Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package pam for openSUSE:Factory checked in
at 2021-12-02 22:30:03
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/pam (Old)
and /work/SRC/openSUSE:Factory/.pam.new.31177 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "pam"
Thu Dec 2 22:30:03 2021 rev:119 rq:934494 version:1.5.2
Changes:
--------
--- /work/SRC/openSUSE:Factory/pam/pam.changes 2021-11-21 23:51:40.262351790
+0100
+++ /work/SRC/openSUSE:Factory/.pam.new.31177/pam.changes 2021-12-02
22:30:41.706566374 +0100
@@ -1,0 +2,29 @@
+Thu Nov 25 10:12:20 UTC 2021 - Thorsten Kukuk <ku...@suse.com>
+
+- Don't define doc/manpages packages in main build
+
+-------------------------------------------------------------------
+Wed Nov 24 13:45:22 UTC 2021 - Thorsten Kukuk <ku...@suse.com>
+
+- Add missing recommends and split provides
+
+-------------------------------------------------------------------
+Wed Nov 24 13:39:45 UTC 2021 - Thorsten Kukuk <ku...@suse.com>
+
+- Use multibuild to build docu with correct paths and available
+ features.
+
+-------------------------------------------------------------------
+Mon Nov 22 13:12:09 UTC 2021 - Thorsten Kukuk <ku...@suse.com>
+
+- common-session: move pam_systemd to first position as if the
+ file would have been generated with pam-config
+- Add vendordir fixes and enhancements from upstream:
+ - pam_xauth_data.3.xml.patch
+ - 0001-Include-pam_xauth_data.3.xml-in-source-archive-400.patch
+ - 0002-Only-include-vendordir-in-manual-page-if-set-401.patch
+ - 0003-Use-vendor-specific-limits.conf-as-fallback-402.patch
+- For buggy bot: Makefile-pam_unix-nis.diff belonged to the other
+ spec file.
+
+-------------------------------------------------------------------
Old:
----
Makefile-pam_unix-nis.diff
pam_unix-nis.changes
pam_unix-nis.spec
New:
----
0001-Include-pam_xauth_data.3.xml-in-source-archive-400.patch
0002-Only-include-vendordir-in-manual-page-if-set-401.patch
0003-Use-vendor-specific-limits.conf-as-fallback-402.patch
_multibuild
pam_xauth_data.3.xml.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ pam.spec ++++++
--- /var/tmp/diff_new_pack.0NjAf9/_old 2021-12-02 22:30:42.586563132 +0100
+++ /var/tmp/diff_new_pack.0NjAf9/_new 2021-12-02 22:30:42.590563118 +0100
@@ -17,6 +17,18 @@
%bcond_with debug
+%define flavor @BUILD_FLAVOR@%{nil}
+
+%if "%{flavor}" == "full"
+%define build_main 0
+%define build_doc 1
+%define name_suffix -%{flavor}-src
+%else
+%define build_main 1
+%define build_doc 0
+%define name_suffix %{nil}
+%endif
+
#
%define enable_selinux 1
%define libpam_so_version 0.85.1
@@ -29,7 +41,7 @@
#
%{load:%{_sourcedir}/macros.pam}
#
-Name: pam
+Name: pam%{name_suffix}
#
Version: 1.5.2
Release: 0
@@ -52,11 +64,15 @@
