diff options
Diffstat (limited to 'sys-auth')
376 files changed, 14992 insertions, 0 deletions
diff --git a/sys-auth/bioapi/Manifest b/sys-auth/bioapi/Manifest new file mode 100644 index 000000000000..35e1927dc612 --- /dev/null +++ b/sys-auth/bioapi/Manifest @@ -0,0 +1,2 @@ +DIST bioapi_1.2.3.tar.gz 1634237 SHA256 c780c0d2e0c676be50de8ff537653580dd5b27fe1478846d22a017e52c6b6c2e SHA512 683da884a5cf6d72b577f7c1f642930c152c43c7acad3c678a3571acf3f66e0a7e112fccde06d9a7535a186bcb56a96acfb5e1c405b1d931be9f252be1b01649 WHIRLPOOL 9162097a90ce089ab9864034dae434fc55c593c33f8d618c6f1e62f3202a7e3294680df992b684df507705c26e7fb897e85a95552c12fc545ab6ba06df445970 +DIST bioapi_1.2.4.tar.gz 953136 SHA256 ec39d82deaacdd3dea676bdfcce69d34cbb745580735b59b44c542a6de35008d SHA512 99c67fea34b73291dcaeb1590fac88b3196d3ca65f788b92d0afd6ba85036b2d85397e3faa66b872a68bffaeb7c2bf5c731306bf02a25a435ef06cea18da746f WHIRLPOOL 08526484cb6240f45e48ca894602c4706319d4ac7297592740836e48ff4794a2f12fee165eb358732b0d31d1619d7f3743aa55d32ba6d79b405a553e0992b517 diff --git a/sys-auth/bioapi/bioapi-1.2.3-r2.ebuild b/sys-auth/bioapi/bioapi-1.2.3-r2.ebuild new file mode 100644 index 000000000000..ea07a7e42a38 --- /dev/null +++ b/sys-auth/bioapi/bioapi-1.2.3-r2.ebuild @@ -0,0 +1,79 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="2" + +inherit eutils multilib user + +DESCRIPTION="Framework for biometric-based authentication" +HOMEPAGE="http://code.google.com/p/bioapi-linux/" +SRC_URI="http://bioapi-linux.googlecode.com/files/${PN}_${PV}.tar.gz" + +LICENSE="bioapi" +SLOT="0" +KEYWORDS="amd64 x86" +IUSE="" + +S=${WORKDIR}/bioapi-linux + +src_prepare() { + epatch "${FILESDIR}"/${P}-enroll-ret.patch #236654 + epatch "${FILESDIR}"/${P}-no-delete.patch + epatch "${FILESDIR}"/${P}-gcc44.patch + epatch "${FILESDIR}"/${P}-build.patch #336107 + rm -f config.{guess,sub} #337805 + touch config.{guess,sub} +} + +src_configure() { + econf --without-Qt-dir +} + +src_install() { + emake SKIPCONFIG=true DESTDIR="${D}" install || die + dodoc README + dohtml *.htm + + # rename generic binaries + mv "${D}"/usr/bin/{,BioAPI}Sample || die +} + +pkg_config() { + mds_install -s /usr/$(get_libdir) + mod_install -fi /usr/$(get_libdir)/libbioapi100.so + mod_install -fi /usr/$(get_libdir)/libbioapi_dummy100.so + mod_install -fi /usr/$(get_libdir)/libpwbsp.so +} + +pkg_preinst() { + if [[ -e ${ROOT}/var/bioapi ]] && [[ ! -e ${ROOT}/var/lib/bioapi ]] ; then + einfo "Moving /var/bioapi to /var/lib/bioapi" + dodir /var/lib + mv "${ROOT}"/var/bioapi "${ROOT}"/var/lib/bioapi + fi +} + +pkg_postinst() { + einfo "Some generic-named programs have been renamed:" + einfo " Sample -> BioAPISample" + + if [[ ${ROOT} == "/" ]] ; then + pkg_config + else + ewarn "You will need to run 'emerge --config bioapi' before" + ewarn " you can use bioapi properly." + fi + + # XXX: this can't be correct ... + enewgroup bioapi + chgrp bioapi "${ROOT}"/var/lib/bioapi -R + chmod g+w,o= "${ROOT}"/var/lib/bioapi -R + einfo "Note: users using bioapi must be in group bioapi." +} + +pkg_prerm() { + mod_install -fu libbioapi100.so + mod_install -fu libbioapi_dummy100.so + mod_install -fu libpwbsp.so +} diff --git a/sys-auth/bioapi/bioapi-1.2.4.ebuild b/sys-auth/bioapi/bioapi-1.2.4.ebuild new file mode 100644 index 000000000000..4f2087063cc1 --- /dev/null +++ b/sys-auth/bioapi/bioapi-1.2.4.ebuild @@ -0,0 +1,77 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="4" + +inherit eutils multilib user + +DESCRIPTION="Framework for biometric-based authentication" +HOMEPAGE="http://code.google.com/p/bioapi-linux/" +SRC_URI="http://bioapi-linux.googlecode.com/files/${PN}_${PV}.tar.gz" + +LICENSE="bioapi" +SLOT="0" +KEYWORDS="amd64 x86" +IUSE="static-libs" + +S=${WORKDIR}/bioapi-linux + +src_prepare() { + epatch "${FILESDIR}"/${PN}-1.2.3-no-delete.patch + epatch "${FILESDIR}"/${PN}-1.2.4-build.patch #336107 +} + +src_configure() { + econf \ + $(use_enable static-libs static) \ + --without-Qt-dir +} + +src_install() { + SKIPCONFIG=true default + use static-libs || find "${ED}" -name '*.la' -delete + dohtml *.htm + + # rename generic binaries + mv "${D}"/usr/bin/{,BioAPI}Sample || die +} + +pkg_config() { + mds_install -s /usr/$(get_libdir) + mod_install -fi /usr/$(get_libdir)/libbioapi100.so + mod_install -fi /usr/$(get_libdir)/libbioapi_dummy100.so + mod_install -fi /usr/$(get_libdir)/libpwbsp.so +} + +pkg_preinst() { + if [[ -e ${EROOT}/var/bioapi ]] && [[ ! -e ${EROOT}/var/lib/bioapi ]] ; then + einfo "Moving /var/bioapi to /var/lib/bioapi" + dodir /var/lib + mv "${ROOT}"/var/bioapi "${ROOT}"/var/lib/bioapi + fi +} + +pkg_postinst() { + einfo "Some generic-named programs have been renamed:" + einfo " Sample -> BioAPISample" + + if [[ ${EROOT} == "/" ]] ; then + pkg_config + else + ewarn "You will need to run 'emerge --config bioapi' before" + ewarn " you can use bioapi properly." + fi + + # XXX: this can't be correct ... + enewgroup bioapi + chgrp bioapi "${EROOT}"/var/lib/bioapi -R + chmod g+w,o= "${EROOT}"/var/lib/bioapi -R + einfo "Note: users using bioapi must be in group bioapi." +} + +pkg_prerm() { + mod_install -fu libbioapi100.so + mod_install -fu libbioapi_dummy100.so + mod_install -fu libpwbsp.so +} diff --git a/sys-auth/bioapi/files/bioapi-1.2.3-build.patch b/sys-auth/bioapi/files/bioapi-1.2.3-build.patch new file mode 100644 index 000000000000..9d679fe8c892 --- /dev/null +++ b/sys-auth/bioapi/files/bioapi-1.2.3-build.patch @@ -0,0 +1,42 @@ +http://code.google.com/p/bioapi-linux/issues/detail?id=4 + +--- a/addins/pwbsp/Makefile.in ++++ b/addins/pwbsp/Makefile.in +@@ -87,7 +87,7 @@ CC = @CC@ + CCDEPMODE = @CCDEPMODE@ + CFLAGS = @CFLAGS@ + CPP = @CPP@ +-CPPFLAGS = -I${top_srcdir}/include/ \ ++AM_CPPFLAGS = -I${top_srcdir}/include/ \ + -I${top_srcdir}/imports/cdsa/v2_0/inc/ + + CXX = @CXX@ +@@ -111,7 +111,7 @@ INSTALL_DATA = @INSTALL_DATA@ + INSTALL_PROGRAM = @INSTALL_PROGRAM@ + INSTALL_SCRIPT = @INSTALL_SCRIPT@ + INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +-LDFLAGS = -Wl,--version-script=${srcdir}/libpwbsp.ver ++AM_LDFLAGS = -Wl,--version-script=${srcdir}/libpwbsp.ver + LEX = @LEX@ + LEXLIB = @LEXLIB@ + LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ +--- a/addins/qtpwbsp/Makefile.in ++++ b/addins/qtpwbsp/Makefile.in +@@ -96,7 +96,7 @@ CC = @CC@ + CCDEPMODE = @CCDEPMODE@ + CFLAGS = @CFLAGS@ + CPP = @CPP@ +-CPPFLAGS = -I${top_srcdir}/include \ ++AM_CPPFLAGS = -I${top_srcdir}/include \ + -I${top_srcdir}/imports/cdsa/v2_0/inc \ + ${QT_CXXFLAGS} + +@@ -121,7 +121,7 @@ INSTALL_DATA = @INSTALL_DATA@ + INSTALL_PROGRAM = @INSTALL_PROGRAM@ + INSTALL_SCRIPT = @INSTALL_SCRIPT@ + INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +-LDFLAGS = -Wl,--version-script=${srcdir}/libqtpwbsp.ver \ ++AM_LDFLAGS = -Wl,--version-script=${srcdir}/libqtpwbsp.ver \ + ${QT_LIBS} + + LEX = @LEX@ diff --git a/sys-auth/bioapi/files/bioapi-1.2.3-enroll-ret.patch b/sys-auth/bioapi/files/bioapi-1.2.3-enroll-ret.patch new file mode 100644 index 000000000000..e077c135d63f --- /dev/null +++ b/sys-auth/bioapi/files/bioapi-1.2.3-enroll-ret.patch @@ -0,0 +1,16 @@ +http://bugs.gentoo.org/236654 + +make sure we return 0 when things work + +patch by kouyu + +--- bioapi-linux/apps/NonGUI_Sample/main.c ++++ bioapi-linux/apps/NonGUI_Sample/main.c +@@ -234,6 +234,7 @@ + } + + OutputToFile(userName, EnrolledTemplate); ++ return 0; + } + } + diff --git a/sys-auth/bioapi/files/bioapi-1.2.3-gcc44.patch b/sys-auth/bioapi/files/bioapi-1.2.3-gcc44.patch new file mode 100644 index 000000000000..1f81298066dc --- /dev/null +++ b/sys-auth/bioapi/files/bioapi-1.2.3-gcc44.patch @@ -0,0 +1,12 @@ +diff -ur bioapi-linux.orig/framework/mds_util_api/mds_app_util.c bioapi-linux/framework/mds_util_api/mds_app_util.c +--- bioapi-linux.orig/framework/mds_util_api/mds_app_util.c 2007-07-14 08:06:14.000000000 +0300 ++++ bioapi-linux/framework/mds_util_api/mds_app_util.c 2009-07-25 23:26:55.000000000 +0300 +@@ -28,7 +28,7 @@ + /* Linux-Port: added "const" keyword for Linux version */
+ #if defined (UNIX)
+ const BioAPI_UUID MDSUTIL_Uuid = ref_h_layer_uuid_init;
+-#elif
++#else
+ BioAPI_UUID MDSUTIL_Uuid = ref_h_layer_uuid_init;
+ #endif
+
