Sisyphus repository
Last update: 1 october 2023 | SRPMs: 18631 | Visits: 37041899
en ru br
ALT Linux repos
S:1.0.0-alt1

Group :: System/Base
RPM: pam-redhat

 Main   Changelog   Spec   Patches   Sources   Download   Gear   Bugs and FR  Repocop 

Name: pam-redhat
Version: 0.99.10.1
Release: alt2

%define rhver 0.99.10-1

Summary: Red Hat additional Pluggable Authentication Modules
# The library is BSD-style *without* advertising clause, with option to relicense as GPLv2+.
License: BSD-style or GPLv2+
Group: System/Base
Url: http://cvs.fedoraproject.org/viewvc/rpms/pam/devel/

%define helperdir /sbin
%define _secdir %_sysconfdir/security

Source: %name-%version-%release.tar

BuildRequires(pre): rpm-macros-pam
BuildRequires: flex libpam-devel

%package -n %{make_pam_name console}
Summary: PAM console session module
License: GPLv2+
Group: System/Base
Epoch: 1
Provides: pam_console = %epoch:%version-%release
Obsoletes: pam_console, pam_console0
Provides: %_secdir/console.apps

%package -n %{make_pam_name chroot}
Summary: PAM chroot session module
License: GPLv2+
Group: System/Base
Epoch: 1
Provides: pam_chroot = %epoch:%version-%release
Obsoletes: pam_chroot
Conflicts: pam < 0:1.1.0-alt4

%description
This package contains PAM modules created and developed primarily by
Red Hat, Inc.  Because of their limited use they are not included into
the upstream Linux PAM sources.

%description -n %{make_pam_name console}
The pam_console module exists to change file permissions when users
log on at the console, and to change them back when they log out of
the console.

See pam_console(8) for details.

%description -n %{make_pam_name chroot}
When the calling application attempts to open a session, pam_chroot
opens /etc/security/chroot.conf and attempt to chroot() to appropriate
directory.

%prep
%setup -q -n %name-%version-%release

%build
%autoreconf
%configure --libdir=/%_lib --sbindir=/sbin
make

%install
%makeinstall_std
rm -f %buildroot%_pam_modules_dir/*.la
mkdir -p %buildroot{%_secdir/console.apps,/var/run/console}

# Make sure that all modules are built.

>check.log
for d in pam_*; do
[ -d "$d" -a -s "$d/Makefile" ] || continue
m="${d##*/}"
! ls -1 "%buildroot%_pam_modules_dir/$m"*.so 2>/dev/null || continue
echo "ERROR: $m module did not build." >&2
echo "$m" >>check.log
done
! [ -s check.log ] || exit 1

# Make sure that no module exports symbols beyond standard set.

>check.log
for f in %buildroot%_pam_modules_dir/pam*.so; do
readelf -Ws "$f" |
grep -w GLOBAL |
grep -Ewv 'UND|pam_sm_(acct_mgmt|authenticate|chauthtok|close_session|open_session|setcred)'  ||
continue
echo "ERROR: ${f##*/} exports symbol(s) beyond standard set." >&2
echo "${f##*/}" >>check.log
done
! [ -s check.log ] || exit 1

# Make sure that no shared object has undefined symbols.

>check.log
for f in %buildroot%_pam_modules_dir/pam*.so; do
LD_LIBRARY_PATH="%buildroot/%_lib" ldd -r "$f" 2>&1 >/dev/null |
tee -a check.log
done
! [ -s check.log ] || exit 1

# Make sure that none of the modules pull in threading libraries.

>check.log
for f in %buildroot%_pam_modules_dir/pam*.so; do
LD_LIBRARY_PATH="%buildroot/%_lib" ldd -r "$f" 2>&1 |
fgrep -q libpthread ||
continue
echo "ERROR: ${f##*/} pulls in libpthread." >&2
echo "${f##*/}" >>check.log
done
! [ -s check.log ] || exit 1

# Documentation

for f in pam_*/README; do
d="${f%%/*}"
[ -s "$d/Makefile" ] || continue
install -pDm644 "$f" "%buildroot%_docdir/${d##*/}/README"
done

# ALT#25584

mkdir -p %buildroot/etc/tmpfiles.d
echo 'd /var/run/console 0711 root root -' > %buildroot/etc/tmpfiles.d/pamconsole.conf

%post -n %{make_pam_name console}
/usr/sbin/groupadd -r -f scanner
/usr/sbin/groupadd -r -f xgrp
%helperdir/pam_console_apply

%triggerpostun -n %{make_pam_name console} -- pam, pam_console
f=%_secdir/console.perms
if [ ! -f "$f" ]; then
if [ -f "$f.rpmsave" ]; then
cp -pf "$f.rpmsave" "$f"
elif [ -f "$f.rpmnew" ]; then
cp -pf "$f.rpmnew" "$f"
fi
fi
%helperdir/pam_console_apply

%triggerpostun -n %{make_pam_name console} -- %{make_pam_name console} < 0:0.79
if [ -f /var/run/console.lock -a ! -f /var/run/console/console.lock ]; then
mv /var/run/console.lock /var/run/console/ &&
%helperdir/pam_console_apply ||:
fi

%triggerpostun -n %{make_pam_name chroot} -- pam < 0:1.1.0-alt4
f=%_secdir/chroot.conf
if [ ! -f "$f" ]; then
if [ -f "$f.rpmsave" ]; then
cp -pf "$f.rpmsave" "$f"
elif [ -f "$f.rpmnew" ]; then
cp -pf "$f.rpmnew" "$f"
fi
fi

%files -n %{make_pam_name console}
%attr(600,root,root) %config(noreplace) %_secdir/console.perms
%attr(700,root,root) %dir %_secdir/console.perms.d
%attr(600,root,root) %config(noreplace) %_secdir/console.perms.d/*
%attr(600,root,root) %config(noreplace) %_secdir/console.handlers
%attr(711,root,root) %dir %_secdir/console.apps
%attr(700,root,root) %helperdir/pam_console_apply
%_pam_modules_dir/pam_console.so
%_mandir/man[58]/*console*
%dir %attr(711,root,root) /var/run/console
/etc/tmpfiles.d/pamconsole.conf
%_docdir/pam_console

%files -n %{make_pam_name chroot}
%config(noreplace) %attr(640,root,wheel) %_secdir/chroot.conf
%_pam_modules_dir/pam_chroot.so
%_docdir/pam_chroot

%changelog

Full changelog you can see here

 
design & coding: Vladimir Lettiev aka crux © 2004-2005, Andrew Avramenko aka liks © 2007-2008
current maintainer: Michael Shigorin