Source13: pam.tmpfiles
Source14: Linux-PAM-%{version}-docs.tar.xz.asc
Source15: Linux-PAM-%{version}.tar.xz.asc
-Patch2: pam-limit-nproc.patch
-Patch4: pam-hostnames-in-access_conf.patch
-Patch5: pam-xauth_ownership.patch
-Patch8: pam-bsc1177858-dont-free-environment-string.patch
-Patch12: pam_umask-usergroups-login_defs.patch
+Patch1: pam-limit-nproc.patch
+Patch2: pam-hostnames-in-access_conf.patch
+Patch3: pam-xauth_ownership.patch
+Patch4: pam-bsc1177858-dont-free-environment-string.patch
+Patch5: pam_umask-usergroups-login_defs.patch
+Patch10: pam_xauth_data.3.xml.patch
+Patch11: 0001-Include-pam_xauth_data.3.xml-in-source-archive-400.patch
+Patch12: 0002-Only-include-vendordir-in-manual-page-if-set-401.patch
+Patch13: 0003-Use-vendor-specific-limits.conf-as-fallback-402.patch
BuildRequires: audit-devel
BuildRequires: bison
BuildRequires: flex
@@ -75,6 +91,7 @@
%endif
Requires: pam_unix.so
Suggests: pam_unix
+Recommends: pam-manpages
%if 0%{?suse_version} >= 1330
Requires(pre): group(shadow)
Requires(pre): user(root)
@@ -88,6 +105,7 @@
%package -n pam_unix
Summary: PAM module for standard UNIX authentication
Group: System/Libraries
+Provides: pam:/%{_lib}/security/pam_unix.so
Provides: pam_unix.so
Conflicts: pam_unix-nis
@@ -111,18 +129,38 @@
used to verify a username/password pair against values stored in
a Berkeley DB database.
-%package doc
+%if %{build_doc}
+
+%package -n pam-doc
Summary: Documentation for Pluggable Authentication Modules
Group: Documentation/HTML
BuildArch: noarch
-%description doc
+%description -n pam-doc
PAM (Pluggable Authentication Modules) is a system security tool that
allows system administrators to set authentication policies without
having to recompile programs that do authentication.
This package contains the documentation.
+%package -n pam-manpages
+Summary: Manualpages for Pluggable Authentication Modules
+Group: Documentation/HTML
+Provides: pam:/%{_mandir}/man8/PAM.8.gz
+BuildArch: noarch
+BuildRequires: docbook-xsl-stylesheets
+BuildRequires: elinks
+BuildRequires: xmlgraphics-fop
+
+%description -n pam-manpages
+PAM (Pluggable Authentication Modules) is a system security tool that
+allows system administrators to set authentication policies without
+having to recompile programs that do authentication.
+
+This package contains the manual pages.
+
+%endif
+
%package devel
Summary: Include Files and Libraries for PAM Development
Group: Development/Libraries/C and C++
@@ -140,11 +178,15 @@
%prep
%setup -q -n Linux-PAM-%{version} -b 1
cp -a %{SOURCE12} .
+%patch1 -p1
%patch2 -p1
+%patch3 -p1
%patch4 -p1
%patch5 -p1
-%patch8 -p1
+%patch10 -p1
+%patch11 -p1
%patch12 -p1
+%patch13 -p1
%build
bash ./pam-login_defs-check.sh
@@ -167,8 +209,10 @@
%make_build