diff --git a/sys-auth/bioapi/files/bioapi-1.2.3-no-delete.patch b/sys-auth/bioapi/files/bioapi-1.2.3-no-delete.patch new file mode 100644 index 000000000000..b5664d11ec3a --- /dev/null +++ b/sys-auth/bioapi/files/bioapi-1.2.3-no-delete.patch @@ -0,0 +1,15 @@ +do not delete the installed symlink -- let the package manager handle that + +--- bioapi-linux/apps/mod_install/install.c ++++ bioapi-linux/apps/mod_install/install.c +@@ -496,10 +496,6 @@ + } + else if ( Action == INSTALL_ACTION_UNINSTALL ) + { +-/* Linux-Port: Added the Linux branch */ +-#if defined (LINUX) || defined (SOLARIS) +- DeleteFile(szDstPath); +-#endif + printf( "Module uninstalled successfully.\n" ); + } + else if ( Action == INSTALL_ACTION_REFRESH ) diff --git a/sys-auth/bioapi/files/bioapi-1.2.4-build.patch b/sys-auth/bioapi/files/bioapi-1.2.4-build.patch new file mode 100644 index 000000000000..d7a70afd4d0d --- /dev/null +++ b/sys-auth/bioapi/files/bioapi-1.2.4-build.patch @@ -0,0 +1,42 @@ +http://code.google.com/p/bioapi-linux/issues/detail?id=4 + +--- a/addins/pwbsp/Makefile.in ++++ b/addins/pwbsp/Makefile.in +@@ -87,7 +87,7 @@ CC = @CC@ + CCDEPMODE = @CCDEPMODE@ + CFLAGS = @CFLAGS@ + CPP = @CPP@ +-CPPFLAGS = -I${top_srcdir}/include/ \ ++AM_CPPFLAGS = -I${top_srcdir}/include/ \ + -I${top_srcdir}/imports/cdsa/v2_0/inc/ + + CXX = @CXX@ +@@ -111,7 +111,7 @@ INSTALL_DATA = @INSTALL_DATA@ + INSTALL_SCRIPT = @INSTALL_SCRIPT@ + INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ + LD = @LD@ +-LDFLAGS = -Wl,--version-script=${srcdir}/libpwbsp.ver ++AM_LDFLAGS = -Wl,--version-script=${srcdir}/libpwbsp.ver + LEX = @LEX@ + LEXLIB = @LEXLIB@ + LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ +--- a/addins/qtpwbsp/Makefile.in ++++ b/addins/qtpwbsp/Makefile.in +@@ -96,7 +96,7 @@ CC = @CC@ + CCDEPMODE = @CCDEPMODE@ + CFLAGS = @CFLAGS@ + CPP = @CPP@ +-CPPFLAGS = -I${top_srcdir}/include \ ++AM_CPPFLAGS = -I${top_srcdir}/include \ + -I${top_srcdir}/imports/cdsa/v2_0/inc \ + ${QT_CXXFLAGS} + +@@ -121,7 +121,7 @@ INSTALL_DATA = @INSTALL_DATA@ + INSTALL_SCRIPT = @INSTALL_SCRIPT@ + INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ + LD = @LD@ +-LDFLAGS = -Wl,--version-script=${srcdir}/libqtpwbsp.ver \ ++AM_LDFLAGS = -Wl,--version-script=${srcdir}/libqtpwbsp.ver \ + ${QT_LIBS} + + LEX = @LEX@ diff --git a/sys-auth/bioapi/metadata.xml b/sys-auth/bioapi/metadata.xml new file mode 100644 index 000000000000..9a34902f8fa6 --- /dev/null +++ b/sys-auth/bioapi/metadata.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer> + <email>vapier@gentoo.org</email> + <name>Mike Frysinger</name> + </maintainer> + <upstream> + <remote-id type="google-code">bioapi-linux</remote-id> + </upstream> +</pkgmetadata> diff --git a/sys-auth/consolekit/Manifest b/sys-auth/consolekit/Manifest new file mode 100644 index 000000000000..d05c470a18d8 --- /dev/null +++ b/sys-auth/consolekit/Manifest @@ -0,0 +1,4 @@ +DIST ConsoleKit-0.4.6.tar.xz 366572 SHA256 b41d17e06f80059589fbeefe96ad07bcc564c49e65516da1caf975146475565c SHA512 54955e3e83778a9216846104da8762fd50a37190e209127dd5d211e2227da617e14f6f5c1359905396d299656e526d14e1187b28eaff7d0ae1d7563dc8d9b46d WHIRLPOOL ebf36b109b4c646d0b874f6b8e2ae9e2d190022ee9b6feff6cbb6b9203c80401c538cc3ca674fa7bde4f07e658d5460864e9784c1e0249d49b4784725a4e05c7 +DIST ConsoleKit2-0.9.4.tar.bz2 1184927 SHA256 b3e9554472f1a431576c317536d93ba1ef292916ea8447667deee0b555980e2e SHA512 8bbd04e5d084a4b7d3a9324b21909728d3d358c4fcb7a741f02baa354f8ce5afe2ec1a0613aa140adc754322ad00f2cd57eac8fedc500236a167c356c5a3ae04 WHIRLPOOL f02ebfb8b33c36650d6a57d09200d2d13c48e1b521de6a088399fe2a8af623434f539fa5bd343c720bf0174ab90a8d9d8a2c1a33b8aded0c76367e31b4a1accf +DIST ConsoleKit2-0.9.5.tar.bz2 1250075 SHA256 2a857a304b6792a59f1cd43be51bfb570b06e3659dc71acc59dc1c2ac99fdb42 SHA512 afde7f668088d0b3a78a28ec6d01e00f705b628824e94ae8082dcd6cded24b69ddaf7ccf8c12a2f87bfa60836769d1947209d63bbbbcb17ac668c0c27bf70df5 WHIRLPOOL 80ccc3ff807dae1d3110c1923d1720d4c9ff66e9d8f233af8d6e56c2388088fda9c51279e48e7e81861c8ce9fb7246cfd0bed7c916bd1b86fda4b473c7607f80 +DIST consolekit_0.4.6-4.debian.tar.gz 12192 SHA256 6d4dd5e13a76454b4bab27ab6b407718cd77616afd2b1af7cb8d947c1323b802 SHA512 f7fc5965b1f495d16a8ca167940431bc2569e9bde9e4a356b9c9ed00c2825db61da7b6db3d434d977fff72b3aaef30c455a365b9eba282a887a523753613b58f WHIRLPOOL 961a918c21259e24c68c7a5bf93964825b891ea207c088fecab61f81434012dc8925fca83b74518cfc9cf42f2c4a87eba7518c0829f663716ca0e11e38c856c9 diff --git a/sys-auth/consolekit/consolekit-0.4.6.ebuild b/sys-auth/consolekit/consolekit-0.4.6.ebuild new file mode 100644 index 000000000000..211bf9b9b46c --- /dev/null +++ b/sys-auth/consolekit/consolekit-0.4.6.ebuild @@ -0,0 +1,125 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 +inherit autotools eutils linux-info pam systemd + +MY_PN=ConsoleKit +MY_P=${MY_PN}-${PV} + +DESCRIPTION="Framework for defining and tracking users, login sessions and seats" +HOMEPAGE="http://www.freedesktop.org/wiki/Software/ConsoleKit" +SRC_URI="http://www.freedesktop.org/software/${MY_PN}/dist/${MY_P}.tar.xz + mirror://debian/pool/main/${PN:0:1}/${PN}/${PN}_${PV}-4.debian.tar.gz" # for logrotate file + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="alpha amd64 arm ~arm64 hppa ia64 ~mips ppc ppc64 ~s390 ~sh sparc x86 ~amd64-fbsd ~x86-fbsd ~x86-freebsd ~amd64-linux ~ia64-linux ~x86-linux" +IUSE="acl debug doc kernel_linux pam policykit selinux systemd-units test" + +COMMON_DEPEND=">=dev-libs/dbus-glib-0.100:= + >=dev-libs/glib-2.38.2-r1:2= + sys-libs/zlib:= + x11-libs/libX11:= + acl? ( + sys-apps/acl:= + >=virtual/udev-200 + ) + pam? ( virtual/pam ) + policykit? ( >=sys-auth/polkit-0.110 )" +RDEPEND="${COMMON_DEPEND} + kernel_linux? ( sys-apps/coreutils[acl?] ) + selinux? ( sec-policy/selinux-consolekit )" +DEPEND="${COMMON_DEPEND} + dev-libs/libxslt + virtual/pkgconfig + doc? ( app-text/xmlto ) + test? ( + app-text/docbook-xml-dtd:4.1.2 + app-text/xmlto + )" + +S=${WORKDIR}/${MY_P} + +QA_MULTILIB_PATHS="usr/lib/ConsoleKit/.*" + +pkg_setup() { + if use kernel_linux; then + # This is from http://bugs.gentoo.org/376939 + use acl && CONFIG_CHECK="~TMPFS_POSIX_ACL" + # This is required to get login-session-id string with pam_ck_connector.so + use pam && CONFIG_CHECK+=" ~AUDITSYSCALL" + linux-info_pkg_setup + fi +} + +src_prepare() { + epatch \ + "${FILESDIR}"/${PN}-cleanup_console_tags.patch \ + "${FILESDIR}"/${PN}-shutdown-reboot-without-policies.patch \ + "${FILESDIR}"/${PN}-udev-acl-install_to_usr.patch \ + "${FILESDIR}"/${PN}-0.4.5-polkit-automagic.patch + + if ! use systemd-units; then + sed -i -e '/SystemdService/d' data/org.freedesktop.ConsoleKit.service.in || die + fi + + eautoreconf +} + +src_configure() { + local myconf + if use systemd-units; then + myconf="$(systemd_with_unitdir)" + else + myconf="--with-systemdsystemunitdir=/tmp" + fi + + econf \ + XMLTO_FLAGS='--skip-validation' \ + --libexecdir="${EPREFIX}"/usr/lib/${MY_PN} \ + --localstatedir="${EPREFIX}"/var \ + $(use_enable pam pam-module) \ + $(use_enable doc docbook-docs) \ + $(use_enable test docbook-docs) \ + $(use_enable debug) \ + $(use_enable policykit polkit) \ + $(use_enable acl udev-acl) \ + --with-dbus-services="${EPREFIX}"/usr/share/dbus-1/services \ + --with-pam-module-dir="$(getpam_mod_dir)" \ + ${myconf} +} + +src_install() { + emake \ + DESTDIR="${D}" \ + htmldocdir="${EPREFIX}"/usr/share/doc/${PF}/html \ + install + + dosym /usr/lib/${MY_PN} /usr/lib/${PN} + + dodoc AUTHORS HACKING NEWS README TODO + + newinitd "${FILESDIR}"/${PN}-0.2.rc consolekit + + keepdir /usr/lib/ConsoleKit/run-seat.d + keepdir /usr/lib/ConsoleKit/run-session.d + keepdir /etc/ConsoleKit/run-session.d + keepdir /var/log/ConsoleKit + + exeinto /etc/X11/xinit/xinitrc.d + newexe "${FILESDIR}"/90-consolekit-3 90-consolekit + + exeinto /usr/lib/ConsoleKit/run-session.d + doexe "${FILESDIR}"/pam-foreground-compat.ck + + prune_libtool_files --all # --all for pam_ck_connector.la + + use systemd-units || rm -rf "${ED}"/tmp + + rm -rf "${ED}"/var/run # let the init script create the directory + + insinto /etc/logrotate.d + newins "${WORKDIR}"/debian/${PN}.logrotate ${PN} #374513 +} diff --git a/sys-auth/consolekit/consolekit-0.9.4.ebuild b/sys-auth/consolekit/consolekit-0.9.4.ebuild new file mode 100644 index 000000000000..81a80c8dec29 --- /dev/null +++ b/sys-auth/consolekit/consolekit-0.9.4.ebuild @@ -0,0 +1,104 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 +inherit eutils linux-info pam + +MY_PN=ConsoleKit2 +MY_P=${MY_PN}-${PV} + +DESCRIPTION="Framework for defining and tracking users, login sessions and seats" +HOMEPAGE="http://github.com/ConsoleKit2/ConsoleKit2 http://www.freedesktop.org/wiki/Software/ConsoleKit" +SRC_URI="http://github.com/${MY_PN}/${MY_PN}/releases/download/${PV}/${MY_P}.tar.bz2 + mirror://debian/pool/main/${PN:0:1}/${PN}/${PN}_0.4.6-4.debian.tar.gz" # for logrotate file" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~x86-fbsd ~x86-freebsd ~amd64-linux ~ia64-linux ~x86-linux" +IUSE="acl debug doc kernel_linux pam policykit selinux test" + +COMMON_DEPEND=">=dev-libs/glib-2.40:2= + sys-libs/zlib:= + x11-libs/libX11:= + acl? ( + sys-apps/acl:= + >=virtual/udev-200 + ) + pam? ( virtual/pam ) + policykit? ( >=sys-auth/polkit-0.110 )" +RDEPEND="${COMMON_DEPEND} + kernel_linux? ( sys-apps/coreutils[acl?] ) + selinux? ( sec-policy/selinux-consolekit ) + sys-power/pm-utils" +DEPEND="${COMMON_DEPEND} + dev-libs/libxslt + virtual/pkgconfig + doc? ( app-text/xmlto ) + test? ( + app-text/docbook-xml-dtd:4.1.2 + app-text/xmlto + )" + +S=${WORKDIR}/${MY_P} + +QA_MULTILIB_PATHS="usr/lib/ConsoleKit/.