* [ptxdist] [PATCH v2 0/4] PAM
@ 2020-01-27 8:51 Ladislav Michl
2020-01-27 8:52 ` [ptxdist] [PATCH v2 1/4] pam: new package Ladislav Michl
` (3 more replies)
0 siblings, 4 replies; 10+ messages in thread
From: Ladislav Michl @ 2020-01-27 8:51 UTC (permalink / raw)
To: ptxdist
Hi there!
Recently I found that for some projects the only remaining utility
I'm using from busybox is login. And that there is no alternative.
Until now... And now you can choose between Busybox' login, util-linux'
login and shadow-utils' login. That said, PTXdist can now build true
desktop disto ;-)
This patchset also introduces GLOBAL_PAM_OPTION and uses it for
new packages, but there's more to do: cifs-utils, cups, ecryptfs-utils,
inetutils, libcgroup, lighttpd, lxc, monit, openssh, openvpn,
policycoreutils, postgresql, proftpd, pureftpd, samba, strongswan,
sudo, systemd, weston and xorg-app-xdm.
Above packages could be easily modified once someone feels need to
do so.
Please note, that no common PAM policy is presented, so you can
use stupid PAM login rule as something to start playing with:
$ cat projectroot/etc/pam.d/login
auth required pam_permit.so
account required pam_permit.so
session required pam_permit.so
Changelog is provided on per patch basis.
Ladislav Michl (4):
pam: new package
Introduce global PAM option
shadow: new package
util-linux: optionally build login program
rules/core-pam.in | 8 +++
rules/pam.in | 10 ++++
rules/pam.make | 82 ++++++++++++++++++++++++++
rules/pre/Rules.make | 6 ++
rules/shadow.in | 26 +++++++++
rules/shadow.make | 121 +++++++++++++++++++++++++++++++++++++++
rules/util-linux-ng.in | 19 ++++++
rules/util-linux-ng.make | 5 +-
8 files changed, 276 insertions(+), 1 deletion(-)
create mode 100644 rules/core-pam.in
create mode 100644 rules/pam.in
create mode 100644 rules/pam.make
create mode 100644 rules/shadow.in
create mode 100644 rules/shadow.make
--
2.25.0
_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
^ permalink raw reply [flat|nested] 10+ messages in thread
* [ptxdist] [PATCH v2 1/4] pam: new package
2020-01-27 8:51 [ptxdist] [PATCH v2 0/4] PAM Ladislav Michl
@ 2020-01-27 8:52 ` Ladislav Michl
2020-01-27 9:57 ` Roland Hieber
2020-01-27 8:53 ` [ptxdist] [PATCH v2 2/4] Introduce global PAM option Ladislav Michl
` (2 subsequent siblings)
3 siblings, 1 reply; 10+ messages in thread
From: Ladislav Michl @ 2020-01-27 8:52 UTC (permalink / raw)
To: ptxdist
Signed-off-by: Ladislav Michl <ladis@linux-mips.org>
---
Note: Package states, that alternatively GPL can be used as a license.
There is no GPL version specification and also some files claims LGPL
can be used. Also without specifying version. Debian package references
/usr/share/common-licenses/GPL which is symlink to actual GPL version
(GPL-3). Based on package age, we could probably read license as
GPL-2.0-or-later.
Changes:
- v2: Add license info, install_alternative config files individually
rules/pam.in | 10 ++++++
rules/pam.make | 82 ++++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 92 insertions(+)
create mode 100644 rules/pam.in
create mode 100644 rules/pam.make
diff --git a/rules/pam.in b/rules/pam.in
new file mode 100644
index 000000000..75d5ef42c
--- /dev/null
+++ b/rules/pam.in
@@ -0,0 +1,10 @@
+## SECTION=security
+
+config PAM
+ tristate
+ prompt "PAM"
+ select LIBC_CRYPT
+ help
+ Linux-PAM (Pluggable Authentication Modules for Linux) is a suite
+ of shared libraries that enable the local system administrator to
+ choose how applications authenticate users.
diff --git a/rules/pam.make b/rules/pam.make
new file mode 100644
index 000000000..2ae37c40e
--- /dev/null
+++ b/rules/pam.make
@@ -0,0 +1,82 @@
+# -*-makefile-*-
+#
+# Copyright (C) 2020 by Ladislav Michl <ladis@linux-mips.org>
+#
+# For further information about the PTXdist project and license conditions
+# see the README file.
+#
+
+#
+# We provide this package
+#
+PACKAGES-$(PTXCONF_PAM) += pam
+
+#
+# Paths and names
+#
+PAM_VERSION := 1.3.1
+PAM_MD5 := 558ff53b0fc0563ca97f79e911822165
+PAM := Linux-PAM-$(PAM_VERSION)
+PAM_SUFFIX := tar.xz
+PAM_URL := https://github.com/linux-pam/linux-pam/releases/download/v$(PAM_VERSION)/$(PAM).$(PAM_SUFFIX)
+PAM_SOURCE := $(SRCDIR)/$(PAM).$(PAM_SUFFIX)
+PAM_DIR := $(BUILDDIR)/$(PAM)
+PAM_LICENSE := BSD-3-Clause OR GPL-2.0-or-later
+PAM_LICENSE_FILES := \
+ file://Copyright;md5=7eb5c1bf854e8881005d673599ee74d3 \
+ file://COPYING;md5=7eb5c1bf854e8881005d673599ee74d3
+
+# ----------------------------------------------------------------------------
+# Prepare
+# ----------------------------------------------------------------------------
+
+#
+# autoconf
+#
+PAM_CONF_TOOL := autoconf
+PAM_CONF_OPT := \
+ $(CROSS_AUTOCONF_USR) \
+ $(GLOBAL_LARGE_FILE_OPTION) \
+ --disable-lckpwdf \
+ --disable-cracklib \
+ --disable-audit \
+ --disable-db \
+ --disable-nis \
+ --disable-selinux \
+ --disable-regenerate-docu \
+ --disable-nls \
+ --disable-rpath
+
+# ----------------------------------------------------------------------------
+# Target-Install
+# ----------------------------------------------------------------------------
+
+$(STATEDIR)/pam.targetinstall:
+ @$(call targetinfo)
+
+ @$(call install_init, pam)
+ @$(call install_fixup, pam,PRIORITY,optional)
+ @$(call install_fixup, pam,SECTION,base)
+ @$(call install_fixup, pam,AUTHOR,"Ladislav Michl <ladis@linux-mips.org>")
+ @$(call install_fixup, pam,DESCRIPTION,"Pluggable Authentication Modules for Linux")
+
+ @$(call install_lib, pam, 0, 0, 0644, libpamc)
+ @$(call install_lib, pam, 0, 0, 0644, libpam_misc)
+ @$(call install_lib, pam, 0, 0, 0644, libpam)
+
+ @$(call install_tree, pam, 0, 0, -, /usr/lib/security)
+
+ @$(call install_alternative, pam, 0, 0, 0644, /etc/environment)
+ @$(call install_alternative, pam, 0, 0, 0644, /etc/security/access.conf)
+ @$(call install_alternative, pam, 0, 0, 0644, /etc/security/group.conf)
+ @$(call install_alternative, pam, 0, 0, 0644, /etc/security/limits.conf)
+ @$(call install_alternative, pam, 0, 0, 0644, /etc/security/namespace.conf)
+ @$(call install_alternative, pam, 0, 0, 0755, /etc/security/namespace.init)
+ @$(call install_alternative, pam, 0, 0, 0644, /etc/security/pam_env.conf)
+ @$(call install_alternative, pam, 0, 0, 0644, /etc/security/time.conf)
+
+ @$(call install_finish, pam)
+
+ @$(call touch)
+
+# vim: syntax=make
--
2.25.0
_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
^ permalink raw reply [flat|nested] 10+ messages in thread
* [ptxdist] [PATCH v2 2/4] Introduce global PAM option
2020-01-27 8:51 [ptxdist] [PATCH v2 0/4] PAM Ladislav Michl
2020-01-27 8:52 ` [ptxdist] [PATCH v2 1/4] pam: new package Ladislav Michl
@ 2020-01-27 8:53 ` Ladislav Michl
2020-01-27 8:53 ` [ptxdist] [PATCH v2 3/4] shadow: new package Ladislav Michl
2020-01-27 8:54 ` [ptxdist] [PATCH v2 4/4] util-linux: optionally build login program Ladislav Michl
3 siblings, 0 replies; 10+ messages in thread
From: Ladislav Michl @ 2020-01-27 8:53 UTC (permalink / raw)
To: ptxdist
Signed-off-by: Ladislav Michl <ladis@linux-mips.org>
---
Changes:
v2: None
rules/core-pam.in | 8 ++++++++
rules/pre/Rules.make | 6 ++++++
2 files changed, 14 insertions(+)
create mode 100644 rules/core-pam.in
diff --git a/rules/core-pam.in b/rules/core-pam.in
new file mode 100644
index 000000000..0e2c983a5
--- /dev/null
+++ b/rules/core-pam.in
@@ -0,0 +1,8 @@
+## SECTION=core
+
+config GLOBAL_PAM
+ bool
+ prompt "PAM support"
+ help
+ This will enable PAM for all packages with optional
+ PAM support.
diff --git a/rules/pre/Rules.make b/rules/pre/Rules.make
index 5597c64ec..8ca41f5c6 100644
--- a/rules/pre/Rules.make
+++ b/rules/pre/Rules.make
@@ -271,6 +271,12 @@ else
GLOBAL_LARGE_FILE_OPTION := --disable-largefile
endif
+ifdef PTXCONF_GLOBAL_PAM
+GLOBAL_PAM_OPTION := --enable-pam
+else
+GLOBAL_PAM_OPTION := --disable-pam
+endif
+
ifdef PTXCONF_GLOBAL_SELINUX
GLOBAL_SELINUX_OPTION := --enable-selinux
else
--
2.25.0
_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
^ permalink raw reply [flat|nested] 10+ messages in thread
* [ptxdist] [PATCH v2 3/4] shadow: new package
2020-01-27 8:51 [ptxdist] [PATCH v2 0/4] PAM Ladislav Michl
2020-01-27 8:52 ` [ptxdist] [PATCH v2 1/4] pam: new package Ladislav Michl
2020-01-27 8:53 ` [ptxdist] [PATCH v2 2/4] Introduce global PAM option Ladislav Michl
@ 2020-01-27 8:53 ` Ladislav Michl
2020-01-27 8:54 ` [ptxdist] [PATCH v2 4/4] util-linux: optionally build login program Ladislav Michl
3 siblings, 0 replies; 10+ messages in thread
From: Ladislav Michl @ 2020-01-27 8:53 UTC (permalink / raw)
To: ptxdist
Signed-off-by: Ladislav Michl <ladis@linux-mips.org>
---
Changes:
-v2: Avoid conflicting with Busybox, simplify menuconfig
rules/shadow.in | 26 ++++++++++
rules/shadow.make | 121 ++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 147 insertions(+)
create mode 100644 rules/shadow.in
create mode 100644 rules/shadow.make
diff --git a/rules/shadow.in b/rules/shadow.in
new file mode 100644
index 000000000..8e1fa2270
--- /dev/null
+++ b/rules/shadow.in
@@ -0,0 +1,26 @@
+## SECTION=shell_and_console
+comment "BusyBox' loginutils selected!"
+ depends on BUSYBOX_ADDUSER || BUSYBOX_ADDGROUP || BUSYBOX_LOGIN || BUSYBOX_PASSWD || BUSYBOX_SU
+
+menuconfig SHADOW
+ tristate
+ depends on (!BUSYBOX_ADDUSER && !BUSYBOX_ADDGROUP && !BUSYBOX_LOGIN && !BUSYBOX_PASSWD && !BUSYBOX_SU) || ALLYES
+ select LIBC_CRYPT
+ select LIBSELINUX if GLOBAL_SELINUX
+ select PAM if GLOBAL_PAM
+ prompt "shadow "
+ help
+ Password and account management tool suite with support
+ for shadow files and PAM.
+
+if SHADOW
+
+config SHADOW_ADMIN
+ bool
+ prompt "install account administration commands"
+ help
+ Enable this option if you want to install commands
+ which manipulate user accout (administer /etc/passwd,
+ /etc/shadow and /etc/group, /etc/gshadow ...)
+
+endif
diff --git a/rules/shadow.make b/rules/shadow.make
new file mode 100644
index 000000000..d9319806f
--- /dev/null
+++ b/rules/shadow.make
@@ -0,0 +1,121 @@
+# -*-makefile-*-
+#
+# Copyright (C) 2020 by Ladislav Michl <ladis@linux-mips.org>
+#
+# For further information about the PTXdist project and license conditions
+# see the README file.
+#
+
+#
+# We provide this package
+#
+PACKAGES-$(PTXCONF_SHADOW) += shadow
+
+#
+# Paths and names
+#
+SHADOW_VERSION := 4.8.1
+SHADOW_MD5 := 4b05eff8a427cf50e615bda324b5bc45
+SHADOW := shadow-$(SHADOW_VERSION)
+SHADOW_SUFFIX := tar.xz
+SHADOW_URL := https://github.com/shadow-maint/shadow/releases/download/$(SHADOW_VERSION)/$(SHADOW).$(SHADOW_SUFFIX)
+SHADOW_SOURCE := $(SRCDIR)/$(SHADOW).$(SHADOW_SUFFIX)
+SHADOW_DIR := $(BUILDDIR)/$(SHADOW)
+SHADOW_LICENSE := BSD-3-Clause
+
+# ----------------------------------------------------------------------------
+# Prepare
+# ----------------------------------------------------------------------------
+
+#
+# autoconf
+#
+SHADOW_CONF_TOOL := autoconf
+SHADOW_CONF_OPT := \
+ $(CROSS_AUTOCONF_USR) \
+ --bindir=/usr/bin \
+ --sbindir=/usr/sbin \
+ $(GLOBAL_LARGE_FILE_OPTION) \
+ --enable-shadowgrp \
+ --disable-man \
+ --$(call ptx/endis, PTXCONF_GLOBAL_PAM)-account-tools-setuid \
+ --disable-utmpx \
+ --enable-subordinate-ids \
+ --disable-nls \
+ --disable-rpath \
+ --without-audit \
+ --$(call ptx/wwo, PTXCONF_GLOBAL_PAM)-libpam \
+ --without-btrfs \
+ --$(call ptx/wwo, PTXCONF_GLOBAL_SELINUX)-selinux \
+ --without-acl \
+ --without-attr \
+ --without-skey \
+ --without-tcb \
+ --without-libcrack \
+ --with-sha-crypt \
+ --without-nscd \
+ --without-sssd \
+ --with-su \
+ --without-fcaps
+
+# ----------------------------------------------------------------------------
+# Target-Install
+# ----------------------------------------------------------------------------
+
+SHADOW_ADMIN_BIN_PROGS := \
+ chage chfn chsh expiry gpasswd newgidmap newgrp newuidmap passwd
+SHADOW_ADMIN_SBIN_PROGS := \
+ chgpasswd chpasswd \
+ groupadd groupdel groupmems groupmod grpck grpconv grpunconv \
+ newusers pwck pwconv pwunconv useradd userdel usermod vipw
+SHADOW_ADMIN_PAMD := \
+ chage chfn chgpasswd chpasswd chsh \
+ groupadd groupdel groupmems groupmod \
+ newusers passwd useradd userdel usermod
+
+$(STATEDIR)/shadow.targetinstall:
+ @$(call targetinfo)
+
+ @$(call install_init, shadow)
+ @$(call install_fixup, shadow,PRIORITY,optional)
+ @$(call install_fixup, shadow,SECTION,base)
+ @$(call install_fixup, shadow,AUTHOR,"Ladislav Michl <ladis@linux-mips.org>")
+ @$(call install_fixup, shadow,DESCRIPTION,missing)
+
+ @$(call install_copy, shadow, 0, 0, 0755, -, /usr/bin/faillog)
+ @$(call install_copy, shadow, 0, 0, 0755, -, /usr/bin/groups)
+ @$(call install_copy, shadow, 0, 0, 0755, -, /usr/bin/lastlog)
+ @$(call install_copy, shadow, 0, 0, 0755, -, /usr/bin/login)
+ @$(call install_copy, shadow, 0, 0, 4755, -, /usr/bin/su)
+ @$(call install_copy, shadow, 0, 0, 0755, -, /usr/sbin/nologin)
+
+ @$(call install_alternative, shadow, 0, 0, 0644, /etc/login.defs)
+ifdef PTXCONF_GLOBAL_PAM
+ @$(call install_alternative, shadow, 0, 0, 0644, /etc/pam.d/login)
+ @$(call install_alternative, shadow, 0, 0, 0644, /etc/pam.d/su)
+endif
+
+ifdef PTXCONF_SHADOW_ADMIN
+ @$(foreach prog, $(SHADOW_ADMIN_BIN_PROGS), \
+ $(call install_copy, shadow, 0, 0, 4755, -, \
+ /usr/bin/$(prog))$(ptx/nl))
+ @$(call install_link, shadow, newgrp, /usr/bin/sg)
+
+ @$(foreach prog, $(SHADOW_ADMIN_SBIN_PROGS), \
+ $(call install_copy, shadow, 0, 0, 0755, -, \
+ /usr/sbin/$(prog))$(ptx/nl))
+ @$(call install_link, shadow, vipw, /usr/sbin/wigr)
+
+ @$(call install_alternative, shadow, 0, 0, 0644, /etc/default/useradd)
+ifdef PTXCONF_GLOBAL_PAM
+ @$(foreach pam, $(SHADOW_ADMIN_PAMD), \
+ $(call install_alternative, shadow, 0, 0, 0644, \
+ /etc/pam.d/$(pam))$(ptx/nl))
+endif
+endif
+
+ @$(call install_finish, shadow)
+
+ @$(call touch)
+
+# vim: syntax=make
--
2.25.0
_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
^ permalink raw reply [flat|nested] 10+ messages in thread
* [ptxdist] [PATCH v2 4/4] util-linux: optionally build login program
2020-01-27 8:51 [ptxdist] [PATCH v2 0/4] PAM Ladislav Michl
` (2 preceding siblings ...)
2020-01-27 8:53 ` [ptxdist] [PATCH v2 3/4] shadow: new package Ladislav Michl
@ 2020-01-27 8:54 ` Ladislav Michl
3 siblings, 0 replies; 10+ messages in thread
From: Ladislav Michl @ 2020-01-27 8:54 UTC (permalink / raw)
To: ptxdist
Signed-off-by: Ladislav Michl <ladis@linux-mips.org>
---
Changes:
-v2: Avoid conflicting with Busybox and shadow.
rules/util-linux-ng.in | 19 +++++++++++++++++++
rules/util-linux-ng.make | 5 ++++-
2 files changed, 23 insertions(+), 1 deletion(-)
diff --git a/rules/util-linux-ng.in b/rules/util-linux-ng.in
index 4f230bc60..9c139be6b 100644
--- a/rules/util-linux-ng.in
+++ b/rules/util-linux-ng.in
@@ -7,6 +7,7 @@ menuconfig UTIL_LINUX_NG
select UTIL_LINUX_NG_LIBBLKID
select UTIL_LINUX_NG_LIBUUID if UTIL_LINUX_NG_MKSWAP_UUID
select NCURSES if UTIL_LINUX_NG_USES_NCURSES
+ select PAM if UTIL_LINUX_NG_USES_PAM
if UTIL_LINUX_NG
@@ -32,6 +33,9 @@ config UTIL_LINUX_NG_FDISKS
config UTIL_LINUX_NG_USES_NCURSES
bool
+config UTIL_LINUX_NG_USES_PAM
+ bool
+
config UTIL_LINUX_NG_PARTX_TOOLS
select UTIL_LINUX_NG_LIBBLKID
select UTIL_LINUX_NG_LIBSMARTCOLS
@@ -441,4 +445,19 @@ config UTIL_LINUX_NG_LSCPU
help
lscpu shows information about the CPU architecture
+config UTIL_LINUX_NG_LOGIN
+ bool
+ select UTIL_LINUX_NG_USES_PAM
+ depends on GLOBAL_PAM && ((!BUSYBOX_LOGIN && !SHADOW) || ALLYES)
+ prompt "login"
+ help
+ The login program is used to establish a new session with
+ the system.
+
+comment "BusyBox' login is selected!"
+ depends on BUSYBOX_LOGIN
+
+comment "Shadow package is selected!"
+ depends on SHADOW
+
endif
diff --git a/rules/util-linux-ng.make b/rules/util-linux-ng.make
index cda06a4a6..cc09e13d3 100644
--- a/rules/util-linux-ng.make
+++ b/rules/util-linux-ng.make
@@ -115,7 +115,7 @@ UTIL_LINUX_NG_CONF_OPT := \
--disable-chfn-chsh-password \
--disable-chfn-chsh \
--disable-chsh-only-listed \
- --disable-login \
+ --$(call ptx/endis, PTXCONF_UTIL_LINUX_NG_LOGIN)-login \
--disable-login-chown-vcs \
--disable-login-stat-mail \
--disable-nologin \
@@ -312,6 +312,9 @@ endif
ifdef PTXCONF_UTIL_LINUX_NG_LSCPU
@$(call install_copy, util-linux-ng, 0, 0, 0755, -, /usr/bin/lscpu)
endif
+ifdef PTXCONF_UTIL_LINUX_NG_LOGIN
+ @$(call install_copy, util-linux-ng, 0, 0, 0755, -, /usr/bin/login)
+endif
@$(call install_finish, util-linux-ng)
--
2.25.0
_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [ptxdist] [PATCH v2 1/4] pam: new package
2020-01-27 8:52 ` [ptxdist] [PATCH v2 1/4] pam: new package Ladislav Michl
@ 2020-01-27 9:57 ` Roland Hieber
2020-01-27 15:57 ` Ladislav Michl
0 siblings, 1 reply; 10+ messages in thread
From: Roland Hieber @ 2020-01-27 9:57 UTC (permalink / raw)
To: Ladislav Michl; +Cc: ptxdist
On Mon, Jan 27, 2020 at 09:52:30AM +0100, Ladislav Michl wrote:
> Signed-off-by: Ladislav Michl <ladis@linux-mips.org>
> ---
> Note: Package states, that alternatively GPL can be used as a license.
