gentoo resync : 05.04.2019

3 files changed, 185 insertions, 92 deletions

diff --git a/sys-auth/pambase/Manifest b/sys-auth/pambase/Manifest
index c0edd76cde21..7eb840a61240 100644
--- a/sys-auth/pambase/Manifest
+++ b/sys-auth/pambase/Manifest
@@ -3,7 +3,9 @@ AUX pambase-20150213-gnome-keyring.patch 1357 BLAKE2B 84923095bbff772f75689cd3a6
 AUX pambase-20150213-selinux-note.patch 441 BLAKE2B 8457438ff72becbdf8da61143eacd961ad9a58f876e1560fcf3832af9b3cd995b37a1b4881a9b5bd572e9aff5bb89465d9bba8211e22347af7df22d5d9d8ffb4 SHA512 560afa6b9d2ac657f16ef41abf3f9243480c0d6c57ff725be00a936a92a392c1a5f59f787b1b0ddfe05a81da10cb3c1fc8d24ed9560731bbcae1608a5f155fdb
 DIST pambase-20101024.tar.bz2 3201 BLAKE2B 714da8dd0b354cee29ad175a0ed2094fba8f3bfb5839319a515ed133991eb224ae280928177dcb0524f52193f44a68064a2413ae47d380472bc7b5da0b13f1bf SHA512 8d2a89b38d94d2e423a033ea6922c0a0039a0fb64d60c05991d877b4fa893954723fe1c1763f3f67ed6fbc3639282a4ee1d76824f7f29025b6050632a6984b6f
 DIST pambase-20150213.tar.xz 3480 BLAKE2B 7c59774bb8888fd2c4656264f1d8ea8cdd5ffffff4dc5d03091592726c8bd7775ba1573091c8616aa891298a1fe309b19885b5ec21efb45fe38900b7c959aaf5 SHA512 3b49dd3f06a0942fcced95527f62cbc4ff723c48dc896a0b57ecd19736d2892db974c782be3fe24e8e6e17294869a772ae9ee6118af96dfdc7a3a6561dc3f3e5
+DIST pambase-20190402.tar.gz 3679 BLAKE2B 992d7bf6b6f74ef22a8808b57dd6faffb6c351eaa8be4172f320031334ca6def698b2cb17005b58ac3c18e89a94012e279b0f27cc2bea5040ae8ddc3233cba2d SHA512 565d64653e9898b9bd231c1461ec0988a19dbc9500ff1417a7197ac75804abeb13ca543121ae4afb29017c1e99073a16137e5c876f43dcc01e2641218760f4ae
 EBUILD pambase-20101024-r2.ebuild 2725 BLAKE2B 77a4d16cd30dedfa2256fd687cbb4b54555aeb1abf36123d340e9354d6cf67e503b9feb26daf55eb508c87dacc8c7df996510bf65ad32e818e74bc1f0873eb0e SHA512 307ebed59ea5f7fbe48ff343833c4fc6ca54520434452823b21e76c25c5c173738fd8637869e9a9eb9025e1d2b4cd090b7421e0a35333217bae87e450c7eaa1d
 EBUILD pambase-20150213-r1.ebuild 2869 BLAKE2B 4edfad559a57065dba9b243c3e53505e1521be771042a4028516492d3eedd4b6508a03db4c489b96bb3ebf24438aaf04d943a67ffd9b3435169f3899cd06c4ba SHA512 888ca20c747ee47056873f407e13f9675012ac160b5c55dd5128ddf9be31af91996aeddaf5d863d2e38b3c4863bb9325ca247d16b3785396863d7e97d10c06ce
 EBUILD pambase-20150213-r2.ebuild 2812 BLAKE2B 618ac42693c6478f3c5dbc21e3e465560a5ec6c5eaaa46fb6b78ecd3fe090283613abc968260aaf18c03f2a662eef98756b36b2764d42c23044fbeaccd383fcb SHA512 094e8eeeaff28015b61ba1a0e89dbbb45dc13f7a8aade742bde0fedf192338fc02f617731f84d59490cebfbf795f0638711f5974a40e1f1d43d6ce7b8316c494
-MISC metadata.xml 4297 BLAKE2B 53d6b14f5e6cf707666441f1bef3c975d43f33387ceb482dd7c41e97b2771466a02efb3db1c881d354bcfff42010e1da47a28579972169e3c7edac33f43f565d SHA512 d717c2916e154630a756f7925794d43d43c5881bc9df53b82b35f86104366902a76f2d9298cf5a8511431084f0103fe91234c5e4172555677bbdc00db0a73a04
+EBUILD pambase-20190402.ebuild 2329 BLAKE2B f89e40f0f4c59e1a384c2ecd1cc86ea054c4b6042d8ecff4befb773f48a0b15457309034578d1abb1d68c4d47922890b7f47beb6364d98c0e00d10d54483b2e3 SHA512 d13b662f2688830d6d21dc4f452aa12a5dfb9db1f12c4251693e8daa8ddbcc3c6ac40457c5cd4b7efb56d3d6990f7cf077b94157e3e020122d5133747630a0e9
+MISC metadata.xml 4088 BLAKE2B 5193b49786bcf70cff0fe509f45d624b29db779e54ef6c5171bfaf0ae929145667072f47d978c0c5ddc9902cce562532aa3767de1ec247260d7f044475995abf SHA512 1caaf079dbe24077112ffa16e943965c51214bed29d02aa2c7d7b40adddb3a053311cc26ca60a29317a7cc78faa7101834a2b080ea1d8658dcd6b3b5f16c3db4
