From d934827bf44b7cfcf6711964418148fa60877668 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Wed, 25 Nov 2020 22:39:15 +0000 Subject: gentoo resync : 25.11.2020 --- sys-libs/pam/Manifest | 11 +-- sys-libs/pam/files/pam-remove-browsers.patch | 34 ------- sys-libs/pam/metadata.xml | 10 -- sys-libs/pam/pam-1.3.1_p20200128-r1.ebuild | 119 ------------------------ sys-libs/pam/pam-1.4.0_p20200829.ebuild | 133 --------------------------- sys-libs/pam/pam-1.5.1.ebuild | 133 +++++++++++++++++++++++++++ 6 files changed, 137 insertions(+), 303 deletions(-) delete mode 100644 sys-libs/pam/files/pam-remove-browsers.patch delete mode 100644 sys-libs/pam/pam-1.3.1_p20200128-r1.ebuild delete mode 100644 sys-libs/pam/pam-1.4.0_p20200829.ebuild create mode 100644 sys-libs/pam/pam-1.5.1.ebuild (limited to 'sys-libs/pam') diff --git a/sys-libs/pam/Manifest b/sys-libs/pam/Manifest index cdde322f64f1..8a11dff82e50 100644 --- a/sys-libs/pam/Manifest +++ b/sys-libs/pam/Manifest @@ -1,7 +1,4 @@ -AUX pam-remove-browsers.patch 985 BLAKE2B 3e258e00f7287436b1b6a97323764612a3098dc4effb12e62cd8d55151ace2b97b6ea7b67ae33613aa6b3cca318bfbfc310b48a99b0c81e1beaa9d16188e69eb SHA512 42d89d35fc754e51112040a5468067ee9f6a3a411e538cb634187e28975040c0b7ef48fab166ec6a20a849f6ed9d74a069355269cf708d9985ded6b87fe13ed1 -DIST pam-1.4.0_p20200809-doc.tar.xz 42680 BLAKE2B e8371bd76b589db06ce95f2d10343be163aa5149f566f7d9bd5e9cd0340b95eecedb6a7d20d299fd2188c736fca3c69c0bd2f8eea4541dfd3312227c3dcf4e2d SHA512 5007aaa811b6321f124245493c6a4bc9ae07ab4ff651fc817843e8b4a74661c07418e2479363a72c35320f0f1cb469a2494c5d354dc819b920de7d1918e6ce5e -DIST pam-4dd9b97b762cc73816cb867d49c9d0d0b91d642c.tar.gz 765455 BLAKE2B 8a8543b51c9fa877cd48d483d9af489df00376f92f26fea648d38a0ce3168702888a662e5d3c7423cce8a5d56896e84e4c1829e56d08fca8c3ab878b20945a7d SHA512 bdb236a47a5810449fb96546ff89d70dec185a215b0d047178a12e40945fde4ffdb801dbbd87ff95eead1bb7acb4748333a2d3383881d5de0dbd89ec5ceddd3f -DIST pam-e42e178c71c11bb25740a5177eed110ee17b8af2.tar.gz 810595 BLAKE2B 897f64a7f55c033601665b0ecc292cdcbd0d9b2f24199ed6ca5fc69c2da4da7401677493bed09a118b1fc0a475dc016fc7a3a318787c650212b056064ed0b817 SHA512 3c2bc401df51dbd4118698afc80a0448559bc6b5d8c7c45c800c2f6421034a131c0bee971f9640aec6b0d77f8a31ec055c7a84a646d9a11690dfda4af4e1068a -EBUILD pam-1.3.1_p20200128-r1.ebuild 3536 BLAKE2B e43cb4b3c60177b3abc2a41b89922c1b49649334d073ef0c2bd01c293cdbd59aa2dad79088174ca1f85ccaec29f12913662ea6d977b6f4d4ffd7e8eb5cbe8f57 SHA512 9f51fdb2cb3a60981e93fdf30cc968b757188fe9a05afe2ec3e4bd017cec292b338dbdc01d9a4779f2341e329754c41fb4fcc949f347d9cf121528262bfeace1 -EBUILD pam-1.4.0_p20200829.ebuild 3894 BLAKE2B d1376649610e75807a8dec847e6722e4d7ee52a78e8d39783a8f63a99773e6e9a5a15833c00db1ac12abe9dd86665a61ef8fc475871f3c5bcf468929d438de8d SHA512 fd3acd3ea543204dd29a88a50446794e187ca4a266a70871fc0ef68a035843631c19628fcc36e2cc3490096cd7fc6a3fabadab232d5492d825a11f57e6aff678 -MISC metadata.xml 1086 BLAKE2B 39d2291ff9553394ce684a87a49a2c41b18689102d8cf352c905ce2ede28508501aa41a4a473d287c461b77e5732aa4ed0eaac94db94c851ed9491bffdac8acf SHA512 6743a2021ef7d7ab9fc547b270c17b205747a498e0e2bafc07ad171d52657a4aa3f84803c2b4e5c088b73b1732d600b5b2189c958d4b15fba8e081714790fc72 +DIST Linux-PAM-1.5.1-docs.tar.xz 441632 BLAKE2B 1b3ad1b5167936b8c38977b5328ee11c7d280eb905a0f444e555d24f9d5332583f7e0ce0a758242292ff1244bc082b73d661935647e583e2ebcd8d5058df413e SHA512 95f0b0225e96386f06f5f869203163a201af3ac5c1a4fa8bd30779b9f55290e1a5b63fa49e2efafa1a51476bad1acf258b1f37f56a4bdc3935f9fe5928cbc1f7 +DIST Linux-PAM-1.5.1.tar.xz 972964 BLAKE2B a1714569587a383fa8211b23765c66b08b18dc2808c1521a904171dc2886cced56e9afa27408e8a9d5eec6226b31390dc8f14434071370f4e1147c77ce8b36ac SHA512 1db091fc43b934dde220f1b85f35937fbaa0a3feec699b2e597e2cdf0c3ce11c17d36d2286d479c9eed24e8ca3ca6233214e4dff256db47249e358c01d424837 +EBUILD pam-1.5.1.ebuild 3768 BLAKE2B 2fd1a0ff5d0e6dd0ee32bb6e2a62d1bb436f8f54d884e57450d7ba3ec0386f53795d8f6232310c0a016ab502f937b9878dbac7ae74a955975b2374dc23603b64 SHA512 2dd18640fe75b6a2657cca01c6746cc73b5a8bd0abdfa92706bb80b77a02c66acd764daa84ca0e32c0986df130a75c72b4e06a8f70f778bbd778ac51b0fe9b3b +MISC metadata.xml 695 BLAKE2B 26bfcf404440c1262220cc12bba80561529e9bf1c5f7f0c9f84375874f348f35b08866117061c087f4b870f6d6f80ebe16f4a42a63ff5e95aa69ae9bcf97c9d9 SHA512 87045043ba8805232883ffdbcfa50dc53de3d46e7889e520481c7b126b4ef9c9c2b83878a73d26a8edd71c0edeff8dd7bcd4a8b2a34893574b8bc8e7e94c6fc7 diff --git a/sys-libs/pam/files/pam-remove-browsers.patch b/sys-libs/pam/files/pam-remove-browsers.patch deleted file mode 100644 index 7e3ae99731ad..000000000000 --- a/sys-libs/pam/files/pam-remove-browsers.patch +++ /dev/null @@ -1,34 +0,0 @@ -From baadfdc644fcb88170c358c449a731520e1747a5 Mon Sep 17 00:00:00 2001 -From: Mikle Kolyada -Date: Mon, 1 Oct 2018 23:12:08 +0300 -Subject: [PATCH] configure.ac remobe browser logic for DocBook - ---- - configure.ac | 11 ----------- - 1 file changed, 11 deletions(-) - -diff --git a/configure.ac b/configure.ac -index 3012ceb..e7e7dac 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -554,17 +554,6 @@ JH_CHECK_XML_CATALOG([-//OASIS//DTD DocBook XML V4.4//EN], - JH_CHECK_XML_CATALOG([http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl], - [DocBook XSL Stylesheets], [], enable_docu=no) - --AC_PATH_PROG([BROWSER], [w3m]) --if test ! -z "$BROWSER"; then -- BROWSER="$BROWSER -T text/html -dump" --else -- AC_PATH_PROG([BROWSER], [elinks]) -- if test ! -z "$BROWSER"; then -- BROWSER="$BROWSER -no-numbering -no-references -dump" -- else -- enable_docu=no -- fi --fi - - AC_PATH_PROG([FO2PDF], [fop]) - --- -2.16.4 - diff --git a/sys-libs/pam/metadata.xml b/sys-libs/pam/metadata.xml index c172b5d30353..22ede6e6496c 100644 --- a/sys-libs/pam/metadata.xml +++ b/sys-libs/pam/metadata.xml @@ -13,16 +13,6 @@ provided by sys-libs/db) installed in /usr/lib and will thus not work for boot-critical services authentication. - - - Build the pam_cracklib module, that allows to verify the chosen - passwords' strength through the use of - sys-libs/cracklib. Please note that simply enabling - the USE flag on this package will not make use of pam_cracklib - by default, you should also enable it in - sys-auth/pambase as well as update your configuration - files. - cpe:/a:kernel:linux-pam diff --git a/sys-libs/pam/pam-1.3.1_p20200128-r1.ebuild b/sys-libs/pam/pam-1.3.1_p20200128-r1.ebuild deleted file mode 100644 index d5a007ca1d2c..000000000000 --- a/sys-libs/pam/pam-1.3.1_p20200128-r1.ebuild +++ /dev/null @@ -1,119 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -inherit autotools db-use fcaps multilib-minimal toolchain-funcs usr-ldscript - -DESCRIPTION="Linux-PAM (Pluggable Authentication Modules)" -HOMEPAGE="https://github.com/linux-pam/linux-pam" - -COMMIT_HASH="4dd9b97b762cc73816cb867d49c9d0d0b91d642c" -SRC_URI="https://github.com/linux-pam/linux-pam/archive/${COMMIT_HASH}.tar.gz#/${PN}-${COMMIT_HASH}.tar.gz" - -LICENSE="|| ( BSD GPL-2 )" -SLOT="0" -KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv s390 sparc x86 ~amd64-linux ~x86-linux" -IUSE="audit berkdb +cracklib debug nis +pie selinux static-libs" - -BDEPEND="app-text/docbook-xml-dtd:4.1.2 - app-text/docbook-xml-dtd:4.3 - app-text/docbook-xml-dtd:4.4 - app-text/docbook-xml-dtd:4.5 - dev-libs/libxslt - sys-devel/flex - sys-devel/gettext - virtual/pkgconfig - virtual/yacc" - -DEPEND=" - virtual/libcrypt:=[${MULTILIB_USEDEP}] - >=virtual/libintl-0-r1[${MULTILIB_USEDEP}] - audit? ( >=sys-process/audit-2.2.2[${MULTILIB_USEDEP}] ) - berkdb? ( >=sys-libs/db-4.8.30-r1:=[${MULTILIB_USEDEP}] ) - cracklib? ( >=sys-libs/cracklib-2.9.1-r1[${MULTILIB_USEDEP}] ) - selinux? ( >=sys-libs/libselinux-2.2.2-r4[${MULTILIB_USEDEP}] ) - nis? ( >=net-libs/libtirpc-0.2.4-r2[${MULTILIB_USEDEP}] )" - -RDEPEND="${DEPEND}" - -PDEPEND="sys-auth/pambase" - -S="${WORKDIR}/linux-${PN}-${COMMIT_HASH}" - -src_prepare() { - default - eapply "${FILESDIR}/${PN}-remove-browsers.patch" - touch ChangeLog || die - eautoreconf -} - -multilib_src_configure() { - # Do not let user's BROWSER setting mess us up. #549684 - unset BROWSER - - # Disable automatic detection of libxcrypt; we _don't_ want the - # user to link libxcrypt in by default, since we won't track the - # dependency and allow to break PAM this way. - - export ac_cv_header_xcrypt_h=no - - local myconf=( - --with-db-uniquename=-$(db_findver sys-libs/db) - --with-xml-catalog="${EPREFIX}"/etc/xml/catalog - --enable-securedir="${EPREFIX}"/$(get_libdir)/security - --libdir="${EPREFIX}"/usr/$(get_libdir) - --exec-prefix="${EPREFIX}" - --disable-prelude - --enable-doc - $(use_enable audit) - $(use_enable berkdb db) - $(use_enable