*" + +pkg_setup() { + if use kernel_linux; then + # This is from http://bugs.gentoo.org/376939 + use acl && CONFIG_CHECK="~TMPFS_POSIX_ACL" + # This is required to get login-session-id string with pam_ck_connector.so + use pam && CONFIG_CHECK+=" ~AUDITSYSCALL" + linux-info_pkg_setup + fi +} + +src_prepare() { + sed -i -e '/SystemdService/d' data/org.freedesktop.ConsoleKit.service.in || die +} + +src_configure() { + econf \ + XMLTO_FLAGS='--skip-validation' \ + --libexecdir="${EPREFIX}"/usr/lib/ConsoleKit \ + --localstatedir="${EPREFIX}"/var \ + $(use_enable pam pam-module) \ + $(use_enable doc docbook-docs) \ + $(use_enable test docbook-docs) \ + $(use_enable debug) \ + $(use_enable policykit polkit) \ + $(use_enable acl udev-acl) \ + --with-dbus-services="${EPREFIX}"/usr/share/dbus-1/services \ + --with-pam-module-dir="$(getpam_mod_dir)" \ + --with-xinitrc-dir=/etc/X11/xinit/xinitrc.d \ + --without-systemdsystemunitdir +} + +src_install() { + emake \ + DESTDIR="${D}" \ + htmldocdir="${EPREFIX}"/usr/share/doc/${PF}/html \ + install + + dosym /usr/lib/ConsoleKit /usr/lib/${PN} + + dodoc AUTHORS HACKING NEWS README TODO + + newinitd "${FILESDIR}"/${PN}-0.2.rc consolekit + + keepdir /usr/lib/ConsoleKit/run-seat.d + keepdir /usr/lib/ConsoleKit/run-session.d + keepdir /etc/ConsoleKit/run-session.d + keepdir /var/log/ConsoleKit + + exeinto /etc/X11/xinit/xinitrc.d + newexe "${FILESDIR}"/90-consolekit-3 90-consolekit + + prune_libtool_files --all # --all for pam_ck_connector.la + + rm -rf "${ED}"/var/run # let the init script create the directory + + insinto /etc/logrotate.d + newins "${WORKDIR}"/debian/${PN}.logrotate ${PN} #374513 +} diff --git a/sys-auth/consolekit/consolekit-0.9.5.ebuild b/sys-auth/consolekit/consolekit-0.9.5.ebuild new file mode 100644 index 000000000000..797cd354cd8c --- /dev/null +++ b/sys-auth/consolekit/consolekit-0.9.5.ebuild @@ -0,0 +1,105 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 +inherit eutils linux-info pam + +MY_PN=ConsoleKit2 +MY_P=${MY_PN}-${PV} + +DESCRIPTION="Framework for defining and tracking users, login sessions and seats" +HOMEPAGE="http://github.com/ConsoleKit2/ConsoleKit2 http://www.freedesktop.org/wiki/Software/ConsoleKit" +SRC_URI="http://github.com/${MY_PN}/${MY_PN}/releases/download/${PV}/${MY_P}.tar.bz2 + mirror://debian/pool/main/${PN:0:1}/${PN}/${PN}_0.4.6-4.debian.tar.gz" # for logrotate file" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~x86-fbsd ~x86-freebsd ~amd64-linux ~ia64-linux ~x86-linux" +IUSE="acl debug doc kernel_linux pam policykit selinux test" + +COMMON_DEPEND=">=dev-libs/glib-2.40:2= + sys-libs/zlib:= + x11-libs/libX11:= + acl? ( + sys-apps/acl:= + >=virtual/udev-200 + ) + pam? ( virtual/pam ) + policykit? ( >=sys-auth/polkit-0.110 )" +RDEPEND="${COMMON_DEPEND} + kernel_linux? ( sys-apps/coreutils[acl?] ) + selinux? ( sec-policy/selinux-consolekit ) + sys-power/pm-utils" +DEPEND="${COMMON_DEPEND} + dev-libs/libxslt + virtual/pkgconfig + doc? ( app-text/xmlto ) + test? ( + app-text/docbook-xml-dtd:4.1.2 + app-text/xmlto + )" + +S=${WORKDIR}/${MY_P} + +QA_MULTILIB_PATHS="usr/lib/ConsoleKit/.*" + +pkg_setup() { + if use kernel_linux; then + # This is from http://bugs.gentoo.org/376939 + use acl && CONFIG_CHECK="~TMPFS_POSIX_ACL" + # This is required to get login-session-id string with pam_ck_connector.so + use pam && CONFIG_CHECK+=" ~AUDITSYSCALL" + linux-info_pkg_setup + fi +} + +src_prepare() { + sed -i -e '/SystemdService/d' data/org.freedesktop.ConsoleKit.service.in || die +} + +src_configure() { + econf \ + XMLTO_FLAGS='--skip-validation' \ + --libexecdir="${EPREFIX}"/usr/lib/ConsoleKit \ + --localstatedir="${EPREFIX}"/var \ + $(use_enable pam pam-module) \ + $(use_enable doc docbook-docs) \ + $(use_enable test docbook-docs) \ + $(use_enable debug) \ + $(use_enable policykit polkit) \ + $(use_enable acl udev-acl) \ + $(use_enable test tests) \ + --with-dbus-services="${EPREFIX}"/usr/share/dbus-1/services \ + --with-pam-module-dir="$(getpam_mod_dir)" \ + --with-xinitrc-dir=/etc/X11/xinit/xinitrc.d \ + --without-systemdsystemunitdir +} + +src_install() { + emake \ + DESTDIR="${D}" \ + htmldocdir="${EPREFIX}"/usr/share/doc/${PF}/html \ + install + + dosym /usr/lib/ConsoleKit /usr/lib/${PN} + + dodoc AUTHORS HACKING NEWS README TODO + + newinitd "${FILESDIR}"/${PN}-0.2.rc consolekit + + keepdir /usr/lib/ConsoleKit/run-seat.d + keepdir /usr/lib/ConsoleKit/run-session.d + keepdir /etc/ConsoleKit/run-session.d + keepdir /var/log/ConsoleKit + + exeinto /etc/X11/xinit/xinitrc.d + newexe "${FILESDIR}"/90-consolekit-3 90-consolekit + + prune_libtool_files --all # --all for pam_ck_connector.la + + rm -rf "${ED}"/var/run || die # let the init script create the directory + + insinto /etc/logrotate.d + newins "${WORKDIR}"/debian/${PN}.logrotate ${PN} #374513 +} diff --git a/sys-auth/consolekit/consolekit-9999.ebuild b/sys-auth/consolekit/consolekit-9999.ebuild new file mode 100644 index 000000000000..8c92eae8eb05 --- /dev/null +++ b/sys-auth/consolekit/consolekit-9999.ebuild @@ -0,0 +1,111 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 +inherit autotools eutils git-r3 linux-info pam + +MY_PN=ConsoleKit2 +MY_P=${MY_PN}-${PV} + +DESCRIPTION="Framework for defining and tracking users, login sessions and seats" +HOMEPAGE="http://github.com/ConsoleKit2/ConsoleKit2 http://www.freedesktop.org/wiki/Software/ConsoleKit" +SRC_URI="mirror://debian/pool/main/${PN:0:1}/${PN}/${PN}_0.4.6-4.debian.tar.gz" # for logrotate file" +EGIT_REPO_URI="https://github.com/${MY_PN}/${MY_PN}.git" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="" +IUSE="acl debug doc kernel_linux pam policykit selinux test" + +COMMON_DEPEND=">=dev-libs/glib-2.40:2= + sys-libs/zlib:= + x11-libs/libX11:= + acl? ( + sys-apps/acl:= + >=virtual/udev-200 + ) + pam? ( virtual/pam ) + policykit? ( >=sys-auth/polkit-0.110 )" +RDEPEND="${COMMON_DEPEND} + kernel_linux? ( sys-apps/coreutils[acl?] ) + selinux? ( sec-policy/selinux-consolekit ) + sys-power/pm-utils" +DEPEND="${COMMON_DEPEND} + dev-libs/libxslt + virtual/pkgconfig + doc? ( app-text/xmlto ) + test? ( + app-text/docbook-xml-dtd:4.1.2 + app-text/xmlto + )" + +QA_MULTILIB_PATHS="usr/lib/ConsoleKit/.*" + +pkg_setup() { + if use kernel_linux; then + # This is from http://bugs.gentoo.org/376939 + use acl && CONFIG_CHECK="~TMPFS_POSIX_ACL" + # This is required to get login-session-id string with pam_ck_connector.so + use pam && CONFIG_CHECK+=" ~AUDITSYSCALL" + linux-info_pkg_setup + fi +} + +src_unpack() { + git-r3_src_unpack + unpack "${PN}_0.4.6-4.debian.tar.gz" +} + +src_prepare() { + sed -i -e '/SystemdService/d' data/org.freedesktop.ConsoleKit.service.in || die + + epatch_user + eautoreconf +} + +src_configure() { + econf \ + XMLTO_FLAGS='--skip-validation' \ + --libexecdir="${EPREFIX}"/usr/lib/ConsoleKit \ + --localstatedir="${EPREFIX}"/var \ + $(use_enable pam pam-module) \ + $(use_enable doc docbook-docs) \ + $(use_enable test docbook-docs) \ + $(use_enable debug) \ + $(use_enable policykit polkit) \ + $(use_enable acl udev-acl) \ + $(use_enable test tests) \ + --with-dbus-services="${EPREFIX}"/usr/share/dbus-1/services \ + --with-pam-module-dir="$(getpam_mod_dir)" \ + --with-xinitrc-dir=/etc/X11/xinit/xinitrc.d \ + --without-systemdsystemunitdir +} + +src_install() { + emake \ + DESTDIR="${D}" \ + htmldocdir="${EPREFIX}"/usr/share/doc/${PF}/html \ + install + + dosym /usr/lib/ConsoleKit /usr/lib/${PN} + + dodoc AUTHORS HACKING NEWS README TODO + + newinitd "${FILESDIR}"/${PN}-0.2.rc consolekit + + keepdir /usr/lib/ConsoleKit/run-seat.d + keepdir /usr/lib/ConsoleKit/run-session.d + keepdir /etc/ConsoleKit/run-session.d + keepdir /var/log/ConsoleKit + + exeinto /etc/X11/xinit/xinitrc.d + newexe "${FILESDIR}"/90-consolekit-3 90-consolekit + + prune_libtool_files --all # --all for pam_ck_connector.la + + rm -rf "${ED}"/var/run || die # let the init script create the directory + + insinto /etc/logrotate.d + newins "${WORKDIR}"/debian/${PN}.logrotate ${PN} #374513 +} diff --git a/sys-auth/consolekit/files/90-consolekit-3 b/sys-auth/consolekit/files/90-consolekit-3 new file mode 100644 index 000000000000..358fc24f1a72 --- /dev/null +++ b/sys-auth/consolekit/files/90-consolekit-3 @@ -0,0 +1,32 @@ +# -*- sh -*- +# Xsession.d script for ck-launch-session. +# +# +# This file is sourced by Xsession(5), not executed. + +CK_LAUNCH_SESSION=/usr/bin/ck-launch-session + +is_on_console() { + session=$(dbus-send --system --dest=org.freedesktop.ConsoleKit \ + --type=method_call --print-reply --reply-timeout=2000 \ + /org/freedesktop/ConsoleKit/Manager \ + org.freedesktop.ConsoleKit.Manager.GetCurrentSession \ + | grep path | awk '{print $3}' | sed s/\"//g) + x11_display=$(dbus-send --system --dest=org.freedesktop.ConsoleKit \ + --type=method_call --print-reply --reply-timeout=2000 \ + $session org.freedesktop.ConsoleKit.Session.GetX11Display \ + | grep string | awk '{print $2}' | sed s/\"//g) + + if [ -z "$x11_display" ] ; then + return 0 + else + return 1 + fi +} + +# gdm already creates a CK session for us, so do not run the expensive D-Bus +# calls if we have $GDMSESSION +if [ -z "$GDMSESSION" ] && [ -x "$CK_LAUNCH_SESSION" ] && \ + ( [ -z "$XDG_SESSION_COOKIE" ] || is_on_console ) ; then + command="$CK_LAUNCH_SESSION $command" +fi diff --git a/sys-auth/consolekit/files/consolekit-0.2.rc b/sys-auth/consolekit/files/consolekit-0.2.rc new file mode 100644 index 000000000000..63eeefd84cfc --- /dev/null +++ b/sys-auth/consolekit/files/consolekit-0.2.rc @@ -0,0 +1,26 @@ +#!