diff --git a/sys-auth/pambase/metadata.xml b/sys-auth/pambase/metadata.xml
index 7cd2dea5abe7..09d5034c9106 100644
--- a/sys-auth/pambase/metadata.xml
+++ b/sys-auth/pambase/metadata.xml
@@ -1,95 +1,96 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
 <pkgmetadata>
-  <maintainer type="project">
-    <email>pam-bugs@gentoo.org</email>
-  </maintainer>
-  <use>
-    <flag name="cracklib">
-      Enable pam_cracklib module on system authentication stack. This
-      produces warnings when changing password to something easily
-      crackable. It requires the same USE flag to be enabled on
-      <pkg>sys-libs/pam</pkg> or system login might be impossible.
-    </flag>
-    <flag name="consolekit">
-      Enable pam_ck_connector module on local system logins. This
-      allows for console logins to make use of ConsoleKit
-      authorization.
-    </flag>
-    <flag name="elogind">
-      Use pam_elogind module to register user sessions with elogind.
-    </flag>
-    <flag name="systemd">
-      Use pam_systemd module to register user sessions in the systemd
-      control group hierarchy.
-    </flag>
-    <flag name="gnome-keyring">
-      Enable pam_gnome_keyring module on system login stack. This
-      enables proper Gnome Keyring access to logins, whether they are
-      done with the login shell, a Desktop Manager or a remote login
-      systems such as SSH.
-    </flag>
-    <flag name="debug">
-      Enable debug information logging on syslog(3) for all the
-      modules supporting this in the system authentication and system
-      login stacks.
-    </flag>
-    <flag name="passwdqc">
-      Enable pam_passwdqc module on system auth stack for password
-      quality validation. This is an alternative to pam_cracklib
-      producing warnings, rejecting or providing example passwords
-      when changing your system password. It is used by default by
-      OpenWall GNU/*/Linux and by FreeBSD.
-    </flag>
-    <flag name="mktemp">
-      Enable pam_mktemp module on system auth stack for session
-      handling. This module creates a private temporary directory for
-      the user, and sets TMP and TMPDIR accordingly.
-    </flag>
-    <flag name="pam_ssh">
-      Enable pam_ssh module on system auth stack for authentication
-      and session handling. This module will accept as password the
-      passphrase of a private SSH key (one of ~/.ssh/id_rsa,
-      ~/.ssh/id_dsa or ~/.ssh/identity), and will spawn an ssh-agent
-      instance to cache the open key.
-    </flag>
-    <flag name="sha512">
-      Switch Linux-PAM's pam_unix module to use sha512 for passwords
-      hashes rather than MD5. This option requires
-      <pkg>sys-libs/pam</pkg> version 1.0.1 built against
-      <pkg>sys-libs/glibc</pkg> version 2.7, if it's built against an
-      earlier version, it will silently be ignored, and MD5 hashes
-      will be used. All the passwords changed after this USE flag is
-      enabled will be saved to the shadow file hashed using SHA512
-      function. The password previously saved will be left
-      untouched. Please note that while SHA512-hashed passwords will
-      still be recognised if the USE flag is removed, the shadow file
-      will not be compatible with systems using an earlier glibc
-      version.