cracklib) - $(use_enable debug) - $(use_enable nis) - $(use_enable pie) - $(use_enable selinux) - $(use_enable static-libs static) - --enable-isadir='.' #464016 - ) - ECONF_SOURCE="${S}" econf ${myconf[@]} -} - -multilib_src_compile() { - emake sepermitlockdir="${EPREFIX}/run/sepermit" -} - -multilib_src_install() { - emake DESTDIR="${D}" install \ - sepermitlockdir="${EPREFIX}/run/sepermit" - - gen_usr_ldscript -a pam pam_misc pamc -} - -multilib_src_install_all() { - find "${ED}" -type f -name '*.la' -delete || die - - if use selinux; then - dodir /usr/lib/tmpfiles.d - cat - > "${D}"/usr/lib/tmpfiles.d/${CATEGORY}:${PN}:${SLOT}.conf < tmpfiles -> systemd -> pam dependency loop - - dodir /usr/lib/tmpfiles.d - - cat ->> "${D}"/usr/lib/tmpfiles.d/${CATEGORY}-${PN}.conf <<-_EOF_ - d /run/faillock 0755 root root - _EOF_ - use selinux && cat ->> "${D}"/usr/lib/tmpfiles.d/${CATEGORY}-${PN}-selinux.conf <<-_EOF_ - d /run/sepermit 0755 root root - _EOF_ - - for i in "${WORKDIR}"/${PN}-1.4.0_p20200809-doc/*; do - doman ${i} - done -} - -pkg_postinst() { - ewarn "Some software with pre-loaded PAM libraries might experience" - ewarn "warnings or failures related to missing symbols and/or versions" - ewarn "after any update. While unfortunate this is a limit of the" - ewarn "implementation of PAM and the software, and it requires you to" - ewarn "restart the software manually after the update." - ewarn "" - ewarn "You can get a list of such software running a command like" - ewarn " lsof / | egrep -i 'del.*libpam\\.so'" - ewarn "" - ewarn "Alternatively, simply reboot your system." - - # The pam_unix module needs to check the password of the user which requires - # read access to /etc/shadow only. - fcaps cap_dac_override sbin/unix_chkpwd -} diff --git a/sys-libs/pam/pam-1.5.1.ebuild b/sys-libs/pam/pam-1.5.1.ebuild new file mode 100644 index 000000000000..f9d428c8afbe --- /dev/null +++ b/sys-libs/pam/pam-1.5.1.ebuild @@ -0,0 +1,133 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +MY_P="Linux-${PN^^}-${PV}" + +inherit autotools db-use fcaps toolchain-funcs usr-ldscript multilib-minimal + +DESCRIPTION="Linux-PAM (Pluggable Authentication Modules)" +HOMEPAGE="https://github.com/linux-pam/linux-pam" + +SRC_URI="https://github.com/linux-pam/linux-pam/releases/download/v${PV}/${MY_P}.tar.xz + https://github.com/linux-pam/linux-pam/releases/download/v${PV}/${MY_P}-docs.tar.xz" + +LICENSE="|| ( BSD GPL-2 )" +SLOT="0" +KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv s390 sparc x86 ~amd64-linux ~x86-linux" +IUSE="audit berkdb debug nis +pie selinux" + +BDEPEND=" + dev-libs/libxslt + sys-devel/flex + sys-devel/gettext + virtual/pkgconfig + virtual/yacc +" + +DEPEND=" + virtual/libcrypt:=[${MULTILIB_USEDEP}] + >=virtual/libintl-0-r1[${MULTILIB_USEDEP}] + audit? ( >=sys-process/audit-2.2.2[${MULTILIB_USEDEP}] ) + berkdb? ( >=sys-libs/db-4.8.30-r1:=[${MULTILIB_USEDEP}] ) + selinux? ( >=sys-libs/libselinux-2.2.2-r4[${MULTILIB_USEDEP}] ) + nis? ( net-libs/libnsl[${MULTILIB_USEDEP}] + >=net-libs/libtirpc-0.2.4-r2[${MULTILIB_USEDEP}] )" + +RDEPEND="${DEPEND}" + +PDEPEND=">=sys-auth/pambase-20200616" + +S="${WORKDIR}/${MY_P}" + +src_prepare() { + default + touch ChangeLog || die + eautoreconf +} + +multilib_src_configure() { + # Do not let user's BROWSER setting mess us up. #549684 + unset BROWSER + + # Disable automatic detection of libxcrypt; we _don't_ want the + # user to link libxcrypt in by default, since we won't track the + # dependency and allow to break PAM this way. + + export ac_cv_header_xcrypt_h=no + + local myconf=( + CC_FOR_BUILD="$(tc-getBUILD_CC)" + --with-db-uniquename=-$(db_findver sys-libs/db) + --with-xml-catalog="${EPREFIX}"/etc/xml/catalog + --enable-securedir="${EPREFIX}"/$(get_libdir)/security + --includedir="${EPREFIX}"/usr/include/security + --libdir="${EPREFIX}"/usr/$(get_libdir) + --exec-prefix="${EPREFIX}" + --enable-unix + --disable-prelude + --disable-doc + --disable-regenerate-docu + --disable-static + --disable-Werror + $(use_enable audit) + $(use_enable berkdb db) + $(use_enable debug) + $(use_enable nis) + $(use_enable pie) + $(use_enable selinux) + --enable-isadir='.' #464016 + ) + ECONF_SOURCE="${S}" econf "${myconf[@]}" +} + +multilib_src_compile() { + emake sepermitlockdir="${EPREFIX}/run/sepermit" +} + +multilib_src_install() { + emake DESTDIR="${D}" install \ + sepermitlockdir="${EPREFIX}/run/sepermit" + + gen_usr_ldscript -a pam pam_misc pamc +} + +multilib_src_install_all() { + find "${ED}" -type f -name '*.la' -delete || die + + # tmpfiles.eclass is impossible to use because + # there is the pam -> tmpfiles -> systemd -> pam dependency loop + + dodir /usr/lib/tmpfiles.d + + cat ->> "${D}"/usr/lib/tmpfiles.d/${CATEGORY}-${PN}.conf <<-_EOF_ + d /run/faillock 0755 root root + _EOF_ + use selinux && cat ->> "${D}"/usr/lib/tmpfiles.d/${CATEGORY}-${PN}-selinux.conf <<-_EOF_ + d /run/sepermit 0755 root root + _EOF_ + + local page + + for page in doc/man/*.{3,5,8} modules/*/*.{5,8} ; do + doman ${page} + done +} + +pkg_postinst() { + ewarn "Some software with pre-loaded PAM libraries might experience" + ewarn "warnings or failures related to missing symbols and/or versions" + ewarn "after any update. While unfortunate this is a limit of the" + ewarn "implementation of PAM and the software, and it requires you to" + ewarn "restart the software manually after the update." + ewarn "" + ewarn "You can get a list of such software running a command like" + ewarn " lsof / | egrep -i 'del.*libpam\\.so'" + ewarn "" + ewarn "Alternatively, simply reboot your system." + + # The pam_unix module needs to check the password of the user which requires + # read access to /etc/shadow only. + fcaps cap_dac_override sbin/unix_chkpwd +} -- cgit v1.2.3