summaryrefslogtreecommitdiff
path: root/sys-auth
diff options
context:
space:
mode:
Diffstat (limited to 'sys-auth')
-rw-r--r--sys-auth/Manifest.gzbin10401 -> 10579 bytes
-rw-r--r--sys-auth/pambase/Manifest6
-rw-r--r--sys-auth/pambase/metadata.xml15
-rw-r--r--sys-auth/pambase/pambase-20200917.ebuild (renamed from sys-auth/pambase/pambase-20200817.ebuild)26
-rw-r--r--sys-auth/polkit/Manifest2
-rw-r--r--sys-auth/polkit/polkit-0.118.ebuild132
-rw-r--r--sys-auth/solo-python/Manifest3
-rw-r--r--sys-auth/solo-python/metadata.xml17
-rw-r--r--sys-auth/solo-python/solo-python-0.0.26.ebuild34
9 files changed, 224 insertions, 11 deletions
diff --git a/sys-auth/Manifest.gz b/sys-auth/Manifest.gz
index df2782d1a2ca..c634817520c1 100644
--- a/sys-auth/Manifest.gz
+++ b/sys-auth/Manifest.gz
Binary files differ
diff --git a/sys-auth/pambase/Manifest b/sys-auth/pambase/Manifest
index db05926db1ea..33d290e1b392 100644
--- a/sys-auth/pambase/Manifest
+++ b/sys-auth/pambase/Manifest
@@ -1,5 +1,5 @@
DIST pambase-20200304.tar.gz 3466 BLAKE2B e4d406460d435403ed7a46d517f9006cacc54a94f5019a573c81b331731c88679ed6d388354b5946894bdfada556b4c73735c3f4de88fc7678cd831c68ab46c3 SHA512 c2a7f3fd143637fbdf5c0a3c58ba5a3c23c5e8adb1f057d02b4b9d64660435fc529031a0f710a9e5fc7091710f78dcb2f3e1ff48f033fb491ddd0399ef05b189
-DIST pambase-20200817.tar.gz 3340 BLAKE2B 76a9afbf29ab9ee6f7d25943de8c7c7bdd3413ade64d7a7623d5aec297cd864c1696a6442179d8d7c52f4df00644d80486e0dc61255454aa72b18eb9ae901ed8 SHA512 5448335da1437776f6097e591a1bd52dc62fb1847622c19077f14cdf8a677bc916f220903e4c6e924d43360fec0010a23b9cdf62aeba2a617ef6208eac2438eb
+DIST pambase-20200917.tar.gz 3342 BLAKE2B 4dde3a6a4a22f02464a2a703a2385038c53c05398904dc47431880a16d7dd1ba89c8f5fdf19a7d50406f2487f8bdf90264ca2941cc6a2ad9d404e89c3d73edca SHA512 0cae27f7cd7ef258771b61110ba3ce5a44a0f9d71030670b2a40aa47a609d30ae3e3d7bc0649dcce25a2cfe2e1259e6d9ff435118ab1d2db771a162898ab5143
EBUILD pambase-20200304.ebuild 2169 BLAKE2B 04b9658390ae7c88df12dfc4611665fd9bbdb21c4f7fe2c3e0d2b52eb795842a3f80f429a44d0f15027e2092d7f3cae7fb5978178b78cf580504feec194d6a84 SHA512 f718edc810dc14ed9f93816c997bf74e0563003535bcc82c524f3febdc7c8c32f187a954d5d99ecbd06a6c154b004d1ce0c86674e5f5a30eda3fe2368f771ef5
-EBUILD pambase-20200817.ebuild 1998 BLAKE2B 42923fa493d60e0d2197059c2568c307eceb52e2186edd25f687b227ca4b4cf3fea2b8a1bd8e1b7f4eaa9c7b0e027fbe88e1091a571d0a5b2ea3a2b736972712 SHA512 be84f55e7c498c2ba60093aad34e36909d4d514bba6db7e460d07b9768c8f46cb14c44c89f8987ffb32264b226836b09a1c8962e95c162cb10eed30602ebc245
-MISC metadata.xml 4065 BLAKE2B 001a1fff09797ee77e84c442c7d85ab11d7c8448f9eb34c2aad8e117091ddcdc639511d094e125e920139f94f4a5f7be53c13320848b760be099a1e79dc03cf5 SHA512 5552b7a640e13031aaa6fc9a42ffb3e0285fcd7293db94975d124b655ece670a15386b61a6f2ed71696d4ddc10442c813b86d07f46714374b3fe84ac2f60b937
+EBUILD pambase-20200917.ebuild 2640 BLAKE2B e5adae78bf0e9352a9912f5f6f9197206ebfa367754f16920eb55113e5a4f90d58908d40d0115c13215d6e7c6c235261dffba3facf3733b5ab75c8cd6277948e SHA512 69964dd314abe7bd2b6d86faaaa8f16c91fbdde84e2b3b76521e9d7bec5bce6dbbee5746cc95de9ff0b007e7d8798153a8da8f490fa2335829b5259303f103da
+MISC metadata.xml 4274 BLAKE2B 76b7588ad42eeff135eb81cf0f9e4eb1c1ce6329e62138cf934ea99cc74ae4eb45ad224072210cd5630484a71583e86d2d304a07e83f3f36284d760a73848195 SHA512 6f0fe0ac7c20e8203bc858ff54323c3e9ffb564fdb67da601c7a99218e3a5b7666bbc2c548314547a4d842cc0cd40058d98f7d13ca103cd427482fe25ff89af6
diff --git a/sys-auth/pambase/metadata.xml b/sys-auth/pambase/metadata.xml
index bb8fe7281268..f64b16605601 100644
--- a/sys-auth/pambase/metadata.xml
+++ b/sys-auth/pambase/metadata.xml
@@ -39,6 +39,12 @@
or providing example passwords when changing your system password.
It is used by default by OpenWall GNU/*/Linux and by FreeBSD.
</flag>
+ <flag name="pwhistory">
+ Enable pam_pwhistory module on system auth stack to save
+ the last passwords for each user in order to force password
+ change history and keep the user from alternating between
+ the same password too frequently.
+ </flag>
<flag name="pwquality">
Enable pam_pwquality module on system auth stack for passwd
quality validation. It is used be dafault by Fedora GNU/*/Linux.
@@ -78,11 +84,10 @@
</flag>
<flag name="minimal">
Disables the standard PAM modules that provide extra information
- to users on login; this includes pam_tally (and pam_tally2 for
- Linux PAM 1.1 and later), pam_lastlog, pam_motd and other
- similar modules. This might not be a good idea on a multi-user
- system but could reduce slightly the overhead on single-user
- non-networked systems.
+ to users on login; this includes pam_lastlog, pam_motd, pam_mail
+ and other similar modules. This might not be a good idea on
+ a multi-user system but could reduce slightly the overhead on
+ single-user non-networked systems.
</flag>
<flag name="nullok">
Enable the nullok option with the pam_unix module. This allows
diff --git a/sys-auth/pambase/pambase-20200817.ebuild b/sys-auth/pambase/pambase-20200917.ebuild
index 8639fcf1d2b8..a1bd1d6b4bae 100644
--- a/sys-auth/pambase/pambase-20200817.ebuild
+++ b/sys-auth/pambase/pambase-20200917.ebuild
@@ -5,7 +5,7 @@ EAPI=7
PYTHON_COMPAT=( python3_{7..9} )
-inherit pam python-any-r1
+inherit pam python-any-r1 readme.gentoo-r1
DESCRIPTION="PAM base configuration files"
HOMEPAGE="https://github.com/gentoo/pambase"
@@ -14,13 +14,14 @@ SRC_URI="https://github.com/gentoo/pambase/archive/${P}.tar.gz"
LICENSE="MIT"
SLOT="0"
KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux"
-IUSE="caps debug elogind gnome-keyring minimal mktemp +nullok pam_krb5 pam_ssh +passwdqc pwquality securetty selinux +sha512 systemd"