-    </flag>
-    <flag name="pam_krb5">
-      Enable pam_krb5 module on system auth stack, as an alternative
-      to pam_unix. If Kerberos authentication succeed, only pam_unix
-      will be ignore, and all the other modules will proceed as usual,
-      including Gnome Keyring and other session modules. It requires
-      <pkg>sys-libs/pam</pkg> as PAM implementation.
-    </flag>
-    <flag name="minimal">
-      Disables the standard PAM modules that provide extra information
-      to users on login; this includes pam_tally (and pam_tally2 for
-      Linux PAM 1.1 and later), pam_lastlog, pam_motd and other
-      similar modules. This might not be a good idea on a multi-user
-      system but could reduce slightly the overhead on single-user
-      non-networked systems.
-    </flag>
-    <flag name="nullok">
-      Enable the nullok option with the pam_unix module. This allows
-      people to login with blank passwords.
-    </flag>
-    <flag name="securetty">
-      Enable pam_securetty module in the login stack. Not generally
-      relevant anymore as the login stack only refers to local logins
-      and local terminals imply secure access in the first place.
-    </flag>
-  </use>
+	<maintainer type="person">
+		<email>zlogene@gentoo.org</email>
+		<name>Mikle Kolyada</name>
+	</maintainer>
+	<use>
+		<flag name="cracklib">
+			Enable pam_cracklib module on system authentication stack. This
+			produces warnings when changing password to something easily
+			crackable. It requires the same USE flag to be enabled on
+			<pkg>sys-libs/pam</pkg> or system login might be impossible.
+		</flag>
+		<flag name="consolekit">
+			Enable pam_ck_connector module on local system logins. This
+			allows for console logins to make use of ConsoleKit
+			authorization.
+		</flag>
+		<flag name="elogind">
+			Use pam_elogind module to register user sessions with elogind.
+		</flag>
+		<flag name="systemd">
+			Use pam_systemd module to register user sessions in the systemd
+			control group hierarchy.
+		</flag>
+		<flag name="gnome-keyring">
+			Enable pam_gnome_keyring module on system login stack. This
+			enables proper Gnome Keyring access to logins, whether they are
+			done with the login shell, a Desktop Manager or a remote login
+			systems such as SSH.
+		</flag>
+		<flag name="debug">
+			Enable debug information logging on syslog(3) for all the
+			modules supporting this in the system authentication and system
+			login stacks.
+		</flag>
+		<flag name="passwdqc">
+			Enable pam_passwdqc module on system auth stack for password
+			quality validation. This is an alternative to pam_cracklib
+			producing warnings, rejecting or providing example passwords
+			when changing your system password. It is used by default by
+			OpenWall GNU/*/Linux and by FreeBSD.
+		</flag>
+		<flag name="mktemp">
+			Enable pam_mktemp module on system auth stack for session
+			handling. This module creates a private temporary directory for
+			the user, and sets TMP and TMPDIR accordingly.
+		</flag>
+		<flag name="pam_ssh">
+			Enable pam_ssh module on system auth stack for authentication
+			and session handling. This module will accept as password the
+			passphrase of a private SSH key (one of ~/.ssh/id_rsa,
+			~/.ssh/id_dsa or ~/.ssh/identity), and will spawn an ssh-agent
+			instance to cache the open key.
+		</flag>
+		<flag name="sha512">
+			Switch Linux-PAM's pam_unix module to use sha512 for passwords
+			hashes rather than MD5. This option requires
+			<pkg>sys-libs/pam</pkg> version 1.0.1 built against
+			<pkg>sys-libs/glibc</pkg> version 2.7, if it's built against an
+			earlier version, it will silently be ignored, and MD5 hashes
+			will be used. All the passwords changed after this USE flag is
+			enabled will be saved to the shadow file hashed using SHA512
+			function. The password previously saved will be left
+			untouched. Please note that while SHA512-hashed passwords will
+			still be recognised if the USE flag is removed, the shadow file
+			will not be compatible with systems using an earlier glibc
+			version.
+		</flag>
+		<flag name="pam_krb5">
+			Enable pam_krb5 module on system auth stack, as an alternative
+			to pam_unix. If Kerberos authentication succeed, only pam_unix
+			will be ignore, and all the other modules will proceed as usual,
+			including Gnome Keyring and other session modules. It requires
+			<pkg>sys-libs/pam</pkg> as PAM implementation.
