mailarchive of the ptxdist mailing list
 help / color / mirror / Atom feed
From: Ladislav Michl <ladis@linux-mips.org>
To: ptxdist@pengutronix.de
Subject: [ptxdist] [PATCH 0/4] PAM
Date: Tue, 10 Dec 2019 21:08:17 +0100	[thread overview]
Message-ID: <20191210200817.GA759825@lenoch> (raw)

Hi there!

Recently I found that for some projects the only remaining utility
I'm using from busybox is login. And that there is no alternative.

Until now... And now you can choose between Busybox' login, util-linux'
login and shadow-utils' login. And yes, we'll need some clever way
to prevent conflicts.

This time GLOBAL_PAM_OPTION was introduced and we are using it, but
there's more to do: cifs-utils, cups, ecryptfs-utils, inetutils,
libcgroup, lighttpd, lxc, monit, openssh, openvpn, policycoreutils,
postgresql, proftpd, pureftpd, samba, strongswan, sudo, systemd,
weston and xorg-app-xdm.
Above packages could be easily modified once someone feels need to
do so.

This patchset enables you to build decent desktop distribution
for your favourite machine you might found in garage, but there's
still common PAM policy missing. That's why my BSP still contains:
$ cat projectroot/etc/pam.d/login 
auth	required	pam_permit.so
account	required	pam_permit.so
session	required	pam_permit.so

That circular dependency problem "solved" itself by moving selinux
into staging, so I disabled global selinux option for pam. Let's
see how many people are interested in selinux support in PTXdist -
and applogies for not trying to fix it properly.

Comments welcome.

Ladislav Michl (4):
  pam: new package
  Introduce global PAM option
  util-linux: optionally build login program
  shadow: new package

 rules/core-pam.in        |   8 ++
 rules/pam.in             |  10 +++
 rules/pam.make           |  73 ++++++++++++++++++
 rules/pre/Rules.make     |   6 ++
 rules/shadow.in          | 148 ++++++++++++++++++++++++++++++++++++
 rules/shadow.make        | 157 +++++++++++++++++++++++++++++++++++++++
 rules/util-linux-ng.in   |  16 ++++
 rules/util-linux-ng.make |   5 +-
 8 files changed, 422 insertions(+), 1 deletion(-)
 create mode 100644 rules/core-pam.in
 create mode 100644 rules/pam.in
 create mode 100644 rules/pam.make
 create mode 100644 rules/shadow.in
 create mode 100644 rules/shadow.make

-- 
2.24.0

_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de

             reply	other threads:[~2019-12-10 20:08 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-12-10 20:08 Ladislav Michl [this message]
2019-12-10 20:09 ` [ptxdist] [PATCH 1/4] pam: new package Ladislav Michl
2020-01-06 11:10   ` Michael Olbrich
2019-12-10 20:09 ` [ptxdist] [PATCH 2/4] Introduce global PAM option Ladislav Michl
2019-12-10 20:10 ` [ptxdist] [PATCH 3/4] util-linux: optionally build login program Ladislav Michl
2019-12-10 20:11 ` [ptxdist] [PATCH 4/4] shadow: new package Ladislav Michl
2020-01-06 11:15   ` Michael Olbrich

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20191210200817.GA759825@lenoch \
    --to=ladis@linux-mips.org \
    --cc=ptxdist@pengutronix.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox