Author: baggins Date: Sun Feb 4 23:42:29 2007 GMT Module: SPECS Tag: HEAD ---- Log message: - NFY, but the brave may start testing - back to Linux-PAM with PLD add-ons - version 0.99.7.1
---- Files affected: SPECS: pam.spec (1.245 -> 1.246) ---- Diffs: ================================================================ Index: SPECS/pam.spec diff -u SPECS/pam.spec:1.245 SPECS/pam.spec:1.246 --- SPECS/pam.spec:1.245 Mon Dec 4 01:14:45 2006 +++ SPECS/pam.spec Mon Feb 5 00:42:23 2007 @@ -1,17 +1,18 @@ # $Revision$, $Date$ -# TODO -# - something wrong for doc/ps,pdf generation on my build host. remove completely duplicated doc formats? # +# TODO: +# triggers: +# s/pam_make\.so \(.*\)/pam_exec.so make -C \1/g +# s/pam_homedir\.so/pam_mkhomedir.so/g +# /var/lock/console -> /var/run/console +# # Conditional build: -%bcond_with pwexport # enable pam_pwexport module (needs hacked pam_unix) -%bcond_without cap # don't build pam_cap module %bcond_without doc # don't build documentation -%bcond_without opie # don't build pam_opie module -%bcond_with prelude # build without Prelude IDS support -%bcond_without pwdb # don't build pam_pwdb and pam_radius modules +%bcond_with prelude # build with Prelude IDS support %bcond_without selinux # build without SELinux support -%bcond_without skey # don't build pam_skey module -%bcond_without tcpd # don't build pam_tcpd module +%bcond_with audit # build with Linux Auditing library support +# +%define pam_pld_version 0.99.7.1-1 # Summary: Pluggable Authentication Modules: modular, incremental authentication Summary(de): Einsteckbare Authentifizierungsmodule: modulare, inkrementäre Authentifizierung @@ -23,38 +24,57 @@ Summary(tr): Modüler, artýmsal dođrulama birimleri Summary(uk): śÎÓÔŇŐÍĹÎÔ, ÝĎ ÚÁÂĹÚĐĹŢŐ¤ ÁŐÔĹÎÔÉĆŚËÁĂŚŔ ÄĚŃ ĐŇĎÇŇÁÍ Name: pam -Version: 0.80.1 -Release: 14 -Epoch: 0 +Version: 0.99.7.1 +Release: 0.1 License: GPL or BSD Group: Base -Source0: ftp://ftp.pld-linux.org/software/pam/%{name}-pld-%{version}.tar.gz -# Source0-md5: df374f625e7178f43a263a32e376dd46 -Source1: system-auth.pamd -Patch0: %{name}-pam_pwgen_app.patch +Source0: http://ftp.kernel.org/pub/linux/libs/pam/pre/library/Linux-PAM-%{version}.tar.bz2 +# Source0-md5: 385458dfb4633071594e255a6ebec9da +Source1: http://ftp.kernel.org/pub/linux/libs/pam/pre/library/Linux-PAM-%{version}.tar.bz2.sign +# Source1-md5: 259c57009369eda92a00d1a153776ac6 +Source2: ftp://ftp.pld-linux.org/software/pam/pam-pld-%{pam_pld_version}.tar.gz +# Source2-md5: 62ee3a41c59000c78a3d6aa024ee55bd +Source3: other.pamd +Source4: system-auth.pamd +Source5: config-util.pamd +Source6: pam_selinux_check.pamd +Source7: system-auth.5 +Source8: config-util.5 +Patch0: %{name}-pld-modules.patch Patch1: %{name}-modutil_mem_limit.patch +Patch2: %{name}-cracklib-try-first-pass.patch +Patch3: %{name}-cracklib-enforce.patch +Patch4: %{name}-tally-fail-close.patch +Patch5: %{name}-selinux-nofail.patch +Patch6: %{name}-selinux-drop-multiple.patch +Patch7: %{name}-selinux-keycreate.patch +Patch8: %{name}-selinux-select-context.patch +Patch9: %{name}-selinux-use-current-range.patch +Patch10: %{name}-namespace-no-unmount.patch +Patch11: %{name}-namespace-preserve-uid.patch +Patch12: %{name}-namespace-level.patch +Patch13: %{name}-namespace-unmnt-override.patch +Patch14: %{name}-unix-nullcheck.patch +Patch15: %{name}-unix-blowfish.patch +Patch16: %{name}-mkhomedir-new-features.patch URL: http://www.kernel.org/pub/linux/libs/pam/ +%{?with_audit:BuildRequires: audit-libs-devel >= 1.0.8} BuildRequires: autoconf BuildRequires: automake BuildRequires: bison BuildRequires: cracklib-devel BuildRequires: db-devel BuildRequires: flex -%{?with_cap:BuildRequires: libcap-devel} %{?with_prelude:BuildRequires: libprelude-devel} -%{?with_selinux:BuildRequires: libselinux-devel} +%{?with_selinux:BuildRequires: libselinux-devel >= 1.33.2} BuildRequires: libtool >= 2:1.5 -%{?with_tcpd:BuildRequires: libwrap-devel >= 7.6-32} -%{?with_opie:BuildRequires: opie-devel} -%{?with_pwdb:BuildRequires: pwdb-devel} -BuildRequires: sgml-tools -%{?with_skey:BuildRequires: skey-devel} %if %{with doc} -BuildRequires: sp -BuildRequires: tetex-fonts-jknappen -BuildRequires: tetex-format-latex -BuildRequires: tetex-metafont -BuildRequires: tetex-tex-babel +BuildRequires: docbook-dtd43-xml +BuildRequires: docbook-dtd44-xml +BuildRequires: docbook-style-xsl >= 1.69.1 +BuildRequires: libxml2-progs +BuildRequires: libxslt-progs +BuildRequires: w3m %endif Requires: %{name}-libs = %{epoch}:%{version}-%{release} Requires: awk @@ -69,6 +89,8 @@ %define specflags -fno-strict-aliasing +%define _sbindir /sbin + %description PAM (Pluggable Authentication Modules) is a powerful, flexible, extensible authentication system which allows the system administrator @@ -138,6 +160,8 @@ Summary(pl): Moduły i biblioteki PAM Group: Libraries Conflicts: pam < 0:0.80.1-2 +%{?with_audit:Requires: audit-libs >= 1.0.8} +%{?with_selinux:Requires: libselinux >= 1.33.2} %description libs Core PAM modules and libraries. @@ -190,84 +214,6 @@ %description static -l uk ăĹĘ ĐÁËĹÔ ÍŚÓÔÉÔŘ ÓÔÁÔÉŢÎŚ ÂŚÂĚŚĎÔĹËÉ ĐŇĎÇŇÁÍŚÓÔÁ ÄĚŃ PAM. -%package pam_pwdb -Summary: pam_pwdb module -Summary(pl): Moduł pam_pwdb -Group: Base -Requires: %{name} = %{epoch}:%{version}-%{release} -Requires: pwdb >= 0.54-2 - -%description pam_pwdb -pam_pwdb module. - -%description pam_pwdb -l pl -Moduł pam_pwdb. - -%package pam_radius -Summary: pam_radius module -Summary(pl): Moduł pam_radius -Group: Base -Requires: %{name} = %{epoch}:%{version}-%{release} -Requires: pwdb >= 0.54-2 - -%description pam_radius -pam_radius module. - -%description pam_radius -l pl -Moduł pam_radius. - -%package pam_skey -Summary: pam_skey module -Summary(pl): Moduł pam_skey -Group: Base -Requires: %{name} = %{epoch}:%{version}-%{release} -Requires: skey - -%description pam_skey -pam_skey module. - -%description pam_skey -l pl -Moduł pam_skey. - -%package pam_opie -Summary: pam_opie module -Summary(pl): Moduł pam_opie -Group: Base -Requires: %{name} = %{epoch}:%{version}-%{release} -Requires: opie - -%description pam_opie -pam_opie module. - -%description pam_opie -l pl -Moduł pam_opie. - -%package pam_tcpd -Summary: pam_tcpd module -Summary(pl): Moduł pam_tcpd -Group: Base -Requires: %{name} = %{epoch}:%{version}-%{release} -Requires: libwrap >= 7.6-32 - -%description pam_tcpd -pam_tcpd module. - -%description pam_tcpd -l pl -Moduł pam_tcpd. - -%package pam_cap -Summary: pam_cap module -Summary(pl): Moduł pam_cap -Group: Base -Requires: %{name} = %{epoch}:%{version}-%{release} -Requires: libcap - -%description pam_cap -pam_cap module. - -%description pam_cap -l pl -Moduł pam_cap. - %package pam_selinux Summary: PAM module - SELinux support Summary(pl): Moduł PAM pozwalający na zmianę kontekstów SELinuksa @@ -280,11 +226,24 @@ Moduł PAM pozwalający na zmianę kontekstów SELinuksa. %prep -%setup -q -n %{name}-pld-%{version} +%setup -q -a2 -n Linux-PAM-%{version} %patch0 -p1 %patch1 -p1 -mkdir m4 -%{!?with_prelude:echo 'AC_DEFUN([AM_PATH_LIBPRELUDE],[/bin/true])' > m4/prelude.m4} +%patch2 -p1 +%patch3 -p1 +%patch4 -p1 +%patch5 -p1 +%patch6 -p1 +%patch7 -p1 +%patch8 -p1 +%patch9 -p1 +%patch10 -p1 +%patch11 -p1 +%patch12 -p1 +%patch13 -p1 +%patch14 -p1 +%patch15 -p1 +%patch16 -p1 %build %{__libtoolize} @@ -292,102 +251,124 @@ %{__autoconf} %{__autoheader} %{__automake} -find doc/ -type f | xargs %{__perl} -pi -e 's#/lib/security#/%{_lib}/security#g' %configure \ - %{!?with_doc:--without-docs} \ - %{!?with_cap:--disable-cap} \ - %{!?with_opie:--disable-opie} \ - %{!?with_pwdb:--disable-pwdb} \ - %{!?with_skey:--disable-skey} \ - %{!?with_tcpd:--disable-tcpd} \ - %{?with_pwexport:--enable-want-pwexport-module} \ + --enable-static \ + --enable-shared \ + --libdir=/%{_lib} \ + --includedir=%{_includedir}/security \ + --enable-isadir=../../%{_lib}/security \ %{!?with_selinux:--disable-selinux} \ %{!?with_prelude:--disable-prelude} \ - --enable-strong-crypto + %{!?with_audit:--disable-audit} +# we must explicitely update-gmo as we patch a po file +%{__make} -C po update-gmo %{__make} %install rm -rf $RPM_BUILD_ROOT -install -d $RPM_BUILD_ROOT/%{_lib} +install -d $RPM_BUILD_ROOT{%{_libdir},/etc/pam.d,/var/log} %{__make} install \ DESTDIR=$RPM_BUILD_ROOT -rm -rf docs -cp -a doc docs -rm -f docs/{ps,txts}/{README,*.log} \ - docs/{html,txts}/Makefile* +install modules/pam_selinux/.libs/pam_selinux_check $RPM_BUILD_ROOT%{_sbindir} +install modules/pam_selinux/pam_selinux_check.8 $RPM_BUILD_ROOT%{_mandir}/man8 + +mkdir -p doc/txts +for r in modules/pam_*/README ; do + cp -f $r doc/txts/README.$(basename $(dirname $r)) +done +mkdir -p doc/html +cp -f doc/index.html doc/html/ + +# fix PAM/pam man page +echo ".so PAM.8" > $RPM_BUILD_ROOT%{_mandir}/man8/pam.8 :> $RPM_BUILD_ROOT/etc/security/opasswd :> $RPM_BUILD_ROOT/etc/security/blacklist -mv -f $RPM_BUILD_ROOT%{_libdir}/lib*.so.*.*.* $RPM_BUILD_ROOT/%{_lib} +#:> $RPM_BUILD_ROOT/var/log/faillog +:> $RPM_BUILD_ROOT/var/log/tallylog -install pamcrypt/.libs/libpamcrypt.a $RPM_BUILD_ROOT%{_libdir} +mv -f $RPM_BUILD_ROOT/%{_lib}/lib*.{la,a} $RPM_BUILD_ROOT/%{_libdir} cd $RPM_BUILD_ROOT/%{_lib} ln -sf /%{_lib}/$(echo libpam.so.*.*.*) $RPM_BUILD_ROOT%{_libdir}/libpam.so ln -sf /%{_lib}/$(echo libpam_misc.so.*.*.*) $RPM_BUILD_ROOT%{_libdir}/libpam_misc.so ln -sf /%{_lib}/$(echo libpamc.so.*.*.*) $RPM_BUILD_ROOT%{_libdir}/libpamc.so +cd - -cp %{SOURCE1} $RPM_BUILD_ROOT/etc/pam.d/system-auth +install %{SOURCE3} $RPM_BUILD_ROOT/etc/pam.d/other +install %{SOURCE4} $RPM_BUILD_ROOT/etc/pam.d/system-auth +install %{SOURCE5} $RPM_BUILD_ROOT/etc/pam.d/config-util +install %{SOURCE6} $RPM_BUILD_ROOT/etc/pam.d/pam_selinux_check + +install %{SOURCE7} $RPM_BUILD_ROOT%{_mandir}/man5/system-auth.5 +install %{SOURCE8} $RPM_BUILD_ROOT%{_mandir}/man5/config-util.5 # useless - shut up check-files rm -f $RPM_BUILD_ROOT/%{_lib}/security/*.{la,a} -rm -f $RPM_BUILD_ROOT%{_libdir}/libpamcrypt.a +rm -rf $RPM_BUILD_ROOT%{_datadir}/doc/Linux-PAM %if !%{with selinux} rm -rf $RPM_BUILD_ROOT{/%{_lib}/security/pam_selinux.so,%{_sbindir}/pam_selinux_check,%{_mandir}/man8/pam_selinux*.8*} %endif +%find_lang Linux-PAM + %clean rm -rf $RPM_BUILD_ROOT %post libs -p /sbin/ldconfig %postun libs -p /sbin/ldconfig -%files +%files -f Linux-PAM.lang %defattr(644,root,root,755) -%doc CHANGELOG ChangeLog Copyright doc/CREDITS +%doc AUTHORS CHANGELOG ChangeLog Copyright NEWS +%doc doc/txts/README* %if %{with doc} -%doc docs/{html,txts,specs/*.{raw,txt}} -# FIXME: doesn't build for me! missing BR!: [EMAIL PROTECTED] ps $ sgml2latex -o ps ../psgml2latex -o ps ../pam -#Processing file ../pam -#load_char_maps: no entity maps found -#parse_data: no entity map for `[lowbar]' -#sh: latex: not found -#sh: latex: not found -#dvips: ! DVI file can't be opened. -#%doc docs/ps/*.ps +%doc doc/specs/*.txt +%doc doc/{adg,mwg,sag}/Linux-PAM_*.txt +%doc doc/{adg,mwg,sag,}/html %endif -%dir /etc/pam.d -%dir /sbin/pam_filter -%dir /var/lock/console -%dir /etc/security/console.apps +%dir %attr(755,root,root) /etc/pam.d +%dir %attr(755,root,root) /etc/security/console.apps +%dir %attr(755,root,root) /etc/security/console.perms.d +%dir %attr(755,root,root) /var/run/console +%config /etc/security/console.perms.d/50-default.perms %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/other %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/system-auth +%config(noreplace) %verify(not md5 mtime size) /etc/pam.d/config-util %config(noreplace) %verify(not md5 mtime size) /etc/security/access.conf %config(noreplace) %verify(not md5 mtime size) /etc/security/pam_env.conf %config(noreplace) %verify(not md5 mtime size) /etc/security/group.conf %config(noreplace) %verify(not md5 mtime size) /etc/security/limits.conf %config(noreplace) %verify(not md5 mtime size) /etc/security/time.conf -%config(noreplace) %verify(not md5 mtime size) /etc/security/consoles +%config(noreplace) %verify(not md5 mtime size) /etc/security/console.handlers +%config(noreplace) %verify(not md5 mtime