> There is no GPL version specification and also some files claims LGPL
> can be used. Also without specifying version. Debian package references
> /usr/share/common-licenses/GPL which is symlink to actual GPL version
> (GPL-3). Based on package age, we could probably read license as
> GPL-2.0-or-later.
Yeah, I think we can use GPL-2.0-or-later here, given that there are
some PAM modules that specifically mention this version (e.g.
modules/pam_loginuid/). Please also include AND LGPL-2.0-or-later
because of modules/pam_mkhomedir/ and modules/pam_issue/.
Otherwise looks fine to me. Thanks!
- Roland
>
> Changes:
> - v2: Add license info, install_alternative config files individually
>
> rules/pam.in | 10 ++++++
> rules/pam.make | 82 ++++++++++++++++++++++++++++++++++++++++++++++++++
> 2 files changed, 92 insertions(+)
> create mode 100644 rules/pam.in
> create mode 100644 rules/pam.make
>
> diff --git a/rules/pam.in b/rules/pam.in
> new file mode 100644
> index 000000000..75d5ef42c
> --- /dev/null
> +++ b/rules/pam.in
> @@ -0,0 +1,10 @@
> +## SECTION=security
> +
> +config PAM
> + tristate
> + prompt "PAM"
> + select LIBC_CRYPT
> + help
> + Linux-PAM (Pluggable Authentication Modules for Linux) is a suite
> + of shared libraries that enable the local system administrator to
> + choose how applications authenticate users.
> diff --git a/rules/pam.make b/rules/pam.make
> new file mode 100644
> index 000000000..2ae37c40e
> --- /dev/null
> +++ b/rules/pam.make
> @@ -0,0 +1,82 @@
> +# -*-makefile-*-
> +#
> +# Copyright (C) 2020 by Ladislav Michl <ladis@linux-mips.org>
> +#
> +# For further information about the PTXdist project and license conditions
> +# see the README file.
> +#
> +
> +#
> +# We provide this package
> +#
> +PACKAGES-$(PTXCONF_PAM) += pam
> +
> +#
> +# Paths and names
> +#
> +PAM_VERSION := 1.3.1
> +PAM_MD5 := 558ff53b0fc0563ca97f79e911822165
> +PAM := Linux-PAM-$(PAM_VERSION)
> +PAM_SUFFIX := tar.xz
> +PAM_URL := https://github.com/linux-pam/linux-pam/releases/download/v$(PAM_VERSION)/$(PAM).$(PAM_SUFFIX)
> +PAM_SOURCE := $(SRCDIR)/$(PAM).$(PAM_SUFFIX)
> +PAM_DIR := $(BUILDDIR)/$(PAM)
> +PAM_LICENSE := BSD-3-Clause OR GPL-2.0-or-later
> +PAM_LICENSE_FILES := \
> + file://Copyright;md5=7eb5c1bf854e8881005d673599ee74d3 \
> + file://COPYING;md5=7eb5c1bf854e8881005d673599ee74d3
> +
> +# ----------------------------------------------------------------------------
> +# Prepare
> +# ----------------------------------------------------------------------------
> +
> +#
> +# autoconf
> +#
> +PAM_CONF_TOOL := autoconf
> +PAM_CONF_OPT := \
> + $(CROSS_AUTOCONF_USR) \
> + $(GLOBAL_LARGE_FILE_OPTION) \
> + --disable-lckpwdf \
> + --disable-cracklib \
> + --disable-audit \
> + --disable-db \
> + --disable-nis \
> + --disable-selinux \
> + --disable-regenerate-docu \
> + --disable-nls \
> + --disable-rpath
> +
> +# ----------------------------------------------------------------------------
> +# Target-Install
> +# ----------------------------------------------------------------------------
> +
> +$(STATEDIR)/pam.targetinstall:
> + @$(call targetinfo)
> +
> + @$(call install_init, pam)
> + @$(call install_fixup, pam,PRIORITY,optional)
> + @$(call install_fixup, pam,SECTION,base)
> + @$(call install_fixup, pam,AUTHOR,"Ladislav Michl <ladis@linux-mips.org>")
> + @$(call install_fixup, pam,DESCRIPTION,"Pluggable Authentication Modules for Linux")
> +
> + @$(call install_lib, pam, 0, 0, 0644, libpamc)
> + @$(call install_lib, pam, 0, 0, 0644, libpam_misc)
> + @$(call install_lib, pam, 0, 0, 0644, libpam)
> +
> + @$(call install_tree, pam, 0, 0, -, /usr/lib/security)
> +
> + @$(call install_alternative, pam, 0, 0, 0644, /etc/environment)
> + @$(call install_alternative, pam, 0, 0, 0644, /etc/security/access.conf)
> + @$(call install_alternative, pam, 0, 0, 0644, /etc/security/group.conf)
> + @$(call install_alternative, pam, 0, 0, 0644, /etc/security/limits.conf)
> + @$(call install_alternative, pam, 0, 0, 0644, /etc/security/namespace.conf)
> + @$(call install_alternative, pam, 0, 0, 0755, /etc/security/namespace.init)
> + @$(call install_alternative, pam, 0, 0, 0644, /etc/security/pam_env.conf)
> + @$(call install_alternative, pam, 0, 0, 0644, /etc/security/time.conf)
> +
> + @$(call install_finish, pam)
> +
> + @$(call touch)
> +
> +# vim: syntax=make
> --
> 2.25.0
>
>
> _______________________________________________
> ptxdist mailing list
> ptxdist@pengutronix.de
>
--
Roland Hieber, Pengutronix e.K. | r.hieber@pengutronix.de |
Steuerwalder Str. 21 | https://www.pengutronix.de/ |
31137 Hildesheim, Germany | Phone: +49-5121-206917-0 |
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [ptxdist] [PATCH v2 1/4] pam: new package
2020-01-27 9:57 ` Roland Hieber
@ 2020-01-27 15:57 ` Ladislav Michl
2020-01-28 10:57 ` Roland Hieber
0 siblings, 1 reply; 10+ messages in thread
From: Ladislav Michl @ 2020-01-27 15:57 UTC (permalink / raw)
To: Roland Hieber; +Cc: ptxdist
On Mon, Jan 27, 2020 at 10:57:48AM +0100, Roland Hieber wrote:
> On Mon, Jan 27, 2020 at 09:52:30AM +0100, Ladislav Michl wrote:
> > Signed-off-by: Ladislav Michl <ladis@linux-mips.org>
> > ---
> > Note: Package states, that alternatively GPL can be used as a license.
