From mboxrd@z Thu Jan  1 00:00:00 1970
Return-path: <ptxdist-bounces@pengutronix.de>
Received: from eddie.linux-mips.org ([148.251.95.138] helo=cvs.linux-mips.org)
 by metis.ext.pengutronix.de with esmtp (Exim 4.92)
 (envelope-from <ladis@linux-mips.org>) id 1ielnz-0001RT-2Z
 for ptxdist@pengutronix.de; Tue, 10 Dec 2019 21:08:23 +0100
Received: (from localhost user: 'ladis' uid#1021 fake: STDIN
 (ladis@eddie.linux-mips.org)) by eddie.linux-mips.org
 id S23990923AbfLJUIVGfMGO (ORCPT <rfc822;ptxdist@pengutronix.de>);
 Tue, 10 Dec 2019 21:08:21 +0100
Date: Tue, 10 Dec 2019 21:08:17 +0100
From: Ladislav Michl <ladis@linux-mips.org>
Message-ID: <20191210200817.GA759825@lenoch>
MIME-Version: 1.0
Content-Disposition: inline
Subject: [ptxdist] [PATCH 0/4] PAM
List-Id: PTXdist Development Mailing List <ptxdist.pengutronix.de>
List-Unsubscribe: <http://metis.pengutronix.de/cgi-bin/mailman/options/ptxdist>, 
 <mailto:ptxdist-request@pengutronix.de?subject=unsubscribe>
List-Archive: <http://metis.pengutronix.de/cgi-bin/mailman/private/ptxdist/>
List-Post: <mailto:ptxdist@pengutronix.de>
List-Help: <mailto:ptxdist-request@pengutronix.de?subject=help>
List-Subscribe: <http://metis.pengutronix.de/cgi-bin/mailman/listinfo/ptxdist>, 
 <mailto:ptxdist-request@pengutronix.de?subject=subscribe>
Reply-To: ptxdist@pengutronix.de
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: ptxdist-bounces@pengutronix.de
Sender: "ptxdist" <ptxdist-bounces@pengutronix.de>
To: ptxdist@pengutronix.de

Hi there!

Recently I found that for some projects the only remaining utility
I'm using from busybox is login. And that there is no alternative.

Until now... And now you can choose between Busybox' login, util-linux'
login and shadow-utils' login. And yes, we'll need some clever way
to prevent conflicts.

This time GLOBAL_PAM_OPTION was introduced and we are using it, but
there's more to do: cifs-utils, cups, ecryptfs-utils, inetutils,
libcgroup, lighttpd, lxc, monit, openssh, openvpn, policycoreutils,
postgresql, proftpd, pureftpd, samba, strongswan, sudo, systemd,
weston and xorg-app-xdm.
Above packages could be easily modified once someone feels need to
do so.

This patchset enables you to build decent desktop distribution
for your favourite machine you might found in garage, but there's
still common PAM policy missing. That's why my BSP still contains:
$ cat projectroot/etc/pam.d/login 
auth	required	pam_permit.so
account	required	pam_permit.so
session	required	pam_permit.so

That circular dependency problem "solved" itself by moving selinux
into staging, so I disabled global selinux option for pam. Let's
see how many people are interested in selinux support in PTXdist -
and applogies for not trying to fix it properly.

Comments welcome.

Ladislav Michl (4):
  pam: new package
  Introduce global PAM option
  util-linux: optionally build login program
  shadow: new package

 rules/core-pam.in        |   8 ++
 rules/pam.in             |  10 +++
 rules/pam.make           |  73 ++++++++++++++++++
 rules/pre/Rules.make     |   6 ++
 rules/shadow.in          | 148 ++++++++++++++++++++++++++++++++++++
 rules/shadow.make        | 157 +++++++++++++++++++++++++++++++++++++++
 rules/util-linux-ng.in   |  16 ++++
 rules/util-linux-ng.make |   5 +-
 8 files changed, 422 insertions(+), 1 deletion(-)
 create mode 100644 rules/core-pam.in
 create mode 100644 rules/pam.in
 create mode 100644 rules/pam.make
 create mode 100644 rules/shadow.in
 create mode 100644 rules/shadow.make

-- 
2.24.0

_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de