From 3cf7c3ef441822c889356fd1812ebf2944a59851 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Tue, 25 Aug 2020 10:45:55 +0100 Subject: gentoo resync : 25.08.2020 --- sys-libs/pam/Manifest | 9 +- sys-libs/pam/files/fix-test-calls.patch | 48 ----------- sys-libs/pam/pam-1.3.1_p20200128-r1.ebuild | 2 +- sys-libs/pam/pam-1.4.0-r2.ebuild | 130 ----------------------------- sys-libs/pam/pam-1.4.0_p20200809.ebuild | 130 +++++++++++++++++++++++++++++ 5 files changed, 135 insertions(+), 184 deletions(-) delete mode 100644 sys-libs/pam/files/fix-test-calls.patch delete mode 100644 sys-libs/pam/pam-1.4.0-r2.ebuild create mode 100644 sys-libs/pam/pam-1.4.0_p20200809.ebuild (limited to 'sys-libs/pam') diff --git a/sys-libs/pam/Manifest b/sys-libs/pam/Manifest index a2188382d76b..5d7161d9212a 100644 --- a/sys-libs/pam/Manifest +++ b/sys-libs/pam/Manifest @@ -1,8 +1,7 @@ -AUX fix-test-calls.patch 1969 BLAKE2B 13344bc09298e1ee68db1cf4b3d4c26ef430f6e6941b965edbca4b90bf8ecf762024f60b3541750fd1ae000f6bfd3f5e9792f0f0578beaccd405941f8b868397 SHA512 8051b3d8170ed4930274aa37c49d886b913a7cd043e247806a64c7929ea4c36b723e77d881c65e082f7424491cc29f0a726ddbbf401e15b6d7583f6f39342583 AUX pam-remove-browsers.patch 985 BLAKE2B 3e258e00f7287436b1b6a97323764612a3098dc4effb12e62cd8d55151ace2b97b6ea7b67ae33613aa6b3cca318bfbfc310b48a99b0c81e1beaa9d16188e69eb SHA512 42d89d35fc754e51112040a5468067ee9f6a3a411e538cb634187e28975040c0b7ef48fab166ec6a20a849f6ed9d74a069355269cf708d9985ded6b87fe13ed1 -DIST pam-1.4.0-doc.tar.xz 48080 BLAKE2B 48cec348c3db7ecae6ea85934fa242d908643d0a8f6d1789a8aac3b254dc21439e11066f9ff2a7238e61e5d16c41a6c49a26dbc7351fe7eb0a1fef4a2f69378e SHA512 634cbb1b948a2b1431b9ef219a4e9e63e870b34520665170f55aca10e65cd46f0c190697cafd18a42caeaec26299f63fd8ad794ae379648e767d8481af6c36f2 -DIST pam-1.4.0.tar.gz 804586 BLAKE2B 941925677c19f0a77a4fbc29f723706d5eb31b4020b0d35732ae3c00e5a623c943ea784e11aef1c2d5092d2a7fbe1724eeefa45d8d8ebd8a053a39f01a8b541c SHA512 16003f5c118125aeabf22503bc328a4bdd68b3af35d70b608a8b261adbaffae58ce490765f246c469b2ffbff67bd5216e0586ece0eb934905074423a990c2f98 +DIST pam-1.4.0_p20200809-doc.tar.xz 42680 BLAKE2B e8371bd76b589db06ce95f2d10343be163aa5149f566f7d9bd5e9cd0340b95eecedb6a7d20d299fd2188c736fca3c69c0bd2f8eea4541dfd3312227c3dcf4e2d SHA512 5007aaa811b6321f124245493c6a4bc9ae07ab4ff651fc817843e8b4a74661c07418e2479363a72c35320f0f1cb469a2494c5d354dc819b920de7d1918e6ce5e DIST pam-4dd9b97b762cc73816cb867d49c9d0d0b91d642c.tar.gz 765455 BLAKE2B 8a8543b51c9fa877cd48d483d9af489df00376f92f26fea648d38a0ce3168702888a662e5d3c7423cce8a5d56896e84e4c1829e56d08fca8c3ab878b20945a7d SHA512 bdb236a47a5810449fb96546ff89d70dec185a215b0d047178a12e40945fde4ffdb801dbbd87ff95eead1bb7acb4748333a2d3383881d5de0dbd89ec5ceddd3f -EBUILD pam-1.3.1_p20200128-r1.ebuild 3523 BLAKE2B fd389d7d746ad0c80a8db91a0d37094b7c7e6a824fa9b5be4a5cf59b688449ce2abc8bd93dc9b6816d092bf5283fdec9c6538cf264ff4d0b185cba3cf4c0b43b SHA512 acc60d8d7bad9a447b0323710e4c58c8ac321b73431b3fc6832696ba7e3be0a7200a7eb73b7a22e092eecb3d514a69fc5a0cd3498c40e6839217be0e74f0b44b -EBUILD