/sbin/runscript +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License, v2 or later +# $Id$ + +depend() { + need dbus + use logger +} + +start() { + ebegin "Starting ConsoleKit daemon" + + checkpath -q -d -m 0755 /var/run/ConsoleKit + + start-stop-daemon --start -q \ + --pidfile /var/run/ConsoleKit/pid \ + --exec /usr/sbin/console-kit-daemon -- + eend $? +} + +stop() { + ebegin "Stopping ConsoleKit daemon" + start-stop-daemon --stop -q --pidfile /var/run/ConsoleKit/pid + eend $? +} diff --git a/sys-auth/consolekit/files/consolekit-0.4.5-polkit-automagic.patch b/sys-auth/consolekit/files/consolekit-0.4.5-polkit-automagic.patch new file mode 100644 index 000000000000..b896089d4485 --- /dev/null +++ b/sys-auth/consolekit/files/consolekit-0.4.5-polkit-automagic.patch @@ -0,0 +1,30 @@ +http://bugs.freedesktop.org/show_bug.cgi?id=47587 + +--- configure.ac ++++ configure.ac +@@ -56,10 +56,21 @@ + gthread-2.0 >= $GLIB_REQUIRED_VERSION + ) + +-PKG_CHECK_MODULES(POLKIT, +- polkit-gobject-1 >= $POLKIT_REQUIRED_VERSION, +- have_polkit=yes, +- have_polkit=no) ++AC_ARG_ENABLE([polkit], ++ AC_HELP_STRING([--enable-polkit], [Enable PolicyKit support (default auto)]), ++ enable_polkit=$enableval, ++ enable_polkit=auto) ++ ++if test "x$enable_polkit" != "xno"; then ++ PKG_CHECK_MODULES(POLKIT, ++ polkit-gobject-1 >= $POLKIT_REQUIRED_VERSION, ++ have_polkit=yes, ++ have_polkit=no) ++ if test "x$enable_polkit" = "xyes" -a "x$have_polkit" = "xno"; then ++ AC_MSG_ERROR([PolicyKit support explicitly requested but dependencies not found]) ++ fi ++fi ++ + if test "x$have_polkit" = "xyes" ; then + AC_DEFINE(HAVE_POLKIT, [], [Define if we have polkit]) + fi diff --git a/sys-auth/consolekit/files/consolekit-cleanup_console_tags.patch b/sys-auth/consolekit/files/consolekit-cleanup_console_tags.patch new file mode 100644 index 000000000000..c02411ebded5 --- /dev/null +++ b/sys-auth/consolekit/files/consolekit-cleanup_console_tags.patch @@ -0,0 +1,67 @@ +http://bugs.gentoo.org/257761 +http://patches.ubuntu.com/by-release/extracted/ubuntu/c/consolekit/ + +--- src/main.c ++++ src/main.c +@@ -148,6 +148,43 @@ + unlink (CONSOLE_KIT_PID_FILE); + } + ++#define CONSOLE_TAGS_DIR "/var/run/console" ++ ++static void ++delete_console_tags (void) ++{ ++ GDir *dir; ++ GError *error = NULL; ++ const gchar *name; ++ ++ g_debug ("Cleaning up %s", CONSOLE_TAGS_DIR); ++ ++ dir = g_dir_open (CONSOLE_TAGS_DIR, 0, &error); ++ if (dir == NULL) { ++ g_debug ("Couldn't open directory %s: %s", CONSOLE_TAGS_DIR, ++ error->message); ++ g_error_free (error); ++ return; ++ } ++ while ((name = g_dir_read_name (dir)) != NULL) { ++ gchar *file; ++ file = g_build_filename (CONSOLE_TAGS_DIR, name, NULL); ++ ++ g_debug ("Removing tag file: %s", file); ++ if (unlink (file) == -1) { ++ g_warning ("Couldn't delete tag file: %s", file); ++ } ++ g_free (file); ++ } ++} ++ ++static void ++cleanup (void) ++{ ++ delete_console_tags (); ++ delete_pid (); ++} ++ + /* copied from nautilus */ + static int debug_log_pipes[2]; + +@@ -228,7 +265,7 @@ + snprintf (pid, sizeof (pid), "%lu\n", (long unsigned) getpid ()); + written = write (pf, pid, strlen (pid)); + close (pf); +- g_atexit (delete_pid); ++ g_atexit (cleanup); + } else { + g_warning ("Unable to write pid file %s: %s", + CONSOLE_KIT_PID_FILE, +@@ -317,6 +354,8 @@ + goto out; + } + ++ delete_console_tags (); ++ + create_pid_file (); + + loop = g_main_loop_new (NULL, FALSE); diff --git a/sys-auth/consolekit/files/consolekit-shutdown-reboot-without-policies.patch b/sys-auth/consolekit/files/consolekit-shutdown-reboot-without-policies.patch new file mode 100644 index 000000000000..6a46649f7587 --- /dev/null +++ b/sys-auth/consolekit/files/consolekit-shutdown-reboot-without-policies.patch @@ -0,0 +1,26 @@ +From: Romain Perier <mrpouet@gentoo.org> +Date: Sat, 24 Oct 2009 18:43:43 +0200 +Subject: [PATCH] Be able to shutdown or reboot even without polkit or RBAC supports + +Ck does NOTHING at the origin if its built without polkit or RBAC supports, except +display a warning using g_warning() (which does not make sense). +The trick is to to call do_stop()/do_restart() in the #else directive :) + +--- src/ck-manager.c ++++ src/ck-manager.c +@@ -1131,6 +1131,7 @@ + check_rbac_permissions (manager, context, RBAC_SHUTDOWN_KEY, do_restart); + #else + g_warning ("Compiled without PolicyKit or RBAC support!"); ++ do_restart(manager, context); + #endif + + return TRUE; +@@ -1207,6 +1208,7 @@ + check_rbac_permissions (manager, context, RBAC_SHUTDOWN_KEY, do_stop); + #else + g_warning ("Compiled without PolicyKit or RBAC support!"); ++ do_stop(manager, context); + #endif + + return TRUE; diff --git a/sys-auth/consolekit/files/consolekit-udev-acl-install_to_usr.patch b/sys-auth/consolekit/files/consolekit-udev-acl-install_to_usr.patch new file mode 100644 index 000000000000..3ef39873dbd6 --- /dev/null +++ b/sys-auth/consolekit/files/consolekit-udev-acl-install_to_usr.patch @@ -0,0 +1,28 @@ +http://bugs.gentoo.org/398049 + +--- tools/Makefile.am ++++ tools/Makefile.am +@@ -144,11 +144,10 @@ + $(NULL) + + if ENABLE_UDEV_ACL +-udevdir = $(UDEVDIR) + udevrulesdir = $(UDEVDIR)/rules.d + + dist_udevrules_DATA = 70-udev-acl.rules +-udev_PROGRAMS = udev-acl ++libexec_PROGRAMS = udev-acl + + udev_acl_SOURCES = udev-acl.c + udev_acl_LDADD = $(UDEV_ACL_LIBS) +@@ -156,7 +155,9 @@ + + install-exec-hook: + mkdir -p $(DESTDIR)$(prefix)/lib/ConsoleKit/run-seat.d +- ln -sf $(UDEVDIR)/udev-acl $(DESTDIR)$(prefix)/lib/ConsoleKit/run-seat.d/udev-acl.ck ++ mkdir -p $(DESTDIR)$(UDEVDIR) ++ ln -sf $(libexecdir)/udev-acl $(DESTDIR)$(prefix)/lib/ConsoleKit/run-seat.d/udev-acl.ck ++ ln -sf $(libexecdir)/udev-acl $(DESTDIR)$(UDEVDIR)/udev-acl + endif + + EXTRA_DIST = \ diff --git a/sys-auth/consolekit/files/pam-foreground-compat.ck b/sys-auth/consolekit/files/pam-foreground-compat.ck new file mode 100644 index 000000000000..0697ca81ba45 --- /dev/null +++ b/sys-auth/consolekit/files/pam-foreground-compat.ck @@ -0,0 +1,17 @@ +#!/bin/sh +TAGDIR=/var/run/console + +[ -n "$CK_SESSION_USER_UID" ] || exit 1 + +TAGFILE="$TAGDIR/`getent passwd $CK_SESSION_USER_UID | cut -f 1 -d:`" + +if [ "$1" = "session_added" ]; then + mkdir -p "$TAGDIR" + echo "$CK_SESSION_ID" >> "$TAGFILE" +fi + +if [ "$1" = "session_removed" ] && [ -e "$TAGFILE" ]; then + sed -i "\%^$CK_SESSION_ID\$%d" "$TAGFILE" + [ -s "$TAGFILE" ] || rm -f "$TAGFILE" +fi + diff --git a/sys-auth/consolekit/metadata.xml b/sys-auth/consolekit/metadata.xml new file mode 100644 index 000000000000..3eb5156f029d --- /dev/null +++ b/sys-auth/consolekit/metadata.xml @@ -0,0 +1,15 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <herd>freedesktop</herd> + <maintainer> + <email>freedesktop-bugs@gentoo.org</email> + </maintainer> + <use> + <flag name="policykit">Use the PolicyKit framework (<pkg>sys-auth/polkit</pkg>) to get authorization for suspend/shutdown.</flag> + <flag name="systemd-units">Install systemd unit files to replace the modern functionality of logind in <pkg>sys-apps/systemd</pkg>. Not recommended.