+IUSE="caps debug elogind gnome-keyring minimal mktemp +nullok pam_krb5 pam_ssh +passwdqc pwhistory pwquality securetty selinux +sha512 systemd"
RESTRICT="binchecks"
REQUIRED_USE="
?? ( elogind systemd )
?? ( passwdqc pwquality )
+ pwhistory? ( || ( passwdqc pwquality ) )
"
MIN_PAM_REQ=1.4.0
@@ -36,7 +37,7 @@ RDEPEND="
)
caps? ( sys-libs/libcap[pam] )
pam_ssh? ( sys-auth/pam_ssh )
- passwdqc? ( sys-auth/passwdqc )
+ passwdqc? ( >=sys-auth/passwdqc-1.4.0-r1 )
pwquality? ( dev-libs/libpwquality[pam] )
selinux? ( sys-libs/pam[selinux] )
sha512? ( >=sys-libs/pam-${MIN_PAM_REQ} )
@@ -65,6 +66,7 @@ src_configure() {
$(usex pam_krb5 '--krb5' '') \
$(usex pam_ssh '--pam-ssh' '') \
$(usex passwdqc '--passwdqc' '') \
+ $(usex pwhistory '--pwhistory' '') \
$(usex pwquality '--pwquality' '') \
$(usex securetty '--securetty' '') \
$(usex selinux '--selinux' '') \
@@ -75,5 +77,23 @@ src_configure() {
src_test() { :; }
src_install() {
+ DOC_CONTENTS=
+
+ if use passwdqc; then
+ DOC_CONTENTS="To amend the existing password policy please see the man 5 passwdqc.conf
+ page and then edit the /etc/security/passwdqc.conf file"
+ fi
+
+ if use pwquality; then
+ DOC_CONTENTS="To amend the existing password policy please see the man 5 pwquality.conf
+ page and then edit the /etc/security/pwquality.conf file"
+ fi
+
+ { use passwdqc || use pwquality; } && readme.gentoo_create_doc
+
dopamd -r stack/.
}
+
+pkg_postinst() {
+ { use passwdqc || use pwquality; } && readme.gentoo_print_elog
+}
diff --git a/sys-auth/polkit/Manifest b/sys-auth/polkit/Manifest
index 5bd3117e6931..2417ae87205b 100644
--- a/sys-auth/polkit/Manifest
+++ b/sys-auth/polkit/Manifest
@@ -4,7 +4,9 @@ AUX polkit-0.115-spidermonkey-60.patch 5562 BLAKE2B 8f262d682ea413f83bc555bacbeb
DIST polkit-0.115.tar.gz 1550932 BLAKE2B 3185ebed46209f88a9ffccbbcaf1bf180d1ae6d5ec53cf3c66d867ad43910b47a1123a3db190991ebb382a0d28fc5a119ea4bab942db324e9af5663056cf6ee1 SHA512 1153011fa93145b2c184e6b3446d3ca21b38918641aeccd8fac3985ac3e30ec6bc75be6973985fde90f2a24236592f1595be259155061c2d33358dd17c4ee4fc
DIST polkit-0.116.tar.gz 1548311 BLAKE2B e9761a2934136d453a47b81dd1f132f9fc96c45b731d5fceb2aa7706f5325b6499f6acbb68032befc1b21878b1b54754685607c916ca8e02a8accca3ca014b31 SHA512 b66b01cc2bb4349de70147f41f161f0f6f41e7230b581dfb054058b48969ec57041ab05b51787c749ccfc36aa5f317952d7e7ba337b4f6f6c0a923ed5866c2d5
DIST polkit-0.117.tar.gz 1554536 BLAKE2B 1cf7e0ff9db19a29be626f4bea96c9e2ef8b1eab4b8287a5f1f4d2a818b86d58c1c4c4a41849d95e31559dba1b18853a31e934ebbadd8e07f94dfd58b45240e0 SHA512 c10ea984f2386fe436e58a2866e5323afc80d24f744f0ee61d966941259aa491bd96b07d911434aa731b300c3cca25b647804b396501175ab5b3c53384e94c70
+DIST polkit-0.118.tar.gz 1556765 BLAKE2B d048b37b1ff8ad59a2d8a333a3b459d1592b61f7a6d9a9569f8b2984de913d71abfc9748e242c7453f0bce4f322bd44672e35309f181afd22488794ca0e47119 SHA512 3d412f40c903cfaf68530f9c0cb616106f8edf43bec6805de129f8bb9cb4e64c98da6bf02caa3ef5619974f3e2df7a70564f08b92901662453477e9005752b4e
EBUILD polkit-0.115-r4.ebuild 3619 BLAKE2B 5b29fe32227148a5df98c5a921733858a77877f4675aa3b63ecb81aaaba3341a22487066d31bdc2ccd603fc0ffc57ba64602b1efaef1124476b4b5c906be9c4e SHA512 7fdc1889d96952ce59745f05c7965638fb398f46f53a72ec71db2d02fdd1b11134467c25d8ad1a5ef97d847a93cbf9c6cac42192a553b1952a65c3e116903a30
EBUILD polkit-0.116-r1.ebuild 3355 BLAKE2B 6ac0430904eb9dea92ab769396c9793843bc047bc52167905d420ef6f703c192ca1110318b46b244b9122e6547028e6417db9ae4b7460cee304963165a2d97c0 SHA512 c59dc110588ae6f8b1a967b46b86f3993a73e6a08ddd667e944f71407572a38c3a3e1649407ddf01f360673d4252fbdf2bbfe7ea9fb281cc5294e8200ade154d
EBUILD polkit-0.117.ebuild 3362 BLAKE2B e9867f28f2f6b6f917fe002dd0fa6714602d3b049b5cc4e86122362fe19c74ce8334bc4d20d2223057f1ad6be64e61ab716f379c4866816a87065fd29441bc30 SHA512 5520b41547f5990948b12917aedb3e2b234dc042090c1f5345fdc19cbc1bd84d137b34bf76178c946628c309f0fd3d737ba582cd8032ef1b755683a03b966b5e
+EBUILD polkit-0.118.ebuild 3331 BLAKE2B ba7e4c24375aa0a3081e0c08c0ff60d63527d969e4ebeaf1d7e4019b9f4e3f0aadcc19c2099235512e44355ef74b8ff154c25c368ee79629e4d0b42c73198475 SHA512 1613284944bcb8fb6a171982291f5f6819c4e5e26687973d02309131155ebee3124bb0793328ca78511e93b17415a3bd6ee7d2085a4d5f18c6b32a00a0da70f6
MISC metadata.xml 498 BLAKE2B 8bbfe2ee11b53b77dc26215776a87acd7cade59a5a139ada605f2ad293c569005d2bd517aaee1c6f4ea45251a0cc67f10082c96c2224d47fd84b5e1d87dcb724 SHA512 16ab1ff82daad858eb9adf7396b0e3d5845914eb7d7f1590cdea44fe1a2214043f011cd65cdde2e2195b959bae6581845bc6b4981fd400b3d8719f400f85b6dc
diff --git a/sys-auth/polkit/polkit-0.118.ebuild b/sys-auth/polkit/polkit-0.118.ebuild
new file mode 100644
index 000000000000..a3123451cf84
--- /dev/null
+++ b/sys-auth/polkit/polkit-0.118.ebuild
@@ -0,0 +1,132 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit autotools pam pax-utils systemd xdg-utils
+
+DESCRIPTION="Policy framework for controlling privileges for system-wide services"
+HOMEPAGE="https://www.freedesktop.org/wiki/Software/polkit https://gitlab.freedesktop.org/polkit/polkit"
+SRC_URI="https://www.freedesktop.org/software/${PN}/releases/${P}.tar.gz"
+
+LICENSE="LGPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~arm ~arm64 ~mips ~ppc64 ~s390 ~x86"
+IUSE="consolekit elogind examples gtk +introspection jit kde nls pam selinux systemd test"
+RESTRICT="!test? ( test )"
+
+REQUIRED_USE="^^ ( consolekit elogind systemd )"
+
+BDEPEND="
+ acct-user/polkitd
+ app-text/docbook-xml-dtd:4.1.2
+ app-text/docbook-xsl-stylesheets
+ dev-libs/gobject-introspection-common
+ dev-libs/libxslt
+ dev-util/glib-utils
+ dev-util/gtk-doc-am
+ dev-util/intltool
+ sys-devel/gettext
+ virtual/pkgconfig
+ introspection? ( dev-libs/gobject-introspection )
+"
+DEPEND="