gcc -fwhole-program -fpie -pie -D_FILE_OFFSET_BITS=64 -D_GNU_SOURCE
%{optflags} -I%{_builddir}/Linux-PAM-%{version}/libpam/include %{SOURCE10} -o
%{_builddir}/unix2_chkpwd -L%{_builddir}/Linux-PAM-%{version}/libpam/.libs -lpam
+%if %{build_main}
%check
%make_build check
+%endif
%install
mkdir -p %{buildroot}%{_pam_confdir}
@@ -209,16 +253,39 @@
popd
# Install unix2_chkpwd
install -m 755 %{_builddir}/unix2_chkpwd %{buildroot}%{_sbindir}
-install -m 644 %{_sourcedir}/unix2_chkpwd.8 %{buildroot}/%{_mandir}/man8/
-# bsc#1188724
-echo '.so man8/pam_motd.8' > %{buildroot}%{_mandir}/man5/motd.5
+
# rpm macros
install -D -m 644 %{SOURCE2} %{buildroot}%{_rpmmacrodir}/macros.pam
# /run/motd.d
install -Dm0644 %{SOURCE13} %{buildroot}%{_tmpfilesdir}/pam.conf
+
+mkdir %{buildroot}%{_distconfdir}/security
+mv %{buildroot}%{_sysconfdir}/security/limits.conf
%{buildroot}%{_distconfdir}/security/limits.conf
+
+# Remove manual pages for main package
+%if !%{build_doc}
+rm -rf %{buildroot}%{_mandir}/man[58]/*
+install -m 644 modules/pam_userdb/pam_userdb.8 %{buildroot}/%{_mandir}/man8/
+%else
+install -m 644 %{_sourcedir}/unix2_chkpwd.8 %{buildroot}/%{_mandir}/man8/
+# bsc#1188724
+echo '.so man8/pam_motd.8' > %{buildroot}%{_mandir}/man5/motd.5
+%endif
+%if !%{build_main}
+rm -rf
%{buildroot}{%{_sysconfdir},%{_distconfdir},%{_sbindir},%{_pam_secconfdir},%{_pam_confdir},%{_datadir}/locale}
+rm -rf %{buildroot}{%{_includedir},%{_libdir},%{_prefix}/lib}
+rm -rf %{buildroot}%{_mandir}/man3/*
+rm -rf %{buildroot}%{_mandir}/man8/pam_userdb.8*
+
+%else
+
# Create filelist with translations
%find_lang Linux-PAM
+%endif
+
+%if %{build_main}
+
%verifyscript
%verify_permissions -e %{_sbindir}/unix_chkpwd
%verify_permissions -e %{_sbindir}/unix2_chkpwd
@@ -242,11 +309,17 @@
done
%files -f Linux-PAM.lang
-%exclude %{_defaultdocdir}/pam
+%doc NEWS
+%license COPYING
+%exclude %{_defaultdocdir}/pam/html
+%exclude %{_defaultdocdir}/pam/modules
+%exclude %{_defaultdocdir}/pam/pdf
+%exclude %{_defaultdocdir}/pam/*.txt
%dir %{_pam_confdir}
%dir %{_pam_vendordir}
%dir %{_pam_secconfdir}
%dir %{_pam_secconfdir}/limits.d
+%dir %{_distconfdir}/security
%dir %{_prefix}/lib/motd.d
%if %{defined config_noreplace}
%config(noreplace) %{_pam_confdir}/other
@@ -259,7 +332,7 @@
%config(noreplace) %{_pam_secconfdir}/access.conf
%config(noreplace) %{_pam_secconfdir}/group.conf
%config(noreplace) %{_pam_secconfdir}/faillock.conf
-%config(noreplace) %{_pam_secconfdir}/limits.conf
+%{_distconfdir}/security/limits.conf
%config(noreplace) %{_pam_secconfdir}/pam_env.conf
%if %{enable_selinux}
%config(noreplace) %{_pam_secconfdir}/sepermit.conf
@@ -268,65 +341,6 @@
%config(noreplace) %{_pam_secconfdir}/namespace.conf
%config(noreplace) %{_pam_secconfdir}/namespace.init
%dir %{_pam_secconfdir}/namespace.d
-%doc NEWS
-%license COPYING
-%{_mandir}/man5/environment.5%{?ext_man}
-%{_mandir}/man5/*.conf.5%{?ext_man}
-%{_mandir}/man5/pam.d.5%{?ext_man}
-%{_mandir}/man5/motd.5%{?ext_man}
-%{_mandir}/man8/PAM.8%{?ext_man}
-%{_mandir}/man8/faillock.8%{?ext_man}
-%{_mandir}/man8/mkhomedir_helper.8%{?ext_man}
-%{_mandir}/man8/pam.8%{?ext_man}
-%{_mandir}/man8/pam_access.8%{?ext_man}
-%{_mandir}/man8/pam_debug.8%{?ext_man}
-%{_mandir}/man8/pam_deny.8%{?ext_man}
-%{_mandir}/man8/pam_echo.8%{?ext_man}
-%{_mandir}/man8/pam_env.8%{?ext_man}
-%{_mandir}/man8/pam_exec.8%{?ext_man}
-%{_mandir}/man8/pam_faildelay.8%{?ext_man}
-%{_mandir}/man8/pam_faillock.8%{?ext_man}
-%{_mandir}/man8/pam_filter.8%{?ext_man}
-%{_mandir}/man8/pam_ftp.8%{?ext_man}
-%{_mandir}/man8/pam_group.8%{?ext_man}
-%{_mandir}/man8/pam_issue.8%{?ext_man}
-%{_mandir}/man8/pam_keyinit.8%{?ext_man}
-%{_mandir}/man8/pam_lastlog.8%{?ext_man}
-%{_mandir}/man8/pam_limits.8%{?ext_man}
-%{_mandir}/man8/pam_listfile.8%{?ext_man}
-%{_mandir}/man8/pam_localuser.8%{?ext_man}
-%{_mandir}/man8/pam_loginuid.8%{?ext_man}
-%{_mandir}/man8/pam_mail.8%{?ext_man}
-%{_mandir}/man8/pam_mkhomedir.8%{?ext_man}
-%{_mandir}/man8/pam_motd.8%{?ext_man}
-%{_mandir}/man8/pam_namespace.8%{?ext_man}
-%{_mandir}/man8/pam_namespace_helper.8%{?ext_man}
-%{_mandir}/man8/pam_nologin.8%{?ext_man}
-%{_mandir}/man8/pam_permit.8%{?ext_man}
-%{_mandir}/man8/pam_pwhistory.8%{?ext_man}
-%{_mandir}/man8/pam_rhosts.8%{?ext_man}
-%{_mandir}/man8/pam_rootok.8%{?ext_man}
-%{_mandir}/man8/pam_securetty.8%{?ext_man}
-%{_mandir}/man8/pam_selinux.8%{?ext_man}
-%{_mandir}/man8/pam_sepermit.8%{?ext_man}
-%{_mandir}/man8/pam_setquota.8%{?ext_man}
-%{_mandir}/man8/pam_shells.8%{?ext_man}
-%{_mandir}/man8/pam_stress.8%{?ext_man}
-%{_mandir}/man8/pam_succeed_if.8%{?ext_man}
-%{_mandir}/man8/pam_time.8%{?ext_man}
-%{_mandir}/man8/pam_timestamp.8%{?ext_man}
-%{_mandir}/man8/pam_timestamp_check.8%{?ext_man}
-%{_mandir}/man8/pam_tty_audit.8%{?ext_man}
-%{_mandir}/man8/pam_umask.8%{?ext_man}
-%{_mandir}/man8/pam_unix.8%{?ext_man}
-%{_mandir}/man8/pam_usertype.8%{?ext_man}
-%{_mandir}/man8/pam_warn.8%{?ext_man}
-%{_mandir}/man8/pam_wheel.8%{?ext_man}
-%{_mandir}/man8/pam_xauth.8%{?ext_man}
-%{_mandir}/man8/pwhistory_helper.8%{?ext_man}
-%{_mandir}/man8/unix2_chkpwd.8%{?ext_man}
-%{_mandir}/man8/unix_chkpwd.8%{?ext_man}
-%{_mandir}/man8/unix_update.8%{?ext_man}
%{_libdir}/libpam.so.0
%{_libdir}/libpam.so.%{libpam_so_version}
%{_libdir}/libpamc.so.0
@@ -404,14 +418,6 @@
%{_pam_moduledir}/pam_userdb.so
%{_mandir}/man8/pam_userdb.8%{?ext_man}
-%files doc
-%defattr(644,root,root,755)
-%dir %{_defaultdocdir}/pam
-%doc %{_defaultdocdir}/pam/html
-%doc %{_defaultdocdir}/pam/modules
-%doc %{_defaultdocdir}/pam/pdf
-%doc %{_defaultdocdir}/pam/*.txt
-
%files devel
%defattr(644,root,root,755)
%dir %{_includedir}/security
@@ -424,4 +430,77 @@
%{_rpmmacrodir}/macros.pam
%{_libdir}/pkgconfig/pam*.pc
+%endif
+
+%if %{build_doc}
+
+%files -n pam-doc
+%defattr(644,root,root,755)
+%dir %{_defaultdocdir}/pam
+%doc %{_defaultdocdir}/pam/html
+%doc %{_defaultdocdir}/pam/modules
+%doc %{_defaultdocdir}/pam/pdf
+%doc %{_defaultdocdir}/pam/*.txt
+
+%files -n pam-manpages
+%{_mandir}/man5/environment.5%{?ext_man}
+%{_mandir}/man5/*.conf.5%{?ext_man}
+%{_mandir}/man5/pam.d.5%{?ext_man}
+%{_mandir}/man5/motd.5%{?ext_man}
+%{_mandir}/man8/PAM.8%{?ext_man}
+%{_mandir}/man8/faillock.8%{?ext_man}
+%{_mandir}/man8/mkhomedir_helper.8%{?ext_man}
+%{_mandir}/man8/pam.8%{?ext_man}
+%{_mandir}/man8/pam_access.8%{?ext_man}
+%{_mandir}/man8/pam_debug.8%{?ext_man}
+%{_mandir}/man8/pam_deny.8%{?ext_man}
+%{_mandir}/man8/pam_echo.8%{?ext_man}
+%{_mandir}/man8/pam_env.8%{?ext_man}
+%{_mandir}/man8/pam_exec.8%{?ext_man}
+%{_mandir}/man8/pam_faildelay.8%{?ext_man}
+%{_mandir}/man8/pam_faillock.8%{?ext_man}
+%{_mandir}/man8/pam_filter.8%{?ext_man}
+%{_mandir}/man8/pam_ftp.8%{?ext_man}
+%{_mandir}/man8/pam_group.8%{?ext_man}
+%{_mandir}/man8/pam_issue.8%{?ext_man}
+%{_mandir}/man8/pam_keyinit.8%{?ext_man}
+%{_mandir}/man8/pam_lastlog.8%{?ext_man}
+%{_mandir}/man8/pam_limits.8%{?ext_man}
+%{_mandir}/man8/pam_listfile.8%{?ext_man}
+%{_mandir}/man8/pam_localuser.8%{?ext_man}
+%{_mandir}/man8/pam_loginuid.8%{?ext_man}
+%{_mandir}/man8/pam_mail.8%{?ext_man}
+%{_mandir}/man8/pam_mkhomedir.8%{?ext_man}
+%{_mandir}/man8/pam_motd.8%{?ext_man}
+%{_mandir}/man8/pam_namespace.8%{?ext_man}
+%{_mandir}/man8/pam_namespace_helper.8%{?ext_man}
+%{_mandir}/man8/pam_nologin.8%{?ext_man}
+%{_mandir}/man8/pam_permit.8%{?ext_man}
+%{_mandir}/man8/pam_pwhistory.8%{?ext_man}
+%{_mandir}/man8/pam_rhosts.8%{?ext_man}
+%{_mandir}/man8/pam_rootok.8%{?ext_man}
+%{_mandir}/man8/pam_securetty.8%{?ext_man}
+%{_mandir}/man8/pam_selinux.8%{?ext_man}
+%{_mandir}/man8/pam_sepermit.8%{?ext_man}
+%{_mandir}/man8/pam_setquota.8%{?ext_man}
+%{_mandir}/man8/pam_shells.8%{?ext_man}
+%{_mandir}/man8/pam_stress.8%{?ext_man}
+%{_mandir}/man8/pam_succeed_if.8%{?ext_man}
+%{_mandir}/man8/pam_time.8%{?ext_man}
+%{_mandir}/man8/pam_timestamp.8%{?ext_man}
+%{_mandir}/man8/pam_timestamp_check.8%{?ext_man}
+%{_mandir}/man8/pam_tty_audit.8%{?ext_man}
+%{_mandir}/man8/pam_umask.8%{?ext_man}
+%{_mandir}/man8/pam_unix.8%{?ext_man}
+%{_mandir}/man8/pam_usertype.8%{?ext_man}
+%{_mandir}/man8/pam_warn.8%{?ext_man}
+%{_mandir}/man8/pam_wheel.8%{?ext_man}
+%{_mandir}/man8/pam_xauth.8%{?ext_man}
+%{_mandir}/man8/pwhistory_helper.8%{?ext_man}
+%{_mandir}/man8/unix2_chkpwd.8%{?ext_man}