</flag> + </use> + <upstream> + <remote-id type="github">ConsoleKit2/ConsoleKit2</remote-id> + </upstream> +</pkgmetadata> diff --git a/sys-auth/fingerprint-gui/Manifest b/sys-auth/fingerprint-gui/Manifest new file mode 100644 index 000000000000..98ffcfa4f658 --- /dev/null +++ b/sys-auth/fingerprint-gui/Manifest @@ -0,0 +1,3 @@ +DIST fingerprint-gui-1.05.tar.gz 7001230 SHA256 4058ffa55de8ea346ae8747ec88828d2312656b3d8a54c57198b04e4032097db SHA512 6bf90dacb1e2b5f84fcded14a7b345cc613d09a886f1f103344caa00704e06f740af1ec3b9ae76f60a52e8330a68af63a035dbd53ab9a5bdce6521bcb5b3b6e8 WHIRLPOOL c0c8f5e3a87b0821aab23591ef25340cf1a1d3cde9d5e9ee2d716f600286c9eab909056021dda6e1ea7fe80731d9bf7bde437ddb406692ad1517050f1d647132 +DIST fingerprint-gui-1.06.tar.gz 7042471 SHA256 f5021d4c446b65ce62de63b9b2874b05a62318b386f35577ca0322b722a1920f SHA512 dbb7dfa9df99e522a3512fc93f53c9c830d94572d4b9a76f438a8893a1f852ddbff3d76a519873efc10ee0a0a1c764a5dd69c9db95ac28c45e25f80e55eb52c0 WHIRLPOOL 75e3c33b7910fd066910eca425815040b5a0390cdd56fdbf423e317dc0b0407291d5f176a511c5afd5af68f6c03c60290242685bcb24d63513aa8455aa32a951 +DIST fingerprint-gui-1.07.tar.gz 7042051 SHA256 cc2d06fd3aa96b278da3201fe51692393e3eb20002069c458c51661fb6e4f8c8 SHA512 b63bc86cbff29587a7fe164dd9344178006079f2520265ecd3d96e57bf584694246e17db780051dcacfe39dc6bd4da437b16e33d2f7cb6b474ae61dfbced6a3b WHIRLPOOL fa1eca597547b6d6c631373e47783ffcf3b30c6383ba31f198fe1d91b2174ee7caf241229c5a94d360fa0a5addb6b710a5729da59978ecd8932ae9687ba7fa0e diff --git a/sys-auth/fingerprint-gui/files/fingerprint-gui-1.04-unistd.patch b/sys-auth/fingerprint-gui/files/fingerprint-gui-1.04-unistd.patch new file mode 100644 index 000000000000..f65aa94d2d1d --- /dev/null +++ b/sys-auth/fingerprint-gui/files/fingerprint-gui-1.04-unistd.patch @@ -0,0 +1,70 @@ +--- fingerprint-gui-1.04/src/UserSettings.cpp ++++ fingerprint-gui-1.04/src/UserSettings.cpp +@@ -30,6 +30,7 @@ + + #include <syslog.h> + #include <stdlib.h> ++#include <unistd.h> + #include <sys/mount.h> + #include <errno.h> + +--- fingerprint-gui-1.04/src/IdentifierGUI.cpp ++++ fingerprint-gui-1.04/src/IdentifierGUI.cpp +@@ -25,6 +25,7 @@ + + #include <string> + #include <iostream> ++#include <unistd.h> + #include "IdentifierGUI.h" + + #define KEEP_ON_TOP \ +--- fingerprint-gui-1.04/src/FingerprintPAM.cpp ++++ fingerprint-gui-1.04/src/FingerprintPAM.cpp +@@ -37,6 +37,7 @@ + #include <errno.h> + #include <pwd.h> + #include <string> ++#include <unistd.h> + + #include "../include/Globals.h" + +--- fingerprint-gui-1.04/src/PluginDialog.cpp ++++ fingerprint-gui-1.04/src/PluginDialog.cpp +@@ -25,6 +25,7 @@ + + #include <sys/poll.h> + #include <string> ++#include <unistd.h> + #include <qt4/QtCore/qthread.h> + + #include "../include/PluginDialog.h" +--- fingerprint-gui-1.04/src/PamGUI.cpp ++++ fingerprint-gui-1.04/src/PamGUI.cpp +@@ -23,6 +23,7 @@ + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + */ + ++#include <unistd.h> + #include "PamGUI.h" + #include "FingerprintHelper.h" + +--- fingerprint-gui-1.04/src/PamNonGUI.cpp ++++ fingerprint-gui-1.04/src/PamNonGUI.cpp +@@ -23,6 +23,7 @@ + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + */ + ++#include <unistd.h> + #include "PamNonGUI.h" + #include "FingerprintHelper.h" + +--- fingerprint-gui-1.04/src/FingerprintPlugin.cpp ++++ fingerprint-gui-1.04/src/FingerprintPlugin.cpp +@@ -25,6 +25,7 @@ + + #include <syslog.h> + #include <string> ++#include <unistd.h> + #include <qt4/QtGui/qwidget.h> + + #include "PluginDialog.h" diff --git a/sys-auth/fingerprint-gui/fingerprint-gui-1.05-r1.ebuild b/sys-auth/fingerprint-gui/fingerprint-gui-1.05-r1.ebuild new file mode 100644 index 000000000000..f4bb137c5800 --- /dev/null +++ b/sys-auth/fingerprint-gui/fingerprint-gui-1.05-r1.ebuild @@ -0,0 +1,84 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +inherit eutils multilib qt4-r2 readme.gentoo udev user + +DESCRIPTION="Use Fingerprint Devices with Linux" +HOMEPAGE="http://www.n-view.net/Appliance/fingerprint/" +SRC_URI="http://ullrich-online.cc/nview/Appliance/${PN%-gui}/download/${P}.tar.gz" + +LICENSE="GPL-3" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="+upekbsapi" + +DEPEND="app-crypt/qca:2[openssl,qt4(+)] + sys-auth/libfprint + sys-auth/polkit-qt[qt4(+)] + sys-libs/pam + x11-libs/libfakekey + dev-qt/qtcore:4 + !sys-auth/thinkfinger" +RDEPEND="${DEPEND}" + +QA_SONAME="/usr/lib/libbsapi.so.* /usr/lib64/libbsapi.so.*" +QA_PRESTRIPPED="/usr/lib/libbsapi.so.* /usr/lib64/libbsapi.so.*" +QA_FLAGS_IGNORED="/usr/lib/libbsapi.so.* /usr/lib64/libbsapi.so.*" + +src_prepare() { + sed -e '/Icon=/s:=.*:=Fingerprint:' \ + -i bin/${PN}/${PN}.desktop || die + sed -e "s:/etc/udev/rules.d:\"$(get_udevdir)\"/rules.d:g" \ + -i bin/${PN%-gui}-helper/${PN%-gui}-helper.pro || die + sed -e 's:GROUP="plugdev":GROUP="fingerprint":' \ + -i bin/fingerprint-helper/92-fingerprint-gui-uinput.rules \ + -i upek/91-fingerprint-gui-upek.rules || die +} + +src_configure() { + eqmake4 \ + PREFIX="${EROOT}"usr \ + LIB="$(get_libdir)" \ + LIBEXEC=libexec \ + LIBPOLKIT_QT=LIBPOLKIT_QT_1_1 +} + +src_install() { + export INSTALL_ROOT="${D}" #submakes need it as well, re-install fails otherwise. + emake install + rm -r "${ED}"/usr/share/doc/${PN} || die + if use upekbsapi ; then + use amd64 && dolib.so upek/lib64/libbsapi.so* + use x86 && dolib.so upek/lib/libbsapi.so* + udev_dorules upek/91-fingerprint-gui-upek.rules + insinto /etc + doins upek/upek.cfg + #dodir /var/upek_data + #fowners root:plugdev /var/upek_data + #fperms 0775 /var/upek_data + fi + doicon src/res/Fingerprint.png + + dodoc CHANGELOG README + dohtml doc/* + + readme.gentoo_src_install +} + +pkg_preinst() { + enewgroup fingerprint +} + +FORCE_PRINT_ELOG=1 +DISABLE_AUTOFORMATTING=1 +DOC_CONTENTS="Please take a thorough look a the Install-step-by-step.html +in /usr/share/doc/${PF} for integration with pam/polkit/... +Hint: You may want + auth sufficient pam_fingerprint-gui.so +in /etc/pam.d/system-auth + +There are udev rules to enforce group fingerprint on the reader device +Please put yourself in that group and re-trigger the udev rules." diff --git a/sys-auth/fingerprint-gui/fingerprint-gui-1.05.ebuild b/sys-auth/fingerprint-gui/fingerprint-gui-1.05.ebuild new file mode 100644 index 000000000000..4328729b60f0 --- /dev/null +++ b/sys-auth/fingerprint-gui/fingerprint-gui-1.05.ebuild @@ -0,0 +1,74 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=4 + +inherit eutils multilib qt4-r2 udev + +DESCRIPTION="Use Fingerprint Devices with Linux" +HOMEPAGE="http://www.n-view.net/Appliance/fingerprint/" +SRC_URI="http://ullrich-online.cc/nview/Appliance/${PN%-gui}/download/${P}.tar.gz" + +LICENSE="GPL-3" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="+upekbsapi" + +DEPEND="app-crypt/qca:2[openssl,qt4(+)] + sys-auth/libfprint + sys-auth/polkit-qt[qt4(+)] + sys-libs/pam + x11-libs/libfakekey + dev-qt/qtcore:4 + !sys-auth/thinkfinger" +RDEPEND="${DEPEND}" + +QA_SONAME="/usr/lib/libbsapi.so.* /usr/lib64/libbsapi.so.*" +QA_PRESTRIPPED="/usr/lib/libbsapi.so.* /usr/lib64/libbsapi.so.*" +QA_FLAGS_IGNORED="/usr/lib/libbsapi.so.* /usr/lib64/libbsapi.so.*" + +src_prepare() { + sed -e '/Icon=/s:=.*:=Fingerprint:' \ + -i bin/${PN}/${PN}.desktop || die + sed -e "s:/etc/udev/rules.d:\"$(get_udevdir)\"/rules.d:g" \ + -i bin/${PN%-gui}-helper/${PN%-gui}-helper.pro || die +} + +src_configure() { + eqmake4 \ + PREFIX="${EROOT}"usr \ + LIB="$(get_libdir)" \ + LIBEXEC=libexec \ + LIBPOLKIT_QT=LIBPOLKIT_QT_1_1 +} + +src_install() { + emake INSTALL_ROOT="${D}" install + rm -r "${ED}"/usr/share/doc/${PN} || die + if use upekbsapi ; then + use amd64 && dolib.so upek/lib64/libbsapi.so* + use x86 && dolib.so upek/lib/libbsapi.so* + udev_dorules upek/91-fingerprint-gui-upek.rules + insinto /etc + doins upek/upek.cfg + #dodir /var/upek_data + #fowners root:plugdev /var/upek_data + #fperms 0775 /var/upek_data + fi + doicon src/res/Fingerprint.png + + dodoc CHANGELOG README + dohtml doc/* +} + +pkg_postinst() { + elog "Please take a thorough look a the Install-step-by-step.html" + elog "in /usr/share/doc/${PF} for integration with pam/polkit/..." + elog "Hint: You may want" + elog " auth sufficient pam_fingerprint-gui.so" + elog "in /etc/pam.d/system-auth" + einfo + elog "There are udev rules to enforce group plugdev on the reader device" + elog "Please put yourself in that group and re-trigger the udev rules." +} diff --git a/sys-auth/fingerprint-gui/fingerprint-gui-1.06.ebuild b/sys-auth/fingerprint-gui/fingerprint-gui-1.06.ebuild new file mode 100644 index 000000000000..bccb62e61a1a --- /dev/null +++ b/sys-auth/fingerprint-gui/fingerprint-gui-1.06.ebuild @@ -0,0 +1,85 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +inherit eutils multilib qt4-r2 readme.gentoo udev user + +DESCRIPTION="Use Fingerprint Devices with Linux" +HOMEPAGE="http://www.n-view.net/Appliance/fingerprint/" +HOMEPAGE="http://www.ullrich-online.cc/fingerprint/" +SRC_URI="http://www.ullrich-online.cc/${PN%-gui}/download/${P}.tar.gz" + +LICENSE="GPL-3" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="+upekbsapi" + +DEPEND="app-crypt/qca:2[openssl,qt4(+)] + sys-auth/libfprint + sys-auth/polkit-qt[qt4(+)] + sys-libs/pam + x11-libs/libfakekey + dev-qt/qtcore:4 + !sys-auth/thinkfinger" +RDEPEND="${DEPEND}" + +QA_SONAME="/usr/lib/libbsapi.so.* /usr/lib64/libbsapi.so.*" +QA_PRESTRIPPED="/usr/lib/libbsapi.so.* /usr/lib64/libbsapi.so.*" +QA_FLAGS_IGNORED="/usr/lib/libbsapi.so.* /usr/lib64/libbsapi.so.*" + +src_prepare() { + sed -e '/Icon=/s:=.*:=Fingerprint:' \ + -i bin/${PN}/${PN}.desktop || die + sed -e "s:/etc/udev/rules.d:\"$(get_udevdir)\"/rules.d:g" \ + -i bin/${PN%-gui}-helper/${PN%-gui}-helper.pro || die + sed -e 's:GROUP="plugdev":GROUP="fingerprint":' \ + -i bin/fingerprint-helper/92-fingerprint-gui-uinput.rules \ + -i upek/91-fingerprint-gui-upek.rules || die +} + +src_configure() { + eqmake4 \ + PREFIX="${EROOT}"usr \ + LIB="$(get_libdir)" \ + LIBEXEC=libexec \ + LIBPOLKIT_QT=LIBPOLKIT_QT_1_1 +} + +src_install() { + export INSTALL_ROOT="${D}" #submakes need it as well, re-install fails otherwise. + emake install + rm -r "${ED}"/usr/share/doc/${PN} || die + if use upekbsapi ; then + use amd64 && dolib.so upek/lib64/libbsapi.so* + use x86 && dolib.so upek/lib/libbsapi.so* + udev_dorules upek/91-fingerprint-gui-upek.rules + insinto /etc + doins upek/upek.cfg + #dodir /var/upek_data + #fowners root:plugdev /var/upek_data + #fperms 0775 /var/upek_data + fi + doicon src/res/Fingerprint.png + + dodoc CHANGELOG README + dohtml doc/* + + readme.gentoo_src_install +} + +pkg_preinst() { + enewgroup fingerprint +} + +FORCE_PRINT_ELOG=1 +DISABLE_AUTOFORMATTING=1 +DOC_CONTENTS="Please take a thorough look a the Install-step-by-step.html +in /usr/share/doc/${PF} for integration with pam/polkit/... +Hint: You may want + auth sufficient pam_fingerprint-gui.so +in /etc/pam.d/system-auth + +There are udev rules to enforce group fingerprint on the reader device +Please put yourself in that group and re-trigger the udev rules." diff --git a/sys-auth/fingerprint-gui/fingerprint-gui-1.07.ebuild b/sys-auth/fingerprint-gui/fingerprint-gui-1.07.ebuild new file mode 100644 index 000000000000..494242feb5e3 --- /dev/null +++ b/sys-auth/fingerprint-gui/fingerprint-gui-1.07.ebuild @@ -0,0 +1,94 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +inherit eutils multilib qt4-r2 readme.gentoo udev user + +DESCRIPTION="Use Fingerprint Devices with Linux" +HOMEPAGE="http://www.n-view.net/Appliance/fingerprint/" +HOMEPAGE="http://www.ullrich-online.cc/fingerprint/" +SRC_URI="http://www.ullrich-online.cc/${PN%-gui}/download/${P}.tar.gz" + +LICENSE="GPL-3" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="+upekbsapi" + +DEPEND="app-crypt/qca:2[openssl,qt4(+)] + sys-auth/libfprint + sys-auth/polkit-qt[qt4(+)] + sys-libs/pam + x11-libs/libfakekey + dev-qt/qtcore:4 + !sys-auth/thinkfinger" +RDEPEND="${DEPEND}" + +QA_SONAME="/usr/lib/libbsapi.so.* /usr/lib64/libbsapi.so.*" +QA_PRESTRIPPED="/usr/lib/libbsapi.so.* /usr/lib64/libbsapi.so.*" +QA_FLAGS_IGNORED="/usr/lib/libbsapi.so.* /usr/lib64/libbsapi.so.*" + +src_prepare() { + sed -e '/Icon=/s:=.*:=Fingerprint:' \ + -i bin/${PN}/${PN}.desktop || die + sed -e "s:/etc/udev/rules.d:\"$(get_udevdir)\"/rules.d:g" \ + -i bin/${PN%-gui}-helper/${PN%-gui}-helper.pro || die + sed -e 's:GROUP="plugdev":GROUP="fingerprint":' \ + -i bin/fingerprint-helper/92-fingerprint-gui-uinput.rules \ + -i upek/91-fingerprint-gui-upek.rules || die +} + +src_configure() { + eqmake4 \ + PREFIX="${EROOT}"usr \ + LIB="$(get_libdir)" \ + LIBEXEC=libexec \ + LIBPOLKIT_QT=LIBPOLKIT_QT_1_1 +} + +src_install() { + export INSTALL_ROOT="${D}" #submakes need it as well, re-install fails otherwise. + emake install + rm -r "${ED}"/usr/share/doc/${PN} || die + if use upekbsapi ; then + use amd64 && dolib.so upek/lib64/libbsapi.so* + use x86 && dolib.so upek/lib/libbsapi.so* + udev_dorules upek/91-fingerprint-gui-upek.rules + insinto /etc + doins upek/upek.cfg + #dodir /var/upek_data + #fowners root:plugdev /var/upek_data + #fperms 0775 /var/upek_data + fi + doicon src/res/Fingerprint.png + + dodoc CHANGELOG README + dohtml doc/* + + readme.gentoo_src_install +} + +pkg_preinst() { + enewgroup fingerprint +} + +pkg_postinst() { + einfo "Fixing permisisons of fingerprints..." + find "${EROOT}"/var/lib/fingerprint-gui -exec chown root:root {} + || die "chown root:root failed" + find "${EROOR}"/var/lib/fingerprint-gui -type d -exec chmod 755 {} + || die "chmod 755 failed" + find "${EROOT}"/var/lib/fingerprint-gui -type f -exec chmod 600 {} + || die "chmod 600 failed" + + readme.gentoo_pkg_postinst +} + +FORCE_PRINT_ELOG=1 +DISABLE_AUTOFORMATTING=1 +DOC_CONTENTS="Please take a thorough look a the Install-step-by-step.html +in /usr/share/doc/${PF} for integration with pam/polkit/... +Hint: You may want + auth sufficient pam_fingerprint-gui.so +in /etc/pam.d/system-auth + +There are udev rules to enforce group fingerprint on the reader device +Please put yourself in that group and re-trigger the udev rules." diff --git a/sys-auth/fingerprint-gui/metadata.xml b/sys-auth/fingerprint-gui/metadata.xml new file mode 100644 index 000000000000..ffe2eae04a76 --- /dev/null +++ b/sys-auth/fingerprint-gui/metadata.xml @@ -0,0 +1,12 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<maintainer> +<email>xmw@gentoo.org</email> +<name>Michael Weber</name> +</maintainer> +<use> + <flag name="upekbsapi">Add UPEK BSAPI drivers for identify functions on some readers</flag> +</use> +</pkgmetadata> + diff --git a/sys-auth/fprint_demo/Manifest b/sys-auth/fprint_demo/Manifest new file mode 100644 index 000000000000..767b767b1baf --- /dev/null +++ b/sys-auth/fprint_demo/Manifest @@ -0,0 +1 @@ +DIST fprint_demo-0.4.tar.bz2 75986 SHA256 f071c0f3ae37365803c074fb5a544fb8cfa9fdd4ca9be9efe0488889ccb41267 diff --git a/sys-auth/fprint_demo/fprint_demo-0.4.ebuild b/sys-auth/fprint_demo/fprint_demo-0.4.ebuild new file mode 100644 index 000000000000..365b1a7f864a --- /dev/null +++ b/sys-auth/fprint_demo/fprint_demo-0.4.ebuild @@ -0,0 +1,23 @@ +# Copyright 1999-2010 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=3 + +DESCRIPTION="a simple GTK+ application to demonstrate and test libfprint's capabilities" +HOMEPAGE="http://www.reactivated.net/fprint/wiki/Fprint_demo" +SRC_URI="mirror://sourceforge/fprint/${P}.tar.bz2" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64" +IUSE="" + +RDEPEND="sys-auth/libfprint + x11-libs/gtk+:2" +DEPEND="${RDEPEND}" + +src_install() { + emake DESTDIR="${D}" install || die + dodoc AUTHORS ChangeLog NEWS README || die +} diff --git a/sys-auth/fprint_demo/metadata.xml b/sys-auth/fprint_demo/metadata.xml new file mode 100644 index 000000000000..1bd43515355e --- /dev/null +++ b/sys-auth/fprint_demo/metadata.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer> + <email>xmw@gentoo.org</email> + <name>Michael Weber (xmw)</name> + </maintainer> + <upstream> + <remote-id type="sourceforge">fprint</remote-id> + </upstream> +</pkgmetadata> diff --git a/sys-auth/fprintd/Manifest b/sys-auth/fprintd/Manifest new file mode 100644 index 000000000000..7569175b1b24 --- /dev/null +++ b/sys-auth/fprintd/Manifest @@ -0,0 +1,3 @@ +DIST V_0_2_0.tar.bz2 43754 SHA256 173fc0f94ffc8605ea2f3051a6f943bfcab6c5295ea6951f5e18b6605f022ef6 SHA512 f7d0ec0cf395267a85f6169999cf91f5e6e3871b7ca6784e8591ae2f3a40c21b856426786f70d94e6f23be89f79b5050a1073b1cfd7052425882ab51bea1235c WHIRLPOOL 6abe73c55c2fd87a2ccd2bbbe9e09c9a44aa3ec056023f19d41ececfbb5cb80a8d34fc7993d61ae019b6d23dc4380bd26fd970b6747dff8abe33d1ffd302acbc +DIST V_0_4_1.tar.bz2 56813 SHA256 6c101072b5ff243d892c626e138ddf856ae53e9915a4644674739a9c8ed6b135 SHA512 c403d133f5fe240a0b9a07280ee87144cbd768bd98781ba04abe84738ef5c9ff9b87cb332dd2be1115c49ff8eb01911dc5afe3f6eca31e291a3d5614c44de5db WHIRLPOOL 3ee289f6a704f2856f894832df67a73eae3a532e64a35aedfe7d0e5b33b40c09139f3fd4553333faeb2e8947530508f3362786f97761f93fc7922a1ea7a77423 +DIST V_0_5_0.tar.bz2 67023 SHA256 c64398554bd321b811c9e58773a4974ec74f20d167a1dd1709f391a62f55eb6a SHA512 9aeb6e8573a381da0edb74c707069062988eb6b803e4c70397d567bda6f9395f2ac349d5795d4fdbff003ec7524829b62ced4dac0777f9b22c2db06f36ec5e01 WHIRLPOOL f8ef7d2093998cd0f649c8d25ebefdc2c0320bf97517ca569e1cb1b2faffdba71698a0a7ca59de6297ddce83facae58a396886aa2c9d7d297355f312129f42d9 diff --git a/sys-auth/fprintd/fprintd-0.2.0-r1.ebuild b/sys-auth/fprintd/fprintd-0.2.0-r1.ebuild new file mode 100644 index 000000000000..60f6592f388a --- /dev/null +++ b/sys-auth/fprintd/fprintd-0.2.0-r1.ebuild @@ -0,0 +1,68 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=4 + +inherit autotools toolchain-funcs versionator + +DESCRIPTION="D-Bus service to access fingerprint readers" +HOMEPAGE="http://cgit.freedesktop.org/libfprint/fprintd/" +MY_PV="V_$(replace_all_version_separators _)" +SRC_URI="http://cgit.freedesktop.org/libfprint/${PN}/snapshot/${MY_PV}.tar.bz2" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="doc pam static-libs" + +RDEPEND="dev-libs/dbus-glib + dev-libs/glib:2 + sys-auth/libfprint + sys-auth/polkit + pam? ( sys-libs/pam )" +DEPEND="${RDEPEND} + dev-util/gtk-doc + dev-util/gtk-doc-am + dev-util/intltool + doc? ( dev-libs/libxml2 dev-libs/libxslt )" + +S=${WORKDIR}/${MY_PV} + +src_prepare() { + cp /usr/share/gtk-doc/data/gtk-doc.make . || die + sed -e '/SUBDIRS/s: po::' -i Makefile.am || die + eautoreconf + intltoolize || die +} + +src_configure() { + econf $(use_enable pam) \ + $(use_enable static-libs static) \ + $(use_enable doc gtk-doc-html) +} + +src_install() { + emake DESTDIR="${D}" install \ + pammoddir=/$(get_libdir)/security + + keepdir /var/lib/fprint + + find "${D}" -name "*.la" -delete || die + + dodoc AUTHORS ChangeLog NEWS README TODO + if use doc ; then + insinto /usr/share/doc/${PF}/html + doins doc/{fprintd-docs,version}.xml + insinto /usr/share/doc/${PF}/html/dbus + doins doc/dbus/net.reactivated.Fprint.