+ dev-lang/spidermonkey:78[-debug]
+ dev-libs/glib:2
+ dev-libs/expat
+ elogind? ( sys-auth/elogind )
+ pam? (
+ sys-auth/pambase
+ sys-libs/pam
+ )
+ systemd? ( sys-apps/systemd:0=[policykit] )
+"
+RDEPEND="${DEPEND}
+ acct-user/polkitd
+ selinux? ( sec-policy/selinux-policykit )
+"
+PDEPEND="
+ consolekit? ( sys-auth/consolekit[policykit] )
+ gtk? ( || (
+ >=gnome-extra/polkit-gnome-0.105
+ >=lxde-base/lxsession-0.5.2
+ ) )
+ kde? ( kde-plasma/polkit-kde-agent )
+"
+
+DOCS=( docs/TODO HACKING NEWS README )
+
+PATCHES=(
+ # bug 660880
+ "${FILESDIR}"/polkit-0.115-elogind.patch
+)
+
+QA_MULTILIB_PATHS="
+ usr/lib/polkit-1/polkit-agent-helper-1
+ usr/lib/polkit-1/polkitd"
+
+src_prepare() {
+ default
+
+ sed -i -e 's|unix-group:wheel|unix-user:0|' src/polkitbackend/*-default.rules || die #401513
+
+ # Workaround upstream hack around standard gtk-doc behavior, bug #552170
+ sed -i -e 's/@ENABLE_GTK_DOC_TRUE@\(TARGET_DIR\)/\1/' \
+ -e '/install-data-local:/,/uninstall-local:/ s/@ENABLE_GTK_DOC_TRUE@//' \
+ -e 's/@ENABLE_GTK_DOC_FALSE@install-data-local://' \
+ docs/polkit/Makefile.in || die
+
+ # disable broken test - bug #624022
+ sed -i -e "/^SUBDIRS/s/polkitbackend//" test/Makefile.am || die
+
+ # Fix cross-building, bug #590764, elogind patch, bug #598615
+ eautoreconf
+}
+
+src_configure() {
+ xdg_environment_reset
+
+ local myeconfargs=(
+ --localstatedir="${EPREFIX}"/var
+ --disable-static
+ --enable-man-pages
+ --disable-gtk-doc
+ --disable-examples
+ $(use_enable elogind libelogind)
+ $(use_enable introspection)
+ $(use_enable nls)
+ $(usex pam "--with-pam-module-dir=$(getpam_mod_dir)" '')
+ --with-authfw=$(usex pam pam shadow)
+ $(use_enable systemd libsystemd-login)
+ --with-systemdsystemunitdir="$(systemd_get_systemunitdir)"
+ $(use_enable test)
+ --with-os-type=gentoo
+ )
+ econf "${myeconfargs[@]}"
+}
+
+src_compile() {
+ default
+
+ # Required for polkitd on hardened/PaX due to spidermonkey's JIT
+ pax-mark mr src/polkitbackend/.libs/polkitd test/polkitbackend/.libs/polkitbackendjsauthoritytest
+}
+
+src_install() {
+ default
+
+ if use examples; then
+ docinto examples
+ dodoc src/examples/{*.c,*.policy*}
+ fi
+
+ diropts -m 0700 -o polkitd
+ keepdir /usr/share/polkit-1/rules.d
+
+ find "${ED}" -name '*.la' -delete || die
+}
+
+pkg_postinst() {
+ chmod 0700 "${EROOT}"/{etc,usr/share}/polkit-1/rules.d
+ chown polkitd "${EROOT}"/{etc,usr/share}/polkit-1/rules.d
+}
diff --git a/sys-auth/solo-python/Manifest b/sys-auth/solo-python/Manifest
new file mode 100644
index 000000000000..cc0f0827fc11
--- /dev/null
+++ b/sys-auth/solo-python/Manifest
@@ -0,0 +1,3 @@
+DIST solo-python-0.0.26.tar.gz 35251 BLAKE2B 76e515667220a8efdd16e159008eed8232721e0a8a1a1bffbc773cfa832b2f112d8dc229bf69dc4ccbee1d11b41d630a2d91e2383ebd19158d8c46ccf4f355de SHA512 f97da4a4ed3b0e0f4715407b179d8a8c1385076611fe8669cec6b514313d38dd14c6c22434b73e2c72f7456407a6c942b26b72cca7a56969cfbc630ee25aad85