+%{_mandir}/man8/unix_chkpwd.8%{?ext_man}
+%{_mandir}/man8/unix_update.8%{?ext_man}
+
+%endif
+
%changelog
++++++ 0001-Include-pam_xauth_data.3.xml-in-source-archive-400.patch ++++++
>From 00a46bcead2857002ed720f22b558b6f6d349fc8 Mon Sep 17 00:00:00 2001
From: Thorsten Kukuk <5908016+thku...@users.noreply.github.com>
Date: Tue, 2 Nov 2021 11:45:59 +0100
Subject: [PATCH 1/3] Include pam_xauth_data.3.xml in source archive (#400)
---
doc/man/Makefile.am | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/doc/man/Makefile.am b/doc/man/Makefile.am
index 78c891df..c6fd73db 100644
--- a/doc/man/Makefile.am
+++ b/doc/man/Makefile.am
@@ -43,7 +43,7 @@ XMLS = pam.3.xml pam.8.xml \
pam_item_types_std.inc.xml pam_item_types_ext.inc.xml \
pam.conf-desc.xml pam.conf-dir.xml pam.conf-syntax.xml \
misc_conv.3.xml pam_misc_paste_env.3.xml pam_misc_drop_env.3.xml \
- pam_misc_setenv.3.xml
+ pam_misc_setenv.3.xml pam_xauth_data.3.xml
if ENABLE_REGENERATE_MAN
PAM.8: pam.8
--
2.31.1
++++++ 0002-Only-include-vendordir-in-manual-page-if-set-401.patch ++++++
>From 04109c25a7dbd11404f7f23a9a405b9b9d6b7246 Mon Sep 17 00:00:00 2001
From: Thorsten Kukuk <5908016+thku...@users.noreply.github.com>
Date: Tue, 2 Nov 2021 11:46:24 +0100
Subject: [PATCH 2/3] Only include vendordir in manual page if set (#401)
---
configure.ac | 4 ++--
doc/man/pam.8.xml | 5 ++---
2 files changed, 4 insertions(+), 5 deletions(-)
diff --git a/configure.ac b/configure.ac
index c06bc7dd..eb98d69a 100644
--- a/configure.ac
+++ b/configure.ac
@@ -507,9 +507,9 @@ AC_ARG_ENABLE([vendordir],
if test -n "$enable_vendordir"; then
AC_DEFINE_UNQUOTED([VENDORDIR], ["$enable_vendordir"],
[Directory for distribution provided configuration files])
- STRINGPARAM_VENDORDIR="--stringparam vendordir '$enable_vendordir'"
+ STRINGPARAM_VENDORDIR="--stringparam vendordir '$enable_vendordir'
--stringparam profile.condition 'with_vendordir'"
else
- STRINGPARAM_VENDORDIR="--stringparam vendordir '<vendordir>'"
+ STRINGPARAM_VENDORDIR="--stringparam profile.condition 'without_vendordir'"
fi
AC_SUBST([STRINGPARAM_VENDORDIR])
diff --git a/doc/man/pam.8.xml b/doc/man/pam.8.xml
index 464af0e5..8eef665a 100644
--- a/doc/man/pam.8.xml
+++ b/doc/man/pam.8.xml
@@ -158,15 +158,14 @@ closing hook for modules to affect the services available
to a user.</para>
</para>
</listitem>
</varlistentry>
- <varlistentry>
+ <varlistentry condition="with_vendordir">
<term><filename>%vendordir%/pam.d</filename></term>
<listitem>
<para>
the <emphasis remap='B'>Linux-PAM</emphasis> vendor configuration
directory. Files in <filename>/etc/pam.d</filename> and
<filename>/usr/lib/pam.d</filename> override files with the same
- name in this directory. Only available if Linux-PAM was compiled
- with vendordir enabled.
+ name in this directory.
</para>
</listitem>
</varlistentry>
--
2.31.1
++++++ 0003-Use-vendor-specific-limits.conf-as-fallback-402.patch ++++++
>From 5deaac423159103d02b146afa753a8ebb7fddf09 Mon Sep 17 00:00:00 2001
From: Thorsten Kukuk <5908016+thku...@users.noreply.github.com>
Date: Wed, 3 Nov 2021 09:02:40 +0100
Subject: [PATCH 3/3] Use vendor specific limits.conf as fallback (#402)
* Use vendor specific limits.conf as fallback
---
modules/pam_limits/pam_limits.8.xml | 6 ++++++
modules/pam_limits/pam_limits.c | 19 ++++++++++++++++---
2 files changed, 22 insertions(+), 3 deletions(-)
diff --git a/modules/pam_limits/pam_limits.8.xml
b/modules/pam_limits/pam_limits.8.xml
index bc46cbf4..c1c10eca 100644
--- a/modules/pam_limits/pam_limits.8.xml
+++ b/modules/pam_limits/pam_limits.8.xml
@@ -57,6 +57,12 @@
If a config file is explicitly specified with a module option then the
files in the above directory are not parsed.
</para>
+ <para condition="with_vendordir">
+ If there is no explicitly specified configuration file and
+ <filename>/etc/security/limits.conf</filename> does not exist,
+ <filename>%vendordir%/security/limits.conf</filename> is used.
+ If this file does not exist, too, an error is thrown.
+ </para>
<para>
The module must not be called by a multithreaded application.
</para>
diff --git a/modules/pam_limits/pam_limits.c b/modules/pam_limits/pam_limits.c
index 7cc45d77..53188965 100644
--- a/modules/pam_limits/pam_limits.c
+++ b/modules/pam_limits/pam_limits.c
@@ -816,9 +816,22 @@ parse_config_file(pam_handle_t *pamh, const char *uname,
uid_t uid, gid_t gid,
pam_syslog(pamh, LOG_DEBUG, "reading settings from '%s'", CONF_FILE);
fil = fopen(CONF_FILE, "r");
if (fil == NULL) {
- pam_syslog (pamh, LOG_WARNING,
- "cannot read settings from %s: %m", CONF_FILE);
- return PAM_SERVICE_ERR;
+ int err = errno;
+
+#ifdef VENDORDIR
+ /* if the specified file does not exist, and it is not provided by
+ the user, try the vendor file as fallback. */
+ if (pl->conf_file == NULL && err == ENOENT)
+ fil = fopen(VENDORDIR"/security/limits.conf", "r");
+
+ if (fil == NULL)
+#endif
+ {
+ pam_syslog (pamh, LOG_WARNING,
+ "cannot read settings from %s: %s", CONF_FILE,
+ strerror(err));
+ return PAM_SERVICE_ERR;
+ }
}
/* start the show */
--
2.31.1
++++++ _multibuild ++++++
<multibuild>
<flavor>full</flavor>
</multibuild>
++++++ baselibs.conf ++++++
--- /var/tmp/diff_new_pack.0NjAf9/_old 2021-12-02 22:30:42.698562720 +0100
+++ /var/tmp/diff_new_pack.0NjAf9/_new 2021-12-02 22:30:42.698562720 +0100
@@ -4,5 +4,3 @@
pam-devel
pam_unix
conflicts "pam_unix-nis-<targettype>"
-pam_unix-nis
- conflicts "pam_unix-<targettype>"