{Device,Manager}.ref.xml + fi +} + +pkg_postinst() { + elog "Please take a look at the upstream documentation for integration" + elog "Example: add following line to your /etc/pam.d/system-local-login" + einfo + elog " auth sufficient pam_fprintd.so" + einfo +} diff --git a/sys-auth/fprintd/fprintd-0.4.1.ebuild b/sys-auth/fprintd/fprintd-0.4.1.ebuild new file mode 100644 index 000000000000..f01840595c90 --- /dev/null +++ b/sys-auth/fprintd/fprintd-0.4.1.ebuild @@ -0,0 +1,68 @@ +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=4 + +inherit autotools toolchain-funcs versionator + +DESCRIPTION="D-Bus service to access fingerprint readers" +HOMEPAGE="http://cgit.freedesktop.org/libfprint/fprintd/" +MY_PV="V_$(replace_all_version_separators _)" +SRC_URI="http://cgit.freedesktop.org/libfprint/${PN}/snapshot/${MY_PV}.tar.bz2" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~ia64 ~ppc ~ppc64 ~sparc ~x86" +IUSE="doc pam static-libs" + +RDEPEND="dev-libs/dbus-glib + dev-libs/glib:2 + sys-auth/libfprint + sys-auth/polkit + pam? ( sys-libs/pam )" +DEPEND="${RDEPEND} + dev-util/gtk-doc + dev-util/gtk-doc-am + dev-util/intltool + doc? ( dev-libs/libxml2 dev-libs/libxslt )" + +S=${WORKDIR}/${MY_PV} + +src_prepare() { + cp /usr/share/gtk-doc/data/gtk-doc.make . || die + sed -e '/SUBDIRS/s: po::' -i Makefile.am || die + eautoreconf + intltoolize || die +} + +src_configure() { + econf $(use_enable pam) \ + $(use_enable static-libs static) \ + $(use_enable doc gtk-doc-html) +} + +src_install() { + emake DESTDIR="${D}" install \ + pammoddir=/$(get_libdir)/security + + keepdir /var/lib/fprint + + find "${D}" -name "*.la" -delete || die + + dodoc AUTHORS ChangeLog NEWS README{,.transifex} TODO + if use doc ; then + insinto /usr/share/doc/${PF}/html + doins doc/{fprintd-docs,version}.xml + insinto /usr/share/doc/${PF}/html/dbus + doins doc/dbus/net.reactivated.Fprint.{Device,Manager}.ref.xml + fi +} + +pkg_postinst() { + elog "Please take a look at the upstream documentation for integration" + elog "Example: add following line to your /etc/pam.d/system-local-login" + einfo + elog " auth sufficient pam_fprintd.so" + einfo +} diff --git a/sys-auth/fprintd/fprintd-0.5.0.ebuild b/sys-auth/fprintd/fprintd-0.5.0.ebuild new file mode 100644 index 000000000000..d18e8a83f172 --- /dev/null +++ b/sys-auth/fprintd/fprintd-0.5.0.ebuild @@ -0,0 +1,64 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=4 + +inherit autotools pam systemd versionator + +DESCRIPTION="D-Bus service to access fingerprint readers" +HOMEPAGE="http://cgit.freedesktop.org/libfprint/fprintd/" +MY_PV="V_$(replace_all_version_separators _)" +SRC_URI="http://cgit.freedesktop.org/libfprint/${PN}/snapshot/${MY_PV}.tar.bz2" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="alpha amd64 arm ia64 ppc ppc64 sparc x86" +IUSE="doc pam static-libs" + +RDEPEND="dev-libs/dbus-glib + dev-libs/glib:2 + sys-auth/libfprint + sys-auth/polkit + pam? ( sys-libs/pam )" +DEPEND="${RDEPEND} + dev-util/gtk-doc + dev-util/gtk-doc-am + dev-util/intltool + doc? ( dev-libs/libxml2 dev-libs/libxslt )" + +S=${WORKDIR}/${MY_PV} + +src_prepare() { + eautoreconf +} + +src_configure() { + econf --disable-silent-rules \ + $(use_enable pam) \ + $(use_enable static-libs static) \ + $(use_enable doc gtk-doc-html) \ + $(systemd_with_unitdir) +} + +src_install() { + emake DESTDIR="${D}" install \ + pammoddir=$(getpam_mod_dir) + + keepdir /var/lib/fprint + + find "${D}" -name "*.la" -delete || die + + dodoc AUTHORS NEWS README{,.transifex} TODO + newdoc pam/README README.pam_fprintd + if use doc ; then + insinto /usr/share/doc/${PF}/html + doins doc/{fprintd-docs,version}.xml + insinto /usr/share/doc/${PF}/html/dbus + doins doc/dbus/net.reactivated.Fprint.{Device,Manager}.ref.xml + fi +} + +pkg_postinst() { + elog "Please take a look at README.pam_fprintd for integration docs." +} diff --git a/sys-auth/fprintd/metadata.xml b/sys-auth/fprintd/metadata.xml new file mode 100644 index 000000000000..5b80fb94c393 --- /dev/null +++ b/sys-auth/fprintd/metadata.xml @@ -0,0 +1,8 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<maintainer> +<email>xmw@gentoo.org</email> +<name>Michael Weber</name> +</maintainer> +</pkgmetadata> diff --git a/sys-auth/icmpdn/Manifest b/sys-auth/icmpdn/Manifest new file mode 100644 index 000000000000..fb07119772bd --- /dev/null +++ b/sys-auth/icmpdn/Manifest @@ -0,0 +1 @@ +DIST icmpdn-0.4.tar.gz 332780 RMD160 48b640f84afbcb531d16aa13b9841bc795606f82 SHA1 211163a952dd7e3196fce3b0c6a5ea0d2bd4c0bb SHA256 8d53bd2ddfeb1a013b549e7e5d4a606af50d621b6e803dcfac9d870c77af8b45 diff --git a/sys-auth/icmpdn/files/conf.d-icmpdnd b/sys-auth/icmpdn/files/conf.d-icmpdnd new file mode 100644 index 000000000000..e6fb8e406620 --- /dev/null +++ b/sys-auth/icmpdn/files/conf.d-icmpdnd @@ -0,0 +1,15 @@ +# Copyright 1999-2006 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +# Set the TTL (Time-to-Live) value in responses to TTL seconds rather +# than the default of 3600 seconds +#TTL=3600 + +# Set the domain name in responses to domainname, rather than the +# default as described above. This option is useful in case the system +# is not configured to set up its own hostname. +#DOMAINNAME=mydomainname.com + +# Other options +#ICMPDND_OPTS="" diff --git a/sys-auth/icmpdn/files/init.d-icmpdnd b/sys-auth/icmpdn/files/init.d-icmpdnd new file mode 100644 index 000000000000..9b5e59c22c71 --- /dev/null +++ b/sys-auth/icmpdn/files/init.d-icmpdnd @@ -0,0 +1,27 @@ +#!/sbin/runscript +# Copyright 1999-2006 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +BINARY="/usr/sbin/icmpdnd" + +[ -n "${TTL}" ] && ICMPDND_OPTS="${ICMPDND_OPTS} -t ${TTL}" +[ -n "${DOMAINNAME}" ] && ICMPDND_OPTS="${ICMPDND_OPTS} -d ${DOMAINNAME}" + +depend() { + need net + after ypbind +} + +start() { + ebegin "Starting icmpdnd" + start-stop-daemon --start --quiet --exec ${BINARY} -- ${ICMPDND_OPTS} + eend $? +} + +stop() { + ebegin "Stopping icmpdnd" + start-stop-daemon --stop --quiet --exec ${BINARY} + eend $? +} + diff --git a/sys-auth/icmpdn/icmpdn-0.4.ebuild b/sys-auth/icmpdn/icmpdn-0.4.ebuild new file mode 100644 index 000000000000..21119d148504 --- /dev/null +++ b/sys-auth/icmpdn/icmpdn-0.4.ebuild @@ -0,0 +1,39 @@ +# Copyright 1999-2009 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +inherit eutils flag-o-matic multilib + +DESCRIPTION="ICMP Domain Name utilities & NSS backend" +HOMEPAGE="http://www.dolda2000.com/~fredrik/icmp-dn/" +SRC_URI="${HOMEPAGE}${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~x86" +IUSE="" + +src_compile() { + append-cppflags -D_GNU_SOURCE #241318 + econf \ + --sysconfdir=/etc \ + --libdir=/$(get_libdir) \ + || die "econf failed" + emake || die "emake failed" +} + +src_install() { + emake install DESTDIR="${D}" || die "emake install failed" + newinitd "${FILESDIR}"/init.d-icmpdnd icmpdnd + newconfd "${FILESDIR}"/conf.d-icmpdnd icmpdnd + dodoc AUTHORS ChangeLog README + # must always run as root + fperms 4711 /usr/bin/idnlookup + # useless as nothing should link against this lib + rm "${D}"/lib*/*.{la,so} +} + +pkg_postinst() { + einfo "To use the ICMP nameswitch module, add 'icmp'" + einfo "to the 'hosts' line in your /etc/nsswitch.conf" +} diff --git a/sys-auth/icmpdn/metadata.xml b/sys-auth/icmpdn/metadata.xml new file mode 100644 index 000000000000..c6d862855eb5 --- /dev/null +++ b/sys-auth/icmpdn/metadata.xml @@ -0,0 +1,7 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<maintainer> + <email>robbat2@gentoo.org</email> +</maintainer> +</pkgmetadata> diff --git a/sys-auth/keystone/Manifest b/sys-auth/keystone/Manifest new file mode 100644 index 000000000000..23011bba613f --- /dev/null +++ b/sys-auth/keystone/Manifest @@ -0,0 +1,2 @@ +DIST keystone-2015.1.0.tar.gz 884362 SHA256 20ad170dcc727659f30003af16272d7685238d1ad069c91c542b6ac47d903d7a SHA512 d619a75a2f840fe49a66446c7b2436583a2ca6ea292252470b41817e7c7c34972ea7fbbb68a3b292699a4b2854a01db64be9f263b2dd56389cf6fd1e8d0f4f85 WHIRLPOOL 0f85ad09d13c32c591fa8ac5495de28234b79bb47f9b9f56409ed2f36adbcacbe2bd022fd568859ea82cfba735de96e1b6f32e07c78d5509507440ec52b1d534 +DIST keystone-2015.1.1.tar.gz 884979 SHA256 6c703f2d26c6a5f4fd4963dc11474b55cf87c5890d97361a4738df35eea258c5 SHA512 0c540f2a33729a539e68cb5d3e0b0b4ef0014829c274b0b92d982cd7d75110b14a3edc9db9c15794dd4c73f45a4982f47f99f75be6cbd8c91b0550ef24040848 WHIRLPOOL c20cc32d6043e9a2e9e5441a17e55431efabc3619156256c8fe8217bd876b07abb5860a48fc4bd761f505f022579d815a29b56d5c7a0536bafe89a2ad4b3b93a diff --git a/sys-auth/keystone/files/keystone.confd b/sys-auth/keystone/files/keystone.confd new file mode 100644 index 000000000000..669fa0a7ad11 --- /dev/null +++ b/sys-auth/keystone/files/keystone.confd @@ -0,0 +1,3 @@ +#KEYSTONE_CONF=/etc/keystone/keystone.conf +#KEYSTONE_USER=keystone +KEYSTONE_ARGS="--logfile /var/log/keystone/keystone.log" diff --git a/sys-auth/keystone/files/keystone.initd b/sys-auth/keystone/files/keystone.initd new file mode 100644 index 000000000000..bc32002f567c --- /dev/null +++ b/sys-auth/keystone/files/keystone.initd @@ -0,0 +1,17 @@ +#!