+EBUILD solo-python-0.0.26.ebuild 1134 BLAKE2B ad413f62e3676e4983aac0c61cefa18c13e4bffdc54b211e2680fe6fc590d385c9e8b7d2965b6eb542e89dc4d8a376ca54ec40f73e6bc001a3273caea4cf9c28 SHA512 7f91aaeae79b0580602613847e9160929607ae605f4dacb531ef02855ed63eb9e3dc07349942b063f5534977cb9307ca1d99d428a9b38ed918300816a2210465
+MISC metadata.xml 667 BLAKE2B 7ca73329d8c7713c4c96848d6c5fc23bec99cd45e42266236fe2c5e7d70023bd8d5647da307f0e362863b38393fb9d66c2bb8965763eac3bdf7d5f30a357c7a0 SHA512 ec1899ba5d2082758c79a2abda4e834fbe31358c900507d02801b2a04ea8d37ca2d420a974e16fc8813ffc4f92488f8db5a0d998600c6d28191942592004d031
diff --git a/sys-auth/solo-python/metadata.xml b/sys-auth/solo-python/metadata.xml
new file mode 100644
index 000000000000..9014b8d50308
--- /dev/null
+++ b/sys-auth/solo-python/metadata.xml
@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+ <maintainer type="person">
+ <email>marecki@gentoo.org</email>
+ <name>Marek Szuba</name>
+ </maintainer>
+ <longdescription>
+ The command-line tool 'solo' provided by this package can be used to reset a SoloKey,
+ set/change the PIN, generate credentials, interact with the on-board TRNG, update
+ the firmware, and more. See the output of 'solo key --help' for more information.
+ </longdescription>
+ <upstream>
+ <remote-id type="github">solokeys/solo-python</remote-id>
+ <remote-id type="pypi">solo</remote-id>
+ </upstream>
+</pkgmetadata>
diff --git a/sys-auth/solo-python/solo-python-0.0.26.ebuild b/sys-auth/solo-python/solo-python-0.0.26.ebuild
new file mode 100644
index 000000000000..a63f71dd2241
--- /dev/null
+++ b/sys-auth/solo-python/solo-python-0.0.26.ebuild
@@ -0,0 +1,34 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+PYTHON_COMPAT=( python3_{7..8} )
+
+DISTUTILS_USE_SETUPTOOLS=pyproject.toml
+
+inherit distutils-r1
+
+DESCRIPTION="Python tool and library for SoloKeys"
+HOMEPAGE="https://github.com/solokeys/solo-python"
+SRC_URI="https://github.com/solokeys/${PN}/archive/${PV}.tar.gz -> ${P}.tar.gz"
+
+LICENSE="Apache-2.0 MIT"
+SLOT="0"
+KEYWORDS="~amd64"
+
+RDEPEND=">=dev-python/click-7.0.0[${PYTHON_USEDEP}]
+ dev-python/cryptography[${PYTHON_USEDEP}]
+ dev-python/ecdsa[${PYTHON_USEDEP}]
+ >=dev-python/fido2-0.8.0[${PYTHON_USEDEP}]
+ dev-python/intelhex[${PYTHON_USEDEP}]
+ dev-python/pyserial[${PYTHON_USEDEP}]
+ dev-python/pyusb[${PYTHON_USEDEP}]
+ dev-python/requests[${PYTHON_USEDEP}]"
+
+src_prepare() {
+ # For some reason the version file gets omitted by src_install (a bug in pyproject2setuppy?),
+ # and in any case there is no advantage to using one once a specific version has been released.
+ sed -i -e "s/^__version__ = open(.\+$/__version__ = '${PV}'/" solo/__init__.py || die "Failed to set the version number"
+ distutils-r1_src_prepare
+}