SPECS: pam.spec - NFY, but the brave may start testing - back to L...
baggins
baggins at pld-linux.org
Mon Feb 5 00:42:29 CET 2007
Author: baggins Date: Sun Feb 4 23:42:29 2007 GMT
Module: SPECS Tag: HEAD
---- Log message:
- NFY, but the brave may start testing
- back to Linux-PAM with PLD add-ons
- version 0.99.7.1
---- Files affected:
SPECS:
pam.spec (1.245 -> 1.246)
---- Diffs:
================================================================
Index: SPECS/pam.spec
diff -u SPECS/pam.spec:1.245 SPECS/pam.spec:1.246
--- SPECS/pam.spec:1.245 Mon Dec 4 01:14:45 2006
+++ SPECS/pam.spec Mon Feb 5 00:42:23 2007
@@ -1,17 +1,18 @@
# $Revision$, $Date$
-# TODO
-# - something wrong for doc/ps,pdf generation on my build host. remove completely duplicated doc formats?
#
+# TODO:
+# triggers:
+# s/pam_make\.so \(.*\)/pam_exec.so make -C \1/g
+# s/pam_homedir\.so/pam_mkhomedir.so/g
+# /var/lock/console -> /var/run/console
+#
# Conditional build:
-%bcond_with pwexport # enable pam_pwexport module (needs hacked pam_unix)
-%bcond_without cap # don't build pam_cap module
%bcond_without doc # don't build documentation
-%bcond_without opie # don't build pam_opie module
-%bcond_with prelude # build without Prelude IDS support
-%bcond_without pwdb # don't build pam_pwdb and pam_radius modules
+%bcond_with prelude # build with Prelude IDS support
%bcond_without selinux # build without SELinux support
-%bcond_without skey # don't build pam_skey module
-%bcond_without tcpd # don't build pam_tcpd module
+%bcond_with audit # build with Linux Auditing library support
+#
+%define pam_pld_version 0.99.7.1-1
#
Summary: Pluggable Authentication Modules: modular, incremental authentication
Summary(de): Einsteckbare Authentifizierungsmodule: modulare, inkrementäre Authentifizierung
@@ -23,38 +24,57 @@
Summary(tr): Modüler, artýmsal dođrulama birimleri
Summary(uk): śÎÓÔŇŐÍĹÎÔ, ÝĎ ÚÁÂĹÚĐĹŢŐ¤ ÁŐÔĹÎÔÉĆŚËÁĂŚŔ ÄĚŃ ĐŇĎÇŇÁÍ
Name: pam
-Version: 0.80.1
-Release: 14
-Epoch: 0
+Version: 0.99.7.1
+Release: 0.1
License: GPL or BSD
Group: Base
-Source0: ftp://ftp.pld-linux.org/software/pam/%{name}-pld-%{version}.tar.gz
-# Source0-md5: df374f625e7178f43a263a32e376dd46
-Source1: system-auth.pamd
-Patch0: %{name}-pam_pwgen_app.patch
+Source0: http://ftp.kernel.org/pub/linux/libs/pam/pre/library/Linux-PAM-%{version}.tar.bz2
+# Source0-md5: 385458dfb4633071594e255a6ebec9da
+Source1: http://ftp.kernel.org/pub/linux/libs/pam/pre/library/Linux-PAM-%{version}.tar.bz2.sign
+# Source1-md5: 259c57009369eda92a00d1a153776ac6
+Source2: ftp://ftp.pld-linux.org/software/pam/pam-pld-%{pam_pld_version}.tar.gz
+# Source2-md5: 62ee3a41c59000c78a3d6aa024ee55bd
+Source3: other.pamd
+Source4: system-auth.pamd
+Source5: config-util.pamd
+Source6: pam_selinux_check.pamd
+Source7: system-auth.5
+Source8: config-util.5
+Patch0: %{name}-pld-modules.patch
Patch1: %{name}-modutil_mem_limit.patch
+Patch2: %{name}-cracklib-try-first-pass.patch
+Patch3: %{name}-cracklib-enforce.patch
+Patch4: %{name}-tally-fail-close.patch
+Patch5: %{name}-selinux-nofail.patch
+Patch6: %{name}-selinux-drop-multiple.patch
+Patch7: %{name}-selinux-keycreate.patch