++++++ common-session.pamd ++++++
--- /var/tmp/diff_new_pack.0NjAf9/_old 2021-12-02 22:30:42.770562455 +0100
+++ /var/tmp/diff_new_pack.0NjAf9/_new 2021-12-02 22:30:42.770562455 +0100
@@ -6,8 +6,8 @@
# at the start and end of sessions of *any* kind (both interactive and
# non-interactive).
#
+session optional pam_systemd.so
session required pam_limits.so
session required pam_unix.so try_first_pass
session optional pam_umask.so
session optional pam_env.so
-session optional pam_systemd.so
++++++ pam_xauth_data.3.xml.patch ++++++
--- a/doc/man/pam_xauth_data.3.xml 2021-11-01 12:04:45.640077994 +0100
+++ b/doc/man/pam_xauth_data.3.xml 2019-09-24 13:06:13.531781973 +0200
@@ -0,0 +1,94 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd";>
+
+<refentry id="pam_xauth_data">
+
+ <refmeta>
+ <refentrytitle>pam_xauth_data</refentrytitle>
+ <manvolnum>3</manvolnum>
+ <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_xauth_data-name">
+ <refname>pam_xauth_data</refname>
+ <refpurpose>structure containing X authentication data</refpurpose>
+ </refnamediv>
+
+<!-- body begins here -->
+
+ <refsynopsisdiv>
+ <funcsynopsis id="pam_xauth_data-synopsis">
+ <funcsynopsisinfo>#include <security/pam_appl.h></funcsynopsisinfo>
+ </funcsynopsis>
+ <programlisting>
+struct pam_xauth_data {
+ int namelen;
+ char *name;
+ int datalen;
+ char *data;
+};
+ </programlisting>
+ </refsynopsisdiv>
+
+ <refsect1 id='pam_xauth_data-description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <function>pam_xauth_data</function> structure contains X
+ authentication data used to make a connection to an X display.
+ Using this mechanism, an application can communicate X
+ authentication data to PAM service modules. This allows modules to
+ make a connection to the user's X display in order to label the
+ user's session on login, display visual feedback or for other
+ purposes.
+ </para>
+ <para>
+ The <emphasis>name</emphasis> field contains the name of the
+ authentication method, such as "MIT-MAGIC-COOKIE-1". The
+ <emphasis>namelen</emphasis> field contains the length of this string,
+ not including the trailing NUL character.
+ </para>
+ <para>
+ The <emphasis>data</emphasis> field contains the authentication
+ method-specific data corresponding to the specified name. The
+ <emphasis>datalen</emphasis> field contains its length in bytes.
+ </para>
+ <para>
+ The X authentication data can be changed with the
+ <emphasis>PAM_XAUTH_DATA</emphasis> item. It can be queried and
+ set with
+ <citerefentry>
+ <refentrytitle>pam_get_item</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>
+ and
+ <citerefentry>
+ <refentrytitle>pam_set_item </refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> respectively. The value used to set it should be
+ a pointer to a pam_xauth_data structure. An internal copy of both
+ the structure itself and its fields is made by PAM when setting the
+ item.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_xauth_data-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam_start</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_get_item</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_xauth_data-standards'>
+ <title>STANDARDS</title>
+ <para>
+ The <function>pam_xauth_data</function> structure and
+ <emphasis>PAM_XAUTH_DATA</emphasis> item are
+ Linux-PAM extensions.
+ </para>
+ </refsect1>
+
+</refentry>
