From adcaa7de9a9e497c37c9279cf2597fb1b90c9fab Mon Sep 17 00:00:00 2001 From: BlackNoxis Date: Wed, 14 Jan 2015 02:42:55 +0200 Subject: Add pambase to kogaion desk --- sys-auth/pambase/Manifest | 1 + .../files/pambase-20120417-drop-motd-for-now.patch | 12 +++ .../files/pambase-20120417-lastlog-silent.patch | 20 ++++ .../pambase/files/pambase-20120417-systemd-2.patch | 29 ++++++ sys-auth/pambase/metadata.xml | 84 ++++++++++++++++ sys-auth/pambase/pambase-20120417-r5.ebuild | 106 +++++++++++++++++++++ 6 files changed, 252 insertions(+) create mode 100644 sys-auth/pambase/Manifest create mode 100644 sys-auth/pambase/files/pambase-20120417-drop-motd-for-now.patch create mode 100644 sys-auth/pambase/files/pambase-20120417-lastlog-silent.patch create mode 100644 sys-auth/pambase/files/pambase-20120417-systemd-2.patch create mode 100644 sys-auth/pambase/metadata.xml create mode 100644 sys-auth/pambase/pambase-20120417-r5.ebuild (limited to 'sys-auth/pambase') diff --git a/sys-auth/pambase/Manifest b/sys-auth/pambase/Manifest new file mode 100644 index 00000000..04effc7e --- /dev/null +++ b/sys-auth/pambase/Manifest @@ -0,0 +1 @@ +DIST pambase-20120417.tar.bz2 3361 SHA256 3fde3ff7714b3722b45545da36fdde6ca95a55d1b0a8cfb23666ec0de3ec5871 SHA512 7a666eb67f6484e536ecb070402036bcfdd137aced27df3f08b136d06eee5c13a6dc14aa93ea09e94c7f31e5a98db97dbaccd0c46af24b57028247de3a7cd9fe WHIRLPOOL 323edb9ef488a0ba562ef279d4acfb682540bf87838be9a3319ad2029ba1465d015fdf94c3192e24517ae9f0ed264e38d17aba65934211bd7b39bf309ee12540 diff --git a/sys-auth/pambase/files/pambase-20120417-drop-motd-for-now.patch b/sys-auth/pambase/files/pambase-20120417-drop-motd-for-now.patch new file mode 100644 index 00000000..3543c640 --- /dev/null +++ b/sys-auth/pambase/files/pambase-20120417-drop-motd-for-now.patch @@ -0,0 +1,12 @@ +--- pambase-20120417.orig/system-login.in ++++ pambase-20120417/system-login.in +@@ -56,9 +56,6 @@ session optional pam_gnome_keyring.so a + #if HAVE_SELINUX + session required pam_selinux.so multiple open + #endif +-#if HAVE_MOTD +-session optional pam_motd.so motd=/etc/motd +-#endif + #if HAVE_MAIL + session optional pam_mail.so + #endif diff --git a/sys-auth/pambase/files/pambase-20120417-lastlog-silent.patch b/sys-auth/pambase/files/pambase-20120417-lastlog-silent.patch new file mode 100644 index 00000000..79266a74 --- /dev/null +++ b/sys-auth/pambase/files/pambase-20120417-lastlog-silent.patch @@ -0,0 +1,20 @@ +--- pambase-20120417/login.in.orig 2012-11-21 14:31:49.031948988 +0100 ++++ pambase-20120417/login.in 2012-11-21 14:32:41.172330601 +0100 +@@ -3,4 +3,6 @@ + + account include system-local-login + password include system-local-login ++ ++session optional pam_lastlog.so DEBUG + session include system-local-login +--- pambase-20120417/system-login.in.orig 2012-11-21 14:31:42.232160039 +0100 ++++ pambase-20120417/system-login.in 2012-11-21 14:35:20.738025880 +0100 +@@ -41,7 +41,7 @@ + session required pam_env.so DEBUG + #endif + #if HAVE_LASTLOG +-session optional pam_lastlog.so DEBUG ++session optional pam_lastlog.so silent DEBUG + #endif + session include system-auth + #if HAVE_CONSOLEKIT diff --git a/sys-auth/pambase/files/pambase-20120417-systemd-2.patch b/sys-auth/pambase/files/pambase-20120417-systemd-2.patch new file mode 100644 index 00000000..047fb41c --- /dev/null +++ b/sys-auth/pambase/files/pambase-20120417-systemd-2.patch @@ -0,0 +1,29 @@ +http://bugs.gentoo.org/372229 + +--- Makefile ++++ Makefile +@@ -28,6 +28,10 @@ + PAMFLAGS += -DHAVE_CONSOLEKIT=1 + endif + ++ifeq "$(SYSTEMD)" "yes" ++PAMFLAGS += -DHAVE_SYSTEMD=1 ++endif ++ + ifeq "$(GNOME_KEYRING)" "yes" + PAMFLAGS += -DHAVE_GNOME_KEYRING=1 + endif +--- system-login.in ++++ system-login.in +@@ -45,7 +45,10 @@ + #endif + session include system-auth + #if HAVE_CONSOLEKIT +-session optional pam_ck_connector.so nox11 ++-session optional pam_ck_connector.so nox11 ++#endif ++#if HAVE_SYSTEMD ++-session optional pam_systemd.so + #endif + #if HAVE_GNOME_KEYRING + session optional pam_gnome_keyring.so auto_start diff --git a/sys-auth/pambase/metadata.xml b/sys-auth/pambase/metadata.xml new file mode 100644 index 00000000..7a357751 --- /dev/null +++ b/sys-auth/pambase/metadata.xml @@ -0,0 +1,84 @@ + + + + pam + + pam-bugs@gentoo.org + + + + Enable pam_cracklib module on system authentication stack. This + produces warnings when changing password to something easily + crackable. It requires the same USE flag to be enabled on + sys-libs/pam or system login might be impossible. + + + Enable pam_ck_connector module on local system logins. This + allows for console logins to make use of ConsoleKit + authorization. + + + Use pam_systemd module to register user sessions in the systemd + control group hierarchy. + + + Enable pam_gnome_keyring module on system login stack. This + enables proper Gnome Keyring access to logins, whether they are + done with the login shell, a Desktop Manager or a remote login + systems such as SSH. + + + Enable debug information logging on syslog(3) for all the + modules supporting this in the system authentication and system + login stacks. + + + Enable pam_passwdqc module on system auth stack for password + quality validation. This is an alternative to pam_cracklib + producing warnings, rejecting or providing example passwords + when changing your system password. It is used by default by + OpenWall GNU/*/Linux and by FreeBSD. + + + Enable pam_mktemp module on system auth stack for session + handling. This module creates a private temporary directory for + the user, and sets TMP and TMPDIR accordingly. + + + Enable pam_ssh module on system auth stack for authentication + and session handling. This module will accept as password the + passphrase of a private SSH key (one of ~/.ssh/id_rsa, + ~/.ssh/id_dsa or ~/.ssh/identity), and will spawn an ssh-agent + instance to cache the open key. + + + Switch Linux-PAM's pam_unix module to use sha512 for passwords + hashes rather than MD5. This option requires + >=sys-libs/pam-1.0.1 built against + >=sys-libs/glibc-2.7, if it's built against an + earlier version, it will silently be ignored, and MD5 hashes + will be used. All the passwords changed after this USE flag is + enabled will be saved to the shadow file hashed using SHA512 + function. The password previously saved will be left + untouched. Please note that while SHA512-hashed passwords will + still be recognised if the USE flag is removed, the shadow file + will not be compatible with systems using an earlier glibc + version. + + + Enable pam_krb5 module on system auth stack, as an alternative + to pam_unix. If Kerberos authentication succeed, only pam_unix + will be ignore, and all the other modules will proceed as usual, + including Gnome Keyring and other session modules. It requires + sys-libs/pam as PAM implementation. + + + Disables the standard PAM modules that provide extra information + to users on login; this includes pam_tally (and pam_tally2 for + Linux PAM 1.1 and later), pam_lastlog, pam_motd and other + similar modules. This might not be a good idea on a multi-user + system but could reduce slightly the overhead on single-user + non-networked systems. + + + diff --git a/sys-auth/pambase/pambase-20120417-r5.ebuild b/sys-auth/pambase/pambase-20120417-r5.ebuild new file mode 100644 index 00000000..fe791970 --- /dev/null +++ b/sys-auth/pambase/pambase-20120417-r5.ebuild @@ -0,0 +1,106 @@ +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: $ + +EAPI=4 +inherit eutils + +DESCRIPTION="PAM base configuration files" +HOMEPAGE="http://www.gentoo.org/proj/en/base/pam/" +SRC_URI="http://dev.gentoo.org/~flameeyes/${PN}/${P}.tar.bz2 + http://dev.gentoo.org/~phajdan.jr/${PN}/${P}.tar.bz2" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 -sparc-fbsd -x86-fbsd ~x86-freebsd ~amd64-linux ~ia64-linux ~x86-linux" +IUSE="consolekit cracklib debug minimal mktemp pam_krb5 pam_ssh passwdqc selinux +sha512 systemd" + +RESTRICT=binchecks + +MIN_PAM_REQ=1.1.3 + +RDEPEND=" + || ( + >=sys-libs/pam-${MIN_PAM_REQ} + ( sys-auth/openpam || ( sys-freebsd/freebsd-pam-modules sys-netbsd/netbsd-pam-modules ) ) + ) + consolekit? ( sys-auth/consolekit[pam] ) + cracklib? ( >=sys-libs/pam-${MIN_PAM_REQ}[cracklib] ) + mktemp? ( sys-auth/pam_mktemp ) + pam_krb5? ( + >=sys-libs/pam-${MIN_PAM_REQ} + >=sys-auth/pam_krb5-4.3 + ) + pam_ssh? ( sys-auth/pam_ssh ) + passwdqc? ( >=sys-auth/pam_passwdqc-1.0.4 ) + selinux? ( >=sys-libs/pam-${MIN_PAM_REQ}[selinux] ) + sha512? ( >=sys-libs/pam-${MIN_PAM_REQ} ) + !