blob: fe79197047b35a569e0cb058f751feac2898a36d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
|
# Copyright 1999-2013 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: $
EAPI=4
inherit eutils
DESCRIPTION="PAM base configuration files"
HOMEPAGE="http://www.gentoo.org/proj/en/base/pam/"
SRC_URI="http://dev.gentoo.org/~flameeyes/${PN}/${P}.tar.bz2
http://dev.gentoo.org/~phajdan.jr/${PN}/${P}.tar.bz2"
LICENSE="GPL-2"
SLOT="0"
KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 -sparc-fbsd -x86-fbsd ~x86-freebsd ~amd64-linux ~ia64-linux ~x86-linux"
IUSE="consolekit cracklib debug minimal mktemp pam_krb5 pam_ssh passwdqc selinux +sha512 systemd"
RESTRICT=binchecks
MIN_PAM_REQ=1.1.3
RDEPEND="
|| (
>=sys-libs/pam-${MIN_PAM_REQ}
( sys-auth/openpam || ( sys-freebsd/freebsd-pam-modules sys-netbsd/netbsd-pam-modules ) )
)
consolekit? ( sys-auth/consolekit[pam] )
cracklib? ( >=sys-libs/pam-${MIN_PAM_REQ}[cracklib] )
mktemp? ( sys-auth/pam_mktemp )
pam_krb5? (
>=sys-libs/pam-${MIN_PAM_REQ}
>=sys-auth/pam_krb5-4.3
)
pam_ssh? ( sys-auth/pam_ssh )
passwdqc? ( >=sys-auth/pam_passwdqc-1.0.4 )
selinux? ( >=sys-libs/pam-${MIN_PAM_REQ}[selinux] )
sha512? ( >=sys-libs/pam-${MIN_PAM_REQ} )
!<sys-apps/shadow-4.1.5-r1
!<sys-freebsd/freebsd-pam-modules-6.2-r1
!<sys-libs/pam-0.99.9.0-r1"
DEPEND="app-portage/portage-utils"
src_prepare() {
epatch "${FILESDIR}"/${P}-systemd-2.patch
epatch "${FILESDIR}"/${P}-lastlog-silent.patch
# Drop pam_motd for now, since it breaks DEs autologin
epatch "${FILESDIR}"/${P}-drop-motd-for-now.patch
}
src_compile() {
local implementation=
local linux_pam_version=
if has_version sys-libs/pam; then
implementation=linux-pam
local ver_str=$(qatom `best_version sys-libs/pam` | cut -d ' ' -f 3)
linux_pam_version=$(printf "0x%02x%02x%02x" ${ver_str//\./ })
elif has_version sys-auth/openpam; then
implementation=openpam
else
die "PAM implementation not identified"
fi
use_var() {
local varname=$(echo $1 | tr [a-z] [A-Z])
local usename=${2-$(echo $1 | tr [A-Z] [a-z])}
local varvalue=$(usex $usename)
echo "${varname}=${varvalue}"
}
emake \
GIT=true \
$(use_var debug) \
$(use_var cracklib) \
$(use_var passwdqc) \
$(use_var selinux) \
$(use_var mktemp) \
$(use_var PAM_SSH pam_ssh) \
$(use_var sha512) \
$(use_var KRB5 pam_krb5) \
$(use_var minimal) \
$(use_var consolekit) \
GNOME_KEYRING=yes \
SYSTEMD=yes \
IMPLEMENTATION=${implementation} \
LINUX_PAM_VERSION=${linux_pam_version}
}
src_test() { :; }
src_install() {
emake GIT=true DESTDIR="${ED}" install
}
pkg_postinst() {
if use sha512; then
elog "Starting from version 20080801, pambase optionally enables"
elog "SHA512-hashed passwords. For this to work, you need sys-libs/pam-1.0.1"
elog "built against sys-libs/glibc-2.7 or later."
elog "If you don't have support for this, it will automatically fallback"
elog "to MD5-hashed passwords, just like before."
elog
elog "Please note that the change only affects the newly-changed passwords"
elog "and that SHA512-hashed passwords will not work on earlier versions"
elog "of glibc or Linux-PAM."
fi
}
|
