Add a cracklib USE flag to enable/disable pam_cracklib module building. Thanks to the EPAM "syntax", the configuration file installed is updated as needed for etc-update.

(Portage version: 2.1.3_rc7)
author: Diego Elio Pettenò <flameeyes@gentoo.org> 2007-07-10 13:05:12 +0000
committer: Diego Elio Pettenò <flameeyes@gentoo.org> 2007-07-10 13:05:12 +0000
commit: bc006da16df17f418afd04590c72e654b69fb8da (patch)
tree: c6105dcffcb88c664b87ef29121e9e163c05da6b /sys-libs
parent: Stable on amd64 (diff)
download: gentoo-2-bc006da16df17f418afd04590c72e654b69fb8da.tar.gz
gentoo-2-bc006da16df17f418afd04590c72e654b69fb8da.tar.bz2
gentoo-2-bc006da16df17f418afd04590c72e654b69fb8da.zip
4 files changed, 207 insertions, 1 deletions
diff --git a/sys-libs/pam/ChangeLog b/sys-libs/pam/ChangeLog
index dc8fed1608b3..aa1f0c283252 100644
--- a/sys-libs/pam/ChangeLog
+++ b/sys-libs/pam/ChangeLog
@@ -1,6 +1,14 @@
 # ChangeLog for sys-libs/pam
 # Copyright 2002-2007 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-libs/pam/ChangeLog,v 1.158 2007/07/08 17:26:58 flameeyes Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-libs/pam/ChangeLog,v 1.159 2007/07/10 13:05:12 flameeyes Exp $
+
+*pam-0.99.8.0-r1 (10 Jul 2007)
+
+  10 Jul 2007; Diego Pettenò <flameeyes@gentoo.org>
+  +files/system-auth.pamd.epam, +pam-0.99.8.0-r1.ebuild:
+  Add a cracklib USE flag to enable/disable pam_cracklib module building.
+  Thanks to the EPAM "syntax", the configuration file installed is updated as
+  needed for etc-update.
 
   08 Jul 2007; Diego Pettenò <flameeyes@gentoo.org> pam-0.99.7.1.ebuild,
   pam-0.99.8.0.ebuild:
diff --git a/sys-libs/pam/files/digest-pam-0.99.8.0-r1 b/sys-libs/pam/files/digest-pam-0.99.8.0-r1
new file mode 100644
index 000000000000..0ae5144edf74
--- /dev/null
+++ b/sys-libs/pam/files/digest-pam-0.99.8.0-r1
@@ -0,0 +1,6 @@
+MD5 dd508b5289b554630be66ea1f2a9ea52 Linux-PAM-0.99.8.0-ldflags-to-libadd.patch.bz2 2554
+RMD160 734f41e1e040f737ae9a229ce15c3a14caeb8922 Linux-PAM-0.99.8.0-ldflags-to-libadd.patch.bz2 2554
+SHA256 f79f52e60390c1d131d4b590097ccb9e9705a4842c3b63de24f9867c6ea55336 Linux-PAM-0.99.8.0-ldflags-to-libadd.patch.bz2 2554
+MD5 e05a9a1e95ec9bcfa5c09d44f46ad943 Linux-PAM-0.99.8.0.tar.bz2 903366
+RMD160 9e2c9bc00318ef711a2af4561a1c763c2ca28db5 Linux-PAM-0.99.8.0.tar.bz2 903366
+SHA256 4b42990b4cada5ad0abefd6048b8646b17813448fbf13d758cbce605908f02a2 Linux-PAM-0.99.8.0.tar.bz2 903366
diff --git a/sys-libs/pam/files/system-auth.pamd.epam b/sys-libs/pam/files/system-auth.pamd.epam
new file mode 100644
index 000000000000..b2c432ec7fd7
--- /dev/null
+++ b/sys-libs/pam/files/system-auth.pamd.epam
@@ -0,0 +1,14 @@
+#%PAM-1.0
+
+auth       required	pam_env.so
+auth       sufficient	pam_unix.so try_first_pass likeauth nullok
+auth       required	pam_deny.so
+
+account    required	pam_unix.so
+
+#%EPAM-Use-Flag:cracklib%#password   required	pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 try_first_pass retry=3
+password   sufficient	pam_unix.so try_first_pass use_authtok nullok md5 shadow
+password   required	pam_deny.so
+
+session    required	pam_limits.so