+		</flag>
+		<flag name="minimal">
+			Disables the standard PAM modules that provide extra information
+			to users on login; this includes pam_tally (and pam_tally2 for
+			Linux PAM 1.1 and later), pam_lastlog, pam_motd and other
+			similar modules. This might not be a good idea on a multi-user
+			system but could reduce slightly the overhead on single-user
+			non-networked systems.
+		</flag>
+		<flag name="nullok">
+			Enable the nullok option with the pam_unix module. This allows
+			people to login with blank passwords.
+		</flag>
+		<flag name="securetty">
+			Enable pam_securetty module in the login stack. Not generally
+			relevant anymore as the login stack only refers to local logins
+			and local terminals imply secure access in the first place.
+		</flag>
+	</use>
 </pkgmetadata>
diff --git a/sys-auth/pambase/pambase-20190402.ebuild b/sys-auth/pambase/pambase-20190402.ebuild
new file mode 100644
index 000000000000..e6172b5ebfc1
--- /dev/null
+++ b/sys-auth/pambase/pambase-20190402.ebuild
@@ -0,0 +1,90 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+DESCRIPTION="PAM base configuration files"
+HOMEPAGE="https://gentoo.org/"
+SRC_URI="https://github.com/gentoo/pambase/archive/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 -x86-fbsd ~amd64-linux ~x86-linux"
+IUSE="consolekit +cracklib debug elogind minimal mktemp +nullok pam_krb5 pam_ssh passwdqc securetty selinux +sha512 systemd"
+
+RESTRICT="binchecks"
+
+REQUIRED_USE="?? ( consolekit elogind systemd )"
+
+MIN_PAM_REQ=1.1.3
+
+RDEPEND="
+	|| (
+		>=sys-libs/pam-${MIN_PAM_REQ}
+		( sys-auth/openpam sys-freebsd/freebsd-pam-modules )
+	)
+	consolekit? ( sys-auth/consolekit[pam] )
+	cracklib? ( sys-libs/pam[cracklib] )
+	elogind? ( sys-auth/elogind[pam] )
+	mktemp? ( sys-auth/pam_mktemp )
+	pam_krb5? (
+		|| ( >=sys-libs/pam-${MIN_PAM_REQ} sys-auth/openpam )
+		sys-auth/pam_krb5
+	)
+	pam_ssh? ( sys-auth/pam_ssh )
+	passwdqc? ( sys-auth/pam_passwdqc )
+	selinux? ( sys-libs/pam[selinux] )
+	sha512? ( >=sys-libs/pam-${MIN_PAM_REQ} )
+	systemd? ( sys-apps/systemd[pam] )
+"
+DEPEND="
+	app-arch/xz-utils
+	app-portage/portage-utils
+"
+
+S="${WORKDIR}/${PN}-${P}"
+
+src_compile() {
+	local implementation linux_pam_version
+	if has_version sys-libs/pam; then
+		implementation=linux-pam
+		local ver_str=$(qatom $(best_version sys-libs/pam) | cut -d ' ' -f 3)
+		linux_pam_version=$(printf "0x%02x%02x%02x" ${ver_str//\./ })
+	elif has_version sys-auth/openpam; then
+		implementation=openpam
+	else
+		die "PAM implementation not identified"
+	fi
+
+	use_var() {
+		local varname=$(echo "$1" | tr '[:lower:]' '[:upper:]')
+		local usename=${2-$(echo "$1" | tr '[:upper:]' '[:lower:]')}
+		local varvalue=$(usex ${usename})
+		echo "${varname}=${varvalue}"
+	}
+
+	emake \
+		GIT=true \
+		$(use_var debug) \
+		$(use_var cracklib) \
+		$(use_var passwdqc) \
+		$(use_var consolekit) \
+		$(use_var elogind) \
+		$(use_var systemd) \
+		$(use_var selinux) \
+		$(use_var nullok) \
+		$(use_var mktemp) \
+		$(use_var pam_ssh) \
+		$(use_var securetty) \
+		$(use_var sha512) \
+		$(use_var KRB5 pam_krb5) \
+		$(use_var minimal) \
+		IMPLEMENTATION=${implementation} \
+		LINUX_PAM_VERSION=${linux_pam_version}
+}
+
+src_test() { :; }
+
+src_install() {
+	emake GIT=true DESTDIR="${ED}" install
+}