diff options
author | V3n3RiX <venerix@redcorelinux.org> | 2019-04-05 21:17:31 +0100 |
---|---|---|
committer | V3n3RiX <venerix@redcorelinux.org> | 2019-04-05 21:17:31 +0100 |
commit | dc7cbdfa65fd814b3b9aa3c56257da201109e807 (patch) | |
tree | c85d72f6f31f21f178069c9d41d41a7c1ff4b362 /sys-auth/pambase | |
parent | 0706fc6986773f4e4d391deff4ad5143c464ea4e (diff) |
gentoo resync : 05.04.2019
Diffstat (limited to 'sys-auth/pambase')
-rw-r--r-- | sys-auth/pambase/Manifest | 4 | ||||
-rw-r--r-- | sys-auth/pambase/metadata.xml | 183 | ||||
-rw-r--r-- | sys-auth/pambase/pambase-20190402.ebuild | 90 |
3 files changed, 185 insertions, 92 deletions
diff --git a/sys-auth/pambase/Manifest b/sys-auth/pambase/Manifest index c0edd76cde21..7eb840a61240 100644 --- a/sys-auth/pambase/Manifest +++ b/sys-auth/pambase/Manifest @@ -3,7 +3,9 @@ AUX pambase-20150213-gnome-keyring.patch 1357 BLAKE2B 84923095bbff772f75689cd3a6 AUX pambase-20150213-selinux-note.patch 441 BLAKE2B 8457438ff72becbdf8da61143eacd961ad9a58f876e1560fcf3832af9b3cd995b37a1b4881a9b5bd572e9aff5bb89465d9bba8211e22347af7df22d5d9d8ffb4 SHA512 560afa6b9d2ac657f16ef41abf3f9243480c0d6c57ff725be00a936a92a392c1a5f59f787b1b0ddfe05a81da10cb3c1fc8d24ed9560731bbcae1608a5f155fdb DIST pambase-20101024.tar.bz2 3201 BLAKE2B 714da8dd0b354cee29ad175a0ed2094fba8f3bfb5839319a515ed133991eb224ae280928177dcb0524f52193f44a68064a2413ae47d380472bc7b5da0b13f1bf SHA512 8d2a89b38d94d2e423a033ea6922c0a0039a0fb64d60c05991d877b4fa893954723fe1c1763f3f67ed6fbc3639282a4ee1d76824f7f29025b6050632a6984b6f DIST pambase-20150213.tar.xz 3480 BLAKE2B 7c59774bb8888fd2c4656264f1d8ea8cdd5ffffff4dc5d03091592726c8bd7775ba1573091c8616aa891298a1fe309b19885b5ec21efb45fe38900b7c959aaf5 SHA512 3b49dd3f06a0942fcced95527f62cbc4ff723c48dc896a0b57ecd19736d2892db974c782be3fe24e8e6e17294869a772ae9ee6118af96dfdc7a3a6561dc3f3e5 +DIST pambase-20190402.tar.gz 3679 BLAKE2B 992d7bf6b6f74ef22a8808b57dd6faffb6c351eaa8be4172f320031334ca6def698b2cb17005b58ac3c18e89a94012e279b0f27cc2bea5040ae8ddc3233cba2d SHA512 565d64653e9898b9bd231c1461ec0988a19dbc9500ff1417a7197ac75804abeb13ca543121ae4afb29017c1e99073a16137e5c876f43dcc01e2641218760f4ae EBUILD pambase-20101024-r2.ebuild 2725 BLAKE2B 77a4d16cd30dedfa2256fd687cbb4b54555aeb1abf36123d340e9354d6cf67e503b9feb26daf55eb508c87dacc8c7df996510bf65ad32e818e74bc1f0873eb0e SHA512 307ebed59ea5f7fbe48ff343833c4fc6ca54520434452823b21e76c25c5c173738fd8637869e9a9eb9025e1d2b4cd090b7421e0a35333217bae87e450c7eaa1d EBUILD pambase-20150213-r1.ebuild 2869 BLAKE2B 4edfad559a57065dba9b243c3e53505e1521be771042a4028516492d3eedd4b6508a03db4c489b96bb3ebf24438aaf04d943a67ffd9b3435169f3899cd06c4ba SHA512 888ca20c747ee47056873f407e13f9675012ac160b5c55dd5128ddf9be31af91996aeddaf5d863d2e38b3c4863bb9325ca247d16b3785396863d7e97d10c06ce EBUILD pambase-20150213-r2.ebuild 2812 BLAKE2B 618ac42693c6478f3c5dbc21e3e465560a5ec6c5eaaa46fb6b78ecd3fe090283613abc968260aaf18c03f2a662eef98756b36b2764d42c23044fbeaccd383fcb SHA512 094e8eeeaff28015b61ba1a0e89dbbb45dc13f7a8aade742bde0fedf192338fc02f617731f84d59490cebfbf795f0638711f5974a40e1f1d43d6ce7b8316c494 -MISC metadata.xml 4297 BLAKE2B 53d6b14f5e6cf707666441f1bef3c975d43f33387ceb482dd7c41e97b2771466a02efb3db1c881d354bcfff42010e1da47a28579972169e3c7edac33f43f565d SHA512 d717c2916e154630a756f7925794d43d43c5881bc9df53b82b35f86104366902a76f2d9298cf5a8511431084f0103fe91234c5e4172555677bbdc00db0a73a04 +EBUILD pambase-20190402.ebuild 2329 BLAKE2B f89e40f0f4c59e1a384c2ecd1cc86ea054c4b6042d8ecff4befb773f48a0b15457309034578d1abb1d68c4d47922890b7f47beb6364d98c0e00d10d54483b2e3 SHA512 