> > There is no GPL version specification and also some files claims LGPL
> > can be used. Also without specifying version. Debian package references
> > /usr/share/common-licenses/GPL which is symlink to actual GPL version
> > (GPL-3). Based on package age, we could probably read license as
> > GPL-2.0-or-later.
>
> Yeah, I think we can use GPL-2.0-or-later here, given that there are
> some PAM modules that specifically mention this version (e.g.
> modules/pam_loginuid/). Please also include AND LGPL-2.0-or-later
> because of modules/pam_mkhomedir/ and modules/pam_issue/.
Hmm, do we expect C operator precedence or better write it like this:
PAM_LICENSE := BSD-3-Clause OR (GPL-2.0-or-later AND LGPL-2.0-or-later)
I wouldn't use extra parentheses...
> Otherwise looks fine to me. Thanks!
>
> - Roland
ladis
_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [ptxdist] [PATCH v2 1/4] pam: new package
2020-01-27 15:57 ` Ladislav Michl
@ 2020-01-28 10:57 ` Roland Hieber
2020-01-28 19:48 ` [ptxdist] [PATCH v3] " Ladislav Michl
0 siblings, 1 reply; 10+ messages in thread
From: Roland Hieber @ 2020-01-28 10:57 UTC (permalink / raw)
To: Ladislav Michl; +Cc: ptxdist
On Mon, Jan 27, 2020 at 04:57:12PM +0100, Ladislav Michl wrote:
> On Mon, Jan 27, 2020 at 10:57:48AM +0100, Roland Hieber wrote:
> > On Mon, Jan 27, 2020 at 09:52:30AM +0100, Ladislav Michl wrote:
> > > Signed-off-by: Ladislav Michl <ladis@linux-mips.org>
> > > ---
> > > Note: Package states, that alternatively GPL can be used as a license.
> > > There is no GPL version specification and also some files claims LGPL
> > > can be used. Also without specifying version. Debian package references
> > > /usr/share/common-licenses/GPL which is symlink to actual GPL version
> > > (GPL-3). Based on package age, we could probably read license as
> > > GPL-2.0-or-later.
> >
> > Yeah, I think we can use GPL-2.0-or-later here, given that there are
> > some PAM modules that specifically mention this version (e.g.
> > modules/pam_loginuid/). Please also include AND LGPL-2.0-or-later
> > because of modules/pam_mkhomedir/ and modules/pam_issue/.
>
> Hmm, do we expect C operator precedence or better write it like this:
> PAM_LICENSE := BSD-3-Clause OR (GPL-2.0-or-later AND LGPL-2.0-or-later)
>
> I wouldn't use extra parentheses...
I think SPDX syntax requires parentheses in any case, but I'm not sure.
Too many parentheses are not wrong however, and better readable.
- Roland
--
Roland Hieber, Pengutronix e.K. | r.hieber@pengutronix.de |
Steuerwalder Str. 21 | https://www.pengutronix.de/ |
31137 Hildesheim, Germany | Phone: +49-5121-206917-0 |
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
^ permalink raw reply [flat|nested] 10+ messages in thread
* [ptxdist] [PATCH v3] pam: new package
2020-01-28 10:57 ` Roland Hieber
@ 2020-01-28 19:48 ` Ladislav Michl
2020-01-29 9:44 ` Roland Hieber
0 siblings, 1 reply; 10+ messages in thread
From: Ladislav Michl @ 2020-01-28 19:48 UTC (permalink / raw)
To: Roland Hieber; +Cc: ptxdist
Signed-off-by: Ladislav Michl <ladis@linux-mips.org>
---
Changes:
- v2: Add license info, install_alternative config files individually
- v3: Specify GPL-2.0-or-later AND LGPL-2.0-or-later
rules/pam.in | 10 ++++++
rules/pam.make | 82 ++++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 92 insertions(+)
create mode 100644 rules/pam.in
create mode 100644 rules/pam.make
diff --git a/rules/pam.in b/rules/pam.in
new file mode 100644
index 000000000..75d5ef42c
--- /dev/null
+++ b/rules/pam.in
@@ -0,0 +1,10 @@
+## SECTION=security
+
+config PAM
+ tristate
+ prompt "PAM"
+ select LIBC_CRYPT
+ help
+ Linux-PAM (Pluggable Authentication Modules for Linux) is a suite
+ of shared libraries that enable the local system administrator to
+ choose how applications authenticate users.
diff --git a/rules/pam.make b/rules/pam.make
new file mode 100644
index 000000000..b665ce147
--- /dev/null
+++ b/rules/pam.make
@@ -0,0 +1,82 @@
+# -*-makefile-*-
+#
+# Copyright (C) 2020 by Ladislav Michl <ladis@linux-mips.org>
+#
+# For further information about the PTXdist project and license conditions
+# see the README file.
+#
+
+#
+# We provide this package
+#
+PACKAGES-$(PTXCONF_PAM) += pam
+
+#
+# Paths and names
+#
+PAM_VERSION := 1.3.1
+PAM_MD5 := 558ff53b0fc0563ca97f79e911822165
+PAM := Linux-PAM-$(PAM_VERSION)
+PAM_SUFFIX := tar.xz
+PAM_URL := https://github.com/linux-pam/linux-pam/releases/download/v$(PAM_VERSION)/$(PAM).$(PAM_SUFFIX)
+PAM_SOURCE := $(SRCDIR)/$(PAM).$(PAM_SUFFIX)
+PAM_DIR := $(BUILDDIR)/$(PAM)
+PAM_LICENSE := BSD-3-Clause OR (GPL-2.0-or-later AND LGPL-2.0-or-later)
+PAM_LICENSE_FILES := \
+ file://Copyright;md5=7eb5c1bf854e8881005d673599ee74d3 \
+ file://COPYING;md5=7eb5c1bf854e8881005d673599ee74d3
+
+# ----------------------------------------------------------------------------
+# Prepare
+# ----------------------------------------------------------------------------
+
+#
+# autoconf
+#
+PAM_CONF_TOOL := autoconf
+PAM_CONF_OPT := \
+ $(CROSS_AUTOCONF_USR) \
+ $(GLOBAL_LARGE_FILE_OPTION) \
+ --disable-lckpwdf \
+ --disable-cracklib \
+ --disable-audit \
+ --disable-db \
+ --disable-nis \
+ --disable-selinux \
+ --disable-regenerate-docu \
+ --disable-nls \
+ --disable-rpath
+
+# ----------------------------------------------------------------------------
+# Target-Install
+# ----------------------------------------------------------------------------
+
+$(STATEDIR)/pam.targetinstall:
+ @$(call targetinfo)
+
+ @$(call install_init, pam)
+ @$(call install_fixup, pam,PRIORITY,optional)
+ @$(call install_fixup, pam,SECTION,base)
+ @$(call install_fixup, pam,AUTHOR,"Ladislav Michl <ladis@linux-mips.org>")
+ @$(call install_fixup, pam,DESCRIPTION,"Pluggable Authentication Modules for Linux")
+
+ @$(call install_lib, pam, 0, 0, 0644, libpamc)
+ @$(call install_lib, pam, 0, 0, 0644, libpam_misc)
+ @$(call install_lib, pam, 0, 0, 0644, libpam)
+
+ @$(call install_tree, pam, 0, 0, -, /usr/lib/security)
+
+ @$(call install_alternative, pam, 0, 0, 0644, /etc/environment)
+ @$(call install_alternative, pam, 0, 0, 0644, /etc/security/access.conf)
+ @$(call install_alternative, pam, 0, 0, 0644, /etc/security/group.conf)
+ @$(call install_alternative, pam, 0, 0, 0644, /etc/security/limits.conf)
+ @$(call install_alternative, pam, 0, 0, 0644, /etc/security/namespace.conf)
+ @$(call install_alternative, pam, 0, 0, 0755, /etc/security/namespace.init)
+ @$(call install_alternative, pam, 0, 0, 0644, /etc/security/pam_env.conf)
+ @$(call install_alternative, pam, 0, 0, 0644, /etc/security/time.conf)
+
+ @$(call install_finish, pam)
+
+ @$(call touch)
+
+# vim: syntax=make
--
2.25.0
_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [ptxdist] [PATCH v3] pam: new package
2020-01-28 19:48 ` [ptxdist] [PATCH v3] " Ladislav Michl
@ 2020-01-29 9:44 ` Roland Hieber
0 siblings, 0 replies; 10+ messages in thread
From: Roland Hieber @ 2020-01-29 9:44 UTC (permalink / raw)
To: Ladislav Michl; +Cc: ptxdist
On Tue, Jan 28, 2020 at 08:48:39PM +0100, Ladislav Michl wrote:
> Signed-off-by: Ladislav Michl <ladis@linux-mips.org>
> ---
> Changes:
> - v2: Add license info, install_alternative config files individually
> - v3: Specify GPL-2.0-or-later AND LGPL-2.0-or-later
Reviewed-by: Roland Hieber <rhi@pengutronix.de>
>
> rules/pam.in | 10 ++++++
> rules/pam.make | 82 ++++++++++++++++++++++++++++++++++++++++++++++++++
> 2 files changed, 92 insertions(+)
> create mode 100644 rules/pam.in
> create mode 100644 rules/pam.make
>
> diff --git a/rules/pam.in b/rules/pam.in
> new file mode 100644
> index 000000000..75d5ef42c
> --- /dev/null
> +++ b/rules/pam.in
> @@ -0,0 +1,10 @@
> +## SECTION=security
> +
> +config PAM
> + tristate
> + prompt "PAM"
> + select LIBC_CRYPT
> + help
> + Linux-PAM (Pluggable Authentication Modules for Linux) is a suite
> + of shared libraries that enable the local system administrator to
> + choose how applications authenticate users.