+Patch8: %{name}-selinux-select-context.patch
+Patch9: %{name}-selinux-use-current-range.patch
+Patch10: %{name}-namespace-no-unmount.patch
+Patch11: %{name}-namespace-preserve-uid.patch
+Patch12: %{name}-namespace-level.patch
+Patch13: %{name}-namespace-unmnt-override.patch
+Patch14: %{name}-unix-nullcheck.patch
+Patch15: %{name}-unix-blowfish.patch
+Patch16: %{name}-mkhomedir-new-features.patch
URL: http://www.kernel.org/pub/linux/libs/pam/
+%{?with_audit:BuildRequires: audit-libs-devel >= 1.0.8}
BuildRequires: autoconf
BuildRequires: automake
BuildRequires: bison
BuildRequires: cracklib-devel
BuildRequires: db-devel
BuildRequires: flex
-%{?with_cap:BuildRequires: libcap-devel}
%{?with_prelude:BuildRequires: libprelude-devel}
-%{?with_selinux:BuildRequires: libselinux-devel}
+%{?with_selinux:BuildRequires: libselinux-devel >= 1.33.2}
BuildRequires: libtool >= 2:1.5
-%{?with_tcpd:BuildRequires: libwrap-devel >= 7.6-32}
-%{?with_opie:BuildRequires: opie-devel}
-%{?with_pwdb:BuildRequires: pwdb-devel}
-BuildRequires: sgml-tools
-%{?with_skey:BuildRequires: skey-devel}
%if %{with doc}
-BuildRequires: sp
-BuildRequires: tetex-fonts-jknappen
-BuildRequires: tetex-format-latex
-BuildRequires: tetex-metafont
-BuildRequires: tetex-tex-babel
+BuildRequires: docbook-dtd43-xml
+BuildRequires: docbook-dtd44-xml
+BuildRequires: docbook-style-xsl >= 1.69.1
+BuildRequires: libxml2-progs
+BuildRequires: libxslt-progs
+BuildRequires: w3m
%endif
Requires: %{name}-libs = %{epoch}:%{version}-%{release}
Requires: awk
@@ -69,6 +89,8 @@
%define specflags -fno-strict-aliasing
+%define _sbindir /sbin
+
%description
PAM (Pluggable Authentication Modules) is a powerful, flexible,
extensible authentication system which allows the system administrator
@@ -138,6 +160,8 @@
Summary(pl): Moduły i biblioteki PAM
Group: Libraries
Conflicts: pam < 0:0.80.1-2
+%{?with_audit:Requires: audit-libs >= 1.0.8}
+%{?with_selinux:Requires: libselinux >= 1.33.2}
%description libs
Core PAM modules and libraries.
@@ -190,84 +214,6 @@
%description static -l uk
ăĹĘ ĐÁËĹÔ ÍŚÓÔÉÔŘ ÓÔÁÔÉŢÎŚ ÂŚÂĚŚĎÔĹËÉ ĐŇĎÇŇÁÍŚÓÔÁ ÄĚŃ PAM.
-%package pam_pwdb
-Summary: pam_pwdb module
-Summary(pl): Moduł pam_pwdb
-Group: Base
-Requires: %{name} = %{epoch}:%{version}-%{release}
-Requires: pwdb >= 0.54-2
-
-%description pam_pwdb
-pam_pwdb module.
-
-%description pam_pwdb -l pl
-Moduł pam_pwdb.
-
-%package pam_radius
-Summary: pam_radius module
-Summary(pl): Moduł pam_radius
-Group: Base
-Requires: %{name} = %{epoch}:%{version}-%{release}
-Requires: pwdb >= 0.54-2
-
-%description pam_radius
-pam_radius module.
-
-%description pam_radius -l pl
-Moduł pam_radius.
-
-%package pam_skey
-Summary: pam_skey module
-Summary(pl): Moduł pam_skey
-Group: Base
-Requires: %{name} = %{epoch}:%{version}-%{release}
-Requires: skey
-
-%description pam_skey
-pam_skey module.
-
-%description pam_skey -l pl
-Moduł pam_skey.
-
-%package pam_opie
-Summary: pam_opie module
-Summary(pl): Moduł pam_opie
-Group: Base
-Requires: %{name} = %{epoch}:%{version}-%{release}
-Requires: opie
-
-%description pam_opie
-pam_opie module.
-
-%description pam_opie -l pl
-Moduł pam_opie.
-
-%package pam_tcpd
-Summary: pam_tcpd module
-Summary(pl): Moduł pam_tcpd
-Group: Base
-Requires: %{name} = %{epoch}:%{version}-%{release}
-Requires: libwrap >= 7.6-32
-
-%description pam_tcpd
-pam_tcpd module.
-
-%description pam_tcpd -l pl
-Moduł pam_tcpd.
-
-%package pam_cap
-Summary: pam_cap module
-Summary(pl): Moduł pam_cap
-Group: Base
-Requires: %{name} = %{epoch}:%{version}-%{release}
-Requires: libcap
-
-%description pam_cap
-pam_cap module.
-
-%description pam_cap -l pl
-Moduł pam_cap.
-
%package pam_selinux
Summary: PAM module - SELinux support
Summary(pl): Moduł PAM pozwalający na zmianę kontekstów SELinuksa
@@ -280,11 +226,24 @@
Moduł PAM pozwalający na zmianę kontekstów SELinuksa.
%prep
-%setup -q -n %{name}-pld-%{version}
+%setup -q -a2 -n Linux-PAM-%{version}
%patch0 -p1
%patch1 -p1
-mkdir m4
-%{!?with_prelude:echo 'AC_DEFUN([AM_PATH_LIBPRELUDE],[/bin/true])' > m4/prelude.m4}
+%patch2 -p1
+%patch3 -p1
+%patch4 -p1
+%patch5 -p1
+%patch6 -p1
+%patch7 -p1
+%patch8 -p1
+%patch9 -p1
+%patch10 -p1
+%patch11 -p1
+%patch12 -p1
+%patch13 -p1
+%patch14 -p1
+%patch15 -p1
+%patch16 -p1
%build
%{__libtoolize}
@@ -292,102 +251,124 @@
%{__autoconf}
%{__autoheader}
%{__automake}
-find doc/ -type f | xargs %{__perl} -pi -e 's#/lib/security#/%{_lib}/security#g'
%configure \
- %{!?with_doc:--without-docs} \
- %{!?with_cap:--disable-cap} \
- %{!?with_opie:--disable-opie} \
- %{!?with_pwdb:--disable-pwdb} \
- %{!?with_skey:--disable-skey} \
- %{!?with_tcpd:--disable-tcpd} \
- %{?with_pwexport:--enable-want-pwexport-module} \
+ --enable-static \
+ --enable-shared \
+ --libdir=/%{_lib} \
+ --includedir=%{_includedir}/security \
+ --enable-isadir=../../%{_lib}/security \
%{!?with_selinux:--disable-selinux} \
%{!?with_prelude:--disable-prelude} \
- --enable-strong-crypto
+ %{!?with_audit:--disable-audit}
+# we must explicitely update-gmo as we patch a po file
+%{__make} -C po update-gmo
%{__make}
%install
rm -rf $RPM_BUILD_ROOT
-install -d $RPM_BUILD_ROOT/%{_lib}
+install -d $RPM_BUILD_ROOT{%{_libdir},/etc/pam.d,/var/log}
%{__make} install \
DESTDIR=$RPM_BUILD_ROOT
-rm -rf docs
-cp -a doc docs
-rm -f docs/{ps,txts}/{README,*.log} \
- docs/{html,txts}/Makefile*
+install modules/pam_selinux/.libs/pam_selinux_check $RPM_BUILD_ROOT%{_sbindir}
+install modules/pam_selinux/pam_selinux_check.8 $RPM_BUILD_ROOT%{_mandir}/man8
+
+mkdir -p doc/txts
+for r in modules/pam_*/README ; do
+ cp -f $r doc/txts/README.$(basename $(dirname $r))
+done
+mkdir -p doc/html
+cp -f doc/index.html doc/html/
+
+# fix PAM/pam man page
+echo ".so PAM.8" > $RPM_BUILD_ROOT%{_mandir}/man8/pam.8
:> $RPM_BUILD_ROOT/etc/security/opasswd
:> $RPM_BUILD_ROOT/etc/security/blacklist
-mv -f $RPM_BUILD_ROOT%{_libdir}/lib*.so.*.*.* $RPM_BUILD_ROOT/%{_lib}
+#:> $RPM_BUILD_ROOT/var/log/faillog
+:> $RPM_BUILD_ROOT/var/log/tallylog
-install pamcrypt/.libs/libpamcrypt.a $RPM_BUILD_ROOT%{_libdir}
+mv -f $RPM_BUILD_ROOT/%{_lib}/lib*.{la,a} $RPM_BUILD_ROOT/%{_libdir}
cd $RPM_BUILD_ROOT/%{_lib}
ln -sf /%{_lib}/$(echo libpam.so.*.*.*) $RPM_BUILD_ROOT%{_libdir}/libpam.so
ln -sf /%{_lib}/$(echo libpam_misc.so.*.*.*) $RPM_BUILD_ROOT%{_libdir}/libpam_misc.so
ln -sf /%{_lib}/$(echo libpamc.so.*.*.*) $RPM_BUILD_ROOT%{_libdir}/libpamc.so
+cd -
-cp %{SOURCE1} $RPM_BUILD_ROOT/etc/pam.d/system-auth
+install %{SOURCE3} $RPM_BUILD_ROOT/etc/pam.d/other
+install %{SOURCE4} $RPM_BUILD_ROOT/etc/pam.d/system-auth
+install %{SOURCE5} $RPM_BUILD_ROOT/etc/pam.d/config-util
+install %{SOURCE6} $RPM_BUILD_ROOT/etc/pam.d/pam_selinux_check
+
+install %{SOURCE7} $RPM_BUILD_ROOT%{_mandir}/man5/system-auth.5
+install %{SOURCE8} $RPM_BUILD_ROOT%{_mandir}/man5/config-util.5
# useless - shut up check-files
rm -f $RPM_BUILD_ROOT/%{_lib}/security/*.{la,a}
-rm -f $RPM_BUILD_ROOT%{_libdir}/libpamcrypt.a
+rm -rf $RPM_BUILD_ROOT%{_datadir}/doc/Linux-PAM
%if !%{with selinux}
rm -rf $RPM_BUILD_ROOT{/%{_lib}/security/pam_selinux.so,%{_sbindir}/pam_selinux_check,%{_mandir}/man8/pam_selinux*.8*}
%endif
+%find_lang Linux-PAM
+
%clean
rm -rf $RPM_BUILD_ROOT
%post libs -p /sbin/ldconfig
%postun libs -p /sbin/ldconfig
-%files
+%files -f Linux-PAM.lang
%defattr(644,root,root,755)
-%doc CHANGELOG ChangeLog Copyright doc/CREDITS
+%doc AUTHORS CHANGELOG ChangeLog Copyright NEWS
+%doc doc/txts/README*
%if %{with doc}
-%doc docs/{html,txts,specs/*.{raw,txt}}
-# FIXME: doesn't build for me! missing BR!:
-#builder at pld-i686 ps $ sgml2latex -o ps ../psgml2latex -o ps ../pam
-#Processing file ../pam
-#load_char_maps: no entity maps found
-#parse_data: no entity map for `[lowbar]'
-#sh: latex: not found
-#sh: latex: not found
-#dvips: ! DVI file can't be opened.
-#%doc docs/ps/*.ps
+%doc doc/specs/*.txt
+%doc doc/{adg,mwg,sag}/Linux-PAM_*.txt
+%doc doc/{adg,mwg,sag,}/html
%endif
-%dir /etc/pam.d
-%dir /sbin/pam_filter
-%dir /var/lock/console
-%dir /etc/security/console.apps
+%dir %attr(755,root,root) /etc/pam.d
+%dir %attr(755,root,root) /etc/security/console.apps
+%dir %attr(755,root,root) /etc/security/console.perms.d
+%dir %attr(755,root,root) /var/run/console
+%config /etc/security/console.perms.d/50-default.perms
%config(noreplace) %verify(not md5 mtime size) /etc/pam.d/other
%config(noreplace) %verify(not md5 mtime size) /etc/pam.d/system-auth
+%config(noreplace) %verify(not md5 mtime size) /etc/pam.d/config-util
%config(noreplace) %verify(not md5 mtime size) /etc/security/access.conf
%config(noreplace) %verify(not md5 mtime size) /etc/security/pam_env.conf
%config(noreplace) %verify(not md5 mtime size) /etc/security/group.conf
%config(noreplace) %verify(not md5 mtime size) /etc/security/limits.conf
%config(noreplace) %verify(not md5 mtime size) /etc/security/time.conf
-%config(noreplace) %verify(not md5 mtime size) /etc/security/consoles
+%config(noreplace) %verify(not md5 mtime size) /etc/security/console.handlers
+%config(noreplace) %verify(not md5 mtime size) /etc/security/console.perms
%config(noreplace) %verify(not md5 mtime size) /etc/security/trigram*
%config(noreplace) %verify(not md5 mtime size) /etc/security/blacklist
-%config(noreplace) %verify(not md5 mtime size) /etc/security/pam_mail.conf
+%config(noreplace) %verify(not md5 mtime size) /etc/environment
%attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/security/opasswd
-%attr(755,root,root) /sbin/pam_filter/upperLOWER
%attr(4755,root,root) /sbin/unix_chkpwd
%attr(755,root,root) %{_bindir}/pam_pwgen
+%attr(755,root,root) %{_sbindir}/pam_console_apply
%attr(755,root,root) %{_sbindir}/pam_tally
+%attr(755,root,root) %{_sbindir}/pam_tally2
+%attr(755,root,root) %{_sbindir}/pam_timestamp_check
%attr(755,root,root) %{_sbindir}/pwgen_trigram
%{_mandir}/man5/*
+%{_mandir}/man8/PAM.*
%{_mandir}/man8/pam.*
-%{_mandir}/man8/pam_localuser*
+%{_mandir}/man8/pam_[a-r]*
+%{_mandir}/man8/pam_securetty*
+%{_mandir}/man8/pam_shells*
%{_mandir}/man8/pam_succeed_if*
-%{_mandir}/man8/pam_xauth*
+%{_mandir}/man8/pam_[t-x]*
+%{_mandir}/man8/unix_chkpwd*
+#%ghost %verify(not md5 size mtime) /var/log/faillog
+%ghost %verify(not md5 size mtime) /var/log/tallylog
%files libs
%defattr(644,root,root,755)
@@ -397,45 +378,51 @@
%attr(755,root,root) /%{_lib}/security/pam_cracklib.so
%attr(755,root,root) /%{_lib}/security/pam_debug.so
%attr(755,root,root) /%{_lib}/security/pam_deny.so
+%attr(755,root,root) /%{_lib}/security/pam_echo.so
%attr(755,root,root) /%{_lib}/security/pam_env.so
+%attr(755,root,root) /%{_lib}/security/pam_exec.so
+%attr(755,root,root) /%{_lib}/security/pam_faildelay.so
%attr(755,root,root) /%{_lib}/security/pam_filter.so
+%attr(755,root,root) /%{_lib}/security/pam_filter/upperLOWER
%attr(755,root,root) /%{_lib}/security/pam_ftp.so
%attr(755,root,root) /%{_lib}/security/pam_group.so
-%attr(755,root,root) /%{_lib}/security/pam_homedir.so
%attr(755,root,root) /%{_lib}/security/pam_issue.so
+%attr(755,root,root) /%{_lib}/security/pam_keyinit.so
%attr(755,root,root) /%{_lib}/security/pam_lastlog.so
%attr(755,root,root) /%{_lib}/security/pam_limits.so
%attr(755,root,root) /%{_lib}/security/pam_listfile.so
%attr(755,root,root) /%{_lib}/security/pam_localuser.so
+%attr(755,root,root) /%{_lib}/security/pam_loginuid.so
%attr(755,root,root) /%{_lib}/security/pam_mail.so
-%attr(755,root,root) /%{_lib}/security/pam_make.so
+%attr(755,root,root) /%{_lib}/security/pam_mkhomedir.so
%attr(755,root,root) /%{_lib}/security/pam_motd.so
-%attr(755,root,root) /%{_lib}/security/pam_netid.so
%attr(755,root,root) /%{_lib}/security/pam_nologin.so
%attr(755,root,root) /%{_lib}/security/pam_permit.so
+%attr(755,root,root) /%{_lib}/security/pam_pwexport.so
%attr(755,root,root) /%{_lib}/security/pam_pwgen.so
+%attr(755,root,root) /%{_lib}/security/pam_rhosts_auth.so
%attr(755,root,root) /%{_lib}/security/pam_rhosts.so
%attr(755,root,root) /%{_lib}/security/pam_rootok.so
+%attr(755,root,root) /%{_lib}/security/pam_rps.so
%attr(755,root,root) /%{_lib}/security/pam_securetty.so
%attr(755,root,root) /%{_lib}/security/pam_shells.so
%attr(755,root,root) /%{_lib}/security/pam_stress.so
%attr(755,root,root) /%{_lib}/security/pam_succeed_if.so
+%attr(755,root,root) /%{_lib}/security/pam_tally2.so
%attr(755,root,root) /%{_lib}/security/pam_tally.so
%attr(755,root,root) /%{_lib}/security/pam_time.so
+%attr(755,root,root) /%{_lib}/security/pam_timestamp.so
+%attr(755,root,root) /%{_lib}/security/pam_umask.so
%attr(755,root,root) /%{_lib}/security/pam_unix.so
%attr(755,root,root) /%{_lib}/security/pam_userdb.so
-%attr(755,root,root) /%{_lib}/security/pam_usertty.so
-%attr(755,root,root) /%{_lib}/security/pam_utmp.so
%attr(755,root,root) /%{_lib}/security/pam_warn.so
%attr(755,root,root) /%{_lib}/security/pam_wheel.so
%attr(755,root,root) /%{_lib}/security/pam_xauth.so
-%{?with_pwexport:%attr(755,root,root) /%{_lib}/security/pam_pwexport.so}
%files devel
%defattr(644,root,root,755)
%attr(755,root,root) %{_libdir}/lib*.so
%{_libdir}/lib*.la
-%{_libdir}/libpammodutil.a
%{_includedir}/security/*.h
%{_mandir}/man3/*
@@ -445,50 +432,12 @@
%{_libdir}/libpamc.a
%{_libdir}/libpam_misc.a
-%if %{with pwdb}
-%files pam_pwdb
-%defattr(644,root,root,755)
-%attr(755,root,root) /%{_lib}/security/pam_pwdb.so
-%attr(4755,root,root) /sbin/pwdb_chkpwd
-
-%files pam_radius
-%defattr(644,root,root,755)
-%attr(755,root,root) /%{_lib}/security/pam_radius.so
-%endif
-
-%if %{with skey}
-%files pam_skey
-%defattr(644,root,root,755)
-%attr(755,root,root) /%{_lib}/security/pam_skey.so
-%endif
-
-%if %{with opie}
-%files pam_opie
-%defattr(644,root,root,755)
-%attr(755,root,root) /%{_lib}/security/pam_opie.so
-%attr(755,root,root) /%{_lib}/security/pam_opietrust.so
-%endif
-
-%if %{with tcpd}
-%files pam_tcpd
-%defattr(644,root,root,755)
-%attr(755,root,root) /%{_lib}/security/pam_tcpd.so
-%endif
-
-%if %{with cap}
-%files pam_cap
-%defattr(644,root,root,755)
-%config(noreplace) %verify(not md5 mtime size) /etc/security/capability.conf
-%attr(755,root,root) /%{_lib}/security/pam_cap.so
-%endif
-
%if %{with selinux}
%files pam_selinux
%defattr(644,root,root,755)
-%doc README
%attr(755,root,root) /%{_lib}/security/pam_selinux.so
%attr(755,root,root) %{_sbindir}/pam_selinux_check
-#TODO: %config(noreplace) %verify(not size mtime md5) /etc/pam.d/pam_selinux_check
+%config(noreplace) %verify(not size mtime md5) /etc/pam.d/pam_selinux_check
%{_mandir}/man8/pam_selinux*.8*
%endif
@@ -498,6 +447,11 @@
All persons listed below can be reached at <cvs_login>@pld-linux.org
$Log$
+Revision 1.246 2007/02/04 23:42:23 baggins
+- NFY, but the brave may start testing
+- back to Linux-PAM with PLD add-ons
+- version 0.99.7.1
+
Revision 1.245 2006/12/04 00:14:45 arekm
- rel 14
================================================================
---- CVS-web:
http://cvs.pld-linux.org/SPECS/pam.spec?r1=1.245&r2=1.246&f=u
More information about the pld-cvs-commit
mailing list