pam-1.4.0-r2.ebuild 3771 BLAKE2B a657f1dd46a011e2988be9ca97ff092fceb75b8c7a628f654462eeb3761735ea1aad76d9c7ae0b7f15c088b42097115c070304d531cca93f20d04bc5476f26f4 SHA512 9160b511d71eebdaad9148fd86d8d72dc4fd5bdbded2e0965600f150b4688621c3ec4a0b7c8880ad13648f9d6e8a89b955a5d5123080f96ce5bff5c5f36659cb +DIST pam-d5cb4409ab6b04a6ed7c00245e2c9a430f352b16.tar.gz 810548 BLAKE2B e061528fa57ba9fcb418422d368b7bb960b5f6eec3ed4b9e438be0ec4acdaf925af3322a334ced8c498e700b090ae37f5084f13d2bf8c6874d53c58f03548bc7 SHA512 3db1e13bc8a037b22e0ae1aac0311982877a2e2d33643ee32813025f9a9c727421f2fd6c442eba936e8043c59deb476daf78fda34fc7b6b95c015614751975f4 +EBUILD pam-1.3.1_p20200128-r1.ebuild 3522 BLAKE2B 39445b685c2f2bb4237dcaa4e72eee7a426a00b4385b442a4e0c5f1092324446c62918f9642e7afe76b9b85bf2d55f6af3129c842c98450fae57bd22fa93a6d0 SHA512 7420fa938ab27a76a5a7b3c7921f815e85cf38a96b53407efbd4806ae043f84db1b3a32afa76fa400c6c279ceb6c72786cbc49e58dbbae9adc7b59459b5b7508 +EBUILD pam-1.4.0_p20200809.ebuild 3793 BLAKE2B 3501f29331acd5a98c980f699791a6cec17837454cd69737a71aeb8b0f8e4d98497b5a27c2a42b3b1902aa4cfb615e852e0a0fe7ff4baaae0542db59baa8b045 SHA512 1bcb577cd157c0ff7361995927201b9485dbb7ba39b3584a499d1b64c7790964ab7b2170bcd4827f81bab21ca19a517a19f1fdc2449ba425a5251a845048efb8 MISC metadata.xml 1086 BLAKE2B 39d2291ff9553394ce684a87a49a2c41b18689102d8cf352c905ce2ede28508501aa41a4a473d287c461b77e5732aa4ed0eaac94db94c851ed9491bffdac8acf SHA512 6743a2021ef7d7ab9fc547b270c17b205747a498e0e2bafc07ad171d52657a4aa3f84803c2b4e5c088b73b1732d600b5b2189c958d4b15fba8e081714790fc72 diff --git a/sys-libs/pam/files/fix-test-calls.patch b/sys-libs/pam/files/fix-test-calls.patch deleted file mode 100644 index 32d4c2d94997..000000000000 --- a/sys-libs/pam/files/fix-test-calls.patch +++ /dev/null @@ -1,48 +0,0 @@ -From c5700c0a04c85ace09f6a179cc7a3692c07282b0 Mon Sep 17 00:00:00 2001 -From: "Dmitry V. Levin" -Date: Mon, 15 Jun 2020 16:00:00 +0000 -Subject: [PATCH] configure.ac: fix non-portable use of test builtin - -Portable code should not assume that test builtin supports == operator. - -* configure.ac (opt_uidmin, opt_sysuidmin, opt_kerneloverflowuid): Fix -initialization. - -Resolves: https://github.com/linux-pam/linux-pam/issues/241 -Fixes: 926d7935e ("pam_usertype: new module to tell if uid is in login.defs ranges") ---- - configure.ac | 15 ++++++--------- - 1 file changed, 6 insertions(+), 9 deletions(-) - -diff --git a/configure.ac b/configure.ac -index c1862ea7..7737efc7 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -662,21 +662,18 @@ dnl - dnl Get values for default uid ranges in login.defs used in pam_usertype - dnl - AC_ARG_WITH([uidmin], AS_HELP_STRING([--with-uidmin=],[default value for regular user min uid (1000)]), opt_uidmin=$withval) --if test x"$opt_uidmin" == x; then -- opt_uidmin=1000 --fi -+test -n "$opt_uidmin" || -+ opt_uidmin=1000 - AC_DEFINE_UNQUOTED(PAM_USERTYPE_UIDMIN, $opt_uidmin, [Minimum regular user uid.]) - - AC_ARG_WITH([sysuidmin], AS_HELP_STRING([--with-sysuidmin=],[default value for system user min uid (101)]), opt_sysuidmin=$withval) --if test x"$opt_sysuidmin" == x; then -- opt_sysuidmin=101 --fi -+test -n "$opt_sysuidmin" || -+ opt_sysuidmin=101 - AC_DEFINE_UNQUOTED(PAM_USERTYPE_SYSUIDMIN, $opt_sysuidmin, [Minimum system user uid.]) - - AC_ARG_WITH([kerneloverflowuid], AS_HELP_STRING([--with-kernel-overflow-uid=],[kernel overflow uid, default (uint16_t)-2=65534]), opt_kerneloverflowuid=$withval) --if test x"$opt_kerneloverflowuid" == x; then -- opt_kerneloverflowuid=65534 --fi -+test -n "$opt_kerneloverflowuid" || -+ opt_kerneloverflowuid=65534 - AC_DEFINE_UNQUOTED(PAM_USERTYPE_OVERFLOW_UID, $opt_kerneloverflowuid, [Kernel overflow uid.]) - - AC_ARG_ENABLE([tally], diff --git a/sys-libs/pam/pam-1.3.1_p20200128-r1.ebuild b/sys-libs/pam/pam-1.3.1_p20200128-r1.ebuild index 0cb0dcb2aced..c378c14137bf 100644 --- a/sys-libs/pam/pam-1.3.1_p20200128-r1.ebuild +++ b/sys-libs/pam/pam-1.3.1_p20200128-r1.ebuild @@ -13,7 +13,7 @@ SRC_URI="https://github.com/linux-pam/linux-pam/archive/${COMMIT_HASH}.tar.gz#/$ LICENSE="|| ( BSD GPL-2 )" SLOT="0" -KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux" +KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv s390 sparc x86 ~amd64-linux ~x86-linux" IUSE="audit berkdb +cracklib debug nis +pie selinux static-libs" BDEPEND="app-text/docbook-xml-dtd:4.1.2 diff --git a/sys-libs/pam/pam-1.4.0-r2.ebuild b/sys-libs/pam/pam-1.4.0-r2.ebuild deleted file mode 100644 index 95952e5cfb40..000000000000 --- a/sys-libs/pam/pam-1.4.0-r2.ebuild +++ /dev/null @@ -1,130 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -inherit autotools db-use fcaps toolchain-funcs usr-ldscript multilib-minimal - -DESCRIPTION="Linux-PAM (Pluggable Authentication Modules)" -HOMEPAGE="https://github.com/linux-pam/linux-pam" - -SRC_URI="https://github.com/linux-pam/linux-pam/archive/v${PV}.tar.gz -> ${P}.tar.gz - https://dev.gentoo.org/~zlogene/distfiles/${CATEGORY}/${PN}/${P}-doc.tar.xz" - -LICENSE="|| ( BSD GPL-2 )" -SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux" -IUSE="audit berkdb debug nis +pie selinux static-libs" - -BDEPEND=" - dev-libs/libxslt - sys-devel/flex - sys-devel/gettext - virtual/pkgconfig -" - -DEPEND=" - virtual/libcrypt:=[${MULTILIB_USEDEP}] - >=virtual/libintl-0-r1[${MULTILIB_USEDEP}] - audit? ( >=sys-process/audit-2.2.2[${MULTILIB_USEDEP}] ) - berkdb? ( >=sys-libs/db-4.8.30-r1:=[${MULTILIB_USEDEP}] ) - selinux? ( >=sys-libs/libselinux-2.2.2-r4[${MULTILIB_USEDEP}] ) - nis? ( >=net-libs/libtirpc-0.2.4-r2[${MULTILIB_USEDEP}] )" - -RDEPEND="${DEPEND}" - -PDEPEND=">=sys-auth/pambase-20200616" - -S="${WORKDIR}/linux-${P}" - -src_prepare() { - default - touch ChangeLog || die - eapply "${FILESDIR}"/fix-test-calls.patch - eautoreconf -} - -multilib_src_configure() { - # Do not let user's BROWSER setting mess us up. #549684 - unset BROWSER - - # Disable automatic detection of libxcrypt; we _don't_ want the - # user to link libxcrypt in by default, since we won't track the - # dependency and allow to break PAM this way. - - export ac_cv_header_xcrypt_h=no - - local myconf=( - CC_FOR_BUILD="$(tc-getBUILD_CC)" - --with-db-uniquename=-$(db_findver sys-libs/db) - --with-xml-catalog="${EPREFIX}"/etc/xml/catalog - --enable-securedir="${EPREFIX}"/$(get_libdir)/security - --includedir="${EPREFIX}"/usr/include/security - --libdir="${EPREFIX}"/usr/$(get_libdir) - --exec-prefix="${EPREFIX}" - --disable-prelude - --disable-cracklib - --disable-tally - --disable-tally2 - --disable-doc - --disable-regenerate-docu - --disable-Werror - $(use_enable audit) - $(use_enable berkdb db) - $(use_enable debug) - $(use_enable nis) - $(use_enable pie) - $(use_enable selinux) - $(use_enable static-libs static) - --enable-isadir='.' #464016 - ) - ECONF_SOURCE="${S}" econf "${myconf[@]}" -} - -multilib_src_compile() { - emake sepermitlockdir="${EPREFIX}/run/sepermit" -} - -multilib_src_install() { - emake DESTDIR="${D}" install \ - sepermitlockdir="${EPREFIX}/run/sepermit" - - gen_usr_ldscript -a pam pam_misc pamc -} - -multilib_src_install_all() { - find "${ED}" -type f -name '*.la' -delete || die - - # tmpfiles.eclass is impossible to use because - # there is the pam -> tmpfiles -> systemd -> pam dependency loop - - dodir /usr/lib/tmpfiles.d - - cat ->> "${D}"/usr/lib/tmpfiles.d/${CATEGORY}-${PN}.conf <<-_EOF_ - d /run/faillock 0755 root root - _EOF_ - use selinux && cat ->> "${D}"/usr/lib/tmpfiles.d/${CATEGORY}-${PN}-selinux.conf <<-_EOF_ - d /run/sepermit 0755 root root - _EOF_ - - for i in "${WORKDIR}"/${P}-doc/*; do - doman ${i} - done -} - -pkg_postinst() { - ewarn "Some software with pre-loaded PAM libraries might experience" - ewarn "warnings or failures related to missing symbols and/or versions" - ewarn "after any update. While unfortunate this is a limit of the" - ewarn "implementation of PAM and the software, and it requires you to" - ewarn "restart the software manually after the update." - ewarn "" - ewarn "You can get a list of such software running a command like" - ewarn " lsof / | egrep -i 'del.*libpam\\.so'" - ewarn "" - ewarn "Alternatively, simply reboot your system." - - # The pam_unix module needs to check the password of the user which requires - # read access to /etc/shadow only. - fcaps cap_dac_override sbin/unix_chkpwd -} diff --git a/sys-libs/pam/pam-1.4.0_p20200809.ebuild b/sys-libs/pam/pam-1.4.0_p20200809.ebuild new file mode 100644 index 000000000000..4fea18d00b1c --- /dev/null +++ b/sys-libs/pam/pam-1.4.0_p20200809.ebuild @@ -0,0 +1,130 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit autotools db-use fcaps toolchain-funcs usr-ldscript multilib-minimal + +DESCRIPTION="Linux-PAM (Pluggable Authentication Modules)" +HOMEPAGE="https://github.com/linux-pam/linux-pam" + +COMMIT_HASH="d5cb4409ab6b04a6ed7c00245e2c9a430f352b16" +SRC_URI="https://github.com/linux-pam/linux-pam/archive/${COMMIT_HASH}.tar.gz#/${PN}-${COMMIT_HASH}.tar.gz + https://dev.gentoo.org/~zlogene/distfiles/${CATEGORY}/${PN}/${P}-doc.tar.xz" + +LICENSE="|| ( BSD GPL-2 )" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux" +IUSE="audit berkdb debug nis +pie selinux" + +BDEPEND=" + dev-libs/libxslt + sys-devel/flex + sys-devel/gettext + virtual/pkgconfig +" + +DEPEND=" + virtual/libcrypt:=[${MULTILIB_USEDEP}] + >=virtual/libintl-0-r1[${MULTILIB_USEDEP}] + audit? ( >=sys-process/audit-2.2.2[${MULTILIB_USEDEP}] ) + berkdb? ( >=sys-libs/db-4.8.30-r1:=[${MULTILIB_USEDEP}] ) + selinux? ( >=sys-libs/libselinux-2.2.2-r4[${MULTILIB_USEDEP}] ) + nis? ( >=net-libs/libtirpc-0.2.4-r2[${MULTILIB_USEDEP}] )" + +RDEPEND="${DEPEND}" + +PDEPEND=">=sys-auth/pambase-20200616" + +S="${WORKDIR}/linux-${PN}-${COMMIT_HASH}" + +src_prepare() { + default + touch ChangeLog || die + eautoreconf +} + +multilib_src_configure() { + # Do not let user's BROWSER setting mess us up. #549684 + unset BROWSER + + # Disable automatic detection of libxcrypt; we _don't_ want the + # user to link libxcrypt in by default, since we won't track the + # dependency and allow to break PAM this way. + + export ac_cv_header_xcrypt_h=no + + local myconf=( + CC_FOR_BUILD="$(tc-getBUILD_CC)" + --with-db-uniquename=-$(db_findver sys-libs/db) + --with-xml-catalog="${EPREFIX}"/etc/xml/catalog + --enable-securedir="${EPREFIX}"/$(get_libdir)/security + --includedir="${EPREFIX}"/usr/include/security + --libdir="${EPREFIX}"/usr/$(get_libdir) + --exec-prefix="${EPREFIX}" + --disable-prelude + --disable-cracklib + --disable-tally + --disable-tally2 + --disable-doc + --disable-regenerate-docu + --disable-static + --disable-Werror + $(use_enable audit) + $(use_enable berkdb db) + $(use_enable debug) + $(use_enable nis) + $(use_enable pie) + $(use_enable selinux) + --enable-isadir='.' #464016 + ) + ECONF_SOURCE="${S}" econf "${myconf[@]}" +} + +multilib_src_compile() { + emake sepermitlockdir="${EPREFIX}/run/sepermit" +} + +multilib_src_install() { + emake DESTDIR="${D}" install \ + sepermitlockdir="${EPREFIX}/run/sepermit" + + gen_usr_ldscript -a pam pam_misc pamc +} + +multilib_src_install_all() { + find "${ED}" -type f -name '*.la' -delete || die + + # tmpfiles.eclass is impossible to use because + # there is the pam -> tmpfiles -> systemd -> pam dependency loop + + dodir /usr/lib/tmpfiles.d + + cat ->> "${D}"/usr/lib/tmpfiles.d/${CATEGORY}-${PN}.conf <<-_EOF_ + d /run/faillock 0755 root root + _EOF_ + use selinux && cat ->> "${D}"/usr/lib/tmpfiles.d/${CATEGORY}-${PN}-selinux.conf <<-_EOF_ + d /run/sepermit 0755 root root + _EOF_ + + for i in "${WORKDIR}"/${P}-doc/*; do + doman ${i} + done +} + +pkg_postinst() { + ewarn "Some software with pre-loaded PAM libraries might experience" + ewarn "warnings or failures related to missing symbols and/or versions" + ewarn "after any update. While unfortunate this is a limit of the" + ewarn "implementation of PAM and the software, and it requires you to" + ewarn "restart the software manually after the update." + ewarn "" + ewarn "You can get a list of such software running a command like" + ewarn " lsof / | egrep -i 'del.*libpam\\.so'" + ewarn "" + ewarn "Alternatively, simply reboot your system." + + # The pam_unix module needs to check the password of the user which requires + # read access to /etc/shadow only. + fcaps cap_dac_override sbin/unix_chkpwd +} -- cgit v1.2.3