From: Ladislav Michl <ladis@linux-mips.org>
To: ptxdist@pengutronix.de
Subject: [ptxdist] [PATCH 0/4] PAM
Date: Tue, 10 Dec 2019 21:08:17 +0100 [thread overview]
Message-ID: <20191210200817.GA759825@lenoch> (raw)
Hi there!
Recently I found that for some projects the only remaining utility
I'm using from busybox is login. And that there is no alternative.
Until now... And now you can choose between Busybox' login, util-linux'
login and shadow-utils' login. And yes, we'll need some clever way
to prevent conflicts.
This time GLOBAL_PAM_OPTION was introduced and we are using it, but
there's more to do: cifs-utils, cups, ecryptfs-utils, inetutils,
libcgroup, lighttpd, lxc, monit, openssh, openvpn, policycoreutils,
postgresql, proftpd, pureftpd, samba, strongswan, sudo, systemd,
weston and xorg-app-xdm.
Above packages could be easily modified once someone feels need to
do so.
This patchset enables you to build decent desktop distribution
for your favourite machine you might found in garage, but there's
still common PAM policy missing. That's why my BSP still contains:
$ cat projectroot/etc/pam.d/login
auth required pam_permit.so
account required pam_permit.so
session required pam_permit.so
That circular dependency problem "solved" itself by moving selinux
into staging, so I disabled global selinux option for pam. Let's
see how many people are interested in selinux support in PTXdist -
and applogies for not trying to fix it properly.
Comments welcome.
Ladislav Michl (4):
pam: new package
Introduce global PAM option
util-linux: optionally build login program
shadow: new package
rules/core-pam.in | 8 ++
rules/pam.in | 10 +++
rules/pam.make | 73 ++++++++++++++++++
rules/pre/Rules.make | 6 ++
rules/shadow.in | 148 ++++++++++++++++++++++++++++++++++++
rules/shadow.make | 157 +++++++++++++++++++++++++++++++++++++++
rules/util-linux-ng.in | 16 ++++
rules/util-linux-ng.make | 5 +-
8 files changed, 422 insertions(+), 1 deletion(-)
create mode 100644 rules/core-pam.in
create mode 100644 rules/pam.in
create mode 100644 rules/pam.make
create mode 100644 rules/shadow.in
create mode 100644 rules/shadow.make
--
2.24.0
_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
next reply other threads:[~2019-12-10 20:08 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-12-10 20:08 Ladislav Michl [this message]
2019-12-10 20:09 ` [ptxdist] [PATCH 1/4] pam: new package Ladislav Michl
2020-01-06 11:10 ` Michael Olbrich
2019-12-10 20:09 ` [ptxdist] [PATCH 2/4] Introduce global PAM option Ladislav Michl
2019-12-10 20:10 ` [ptxdist] [PATCH 3/4] util-linux: optionally build login program Ladislav Michl
2019-12-10 20:11 ` [ptxdist] [PATCH 4/4] shadow: new package Ladislav Michl
2020-01-06 11:15 ` Michael Olbrich
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191210200817.GA759825@lenoch \
--to=ladis@linux-mips.org \
--cc=ptxdist@pengutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox