From mboxrd@z Thu Jan 1 00:00:00 1970 Return-path: Received: from eddie.linux-mips.org ([148.251.95.138] helo=cvs.linux-mips.org) by metis.ext.pengutronix.de with esmtp (Exim 4.92) (envelope-from ) id 1ielnz-0001RT-2Z for ptxdist@pengutronix.de; Tue, 10 Dec 2019 21:08:23 +0100 Received: (from localhost user: 'ladis' uid#1021 fake: STDIN (ladis@eddie.linux-mips.org)) by eddie.linux-mips.org id S23990923AbfLJUIVGfMGO (ORCPT ); Tue, 10 Dec 2019 21:08:21 +0100 Date: Tue, 10 Dec 2019 21:08:17 +0100 From: Ladislav Michl Message-ID: <20191210200817.GA759825@lenoch> MIME-Version: 1.0 Content-Disposition: inline Subject: [ptxdist] [PATCH 0/4] PAM List-Id: PTXdist Development Mailing List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: ptxdist@pengutronix.de Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: ptxdist-bounces@pengutronix.de Sender: "ptxdist" To: ptxdist@pengutronix.de Hi there! Recently I found that for some projects the only remaining utility I'm using from busybox is login. And that there is no alternative. Until now... And now you can choose between Busybox' login, util-linux' login and shadow-utils' login. And yes, we'll need some clever way to prevent conflicts. This time GLOBAL_PAM_OPTION was introduced and we are using it, but there's more to do: cifs-utils, cups, ecryptfs-utils, inetutils, libcgroup, lighttpd, lxc, monit, openssh, openvpn, policycoreutils, postgresql, proftpd, pureftpd, samba, strongswan, sudo, systemd, weston and xorg-app-xdm. Above packages could be easily modified once someone feels need to do so. This patchset enables you to build decent desktop distribution for your favourite machine you might found in garage, but there's still common PAM policy missing. That's why my BSP still contains: $ cat projectroot/etc/pam.d/login auth required pam_permit.so account required pam_permit.so session required pam_permit.so That circular dependency problem "solved" itself by moving selinux into staging, so I disabled global selinux option for pam. Let's see how many people are interested in selinux support in PTXdist - and applogies for not trying to fix it properly. Comments welcome. Ladislav Michl (4): pam: new package Introduce global PAM option util-linux: optionally build login program shadow: new package rules/core-pam.in | 8 ++ rules/pam.in | 10 +++ rules/pam.make | 73 ++++++++++++++++++ rules/pre/Rules.make | 6 ++ rules/shadow.in | 148 ++++++++++++++++++++++++++++++++++++ rules/shadow.make | 157 +++++++++++++++++++++++++++++++++++++++ rules/util-linux-ng.in | 16 ++++ rules/util-linux-ng.make | 5 +- 8 files changed, 422 insertions(+), 1 deletion(-) create mode 100644 rules/core-pam.in create mode 100644 rules/pam.in create mode 100644 rules/pam.make create mode 100644 rules/shadow.in create mode 100644 rules/shadow.make -- 2.24.0 _______________________________________________ ptxdist mailing list ptxdist@pengutronix.de