+session    required	pam_unix.so
diff --git a/sys-libs/pam/pam-0.99.8.0-r1.ebuild b/sys-libs/pam/pam-0.99.8.0-r1.ebuild
new file mode 100644
index 000000000000..62af97ea0a15
--- /dev/null
+++ b/sys-libs/pam/pam-0.99.8.0-r1.ebuild
@@ -0,0 +1,178 @@
+# Copyright 1999-2007 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-libs/pam/pam-0.99.8.0-r1.ebuild,v 1.1 2007/07/10 13:05:12 flameeyes Exp $
+
+WANT_AUTOCONF="latest"
+WANT_AUTOMAKE="latest"
+
+inherit libtool multilib eutils autotools pam toolchain-funcs
+
+MY_PN="Linux-PAM"
+MY_P="${MY_PN}-${PV}"
+
+HOMEPAGE="http://www.kernel.org/pub/linux/libs/pam/"
+DESCRIPTION="Linux-PAM (Pluggable Authentication Modules)"
+
+SRC_URI="mirror://kernel/linux/libs/pam/pre/library/${MY_P}.tar.bz2
+	mirror://gentoo/${MY_P}-ldflags-to-libadd.patch.bz2"
+
+LICENSE="PAM"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
+IUSE="cracklib nls elibc_FreeBSD selinux vim-syntax"
+
+RDEPEND="nls? ( virtual/libintl )
+	cracklib? ( >=sys-libs/cracklib-2.8.3 )
+	sys-libs/pwdb
+	selinux? ( >=sys-libs/libselinux-1.28 )"
+DEPEND="${RDEPEND}
+	nls? ( sys-devel/gettext )"
+PDEPEND="vim-syntax? ( app-vim/pam-syntax )"
+
+S="${WORKDIR}/${MY_P}"
+
+
+PROVIDE="virtual/pam"
+
+check_old_modules() {
+	local retval="0"
+
+	if sed -e 's:#.*::' /etc/pam.d/* | fgrep -q pam_stack.so; then
+		eerror ""
+		eerror "Your current setup is using the pam_stack module."
+		eerror "This module is deprecated and no more supported, and since version"
+		eerror "0.99 is no more installed, nor provided by any other package."
+		eerror "The package will be built (to allow binary package builds), but will"
+		eerror "not be installed."
+		eerror "Please replace pam_stack usage with proper include directive usage,"
+		eerror "following the PAM Upgrade guide at the following URL"
+		eerror "  http://www.gentoo.org/proj/en/base/pam/upgrade-0.99.xml"
+		eerror ""
+		ebeep 15
+
+		retval=1
+	fi
+
+	if sed -e 's:#.*::' /etc/pam.d/* | egrep -q 'pam_(pwdb|radius|timestamp|chroot)'; then
+		eerror ""
+		eerror "Your current setup is using one or more of the following modules,"
+		eerror "that are not built or supported anymore:"
+		eerror "pam_pwdb, pam_radius, pam_timestamp, pam_chroot"
+		eerror "If you are in real need for these modules, please contact the maintainers"
+		eerror "of PAM through http://bugs.gentoo.org/ providing information about its"
+		eerror "use cases."
+		ebeep 10
+
+		retval=1
+	fi
+
+	# Produce the warnings only during upgrade, for the following two
+	has_version '<sys-libs/pam-0.99' || return $retval
+
+	if sed -e 's:#.*::' /etc/pam.d/* | fgrep -q pam_console.so; then
+		ewarn ""
+		ewarn "Your current setup is using the pam_console module."
+		ewarn "Since version 0.99, ${CATEGORY}/${PN} does not provide this module"
+		ewarn "anymore; if you want to continue using this module, you should install"
+		ewarn "sys-auth/pam_console."
+		ewarn ""
+		ebeep 5
+	fi
+
+	if sed -e 's:#.*::' /etc/pam.d/* | fgrep -q pam_userdb.so; then
+		ewarn ""
+		ewarn "Your current setup is using the pam_userdb module."
