diff options
Diffstat (limited to 'sys-apps/shadow')
| -rw-r--r-- | sys-apps/shadow/ChangeLog | 12 | ||||
| -rw-r--r-- | sys-apps/shadow/Manifest | 26 | ||||
| -rw-r--r-- | sys-apps/shadow/files/login.pamd.2 | 27 | ||||
| -rw-r--r-- | sys-apps/shadow/shadow-4.0.18.2.ebuild | 73 |
4 files changed, 74 insertions, 64 deletions
diff --git a/sys-apps/shadow/ChangeLog b/sys-apps/shadow/ChangeLog index a0fac212edb5..b4d3f7023556 100644 --- a/sys-apps/shadow/ChangeLog +++ b/sys-apps/shadow/ChangeLog @@ -1,6 +1,16 @@ # ChangeLog for sys-apps/shadow # Copyright 1999-2007 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-apps/shadow/ChangeLog,v 1.178 2007/11/04 04:17:13 vapier Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-apps/shadow/ChangeLog,v 1.179 2007/11/04 15:12:28 flameeyes Exp $ + + 04 Nov 2007; Diego Pettenò <flameeyes@gentoo.org> +files/login.pamd.2, + shadow-4.0.18.2.ebuild: + PAM support updates: change the dependency back to sys-libs/pam but ask for + at least version 0.99 (so that we know we have the proper pam_tally, and we + can drop some conditionals), OpenPAM wouldn't work for shadow for now. + Simplify the pam.d installation, without using the for loop and case + statement. Use the 'epam syntax' for the selinux conditional. Update the + options passed to pam_tally so that they don't throw warnings when used with + Linux-PAM 0.99. *shadow-4.0.18.2 (04 Nov 2007) diff --git a/sys-apps/shadow/Manifest b/sys-apps/shadow/Manifest index a696b048a5f9..4512c0d2f03c 100644 --- a/sys-apps/shadow/Manifest +++ b/sys-apps/shadow/Manifest @@ -17,6 +17,10 @@ AUX login.pamd.1 1020 RMD160 9f0ec8ff53bf96b89dc8a03d73839e5d8ea83552 SHA1 544ae MD5 1e2cdd4317dbb505d470e78a4925394f files/login.pamd.1 1020 RMD160 9f0ec8ff53bf96b89dc8a03d73839e5d8ea83552 files/login.pamd.1 1020 SHA256 592c941fc935a85a0605df993ac130aadca0f5cb156aeed163d97fbc9483f457 files/login.pamd.1 1020 +AUX login.pamd.2 915 RMD160 753976e3e134d8ce45560cf268683703d7d612fc SHA1 bf0b761a9ab5f35b0b035380b8bf986e08326f1e SHA256 6bc326f38a8948313e5b6032c45cd2a4973d2f518000325e744545e82d517573 +MD5 5a801c1033b425671cda233f839ca2a3 files/login.pamd.2 915 +RMD160 753976e3e134d8ce45560cf268683703d7d612fc files/login.pamd.2 915 +SHA256 6bc326f38a8948313e5b6032c45cd2a4973d2f518000325e744545e82d517573 files/login.pamd.2 915 AUX login_defs.awk 738 RMD160 4c05e7ab04b1b630bba093fdb2c2501c11a2d5be SHA1 74a28544ec0de8dbc530846c54af763f8ebc9f18 SHA256 6ceb9e03c2f7df817f3162de48886c9c66a596cb2af98fbf523c93e26840113b MD5 372a33c569b7078d247058c7dab1cae2 files/login_defs.awk 738 RMD160 4c05e7ab04b1b630bba093fdb2c2501c11a2d5be files/login_defs.awk 738 @@ -103,14 +107,14 @@ EBUILD shadow-4.0.18.1-r1.ebuild 5914 RMD160 c5323f6fd8b05ffc826d444e12dd62f9780 MD5 3ad336178335dd7357d4bdb84d3d1a33 shadow-4.0.18.1-r1.ebuild 5914 RMD160 c5323f6fd8b05ffc826d444e12dd62f9780c987c shadow-4.0.18.1-r1.ebuild 5914 SHA256 780da8cb7536fe971f803c2371d40ecff6eb7ec3d7541f084b1ace8570f9ed9c shadow-4.0.18.1-r1.ebuild 5914 -EBUILD shadow-4.0.18.2.ebuild 5969 RMD160 b14bb9db857dfd407c21e0dc8a3fbbf27da7865d SHA1 62bb7741731213510de812e4c69225c00dcaec1c SHA256 78ae8d09c2f86f47bc3a459f15b0e8fb322bd1032f6178c77c291894f9b00229 -MD5 20da5055da1df09ed91c06431304ff6c shadow-4.0.18.2.ebuild 5969 -RMD160 b14bb9db857dfd407c21e0dc8a3fbbf27da7865d shadow-4.0.18.2.ebuild 5969 -SHA256 78ae8d09c2f86f47bc3a459f15b0e8fb322bd1032f6178c77c291894f9b00229 shadow-4.0.18.2.ebuild 5969 -MISC ChangeLog 31586 RMD160 fd1eddfee90483b49b8d13d5016581a41b1d725c SHA1 d9c4562ed285bcb1f62c37988ff0220ef17b473f SHA256 b6ba19c105547b4e0fb36282e87c6d549ac74b7c65bb58e3759601eff4946efd -MD5 d3ee2cb0b79478fba7ce02fc1f78524d ChangeLog 31586 -RMD160 fd1eddfee90483b49b8d13d5016581a41b1d725c ChangeLog 31586 -SHA256 b6ba19c105547b4e0fb36282e87c6d549ac74b7c65bb58e3759601eff4946efd ChangeLog 31586 +EBUILD shadow-4.0.18.2.ebuild 5128 RMD160 2e376e5fd4535453ffff41383120b91fae20834d SHA1 0c3f875661c3a3f1964c8f47df3725931605d420 SHA256 bd8b27e9b2a82ff89fc02b1ab4984caa66b9e2b0d2a172a71541bf7985d2a97a +MD5 995d3ab79f9d2a4eeadf628a9f77d0fe shadow-4.0.18.2.ebuild 5128 +RMD160 2e376e5fd4535453ffff41383120b91fae20834d shadow-4.0.18.2.ebuild 5128 +SHA256 bd8b27e9b2a82ff89fc02b1ab4984caa66b9e2b0d2a172a71541bf7985d2a97a shadow-4.0.18.2.ebuild 5128 +MISC ChangeLog 32162 RMD160 7a7903202baea3846ad6ce56c07d6cf34d43bdde SHA1 e3b90254a7747807bc98c016b64ee3f308dc52de SHA256 5c84c1faf515fe6e0a54b0be0d5a54573ba4922329d58726ddeff9e5bbd6b0b8 +MD5 1601ba1d5bb4f2f78df7105d6875de01 ChangeLog 32162 +RMD160 7a7903202baea3846ad6ce56c07d6cf34d43bdde ChangeLog 32162 +SHA256 5c84c1faf515fe6e0a54b0be0d5a54573ba4922329d58726ddeff9e5bbd6b0b8 ChangeLog 32162 MISC metadata.xml 164 RMD160 f43cbec30b7074319087c9acffdb9354b17b0db3 SHA1 9c213f5803676c56439df3716be07d6692588856 SHA256 f5f2891f2a4791cd31350bb2bb572131ad7235cd0eeb124c9912c187ac10ce92 MD5 9a09f8d531c582e78977dbfd96edc1f2 metadata.xml 164 RMD160 f43cbec30b7074319087c9acffdb9354b17b0db3 metadata.xml 164 @@ -124,7 +128,7 @@ SHA256 6264aa6a9d2ada8ace48b5b8826000881380c6cd5eef0a27eec47a8d9b2705d8 files/di -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.7 (GNU/Linux) -iD8DBQFHLUfPp/wUKkr7RBoRAojbAJ0T41e3kqa6Cp3M4kqnmhMGO/E0NwCcCavg -7DOV0e1DfmHt2AaYIwARnIw= -=OX8X +iD8DBQFHLeBqAiZjviIA2XgRAjvzAKCfejFy7NncQA+fBA8d9K7o0ZWlpACfUX2t +qnN74iT4LjWWOmcL4UCl0M0= +=hNDT -----END PGP SIGNATURE----- diff --git a/sys-apps/shadow/files/login.pamd.2 b/sys-apps/shadow/files/login.pamd.2 new file mode 100644 index 000000000000..fdbdf1cda9b0 --- /dev/null +++ b/sys-apps/shadow/files/login.pamd.2 @@ -0,0 +1,27 @@ +#%PAM-1.0 + +auth required pam_securetty.so +auth required pam_tally.so file=/var/log/faillog onerr=succeed +auth required pam_shells.so +auth required pam_nologin.so +auth include system-auth + +account required pam_access.so +account include system-auth +account required pam_tally.so file=/var/log/faillog onerr=succeed + +password include system-auth + +#%EPAM-Use-Flag:selinux%## pam_selinux.so close should be the first session rule +#%EPAM-Use-Flag:selinux%#session required pam_selinux.so close +#%EPAM-Use-Flag:selinux%# +session required pam_env.so +session optional pam_lastlog.so +session optional pam_motd.so motd=/etc/motd +session optional pam_mail.so + +session include system-auth + +#%EPAM-Use-Flag:selinux%## pam_selinux.so open should be the last session rule +#%EPAM-Use-Flag:selinux%#session required pam_selinux.so multiple open +#%EPAM-Use-Flag:selinux%# diff --git a/sys-apps/shadow/shadow-4.0.18.2.ebuild b/sys-apps/shadow/shadow-4.0.18.2.ebuild index 390c57f8de05..84a97178ce2b 100644 --- a/sys-apps/shadow/shadow-4.0.18.2.ebuild +++ b/sys-apps/shadow/shadow-4.0.18.2.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2007 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-apps/shadow/shadow-4.0.18.2.ebuild,v 1.1 2007/11/04 04:17:13 vapier Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-apps/shadow/shadow-4.0.18.2.ebuild,v 1.2 2007/11/04 15:12:28 flameeyes Exp $ inherit eutils libtool toolchain-funcs autotools pam @@ -14,7 +14,7 @@ SLOT="0" IUSE="nls pam selinux skey nousuid cracklib" RDEPEND="cracklib? ( >=sys-libs/cracklib-2.7-r3 ) - pam? ( virtual/pam ) + pam? ( >=sys-libs/pam-0.99 ) !sys-apps/pam-login !app-admin/nologin skey? ( app-admin/skey ) @@ -95,20 +95,16 @@ src_install() { if ! use pam ; then insopts -m0600 doins etc/login.access etc/limits - else - newpamd "${FILESDIR}/login.pamd.1" login - use selinux || sed -i -e '/@selinux@/d' "${D}"/etc/pam.d/login - use selinux && sed -i -e 's:@selinux@::g' "${D}"/etc/pam.d/login fi # Output arch-specific cruft case $(tc-arch) in ppc*) echo "hvc0" >> "${D}"/etc/securetty - echo "hvsi0" >> "${D}"/etc/securetty - echo "ttyPSC0" >> "${D}"/etc/securetty;; + echo "hvsi0" >> "${D}"/etc/securetty + echo "ttyPSC0" >> "${D}"/etc/securetty;; hppa) echo "ttyB0" >> "${D}"/etc/securetty;; arm) echo "ttyFB0" >> "${D}"/etc/securetty;; sh) echo "ttySC0" >> "${D}"/etc/securetty - echo "ttySC1" >> "${D}"/etc/securetty;; + echo "ttySC1" >> "${D}"/etc/securetty;; esac # needed for 'adduser -D' @@ -120,62 +116,33 @@ src_install() { mv "${D}"/usr/bin/passwd "${D}"/bin/ dosym /bin/passwd /usr/bin/passwd + cd "${S}" + insinto /etc + insopts -m0644 + newins etc/login.defs login.defs + if use pam ; then - local INSTALL_SYSTEM_PAMD="yes" - - # Do not install below pam.d files if we have pam-0.78 or later - has_version '>=sys-libs/pam-0.78' && \ - INSTALL_SYSTEM_PAMD="no" - - for x in "${FILESDIR}"/pam.d-include/*; do - case "${x##*/}" in - "login") - # We do no longer install this one, as its from - # pam-login now. - ;; - "system-auth"|"system-auth-1.1"|"other") - # These we only install if we do not have pam-0.78 - # or later. - [ "${INSTALL_SYSTEM_PAMD}" = "yes" ] && [ -f ${x} ] && \ - dopamd ${x} - ;; - "su") - # Disable support for pam_env and pam_wheel on openpam - has_version sys-libs/pam && dopamd ${x} - ;; - "su-openpam") - has_version sys-libs/openpam && newpamd ${x} su - ;; - *) - [ -f ${x} ] && dopamd ${x} - ;; - esac - done + dopamd "${FILESDIR}/pam.d-include/"{su,passwd,shadow} + + newpamd "${FILESDIR}/login.pamd.2" login + for x in chage chsh chfn chpasswd newusers \ user{add,del,mod} group{add,del,mod} ; do newpamd "${FILESDIR}"/pam.d-include/shadow ${x} done + # comment out login.defs options that pam hates + gawk -f "${FILESDIR}"/login_defs.awk \ + lib/getdef.c etc/login.defs \ + > "${D}"/etc/login.defs + # remove manpages that pam will install for us # and/or don't apply when using pam - find "${D}"/usr/share/man \ '(' -name 'limits.5*' -o -name 'suauth.5*' ')' \ -exec rm {} \; fi - cd "${S}" - insinto /etc - insopts -m0644 - newins etc/login.defs login.defs - - # comment out options that pam hates - if use pam ; then - awk -f "${FILESDIR}"/login_defs.awk \ - lib/getdef.c etc/login.defs \ - > "${D}"/etc/login.defs - fi - # Remove manpages that are handled by other packages find "${D}"/usr/share/man \ '(' -name id.1 -o -name passwd.5 -o -name getspnam.3 ')' \ @@ -191,6 +158,8 @@ src_install() { pkg_preinst() { rm -f "${ROOT}"/etc/pam.d/system-auth.new \ "${ROOT}/etc/login.defs.new" + + use pam && pam_epam_expand "${D}"/etc/pam.d/login } pkg_postinst() { |