size) /etc/security/console.perms %config(noreplace) %verify(not md5 mtime size) /etc/security/trigram* %config(noreplace) %verify(not md5 mtime size) /etc/security/blacklist -%config(noreplace) %verify(not md5 mtime size) /etc/security/pam_mail.conf +%config(noreplace) %verify(not md5 mtime size) /etc/environment %attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/security/opasswd -%attr(755,root,root) /sbin/pam_filter/upperLOWER %attr(4755,root,root) /sbin/unix_chkpwd %attr(755,root,root) %{_bindir}/pam_pwgen +%attr(755,root,root) %{_sbindir}/pam_console_apply %attr(755,root,root) %{_sbindir}/pam_tally +%attr(755,root,root) %{_sbindir}/pam_tally2 +%attr(755,root,root) %{_sbindir}/pam_timestamp_check %attr(755,root,root) %{_sbindir}/pwgen_trigram %{_mandir}/man5/* +%{_mandir}/man8/PAM.* %{_mandir}/man8/pam.* -%{_mandir}/man8/pam_localuser* +%{_mandir}/man8/pam_[a-r]* +%{_mandir}/man8/pam_securetty* +%{_mandir}/man8/pam_shells* %{_mandir}/man8/pam_succeed_if* -%{_mandir}/man8/pam_xauth* +%{_mandir}/man8/pam_[t-x]* +%{_mandir}/man8/unix_chkpwd* +#%ghost %verify(not md5 size mtime) /var/log/faillog +%ghost %verify(not md5 size mtime) /var/log/tallylog %files libs %defattr(644,root,root,755) @@ -397,45 +378,51 @@ %attr(755,root,root) /%{_lib}/security/pam_cracklib.so %attr(755,root,root) /%{_lib}/security/pam_debug.so %attr(755,root,root) /%{_lib}/security/pam_deny.so +%attr(755,root,root) /%{_lib}/security/pam_echo.so %attr(755,root,root) /%{_lib}/security/pam_env.so +%attr(755,root,root) /%{_lib}/security/pam_exec.so +%attr(755,root,root) /%{_lib}/security/pam_faildelay.so %attr(755,root,root) /%{_lib}/security/pam_filter.so +%attr(755,root,root) /%{_lib}/security/pam_filter/upperLOWER %attr(755,root,root) /%{_lib}/security/pam_ftp.so %attr(755,root,root) /%{_lib}/security/pam_group.so -%attr(755,root,root) /%{_lib}/security/pam_homedir.so %attr(755,root,root) /%{_lib}/security/pam_issue.so +%attr(755,root,root) /%{_lib}/security/pam_keyinit.so %attr(755,root,root) /%{_lib}/security/pam_lastlog.so %attr(755,root,root) /%{_lib}/security/pam_limits.so %attr(755,root,root) /%{_lib}/security/pam_listfile.so %attr(755,root,root) /%{_lib}/security/pam_localuser.so +%attr(755,root,root) /%{_lib}/security/pam_loginuid.so %attr(755,root,root) /%{_lib}/security/pam_mail.so -%attr(755,root,root) /%{_lib}/security/pam_make.so +%attr(755,root,root) /%{_lib}/security/pam_mkhomedir.so %attr(755,root,root) /%{_lib}/security/pam_motd.so -%attr(755,root,root) /%{_lib}/security/pam_netid.so %attr(755,root,root) /%{_lib}/security/pam_nologin.so %attr(755,root,root) /%{_lib}/security/pam_permit.so +%attr(755,root,root) /%{_lib}/security/pam_pwexport.so %attr(755,root,root) /%{_lib}/security/pam_pwgen.so +%attr(755,root,root) /%{_lib}/security/pam_rhosts_auth.so %attr(755,root,root) /%{_lib}/security/pam_rhosts.so %attr(755,root,root) /%{_lib}/security/pam_rootok.so +%attr(755,root,root) /%{_lib}/security/pam_rps.so %attr(755,root,root) /%{_lib}/security/pam_securetty.so %attr(755,root,root) /%{_lib}/security/pam_shells.so %attr(755,root,root) /%{_lib}/security/pam_stress.so %attr(755,root,root) /%{_lib}/security/pam_succeed_if.so +%attr(755,root,root) /%{_lib}/security/pam_tally2.so %attr(755,root,root) /%{_lib}/security/pam_tally.so %attr(755,root,root) /%{_lib}/security/pam_time.so +%attr(755,root,root) /%{_lib}/security/pam_timestamp.so +%attr(755,root,root) /%{_lib}/security/pam_umask.so %attr(755,root,root) /%{_lib}/security/pam_unix.so %attr(755,root,root) /%{_lib}/security/pam_userdb.so -%attr(755,root,root) /%{_lib}/security/pam_usertty.so -%attr(755,root,root) /%{_lib}/security/pam_utmp.so %attr(755,root,root) /%{_lib}/security/pam_warn.so %attr(755,root,root) /%{_lib}/security/pam_wheel.so %attr(755,root,root) /%{_lib}/security/pam_xauth.so -%{?with_pwexport:%attr(755,root,root) /%{_lib}/security/pam_pwexport.so} %files devel %defattr(644,root,root,755) %attr(755,root,root) %{_libdir}/lib*.so %{_libdir}/lib*.la -%{_libdir}/libpammodutil.a %{_includedir}/security/*.h %{_mandir}/man3/* @@ -445,50 +432,12 @@ %{_libdir}/libpamc.a %{_libdir}/libpam_misc.a -%if %{with pwdb} -%files pam_pwdb -%defattr(644,root,root,755) -%attr(755,root,root) /%{_lib}/security/pam_pwdb.so -%attr(4755,root,root) /sbin/pwdb_chkpwd - -%files pam_radius -%defattr(644,root,root,755) -%attr(755,root,root) /%{_lib}/security/pam_radius.so -%endif - -%if %{with skey} -%files pam_skey -%defattr(644,root,root,755) -%attr(755,root,root) /%{_lib}/security/pam_skey.so -%endif - -%if %{with opie} -%files pam_opie -%defattr(644,root,root,755) -%attr(755,root,root) /%{_lib}/security/pam_opie.so -%attr(755,root,root) /%{_lib}/security/pam_opietrust.so -%endif - -%if %{with tcpd} -%files pam_tcpd -%defattr(644,root,root,755) -%attr(755,root,root) /%{_lib}/security/pam_tcpd.so -%endif - -%if %{with cap} -%files pam_cap -%defattr(644,root,root,755) -%config(noreplace) %verify(not md5 mtime size) /etc/security/capability.conf -%attr(755,root,root) /%{_lib}/security/pam_cap.so -%endif - %if %{with selinux} %files pam_selinux %defattr(644,root,root,755) -%doc README %attr(755,root,root) /%{_lib}/security/pam_selinux.so %attr(755,root,root) %{_sbindir}/pam_selinux_check -#TODO: %config(noreplace) %verify(not size mtime md5) /etc/pam.d/pam_selinux_check +%config(noreplace) %verify(not size mtime md5) /etc/pam.d/pam_selinux_check %{_mandir}/man8/pam_selinux*.8* %endif @@ -498,6 +447,11 @@ All persons listed below can be reached at <cvs_login>@pld-linux.org $Log$ +Revision 1.246 2007/02/04 23:42:23 baggins +- NFY, but the brave may start testing +- back to Linux-PAM with PLD add-ons +- version 0.99.7.1 + Revision 1.245 2006/12/04 00:14:45 arekm - rel 14 ================================================================ ---- CVS-web: http://cvs.pld-linux.org/SPECS/pam.spec?r1=1.245&r2=1.246&f=u _______________________________________________ pld-cvs-commit mailing list [email protected] http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit
