diff options
Diffstat (limited to 'sys-libs/pam')
| -rw-r--r-- | sys-libs/pam/Manifest | 2 | ||||
| -rw-r--r-- | sys-libs/pam/pam-1.7.0_p20241230-r3.ebuild | 175 |
2 files changed, 177 insertions, 0 deletions
diff --git a/sys-libs/pam/Manifest b/sys-libs/pam/Manifest index 776377d6537d..4059b809f16c 100644 --- a/sys-libs/pam/Manifest +++ b/sys-libs/pam/Manifest @@ -3,6 +3,8 @@ DIST Linux-PAM-1.5.3-docs.tar.xz 466340 BLAKE2B 6bade3c63ebe6b6ca7a86d7385850bb8 DIST Linux-PAM-1.5.3.tar.xz 1020076 BLAKE2B 362c939f3afc343e6f4e78e7f6ba6f7a9c6ee0a9948bb5a4fc34cecfd29e9fa974082534d4ceedd04d8d3e34c7b3ef43d2a07ba5f41d26da04ec8330fc3790fb SHA512 af88e8c1b6a9b737ffaffff7dd9ed8eec996d1fbb5804fb76f590bed66d8a1c2c6024a534d7a7b6d18496b300f3d6571a08874cf406cd2e8cea1d5eff49c136a DIST Linux-PAM-1.6.1-docs.tar.xz 465516 BLAKE2B c39dfba2e327120edc1f30be6ea7f8e6cf20d1f4dd17752cc34e0ae1c0bd22b3d19b94ab665bf3df5bd6ecc7fc358dbbedd8a3069df95ff6189580e538aa3547 SHA512 c6054ec6832f604c0654cf074e4e241c44037fd41cd37cca7da94abe008ff72adc4466d31bd254517eda083c7ec3f6aefd37785b3ee3d0d4553250bd29963855 DIST Linux-PAM-1.6.1.tar.xz 1054152 BLAKE2B 649b4ff892fbd3eb90adcbd9ccc5b3f5df51bf1c79b9084c7a1613c432587b13b81761d1eb4f31ef12d58843d16af24a3c441d0b6f5d2f2a1db9c8da15a61e2f SHA512 ddb5a5f296f564b76925324550d29f15d342841a97815336789c7bb922a8663e831edeb54f3dcd1eaf297e3325c9e2e6c14b8740def5c43cf3f160a8a14fa2ea +DIST pam-1.7.0_p20241230.gh.tar.gz 719108 BLAKE2B c37daabae380ce75c630a0af1b9960676bc973c773025bc7f65ae87aebff4ca3b667e16ec9635c7677e8a00e6b26eb590f84b798529c3340cdc2c262e7e5649e SHA512 d9d53ddd420fe754c76303b99c37e5cc2eca3d4af9f64043f3f9e69c3abfc3c05d5a1efdbbdfb39ad46a301a0df7a18425d0e8c110c1d76bad3e62dfa97b61ef EBUILD pam-1.5.3-r1.ebuild 4456 BLAKE2B 11d04b870ae3571fa71aa7d1bdaa29eb59b5593899aa70223d3ad708331b875d21ac1ab6b28f06392651db04bca8821c747e478fb87744968d6cc6a23a652951 SHA512 a98f212ddcdef9542e6f3bcd05c3a1f6243b5e2696bf93bd4596ae8f84a88acf0ad7bba4a196dfc91775a20b5d3dff30659406437491f476252f4cb1e7c3c92a EBUILD pam-1.6.1.ebuild 4459 BLAKE2B b6c946278113f8c0cf63676382fce8dfee77ed4d02f56314f55734c4c5e32b1dc668d851315ff27fe98c470a61cda43cb9bd31b3430fc859aaa3aca767fd4c33 SHA512 4100f9df870643f57f8d99114d6ff02553d9fc6ebd5fc3a3fea85ab49ec248482bddfe5b0767551d6bcb0a8a42439f9b35cf81f087750aa030d4d9d144f20834 +EBUILD pam-1.7.0_p20241230-r3.ebuild 5566 BLAKE2B 44fc8da38ace5b4a7973fa5e78038f455bdd785dc71cca1b58b1fd8036422b6bb1064d0689d9ec84a03732a37ae08090186c630cc4bdc14a401b21bf6dafdda9 SHA512 fbb2f6c125ccb030e07282895bb1ee59bcb6df8e2667fa30ead4a6dbea6d4d7e2f75accda220024dd53d8e7ed293415f5bccd5c6854f5f53f1f5360deec5f77f MISC metadata.xml 846 BLAKE2B e236bd8c7a53097d96164d9063d1dbb9372cef4ec92731dc43df6731cc7f4fc2935aeeb2e069b6da1d4bce3f1cc6a657e0361208581da615f3f41ec72c02261e SHA512 e2e28deadb2c941f8fa31447ec20c95ccb340d638f8b1e742a89ccc2dbb3c8d88e764f750d6e13c5a6320a612d6f2447689c02862a5e897919d1e9bca7857089 diff --git a/sys-libs/pam/pam-1.7.0_p20241230-r3.ebuild b/sys-libs/pam/pam-1.7.0_p20241230-r3.ebuild new file mode 100644 index 000000000000..e1e1c79a8d0e --- /dev/null +++ b/sys-libs/pam/pam-1.7.0_p20241230-r3.ebuild @@ -0,0 +1,175 @@ +# Copyright 1999-2025 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +MY_P="Linux-${PN^^}-${PV}" + +# Avoid QA warnings +# Can reconsider w/ EAPI 8 and IDEPEND, bug #810979 +TMPFILES_OPTIONAL=1 + +inherit db-use fcaps flag-o-matic meson-multilib + +DESCRIPTION="Linux-PAM (Pluggable Authentication Modules)" +HOMEPAGE="https://github.com/linux-pam/linux-pam" + +if [[ ${PV} == *_p* ]] ; then + PAM_COMMIT="e634a3a9be9484ada6e93970dfaf0f055ca17332" + SRC_URI=" + https://github.com/linux-pam/linux-pam/archive/${PAM_COMMIT}.tar.gz -> ${P}.gh.tar.gz + " + S="${WORKDIR}"/linux-${PN}-${PAM_COMMIT} +else + VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/strace.asc + inherit verify-sig + + SRC_URI=" + https://github.com/linux-pam/linux-pam/releases/download/v${PV}/${MY_P}.tar.xz + verify-sig? ( https://github.com/linux-pam/linux-pam/releases/download/v${PV}/${MY_P}.tar.xz.asc ) + " + S="${WORKDIR}/${MY_P}" + + BDEPEND="verify-sig? ( sec-keys/openpgp-keys-strace )" +fi + +LICENSE="|| ( BSD GPL-2 )" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux" +IUSE="audit berkdb elogind examples debug nis nls selinux systemd" +REQUIRED_USE="?? ( elogind systemd )" + +# meson.build specifically checks for bison and then byacc +# also requires xsltproc +BDEPEND+=" + || ( sys-devel/bison dev-util/byacc ) + app-text/docbook-xsl-ns-stylesheets + dev-libs/libxslt + sys-devel/flex + virtual/pkgconfig + nls? ( sys-devel/gettext ) +" +DEPEND=" + virtual/libcrypt:=[${MULTILIB_USEDEP}] + >=virtual/libintl-0-r1[${MULTILIB_USEDEP}] + audit? ( >=sys-process/audit-2.2.2[${MULTILIB_USEDEP}] ) + berkdb? ( >=sys-libs/db-4.8.30-r1:=[${MULTILIB_USEDEP}] ) + !berkdb? ( sys-libs/gdbm:=[${MULTILIB_USEDEP}] ) + elogind? ( >=sys-auth/elogind-254 ) + selinux? ( >=sys-libs/libselinux-2.2.2-r4[${MULTILIB_USEDEP}] ) + systemd? ( >=sys-apps/systemd-254:= ) + nis? ( + net-libs/libnsl:=[${MULTILIB_USEDEP}] + >=net-libs/libtirpc-0.2.4-r2:=[${MULTILIB_USEDEP}] + ) +" +RDEPEND="${DEPEND}" +PDEPEND=">=sys-auth/pambase-20200616" + +src_configure() { + # meson.build sets -Wl,--fatal-warnings and with e.g. mold, we get: + # cannot assign version `global` to symbol `pam_sm_open_session`: symbol not found + append-ldflags $(test-flags-CCLD -Wl,--undefined-version) + + # Do not let user's BROWSER setting mess us up, bug #549684 + unset BROWSER + + meson-multilib_src_configure +} + +multilib_src_configure() { + local native_file="${T}"/meson.${CHOST}.${ABI}.ini.local + # Workaround for docbook5 not being packaged (bug #913087#c4) + # It's only used for validation of output, so stub it out. + # Also, stub out elinks+w3m which are only used for an index. + cat >> ${native_file} <<-EOF || die + [binaries] + xmlcatalog='true' + xmllint='true' + elinks='true' + w3m='true' + EOF + + local emesonargs=( + --native-file "${native_file}" + + $(meson_feature audit) + $(meson_native_use_bool examples) + $(meson_use debug pam-debug) + $(meson_feature nis) + $(meson_feature nls i18n) + $(meson_feature selinux) + + -Disadir='.' + -Dxml-catalog="${BROOT}"/etc/xml/catalog + -Dsbindir="${EPREFIX}"/sbin + -Dsecuredir="${EPREFIX}"/$(get_libdir)/security + -Ddocdir="${EPREFIX}"/usr/share/doc/${PF} + -Dhtmldir="${EPREFIX}"/usr/share/doc/${PF}/html + -Dpdfdir="${EPREFIX}"/usr/share/doc/${PF}/pdf + + -Ddb=$(usex berkdb 'db' 'gdbm') + -Ddb-uniquename=$(db_findver sys-libs/db) + + $(meson_native_enabled docs) + + -Dpam_unix=enabled + + # TODO: wire this up now it's more useful as of 1.5.3 (bug #931117) + -Deconf=disabled + + # TODO: lastlog is enabled again for now by us as elogind support + # wasn't available at first. Even then, disabling lastlog will + # probably need a news item. + $(meson_native_use_feature systemd logind) + $(meson_native_use_feature elogind) + $(meson_feature !elibc_musl pam_lastlog) + ) + + # This whole weird has_version libxcrypt block can go once + # musl systems have libxcrypt[system] if we ever make + # that mandatory. See bug #867991. + #if use elibc_musl && ! has_version sys-libs/libxcrypt[system] ; then + # # Avoid picking up symbol-versioned compat symbol on musl systems + # export ac_cv_search_crypt_gensalt_rn=no + # + # # Need to avoid picking up the libxcrypt headers which define + # # CRYPT_GENSALT_IMPLEMENTS_AUTO_ENTROPY. + # cp "${ESYSROOT}"/usr/include/crypt.h "${T}"/crypt.h || die + # append-cppflags -I"${T}" + #fi + + meson_src_configure +} + +multilib_src_install_all() { + find "${ED}" -type f -name '*.la' -delete || die + + # tmpfiles.eclass is impossible to use because + # there is the pam -> tmpfiles -> systemd -> pam dependency loop + dodir /usr/lib/tmpfiles.d + + cat ->> "${ED}"/usr/lib/tmpfiles.d/${CATEGORY}-${PN}.conf <<-_EOF_ + d /run/faillock 0755 root root + _EOF_ + use selinux && cat ->> "${ED}"/usr/lib/tmpfiles.d/${CATEGORY}-${PN}-selinux.conf <<-_EOF_ + d /run/sepermit 0755 root root + _EOF_ +} + +pkg_postinst() { + ewarn "Some software with pre-loaded PAM libraries might experience" + ewarn "warnings or failures related to missing symbols and/or versions" + ewarn "after any update. While unfortunate this is a limit of the" + ewarn "implementation of PAM and the software, and it requires you to" + ewarn "restart the software manually after the update." + ewarn "" + ewarn "You can get a list of such software running a command like" + ewarn " lsof / | grep -E -i 'del.*libpam\\.so'" + ewarn "" + ewarn "Alternatively, simply reboot your system." + + # The pam_unix module needs to check the password of the user which requires + # read access to /etc/shadow only. + fcaps cap_dac_override sbin/unix_chkpwd +} |