Репозиторий Sisyphus
Последнее обновление: 1 октября 2023 | Пакетов: 18631 | Посещений: 37045168
en ru br
Репозитории ALT
5.1: 1.1.3-alt0.M51.1
4.1: 1.0.1-alt1
4.0: 0.99.6.3-alt2
3.0: 0.75-alt29
www.altlinux.org/Changes

Группа :: Система/Основа
Пакет: pam

 Главная   Изменения   Спек   Патчи   Sources   Загрузить   Gear   Bugs and FR  Repocop 

Name: pam
Version: 0.99.6.3
Release: alt2

%define rhver 0.80-1
%define helperdir /sbin

Summary: Pluggable Authentication Modules
License: GPL or BSD-style
Group: System/Base
Url: http://www.kernel.org/pub/linux/libs/pam/index.html
Packager: Dmitry V. Levin <ldv at altlinux.org>

%define srcname Linux-PAM-%version

%def_disable static

# Linux-PAM name suffix

%define _pam_name_suffix 0

# Used for pam module package naming.

%define make_pam_name() pam%{_pam_name_suffix}_%{1}
%define set_pam_name() %global pam_name %(n='%{1}'; s="${n#pam_}"; [ "$n" = "$s" ] && echo -n "$n" || echo -n "pam%{_pam_name_suffix}_$s")

# Linux-PAM modules directory.

%define _pam_modules_dir /%_lib/security

# Linux-PAM library soname suffix.

%define _pam_so_suffix %{nil}

# Linux-PAM library package name, used for tracking package dependencies.

%define libpam libpam%{_pam_name_suffix}

Source0: ftp://ftp.kernel.org/pub/linux/libs/pam/pre/library/%srcname.tar
Source2: pam-redhat-%rhver.tar
Source3: pam_sameuid-0.99.0.3.tar
Source4: pam_listfile.c
Source5: PAM-Policy.ALT
Source6: linux-pam.macros

Patch: Linux-PAM-%version-%release.patch

# Owl-specific patches.

Patch100: Linux-PAM-0.99.2.1-owl-const.patch
Patch101: Linux-PAM-0.99.2.1-owl-pam_limits-acct.patch
Patch102: Linux-PAM-0.99.2.1-owl-pam_mkhomedir-acct.patch
Patch103: Linux-PAM-0.99.6.2-owl-pam_wheel-use_uid.patch

# ALT-specific patches.

Patch201: Linux-PAM-0.99.0.3-alt-limits.conf.patch
Patch202: Linux-PAM-0.80-alt-pam_xauth-check_acl.patch
Patch203: Linux-PAM-0.99.6.2-alt-pam_xauth-wildcards.patch
Patch211: pam-redhat-0.99.6.3-alt-makefile.patch
Patch212: pam-redhat-0.80-alt-pam_console-config.patch
Patch213: pam-redhat-0.99.0.3-alt-pam_console-chmod.patch
Patch214: pam-redhat-0.99.0.3-alt-pam_chroot.patch
Patch215: pam-redhat-0.99.6.3-alt-log.patch

# Debian patches

Patch301: Linux-PAM-0.79-deb-pam_time.patch

Requires: %libpam = %version-%release, pam-common >= 1.1
Obsoletes: pamconfig

BuildRequires: rpm-build >= 0:4.0.4-alt55

# Required for pam_console.

BuildRequires: flex glib-devel

# Required for pam_userdb.

BuildRequires: libdb4-devel

# Required for docs.

BuildRequires: docbook-dtds docbook-style-xsl xsltproc w3m

%define _pamdir %_sysconfdir/pam.d
%define _secdir %_sysconfdir/security

%package -n %libpam
Summary: Shared libraries for running PAM-based software
Group: System/Libraries
PreReq: pam-common
Provides: libpam(include)
Provides: libpam = %version-%release
Obsoletes: libpam

%package -n %libpam-devel
Summary: Libraries and header files for developing PAM-aware software
Group: Development/C
Requires: %libpam = %version-%release
Provides: libpam-devel = %version-%release, pam-devel = %version-%release
Obsoletes: libpam-devel, pam-devel
Conflicts: libpam2-devel

%package -n %libpam-devel-static
Summary: Static libraries for developing PAM-aware software
Group: Development/C
Requires: %libpam-devel = %version-%release
Provides: libpam-devel-static = %version-%release
Obsoletes: libpam-devel-static
Conflicts: libpam2-devel-static

%package doc
Summary: Linux-PAM documentation
Group: Development/C
Requires: pam = %version-%release

%package -n %{make_pam_name console}
Summary: Controls permissions for users at the system console
Group: System/Base
Requires: pam = %version-%release
Provides: pam_console = %version-%release
Obsoletes: pam_console, pam_console0
Provides: %_secdir/console.apps

%package -n %{make_pam_name timestamp}
Summary: Authenticate using cached successful authentication attempts
Group: System/Base
Requires: pam = %version-%release
Provides: pam_timestamp = %version-%release
Obsoletes: pam_timestamp, pam_timestamp0

%description
Linux-PAM (Pluggable Authentication Modules for Linux) is a suite of
libraries that enable the local system administrator to choose how
PAM-aware applications authenticate users, without having to recompile
those applications.

%description -n %libpam
Linux-PAM (Pluggable Authentication Modules for Linux) is a suite of
libraries that enable the local system administrator to choose how
PAM-aware applications authenticate users, without having to recompile
those applications.

This package contains shared libraries required for running both
PAM-aware applications and modules for use with Linux-PAM.

%description -n %libpam-devel
Linux-PAM (Pluggable Authentication Modules for Linux) is a suite of
libraries that enable the local system administrator to choose how
PAM-aware applications authenticate users, without having to recompile
those applications.

This package contains header files and development libraries used for
building both PAM-aware applications and modules for use with Linux-PAM.

%description -n %libpam-devel-static
Linux-PAM (Pluggable Authentication Modules for Linux) is a suite of
libraries that enable the local system administrator to choose how
PAM-aware applications authenticate users, without having to recompile
those applications.

This package contains static libraries used for building statically
linked PAM-aware applications for use with Linux-PAM.

%description doc
Linux-PAM (Pluggable Authentication Modules for Linux) is a suite of
libraries that enable the local system administrator to choose how
PAM-aware applications authenticate users, without having to recompile
those applications.

This package contains detailed Linux-PAM documentation.

%description -n %{make_pam_name console}
The pam_console module exists to change file permissions when users
log on at the console, and to change them back when they log out of
the console.

See pam_console(8) for details.

%description -n %{make_pam_name timestamp}
The pam_timestamp module implements sudo-style authentication
timestamps.

See pam_timestamp(8) for details.

%prep
%setup -q -n %srcname -a2 -a3
%patch -p1

# Replace pam_listfile.

install -pm644 %_sourcedir/pam_listfile.c modules/pam_listfile/

# Owl-specific patches.

%patch100 -p1
%patch101 -p1
%patch102 -p1
%patch103 -p1

# ALT-specific patches.

%patch201 -p1
%patch202 -p1
%patch203 -p1
%patch211 -p1
%patch212 -p1
%patch213 -p1
%patch214 -p1
%patch215 -p1

# Debian patches.

%patch301 -p1

find -type f \( -name .cvsignore -o -name \*~ -o -name \*.orig \) -delete -print

# Replace _pam_aconf.h with config.h

grep -FZl _pam_aconf.h modules/*/*.c |
xargs -r0 sed -i 's/_pam_aconf\.h/config.h/' --

# Complete pammodutil rename.

grep -FZl _pammodutil modules/pam_*/*.* |
xargs -r0 sed -i 's,_pammodutil,pam_modutil,g' --
grep -FZl /_pam_modutil modules/pam_*/*.* |
xargs -r0 sed -i 's,/_pam_modutil,/pam_modutil,g' --

# Unlink unwanted modules.

for d in pam_cracklib pam_keyinit pam_namespace pam_radius pam_selinux pam_unix; do
sed -i "s,modules/$d/Makefile,," configure.in
sed -i "s/ $d / /" modules/Makefile.am
done
find modules -type f -name Makefile -delete

# Additional console.perms tweaks are necessary because we are not ready

# for console.perms.d migration.
cat modules/pam_console/50-default.perms >>modules/pam_console/console.perms
> modules/pam_console/50-default.perms
sed -i '/console\.perms\.d/d' modules/pam_console/console.perms

%build
%define docdir %_docdir/%srcname

aclocal -I m4
libtoolize -f
autoconf
autoheader
automake -a

export ac_cv_lib_ndbm_dbm_store=no \
ac_cv_lib_db_dbm_store=no \
ac_cv_lib_selinux_getfilecon=no \
ac_cv_lib_audit_audit_log_user_message=no \
ac_cv_lib_crack_FascistCheck=no \
#

%configure \
--prefix=/ \
--exec-prefix=/ \
--libdir=/%_lib \
--sbindir=/sbin \
--includedir=%_includedir/security \
--disable-nls \
--disable-read-both-confs \
--enable-fakeroot=%buildroot \
--enable-suplementedir=%helperdir \
--enable-docdir=%_docdir/%srcname \
%{subst_enable static} \
#
# SMP-incompatible build.
%__make

%install
%make_install install DESTDIR=%buildroot
mkdir -p %buildroot{%_secdir/console.apps,/var/run/console}

# Relocate development libraries from /%_lib/ to %_libdir/.

mkdir -p %buildroot%_libdir
mv %buildroot/%_lib/*.*a %buildroot%_libdir/
/sbin/ldconfig -nv %buildroot/%_lib
for f in %buildroot/%_lib/*.so; do
t=`objdump -p "$f" |awk '/SONAME/ {print $2}'`
[ -n "$t" ]
ln -s ../../%_lib/"$t" "%buildroot%_libdir/${f##*/}"
rm -f "$f"
done
rm -f %buildroot%_pam_modules_dir/*.la

chmod go-rw %buildroot%helperdir/*
chmod 700 %buildroot/sbin/{pam_console_apply,pam_timestamp_check}
chmod 755 %buildroot/sbin/pam_tally %buildroot%_pam_modules_dir/pam_filter/upperLOWER
chmod a-x %buildroot/%_lib{,/security}/*.so*

# Make sure that all modules are built.

>check.log
for d in modules/pam_*; do
[ -d "$d" -a -s "$d/Makefile" ] || continue
m="${d##*/}"
! ls -1 "%buildroot%_pam_modules_dir/$m"*.so 2>/dev/null || continue
echo "ERROR: $m module did not build." >&2
echo "$m" >>check.log
done
! [ -s check.log ] || exit 1

# Make sure that no module exports symbols beyond standard set.

>check.log
for d in modules/pam_*; do
[ -d "$d" ] || continue
m="${d##*/}"
readelf -Ws "%buildroot%_pam_modules_dir/$m"*.so |
grep -w GLOBAL |
grep -Ewv 'UND|pam_sm_(acct_mgmt|authenticate|chauthtok|close_session|open_session|setcred)'  ||
continue
echo "ERROR: $m module exports symbol(s) beyond standard set." >&2
echo "$m" >>check.log
done
! [ -s check.log ] || exit 1

# Make sure that no shared object has undefined symbols.

>check.log
for f in %buildroot/%_lib/lib*.so.0 %buildroot%_pam_modules_dir/pam*.so; do
LD_LIBRARY_PATH="%buildroot/%_lib" ldd -r "$f" 2>&1 >/dev/null |
tee -a check.log
done
! [ -s check.log ] || exit 1

# Linux-PAM-specific rpm macros.

install -pDm644 %_sourcedir/linux-pam.macros \
%buildroot%_sysconfdir/rpm/macros.d/pam

# Documentation

mkdir -p %buildroot%docdir/modules
for f in modules/pam_*/README; do
d="${f%%/*}"
[ -s "$d/Makefile" ] || continue
install -pm644 "$f" "%buildroot%docdir/modules/${d##*/}"
done
install -pm644 %_sourcedir/PAM-Policy.ALT AUTHORS NEWS ChangeLog CHANGELOG \
Copyright pgp.keys.asc %buildroot%docdir/
find %buildroot%docdir/ -type f -size +4k \( -iname changelog -or -name \*.txt -or -name \*.ps \) -print0 |
xargs -r0 bzip2 -9f --

mkdir -p %buildroot%_sysconfdir/buildreqs/packages/substitute.d
for n in libpam{,-devel%{?_enable_static:{,-static}}}; do
echo $n >"%buildroot%_sysconfdir/buildreqs/packages/substitute.d/%libpam${n#libpam}"
done

%post -n %libpam -p %post_ldconfig
%postun -n %libpam -p %postun_ldconfig

%post -n %{make_pam_name console}
%helperdir/pam_console_apply

%triggerpostun -n %{make_pam_name console} -- pam, pam_console
f=%_secdir/console.perms
if [ ! -f "$f" ]; then
if [ -f "$f.rpmsave" ]; then
%__cp -pf "$f.rpmsave" "$f"
elif [ -f "$f.rpmnew" ]; then
%__cp -pf "$f.rpmnew" "$f"
fi
fi
%helperdir/pam_console_apply

%triggerpostun -n %{make_pam_name console} -- %{make_pam_name console} < 0:0.79
if [ -f /var/run/console.lock -a ! -f /var/run/console/console.lock ]; then
%__mv /var/run/console.lock /var/run/console/ &&
%helperdir/pam_console_apply ||:
fi

%files -n %libpam
%config %_sysconfdir/buildreqs/packages/substitute.d/%libpam
/%_lib/*.so.*
%_pam_modules_dir/pam_deny.so
%_pam_modules_dir/pam_permit.so
%dir %docdir
%docdir/AUTHORS*
%docdir/Copyright*
%docdir/NEWS*

%files -n %libpam-devel
%config %_sysconfdir/buildreqs/packages/substitute.d/%libpam-devel
%config %_sysconfdir/rpm/macros.d/pam
%_libdir/*.so
%_includedir/*
%_man3dir/*
%dir %docdir
%docdir/C[hH]*
%docdir/PAM*

%if_enabled static
%files -n %libpam-devel-static
%config %_sysconfdir/buildreqs/packages/substitute.d/%libpam-devel-static
%_libdir/*.a
%endif # enabled static

%files
%helperdir/pam_tally
%config(noreplace) %_secdir/access.conf
%config(noreplace) %attr(640,root,wheel) %_secdir/chroot.conf
%config(noreplace) %_secdir/time.conf
%config(noreplace) %attr(640,root,wheel) %_secdir/group.conf
%config(noreplace) %_secdir/limits.conf
%config(noreplace) %_secdir/pam_env.conf
%config(noreplace) %_sysconfdir/environment
%_pam_modules_dir/*
%exclude %_pam_modules_dir/pam_deny.so
%exclude %_pam_modules_dir/pam_permit.so
%exclude %_pam_modules_dir/pam_console.so
%exclude %_pam_modules_dir/pam_timestamp.so
%_mandir/man[58]/*.*
%exclude %_mandir/man[58]/*console*
%exclude %_mandir/man[58]/pam_timestamp*

%files -n %{make_pam_name console}
%attr(600,root,root) %config(noreplace) %_secdir/console.perms
%attr(700,root,root) %dir %_secdir/console.perms.d
%attr(600,root,root) %config(noreplace) %_secdir/console.perms.d/*
%attr(600,root,root) %config(noreplace) %_secdir/console.handlers
%attr(711,root,root) %dir %_secdir/console.apps
%attr(700,root,root) %helperdir/pam_console_apply
%_pam_modules_dir/pam_console.so
%_mandir/man[58]/*console*
%dir %attr(711,root,root) /var/run/console

%files -n %{make_pam_name timestamp}
%attr(700,root,root) %helperdir/pam_timestamp_check
%_pam_modules_dir/pam_timestamp.so
%_mandir/man[58]/pam_timestamp*

%files doc
%dir %docdir
%docdir/[a-z]*

%changelog

Полный changelog можно просмотреть здесь

 
дизайн и разработка: Vladimir Lettiev aka crux © 2004-2005, Andrew Avramenko aka liks © 2007-2008
текущий майнтейнер: Michael Shigorin