+		ewarn "Since version 0.99, ${CATEGORY}/${PN} does not provide this module"
+		ewarn "anymore; if you want to continue using this module, you should install"
+		ewarn "sys-auth/pam_userdb."
+		ewarn ""
+		ebeep 5
+	fi
+
+	return $retval
+}
+
+pkg_setup() {
+	check_old_modules
+}
+
+src_unpack() {
+	unpack ${A}
+	cd "${S}"
+
+	mkdir -p doc/txts
+	for readme in modules/pam_*/README; do
+		cp -f "${readme}" doc/txts/README.$(dirname "${readme}" | \
+			sed -e 's|^modules/||')
+	done
+
+	epatch "${DISTDIR}/${MY_P}-ldflags-to-libadd.patch.bz2"
+	epatch "${FILESDIR}/${MY_PN}-0.99.7.0-disable-regenerate-man.patch"
+	epatch "${FILESDIR}/${MY_P}-setlocale.patch"
+
+	AT_M4DIR="m4" eautoreconf
+
+	elibtoolize
+}
+
+src_compile() {
+	local myconf
+
+	if use hppa || use elibc_FreeBSD; then
+		myconf="${myconf} --disable-pie"
+	fi
+
+	econf \
+		$(use_enable nls) \
+		$(use_enable selinux) \
+		$(use_enable cracklib) \
+		--libdir=/usr/$(get_libdir) \
+		--disable-db \
+		--enable-securedir=/$(get_libdir)/security \
+		--enable-isadir=/$(get_libdir)/security \
+		--disable-dependency-tracking \
+		--disable-prelude \
+		--enable-docdir=/usr/share/doc/${PF} \
+		--disable-regenerate-man \
+		${myconf} || die "econf failed"
+	emake || die "emake failed"
+}
+
+src_install() {
+	emake DESTDIR="${D}" install || die "make install failed"
+
+	# Need to be suid
+	fperms u+s /sbin/unix_chkpwd
+
+	dodir /$(get_libdir)
+	mv "${D}/usr/$(get_libdir)/libpam.so"* "${D}/$(get_libdir)/"
+	mv "${D}/usr/$(get_libdir)/libpamc.so"* "${D}/$(get_libdir)/"
+	mv "${D}/usr/$(get_libdir)/libpam_misc.so"* "${D}/$(get_libdir)/"
+	gen_usr_ldscript libpam.so libpamc.so libpam_misc.so
+
+	# No, we don't really need .la files for PAM modules.
+	rm -f "${D}/$(get_libdir)/security/"*.la
+
+	dodoc CHANGELOG ChangeLog README AUTHORS Copyright
+	docinto modules ; dodoc doc/txts/README.*
+
+	newpamd "${FILESDIR}/system-auth.pamd.epam" system-auth
+	dopamd "${FILESDIR}/pam.d-0.99/other"
+
+	# Remove the wrongly installed manpages
+	rm "${D}"/usr/share/man/man8/pam_userdb.8*
+	use cracklib || rm "${D}"/usr/share/man/man8/pam_cracklib.8*
+}
+
+pkg_preinst() {
+	check_old_modules || die "deprecated PAM modules still used"
+
+	pam_epam_expand "${D}"/etc/pam.d/*
+}
+
+pkg_postinst() {
+	if ! use cracklib; then
+		ewarn "You chosen not to enable cracklib. Make sure you run etc-update or"
+		ewarn "you won't be able to change users' passwords."
+	fi
+}
author	Diego Elio Pettenò <flameeyes@gentoo.org>	2007-07-10 13:05:12 +0000
committer	Diego Elio Pettenò <flameeyes@gentoo.org>	2007-07-10 13:05:12 +0000
commit	bc006da16df17f418afd04590c72e654b69fb8da (patch)
tree	c6105dcffcb88c664b87ef29121e9e163c05da6b /sys-libs
parent	Stable on amd64 (diff)
download	gentoo-2-bc006da16df17f418afd04590c72e654b69fb8da.tar.gz gentoo-2-bc006da16df17f418afd04590c72e654b69fb8da.tar.bz2 gentoo-2-bc006da16df17f418afd04590c72e654b69fb8da.zip