Репозиторий Sisyphus
Последнее обновление: 18 декабря 2018 | Пакетов: 18647 | Посещений: 12727669
en ru br
Репозитории ALT
5.1: 0.6.1-alt5

Группа :: Система/Основа
Пакет: pam_pkcs11

 Главная   Изменения   Спек   Патчи   Sources   Загрузить   Gear   Bugs and FR  Repocop 

# vim: set ft=spec: -*- rpm -spec -*-

Name: pam_pkcs11
Version: 0.6.9
Release: alt34

Summary: PKCS #11 PAM Module and Login Tools
Group: System/Base
License: LGPL
Url: https://github.com/OpenSC/pam_pkcs11

Source: %name-%version.tar
Patch: %name-%version-alt-cumulative.patch
Patch1: pam_pkcs11-0.6.9-build-with-LibreSSL.patch
Patch2: pam_pkcs11-0.6.9-elvis-gost-support.patch

%add_findreq_skiplist %_sysconfdir/pam.d/*
Requires: pam-config PAM(pam_mkhomedir.so) PAM(pam_pkcs11.so) PAM(pam_succeed_if.so)
Requires: pcsc-lite pcsc-lite-ccid

BuildRequires: docbook-style-xsl flex libldap-devel libpam-devel libpcsclite-devel LibreSSL-devel xsltproc
BuildRequires: doxygen
BuildRequires: docbook-dtds

BuildRequires: libopensc-devel

BuildPreReq: gcc-c++
# SCARD_READERSTATE_A will change to SCARD_READERSTATE afterwards:
BuildPreReq: libpcsclite-devel >= 1.7.4

BuildRequires: libpwquality-devel

This Linux-PAM login module allows a X.509 certificate based user login.
The certificate and its dedicated private key are thereby accessed by
means of an appropriate PKCS #11 module. For the verification of the
user certificates, locally stored CA certificates as well as either
online or locally accessible CRLs are used.

Adittional included pam_pkcs11 related tools:

- pkcs11_eventmgr: Generate actions on card insert/removal/timeout
- pklogin_finder: Get the loginname that maps to a certificate
- pkcs11_inspect: Inspect the contents of a certificate

%package pcsc
Summary: PCSC-Lite extra tools for pam_pkcs11
Group: System/Base
Requires: %name = %version-%release

%description pcsc
This package contains pam_pkcs11 tools that relies on PCSC-Lite library:

- card_eventmgr: Generate card insert/removal events.

%package ldap
Summary: LDAP Cert-to-Login mapper for pam_pkcs11
Group: System/Base
Requires: %name = %version-%release

%description ldap
This package contains a Certificate-To-Login mapper based on queries
to a LDAP server. As it depends on extra libraries, is distributed
as a separate package.

- ldap_mapper.so: LDAP-based mapper module.

%package isbc
Summary: ISBC (ESMART) low-level modules for pam_pkcs11
Group: System/Base
Requires: %name = %version-%release

%description isbc
This package contains ISBC (ESMART) low-level modules for pam_pkcs11

%patch -p1
%patch1 -p1
%patch2 -p2

# fixup configs

sed -i -e '
' etc/*.example doc/*.in doc/*.xml

# --disable-rpath \
%configure \
--libdir=/%_lib \
--disable-static \
--enable-shared \
--enable-debug \
--with-ldap \
--with-confdir=%_sysconfdir/security/%name \
   --with-pwquality \
cd doc


mkdir -p %buildroot%_sysconfdir/security/%name/{cacerts,crls}
for f in pam_pkcs11.conf card_eventmgr.conf pkcs11_eventmgr.conf; do
 install -pm644 "etc/$f.example" -T "%buildroot%_sysconfdir/security/%name/$f"

# Cleanup .la files

rm %buildroot/%_lib/*/*.la

%find_lang %name

[ ! -e %_sysconfdir/security/%name/openssl.cnf ] || \
   mv -v %_sysconfdir/security/%name/openssl.cnf \

%files -f %name.lang
%doc doc/pam_pkcs11.html
%doc doc/mappers_api.html
%doc doc/README.autologin
%doc doc/README.mappers
%dir %_sysconfdir/security/%name
%dir %_sysconfdir/security/%name/cacerts
%dir %_sysconfdir/security/%name/crls
%config(noreplace) %_sysconfdir/security/%name/pam_pkcs11.conf
%config(noreplace) %_sysconfdir/security/%name/pkcs11_eventmgr.conf
%exclude %_bindir/card_eventmgr
%dir /%_lib/%name
%dir %_datadir/%name
%config(noreplace) %_sysconfdir/pam.d/*

%files pcsc
%doc doc/README.eventmgr
%config(noreplace) %_sysconfdir/security/%name/card_eventmgr.conf

%files ldap
%doc doc/README.ldap_mapper

%files isbc


Полный changelog можно просмотреть здесь

дизайн и разработка: Vladimir Lettiev aka crux © 2004-2005, Andrew Avramenko aka liks © 2007-2008
текущий майнтейнер: Michael Shigorin