> diff --git a/rules/pam.make b/rules/pam.make
> new file mode 100644
> index 000000000..b665ce147
> --- /dev/null
> +++ b/rules/pam.make
> @@ -0,0 +1,82 @@
> +# -*-makefile-*-
> +#
> +# Copyright (C) 2020 by Ladislav Michl <ladis@linux-mips.org>
> +#
> +# For further information about the PTXdist project and license conditions
> +# see the README file.
> +#
> +
> +#
> +# We provide this package
> +#
> +PACKAGES-$(PTXCONF_PAM) += pam
> +
> +#
> +# Paths and names
> +#
> +PAM_VERSION := 1.3.1
> +PAM_MD5 := 558ff53b0fc0563ca97f79e911822165
> +PAM := Linux-PAM-$(PAM_VERSION)
> +PAM_SUFFIX := tar.xz
> +PAM_URL := https://github.com/linux-pam/linux-pam/releases/download/v$(PAM_VERSION)/$(PAM).$(PAM_SUFFIX)
> +PAM_SOURCE := $(SRCDIR)/$(PAM).$(PAM_SUFFIX)
> +PAM_DIR := $(BUILDDIR)/$(PAM)
> +PAM_LICENSE := BSD-3-Clause OR (GPL-2.0-or-later AND LGPL-2.0-or-later)
> +PAM_LICENSE_FILES := \
> + file://Copyright;md5=7eb5c1bf854e8881005d673599ee74d3 \
> + file://COPYING;md5=7eb5c1bf854e8881005d673599ee74d3
> +
> +# ----------------------------------------------------------------------------
> +# Prepare
> +# ----------------------------------------------------------------------------
> +
> +#
> +# autoconf
> +#
> +PAM_CONF_TOOL := autoconf
> +PAM_CONF_OPT := \
> + $(CROSS_AUTOCONF_USR) \
> + $(GLOBAL_LARGE_FILE_OPTION) \
> + --disable-lckpwdf \
> + --disable-cracklib \
> + --disable-audit \
> + --disable-db \
> + --disable-nis \
> + --disable-selinux \
> + --disable-regenerate-docu \
> + --disable-nls \
> + --disable-rpath
> +
> +# ----------------------------------------------------------------------------
> +# Target-Install
> +# ----------------------------------------------------------------------------
> +
> +$(STATEDIR)/pam.targetinstall:
> + @$(call targetinfo)
> +
> + @$(call install_init, pam)
> + @$(call install_fixup, pam,PRIORITY,optional)
> + @$(call install_fixup, pam,SECTION,base)
> + @$(call install_fixup, pam,AUTHOR,"Ladislav Michl <ladis@linux-mips.org>")
> + @$(call install_fixup, pam,DESCRIPTION,"Pluggable Authentication Modules for Linux")
> +
> + @$(call install_lib, pam, 0, 0, 0644, libpamc)
> + @$(call install_lib, pam, 0, 0, 0644, libpam_misc)
> + @$(call install_lib, pam, 0, 0, 0644, libpam)
> +
> + @$(call install_tree, pam, 0, 0, -, /usr/lib/security)
> +
> + @$(call install_alternative, pam, 0, 0, 0644, /etc/environment)
> + @$(call install_alternative, pam, 0, 0, 0644, /etc/security/access.conf)
> + @$(call install_alternative, pam, 0, 0, 0644, /etc/security/group.conf)
> + @$(call install_alternative, pam, 0, 0, 0644, /etc/security/limits.conf)
> + @$(call install_alternative, pam, 0, 0, 0644, /etc/security/namespace.conf)
> + @$(call install_alternative, pam, 0, 0, 0755, /etc/security/namespace.init)
> + @$(call install_alternative, pam, 0, 0, 0644, /etc/security/pam_env.conf)
> + @$(call install_alternative, pam, 0, 0, 0644, /etc/security/time.conf)
> +
> + @$(call install_finish, pam)
> +
> + @$(call touch)
> +
> +# vim: syntax=make
> --
> 2.25.0
>
>
--
Roland Hieber, Pengutronix e.K. | r.hieber@pengutronix.de |
Steuerwalder Str. 21 | https://www.pengutronix.de/ |
31137 Hildesheim, Germany | Phone: +49-5121-206917-0 |
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
^ permalink raw reply [flat|nested] 10+ messages in thread
end of thread, other threads:[~2020-01-29 9:44 UTC | newest]
Thread overview: 10+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-01-27 8:51 [ptxdist] [PATCH v2 0/4] PAM Ladislav Michl
2020-01-27 8:52 ` [ptxdist] [PATCH v2 1/4] pam: new package Ladislav Michl
2020-01-27 9:57 ` Roland Hieber
2020-01-27 15:57 ` Ladislav Michl
2020-01-28 10:57 ` Roland Hieber
2020-01-28 19:48 ` [ptxdist] [PATCH v3] " Ladislav Michl
2020-01-29 9:44 ` Roland Hieber
2020-01-27 8:53 ` [ptxdist] [PATCH v2 2/4] Introduce global PAM option Ladislav Michl
2020-01-27 8:53 ` [ptxdist] [PATCH v2 3/4] shadow: new package Ladislav Michl
2020-01-27 8:54 ` [ptxdist] [PATCH v2 4/4] util-linux: optionally build login program Ladislav Michl
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox