_AUTH_ERR;
+        }
+Index: Linux-PAM-1.2.1/modules/pam_unix/support.c
+===================================================================
+--- Linux-PAM-1.2.1.orig/modules/pam_unix/support.c
+++ Linux-PAM-1.2.1/modules/pam_unix/support.c
+@@ -13,7 +13,6 @@
+ #include <pwd.h>
+ #include <shadow.h>
+ #include <limits.h>
+-#include <utmp.h>
+ #include <errno.h>
+ #include <signal.h>
+ #include <ctype.h>
diff --git a/meta/recipes-extended/pam/libpam_1.2.1.bb b/meta/recipes-extended/pam/libpam_1.2.1.bb
index ac3097ef7c..0353356568 100644
--- a/meta/recipes-extended/pam/libpam_1.2.1.bb
+++ b/meta/recipes-extended/pam/libpam_1.2.1.bb
@@ -28,7 +28,9 @@ SRC_URI = "http://linux-pam.org/library/Linux-PAM-${PV}.tar.bz2 \
 SRC_URI[md5sum] = "9dc53067556d2dd567808fd509519dd6"
 SRC_URI[sha256sum] = "342b1211c0d3b203a7df2540a5b03a428a087bd8a48c17e49ae268f992b334d9"
-SRC_URI_append_libc-uclibc = " file://pam-no-innetgr.patch"
+SRC_URI_append_libc-uclibc = " file://pam-no-innetgr.patch \
+                               file://use-utmpx.patch"
 SRC_URI_append_libc-musl = " file://pam-no-innetgr.patch"
 DEPENDS = "bison flex flex-native cracklib"

diff --git a/meta/recipes-extended/pam/libpam/use-utmpx.patch b/meta/recipes-extended/pam/libpam/use-utmpx.patch new file mode 100644 index 0000000000..dd04bbb844 --- /dev/null +++ b/meta/recipes-extended/pam/libpam/use-utmpx.patch
@@ -0,0 +1,233 @@
		1	utmp() may not be configured in and use posix compliant utmpx always
		2	UTMP is SVID legacy, UTMPX is mandated by POSIX
		3
		4	Upstream-Status: Pending
		5	Signed-off-by: Khem Raj <raj.khem@gmail.com>
		6	Index: Linux-PAM-1.2.1/libpam/pam_modutil_getlogin.c
		7	===================================================================
		8	--- Linux-PAM-1.2.1.orig/libpam/pam_modutil_getlogin.c
		9	+++ Linux-PAM-1.2.1/libpam/pam_modutil_getlogin.c
		10	@@ -10,8 +10,7 @@
		11
		12	#include <stdlib.h>
		13	#include <unistd.h>
		14	-#include <utmp.h>
		15	-
		16	+#include <utmpx.h>
		17	#define _PAMMODUTIL_GETLOGIN "_pammodutil_getlogin"
		18
		19	const char *
		20	@@ -22,7 +21,7 @@ pam_modutil_getlogin(pam_handle_t *pamh)
		21	const void *void_curr_tty;
		22	const char *curr_tty;
		23	char *curr_user;
		24	- struct utmp *ut, line;
		25	+ struct utmpx *ut, line;
		26
		27	status = pam_get_data(pamh, _PAMMODUTIL_GETLOGIN, &logname);
		28	if (status == PAM_SUCCESS) {
		29	@@ -48,10 +47,10 @@ pam_modutil_getlogin(pam_handle_t *pamh)
		30	}
		31	logname = NULL;
		32
		33	- setutent();
		34	+ setutxent();
		35	strncpy(line.ut_line, curr_tty, sizeof(line.ut_line));
		36
		37	- if ((ut = getutline(&line)) == NULL) {
		38	+ if ((ut = getutxline(&line)) == NULL) {
		39	goto clean_up_and_go_home;
		40	}
		41
		42	@@ -74,7 +73,7 @@ pam_modutil_getlogin(pam_handle_t *pamh)
		43
		44	clean_up_and_go_home:
		45
		46	- endutent();
		47	+ endutxent();
		48
		49	return logname;
		50	}
		51	Index: Linux-PAM-1.2.1/modules/pam_issue/pam_issue.c
		52	===================================================================
		53	--- Linux-PAM-1.2.1.orig/modules/pam_issue/pam_issue.c
		54	+++ Linux-PAM-1.2.1/modules/pam_issue/pam_issue.c
		55	@@ -25,7 +25,7 @@
		56	#include <string.h>
		57	#include <unistd.h>
		58	#include <sys/utsname.h>
		59	-#include <utmp.h>
		60	+#include <utmpx.h>
		61	#include <time.h>
		62	#include <syslog.h>
		63
		64	@@ -246,13 +246,13 @@ read_issue_quoted(pam_handle_t *pamh, FI
		65	case 'U':
		66	{
		67	unsigned int users = 0;
		68	- struct utmp *ut;
		69	- setutent();
		70	- while ((ut = getutent())) {
		71	+ struct utmpx *ut;
		72	+ setutxent();
		73	+ while ((ut = getutxent())) {
		74	if (ut->ut_type == USER_PROCESS)
		75	++users;
		76	}
		77	- endutent();
		78	+ endutxent();
		79	if (c == 'U')
		80	snprintf (buf, sizeof buf, "%u %s", users,
		81	(users == 1) ? "user" : "users");
		82	Index: Linux-PAM-1.2.1/modules/pam_lastlog/pam_lastlog.c
		83	===================================================================
		84	--- Linux-PAM-1.2.1.orig/modules/pam_lastlog/pam_lastlog.c
		85	+++ Linux-PAM-1.2.1/modules/pam_lastlog/pam_lastlog.c
		86	@@ -15,8 +15,9 @@
		87	#include <errno.h>
		88	#ifdef HAVE_UTMP_H
		89	# include <utmp.h>
		90	-#else
		91	-# include <lastlog.h>
		92	+#endif
		93	+#ifdef HAVE_UTMPX_H
		94	+# include <utmpx.h>
		95	#endif
		96	#include <pwd.h>
		97	#include <stdlib.h>
		98	@@ -27,6 +28,12 @@
		99	#include <syslog.h>
		100	#include <unistd.h>
		101
		102	+#ifndef HAVE_UTMP_H
		103	+#define UT_LINESIZE 32
		104	+#define UT_HOSTSIZE 32
		105	+#define UT_NAMESIZE 256
		106	+#endif
		107	+
		108	#if defined(hpux) \|\| defined(sunos) \|\| defined(solaris)
		109	# ifndef _PATH_LASTLOG
		110	# define _PATH_LASTLOG "/usr/adm/lastlog"
		111	@@ -38,7 +45,7 @@
		112	# define UT_LINESIZE 12
		113	# endif /* UT_LINESIZE */
		114	#endif
		115	-#if defined(hpux)
		116	+#if defined(hpux) \|\| !defined HAVE_UTMP_H
		117	struct lastlog {
		118	time_t ll_time;
		119	char ll_line[UT_LINESIZE];
		120	@@ -447,8 +454,8 @@ last_login_failed(pam_handle_t *pamh, in
		121	{
		122	int retval;
		123	int fd;
		124	- struct utmp ut;
		125	- struct utmp utuser;
		126	+ struct utmpx ut;
		127	+ struct utmpx utuser;
		128	int failed = 0;
		129	char the_time[256];
		130	char *date = NULL;
		131	Index: Linux-PAM-1.2.1/modules/pam_limits/pam_limits.c
		132	===================================================================
		133	--- Linux-PAM-1.2.1.orig/modules/pam_limits/pam_limits.c
		134	+++ Linux-PAM-1.2.1/modules/pam_limits/pam_limits.c
		135	@@ -33,7 +33,7 @@
		136	#include <sys/resource.h>
		137	#include <limits.h>
		138	#include <glob.h>
		139	-#include <utmp.h>
		140	+#include <utmpx.h>
		141	#ifndef UT_USER /* some systems have ut_name instead of ut_user */
		142	#define UT_USER ut_user
		143	#endif
		144	@@ -227,7 +227,7 @@ static int
		145	check_logins (pam_handle_t pamh, const char name, int limit, int ctrl,
		146	struct pam_limit_s *pl)
		147	{
		148	- struct utmp *ut;
		149	+ struct utmpx *ut;
		150	int count;
		151
		152	if (ctrl & PAM_DEBUG_ARG) {
		153	@@ -242,7 +242,7 @@ check_logins (pam_handle_t *pamh, const
		154	return LOGIN_ERR;
		155	}
		156
		157	- setutent();
		158	+ setutxent();
		159
		160	/* Because there is no definition about when an application
		161	actually adds a utmp entry, some applications bizarrely do the
		162	@@ -260,7 +260,7 @@ check_logins (pam_handle_t *pamh, const
		163	count = 1;
		164	}
		165
		166	- while((ut = getutent())) {
		167	+ while((ut = getutxent())) {
		168	#ifdef USER_PROCESS
		169	if (ut->ut_type != USER_PROCESS) {
		170	continue;
		171	@@ -296,7 +296,7 @@ check_logins (pam_handle_t *pamh, const
		172	break;
		173	}
		174	}
		175	- endutent();
		176	+ endutxent();
		177	if (count > limit) {
		178	if (name) {
		179	pam_syslog(pamh, LOG_WARNING,
		180	Index: Linux-PAM-1.2.1/modules/pam_timestamp/pam_timestamp.c
		181	===================================================================
		182	--- Linux-PAM-1.2.1.orig/modules/pam_timestamp/pam_timestamp.c
		183	+++ Linux-PAM-1.2.1/modules/pam_timestamp/pam_timestamp.c
		184	@@ -56,7 +56,7 @@
		185	#include <time.h>
		186	#include <sys/time.h>
		187	#include <unistd.h>
		188	-#include <utmp.h>
		189	+#include <utmpx.h>
		190	#include <syslog.h>
		191	#include <paths.h>
		192	#include "hmacsha1.h"
		193	@@ -197,15 +197,15 @@ timestamp_good(time_t then, time_t now,
		194	static int
		195	check_login_time(const char *ruser, time_t timestamp)
		196	{
		197	- struct utmp utbuf, *ut;
		198	+ struct utmpx utbuf, *ut;
		199	time_t oldest_login = 0;
		200
		201	- setutent();
		202	+ setutxent();
		203	while(
		204	#ifdef HAVE_GETUTENT_R
		205	- !getutent_r(&utbuf, &ut)
		206	+ !getutxent_r(&utbuf, &ut)
		207	#else
		208	- (ut = getutent()) != NULL
		209	+ (ut = getutxent()) != NULL
		210	#endif
		211	) {
		212	if (ut->ut_type != USER_PROCESS) {
		213	@@ -218,7 +218,7 @@ check_login_time(const char *ruser, time
		214	oldest_login = ut->ut_tv.tv_sec;
		215	}
		216	}
		217	- endutent();
		218	+ endutxent();
		219	if(oldest_login == 0 \|\| timestamp < oldest_login) {
		220	return PAM_AUTH_ERR;
		221	}
		222	Index: Linux-PAM-1.2.1/modules/pam_unix/support.c
		223	===================================================================
		224	--- Linux-PAM-1.2.1.orig/modules/pam_unix/support.c
		225	+++ Linux-PAM-1.2.1/modules/pam_unix/support.c
		226	@@ -13,7 +13,6 @@
		227	#include <pwd.h>
		228	#include <shadow.h>
		229	#include <limits.h>
		230	-#include <utmp.h>
		231	#include <errno.h>
		232	#include <signal.h>
		233	#include <ctype.h>


diff --git a/meta/recipes-extended/pam/libpam_1.2.1.bb b/meta/recipes-extended/pam/libpam_1.2.1.bb index ac3097ef7c..0353356568 100644 --- a/meta/recipes-extended/pam/libpam_1.2.1.bb +++ b/meta/recipes-extended/pam/libpam_1.2.1.bb
@@ -28,7 +28,9 @@ SRC_URI = "http://linux-pam.org/library/Linux-PAM-${PV}.tar.bz2 \
28	SRC_URI[md5sum] = "9dc53067556d2dd567808fd509519dd6"	28	SRC_URI[md5sum] = "9dc53067556d2dd567808fd509519dd6"
29	SRC_URI[sha256sum] = "342b1211c0d3b203a7df2540a5b03a428a087bd8a48c17e49ae268f992b334d9"	29	SRC_URI[sha256sum] = "342b1211c0d3b203a7df2540a5b03a428a087bd8a48c17e49ae268f992b334d9"
30		30
31	SRC_URI_append_libc-uclibc = " file://pam-no-innetgr.patch"	31	SRC_URI_append_libc-uclibc = " file://pam-no-innetgr.patch \
		32	file://use-utmpx.patch"
		33
32	SRC_URI_append_libc-musl = " file://pam-no-innetgr.patch"	34	SRC_URI_append_libc-musl = " file://pam-no-innetgr.patch"
33		35
34	DEPENDS = "bison flex flex-native cracklib"	36	DEPENDS = "bison flex flex-native cracklib"