d13b662f2688830d6d21dc4f452aa12a5dfb9db1f12c4251693e8daa8ddbcc3c6ac40457c5cd4b7efb56d3d6990f7cf077b94157e3e020122d5133747630a0e9 +MISC metadata.xml 4088 BLAKE2B 5193b49786bcf70cff0fe509f45d624b29db779e54ef6c5171bfaf0ae929145667072f47d978c0c5ddc9902cce562532aa3767de1ec247260d7f044475995abf SHA512 1caaf079dbe24077112ffa16e943965c51214bed29d02aa2c7d7b40adddb3a053311cc26ca60a29317a7cc78faa7101834a2b080ea1d8658dcd6b3b5f16c3db4 diff --git a/sys-auth/pambase/metadata.xml b/sys-auth/pambase/metadata.xml index 7cd2dea5abe7..09d5034c9106 100644 --- a/sys-auth/pambase/metadata.xml +++ b/sys-auth/pambase/metadata.xml @@ -1,95 +1,96 @@ <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> <pkgmetadata> - <maintainer type="project"> - <email>pam-bugs@gentoo.org</email> - </maintainer> - <use> - <flag name="cracklib"> - Enable pam_cracklib module on system authentication stack. This - produces warnings when changing password to something easily - crackable. It requires the same USE flag to be enabled on - <pkg>sys-libs/pam</pkg> or system login might be impossible. - </flag> - <flag name="consolekit"> - Enable pam_ck_connector module on local system logins. This - allows for console logins to make use of ConsoleKit - authorization. - </flag> - <flag name="elogind"> - Use pam_elogind module to register user sessions with elogind. - </flag> - <flag name="systemd"> - Use pam_systemd module to register user sessions in the systemd - control group hierarchy. - </flag> - <flag name="gnome-keyring"> - Enable pam_gnome_keyring module on system login stack. This - enables proper Gnome Keyring access to logins, whether they are - done with the login shell, a Desktop Manager or a remote login - systems such as SSH. - </flag> - <flag name="debug"> - Enable debug information logging on syslog(3) for all the - modules supporting this in the system authentication and system - login stacks. - </flag> - <flag name="passwdqc"> - Enable pam_passwdqc module on system auth stack for password - quality validation. This is an alternative to pam_cracklib - producing warnings, rejecting or providing example passwords - when changing your system password. It is used by default by - OpenWall GNU/*/Linux and by FreeBSD. - </flag> - <flag name="mktemp"> - Enable pam_mktemp module on system auth stack for session - handling. This module creates a private temporary directory for - the user, and sets TMP and TMPDIR accordingly. - </flag> - <flag name="pam_ssh"> - Enable pam_ssh module on system auth stack for authentication - and session handling. This module will accept as password the - passphrase of a private SSH key (one of ~/.ssh/id_rsa, - ~/.ssh/id_dsa or ~/.ssh/identity), and will spawn an ssh-agent - instance to cache the open key. - </flag> - <flag name="sha512"> - Switch Linux-PAM's pam_unix module to use sha512 for passwords - hashes rather than MD5. This option requires - <pkg>sys-libs/pam</pkg> version 1.0.1 built against - <pkg>sys-libs/glibc</pkg> version 2.7, if it's built against an - earlier version, it will silently be ignored, and MD5 hashes - will be used. All the passwords changed after this USE flag is - enabled will be saved to the shadow file hashed using SHA512 - function. The password previously saved will be left - untouched. Please note that while SHA512-hashed passwords will - still be recognised if the USE flag is removed, the shadow file - will not be compatible with systems using an earlier glibc - version. - </flag> - <flag name="pam_krb5"> - Enable pam_krb5 module on system auth stack, as an alternative - to pam_unix. If Kerberos authentication succeed, only pam_unix - will be ignore, and all the other modules will proceed as usual, - including Gnome Keyring and other session modules. It requires - <pkg>sys-libs/pam</pkg> as PAM implementation. - </flag> - <flag name="minimal"> - Disables the standard PAM modules that provide extra information - to users on login; this includes pam_tally (and pam_tally2 for - Linux PAM 1.1 and later), pam_lastlog, pam_motd and other - similar modules. This might not be a good idea on a multi-user - system but could reduce slightly the overhead on single-user - non-networked systems. - </flag> - <flag name="nullok"> - Enable the nullok option with the pam_unix module. This allows - people to login with blank passwords. - </flag> - <flag name="securetty"> - Enable pam_securetty module in the login stack. Not generally - relevant anymore as the login stack only refers to local logins - and local terminals imply secure access in the first place. - </flag> - </use> + <maintainer type="person"> + <email>zlogene@gentoo.org</email> + <name>Mikle Kolyada</name> + </maintainer> + <use> + <flag name="cracklib"> + Enable pam_cracklib module on system authentication stack. This + produces warnings when changing password to something easily + crackable. It requires the same USE flag to be enabled on + <pkg>sys-libs/pam</pkg> or system login might be impossible. + </flag> + <flag name="consolekit"> + Enable pam_ck_connector module on local system logins. This + allows for console logins to make use of ConsoleKit + authorization. + </flag> + <flag name="elogind"> + Use pam_elogind module to register user sessions with elogind. + </flag> + <flag name="systemd"> + Use pam_systemd module to register user sessions in the systemd + control group hierarchy. + </flag> + <flag name="gnome-keyring"> + Enable pam_gnome_keyring module on system login stack. This + enables proper Gnome Keyring access to logins, whether they are + done with the login shell, a Desktop Manager or a remote login + systems such as SSH. + </flag> + <flag name="debug"> + Enable debug information logging on syslog(3) for all the + modules supporting this in the system authentication and system + login stacks. + </flag> + <flag name="passwdqc"> + Enable pam_passwdqc module on system auth stack for password + quality validation. This is an alternative to pam_cracklib + producing warnings, rejecting or providing example passwords + when changing your system password. It is used by default by + OpenWall GNU/*/Linux and by FreeBSD. + </flag> + <flag name="mktemp"> + Enable pam_mktemp module on system auth stack for session + handling. This module creates a private temporary directory for + the user, and sets TMP and TMPDIR accordingly. + </flag> + <flag name="pam_ssh"> + Enable pam_ssh module on system auth stack for authentication + and session handling. This module will accept as password the + passphrase of a private SSH key (one of ~/.ssh/id_rsa, + ~/.ssh/id_dsa or ~/.ssh/identity), and will spawn an ssh-agent + instance to cache the open key. + </flag> + <flag name="sha512"> + Switch Linux-PAM's pam_unix module to use sha512 for passwords + hashes rather than MD5. This option requires + <pkg>sys-libs/pam</pkg> version 1.0.1 built against + <pkg>sys-libs/glibc</pkg> version 2.7, if it's built against an + earlier version, it will silently be ignored, and MD5 hashes + will be used. All the passwords changed after this USE flag is + enabled will be saved to the shadow file hashed using SHA512 + function. The password previously saved will be left + untouched. Please note that while SHA512-hashed passwords will + still be recognised if the USE flag is removed, the shadow file + will not be compatible with systems using an earlier glibc + version. + </flag> + <flag name="pam_krb5"> + Enable pam_krb5 module on system auth stack, as an alternative + to pam_unix. If Kerberos authentication succeed, only pam_unix + will be ignore, and all the other modules will proceed as usual, + including Gnome Keyring and other session modules. It requires + <pkg>sys-libs/pam</pkg> as PAM implementation. + </flag> + <flag name="minimal"> + Disables the standard PAM modules that provide extra information + to users on login; this includes pam_tally (and pam_tally2 for + Linux PAM 1.1 and later), pam_lastlog, pam_motd and other + similar modules. This might not be a good idea on a multi-user + system but could reduce slightly the overhead on single-user + non-networked systems. + </flag> + <flag name="nullok"> + Enable the nullok option with the pam_unix module. This allows + people to login with blank passwords. + </flag> + <flag name="securetty"> + Enable pam_securetty module in the login stack. Not generally + relevant anymore as the login stack only refers to local logins + and local terminals imply secure access in the first place. + </flag> + </use> </pkgmetadata> diff --git a/sys-auth/pambase/pambase-20190402.ebuild b/sys-auth/pambase/pambase-20190402.ebuild new file mode 100644 index 000000000000..e6172b5ebfc1 --- /dev/null +++ b/sys-auth/pambase/pambase-20190402.ebuild @@ -0,0 +1,90 @@ +# Copyright 1999-2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +DESCRIPTION="PAM base configuration files" +HOMEPAGE="https://gentoo.org/" +SRC_URI="https://github.com/gentoo/pambase/archive/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 -x86-fbsd ~amd64-linux ~x86-linux" +IUSE="consolekit +cracklib debug elogind minimal mktemp +nullok pam_krb5 pam_ssh passwdqc securetty selinux +sha512 systemd" + +RESTRICT="binchecks" + +REQUIRED_USE="?? ( consolekit elogind systemd )" + +MIN_PAM_REQ=1.1.3 + +RDEPEND=" + || ( + >=sys-libs/pam-${MIN_PAM_REQ} + ( sys-auth/openpam sys-freebsd/freebsd-pam-modules ) + ) + consolekit? ( sys-auth/consolekit[pam] ) + cracklib? ( sys-libs/pam[cracklib] ) + elogind? ( sys-auth/elogind[pam] ) + mktemp? ( sys-auth/pam_mktemp ) + pam_krb5? ( + || ( >=sys-libs/pam-${MIN_PAM_REQ} sys-auth/openpam ) + sys-auth/pam_krb5 + ) + pam_ssh? ( sys-auth/pam_ssh ) + passwdqc? ( sys-auth/pam_passwdqc ) + selinux? ( sys-libs/pam[selinux] ) + sha512? ( >=sys-libs/pam-${MIN_PAM_REQ} ) + systemd? ( sys-apps/systemd[pam] ) +" +DEPEND=" + app-arch/xz-utils + app-portage/portage-utils +" + +S="${WORKDIR}/${PN}-${P}" + +src_compile() { + local implementation linux_pam_version + if has_version sys-libs/pam; then + implementation=linux-pam + local ver_str=$(qatom $(best_version sys-libs/pam) | cut -d ' ' -f 3) + linux_pam_version=$(printf "0x%02x%02x%02x" ${ver_str//\./ }) + elif has_version sys-auth/openpam; then + implementation=openpam + else + die "PAM implementation not identified" + fi + + use_var() { + local varname=$(echo "$1" | tr '[:lower:]' '[:upper:]') + local usename=${2-$(echo "$1" | tr '[:upper:]' '[:lower:]')} + local varvalue=$(usex ${usename}) + echo "${varname}=${varvalue}" + } + + emake \ + GIT=true \ + $(use_var debug) \ + $(use_var cracklib) \ + $(use_var passwdqc) \ + $(use_var consolekit) \ + $(use_var elogind) \ + $(use_var systemd) \ + $(use_var selinux) \ + $(use_var nullok) \ + $(use_var mktemp) \ + $(use_var pam_ssh) \ + $(use_var securetty) \ + $(use_var sha512) \ + $(use_var KRB5 pam_krb5) \ + $(use_var minimal) \ + IMPLEMENTATION=${implementation} \ + LINUX_PAM_VERSION=${linux_pam_version} +} + +src_test() { :; } + +src_install() { + emake GIT=true DESTDIR="${ED}" install +} |