/sbin/runscript +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +description="Starts both the service and administrative APIs in a single process to provide catalog, authorization, and authentication services for OpenStack" + +command=/usr/bin/keystone-all +pidfile=/var/run/keystone.pid +required_files="${KEYSTONE_CONF:-/etc/keystone/keystone.conf}" + +start_stop_daemon_args="--background --make-pidfile --user ${KEYSTONE_USER:-keystone}" +command_args="${KEYSTONE_ARGS}" + +depend() { + need net +} diff --git a/sys-auth/keystone/keystone-2015.1.0.ebuild b/sys-auth/keystone/keystone-2015.1.0.ebuild new file mode 100644 index 000000000000..0361b7371f7b --- /dev/null +++ b/sys-auth/keystone/keystone-2015.1.0.ebuild @@ -0,0 +1,180 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +PYTHON_COMPAT=( python2_7 ) + +inherit distutils-r1 user + +DESCRIPTION="The Openstack authentication, authorization, and service catalog" +HOMEPAGE="https://launchpad.net/keystone" +SRC_URI="http://launchpad.net/${PN}/kilo/${PV}/+download/${P}.tar.gz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="amd64 x86" +IUSE="+sqlite memcached mongo mysql postgres ldap test" +REQUIRED_USE="|| ( mysql postgres sqlite )" + +DEPEND=" + dev-python/setuptools[${PYTHON_USEDEP}] + >=dev-python/pbr-0.8[${PYTHON_USEDEP}] + <dev-python/pbr-1.0[${PYTHON_USEDEP}] + test? ( + ${RDEPEND} + >=dev-python/hacking-0.10.0[${PYTHON_USEDEP}] + <dev-python/hacking-0.11[${PYTHON_USEDEP}] + >=dev-python/bashate-0.2[${PYTHON_USEDEP}] + dev-lang/python[sqlite] + memcached? ( + >=dev-python/python-memcached-1.48[${PYTHON_USEDEP}] + ) + mongo? ( + >=dev-python/pymongo-2.5[${PYTHON_USEDEP}] + <dev-python/pymongo-3.0[${PYTHON_USEDEP}] + ) + ldap? ( + dev-python/python-ldap[${PYTHON_USEDEP}] + >=dev-python/ldappool-1.0[${PYTHON_USEDEP}] + ) + >=dev-python/coverage-3.6[${PYTHON_USEDEP}] + >=dev-python/fixtures-0.3.14[${PYTHON_USEDEP}] + >=dev-python/lxml-2.3[${PYTHON_USEDEP}] + >=dev-python/mock-1.0[${PYTHON_USEDEP}] + >=dev-python/oslotest-1.5.1[${PYTHON_USEDEP}] + <dev-python/oslotest-1.6.0[${PYTHON_USEDEP}] + >=dev-python/sphinx-1.1.2[${PYTHON_USEDEP}] + !~dev-python/sphinx-1.2.0[${PYTHON_USEDEP}] + <dev-python/sphinx-1.3[${PYTHON_USEDEP}] + >=dev-python/webtest-2.0[${PYTHON_USEDEP}] + >=dev-python/subunit-0.0.18[${PYTHON_USEDEP}] + >=dev-python/testrepository-0.0.18[${PYTHON_USEDEP}] + >=dev-python/testtools-0.9.36[${PYTHON_USEDEP}] + !~dev-python/testtools-1.2.0[${PYTHON_USEDEP}] + >=dev-python/oslo-sphinx-2.5.0[${PYTHON_USEDEP}] + <dev-python/oslo-sphinx-2.6.0[${PYTHON_USEDEP}] + >=dev-python/tempest-lib-0.4.0[${PYTHON_USEDEP}] + )" +RDEPEND=" + >=dev-python/webob-1.2.3-r1[${PYTHON_USEDEP}] + >=dev-python/eventlet-0.16.1[${PYTHON_USEDEP}] + !~dev-python/eventlet-0.17.0[${PYTHON_USEDEP}] + >=dev-python/greenlet-0.3.2[${PYTHON_USEDEP}] + >=dev-python/netaddr-0.7.12[${PYTHON_USEDEP}] + >=dev-python/pastedeploy-1.5.0[${PYTHON_USEDEP}] + dev-python/paste[${PYTHON_USEDEP}] + >=dev-python/routes-1.12.3[${PYTHON_USEDEP}] + !~dev-python/routes-2.0[${PYTHON_USEDEP}] + >=dev-python/six-1.9.0[${PYTHON_USEDEP}] + sqlite? ( + >=dev-python/sqlalchemy-0.9.7[sqlite,${PYTHON_USEDEP}] + <=dev-python/sqlalchemy-0.9.99[sqlite,${PYTHON_USEDEP}] + ) + mysql? ( + dev-python/mysql-python + >=dev-python/sqlalchemy-0.9.7[${PYTHON_USEDEP}] + <=dev-python/sqlalchemy-0.9.99[${PYTHON_USEDEP}] + ) + postgres? ( + dev-python/psycopg:2 + >=dev-python/sqlalchemy-0.9.7[${PYTHON_USEDEP}] + <=dev-python/sqlalchemy-0.9.99[${PYTHON_USEDEP}] + ) + >=dev-python/sqlalchemy-migrate-0.9.5[${PYTHON_USEDEP}] + dev-python/passlib[${PYTHON_USEDEP}] + >=dev-python/iso8601-0.1.9[${PYTHON_USEDEP}] + >=dev-python/python-keystoneclient-1.1.0[${PYTHON_USEDEP}] + <dev-python/python-keystoneclient-1.4.0[${PYTHON_USEDEP}] + >=dev-python/keystonemiddleware-1.5.0[${PYTHON_USEDEP}] + <dev-python/keystonemiddleware-1.6.0[${PYTHON_USEDEP}] + >=dev-python/oslo-concurrency-1.8.0[${PYTHON_USEDEP}] + <dev-python/oslo-concurrency-1.9.0[${PYTHON_USEDEP}] + >=dev-python/oslo-config-1.9.3[${PYTHON_USEDEP}] + <dev-python/oslo-config-1.10.0[${PYTHON_USEDEP}] + >=dev-python/oslo-messaging-1.8.0[${PYTHON_USEDEP}] + <dev-python/oslo-messaging-1.9.0[${PYTHON_USEDEP}] + >=dev-python/oslo-db-1.7.0[${PYTHON_USEDEP}] + <dev-python/oslo-db-1.8.0[${PYTHON_USEDEP}] + >=dev-python/oslo-i18n-1.5.0[${PYTHON_USEDEP}] + <dev-python/oslo-i18n-1.6.0[${PYTHON_USEDEP}] + >=dev-python/oslo-log-1.0.0[${PYTHON_USEDEP}] + <dev-python/oslo-log-1.1.0[${PYTHON_USEDEP}] + >=dev-python/oslo-middleware-1.0.0[${PYTHON_USEDEP}] + <dev-python/oslo-middleware-1.1.0[${PYTHON_USEDEP}] + >=dev-python/oslo-policy-0.3.1[${PYTHON_USEDEP}] + <dev-python/oslo-policy-0.4.0[${PYTHON_USEDEP}] + >=dev-python/oslo-serialization-1.4.0[${PYTHON_USEDEP}] + <dev-python/oslo-serialization-1.5.0[${PYTHON_USEDEP}] + >=dev-python/oslo-utils-1.4.0[${PYTHON_USEDEP}] + <dev-python/oslo-utils-1.5.0[${PYTHON_USEDEP}] + >=dev-python/oauthlib-0.6.0[${PYTHON_USEDEP}] + dev-python/pysaml2[${PYTHON_USEDEP}] + >=dev-python/dogpile-cache-0.5.3[${PYTHON_USEDEP}] + >=dev-python/jsonschema-2.0.0[${PYTHON_USEDEP}] + <dev-python/jsonschema-3.0.0[${PYTHON_USEDEP}] + >=dev-python/pycadf-0.8.0[${PYTHON_USEDEP}] + <dev-python/pycadf-0.9.0[${PYTHON_USEDEP}] + dev-python/posix_ipc[${PYTHON_USEDEP}] + >=dev-python/msgpack-0.4.0[${PYTHON_USEDEP}]" + +PATCHES=( +) + +pkg_setup() { + enewgroup keystone + enewuser keystone -1 -1 /var/lib/keystone keystone +} + +python_prepare_all() { + # it's in git, but not in the tarball..... + mkdir -p ${PN}/tests/tmp/ || die + cp etc/keystone-paste.ini ${PN}/tests/tmp/ || die + distutils-r1_python_prepare_all +} + +# Ignore (naughty) test_.py files & 1 test that connect to the network +#-I 'test_keystoneclient*' \ +python_test() { + nosetests -I 'test_keystoneclient*' \ + -e test_static_translated_string_is_Message \ + -e test_get_token_id_error_handling \ + -e test_provider_token_expiration_validation \ + -e test_import --process-restartworker --process-timeout=60 || die "testsuite failed under python2.7" +} + +python_install() { + distutils-r1_python_install + newconfd "${FILESDIR}/keystone.confd" keystone + newinitd "${FILESDIR}/keystone.initd" keystone + + diropts -m 0750 + keepdir /etc/keystone /var/log/keystone + insinto /etc/keystone + doins etc/keystone.conf.sample etc/logging.conf.sample + doins etc/default_catalog.templates etc/policy.json + doins etc/policy.v3cloudsample.json etc/keystone-paste.ini + + fowners keystone:keystone /etc/keystone /var/log/keystone +} + +pkg_postinst() { + elog "You might want to run:" + elog "emerge --config =${CATEGORY}/${PF}" + elog "if this is a new install." + elog "If you have not already configured your openssl installation" + elog "please do it by modifying /etc/ssl/openssl.cnf" + elog "BEFORE issuing the configuration command." + elog "Otherwise default values will be used." +} + +pkg_config() { + if [ ! -d "${ROOT}"/etc/keystone/ssl ] ; then + einfo "Press ENTER to configure the keystone PKI, or Control-C to abort now..." + read + "${ROOT}"/usr/bin/keystone-manage pki_setup --keystone-user keystone --keystone-group keystone + else + einfo "keystone PKI certificates directory already present, skipping configuration" + fi +} diff --git a/sys-auth/keystone/keystone-2015.1.1.ebuild b/sys-auth/keystone/keystone-2015.1.1.ebuild new file mode 100644 index 000000000000..95763aac232a --- /dev/null +++ b/sys-auth/keystone/keystone-2015.1.1.ebuild @@ -0,0 +1,184 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +PYTHON_COMPAT=( python2_7 ) + +inherit distutils-r1 user + +DESCRIPTION="The Openstack authentication, authorization, and service catalog" +HOMEPAGE="https://launchpad.net/keystone" +SRC_URI="http://launchpad.net/${PN}/kilo/${PV}/+download/${P}.tar.gz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="+sqlite memcached mongo mysql postgres ldap test" +REQUIRED_USE="|| ( mysql postgres sqlite )" + +DEPEND=" + dev-python/setuptools[${PYTHON_USEDEP}] + >=dev-python/pbr-0.8[${PYTHON_USEDEP}] + <dev-python/pbr-1.0[${PYTHON_USEDEP}] + test? ( + ${RDEPEND} + >=dev-python/hacking-0.10.0[${PYTHON_USEDEP}] + <dev-python/hacking-0.11[${PYTHON_USEDEP}] + >=dev-python/bashate-0.2[${PYTHON_USEDEP}] + dev-lang/python[sqlite] + memcached? ( + >=dev-python/python-memcached-1.48[${PYTHON_USEDEP}] + ) + mongo? ( + >=dev-python/pymongo-2.6.3[${PYTHON_USEDEP}] + <dev-python/pymongo-3.0[${PYTHON_USEDEP}] + ) + ldap? ( + >=dev-python/python-ldap-2.4[${PYTHON_USEDEP}] + >=dev-python/ldappool-1.0[${PYTHON_USEDEP}] + ) + >=dev-python/coverage-3.6[${PYTHON_USEDEP}] + >=dev-python/fixtures-0.3.14[${PYTHON_USEDEP}] + <dev-python/fixtures-1.3.0[${PYTHON_USEDEP}] + >=dev-python/lxml-2.3[${PYTHON_USEDEP}] + >=dev-python/mock-1.0[${PYTHON_USEDEP}] + <dev-python/mock-1.1.0[${PYTHON_USEDEP}] + >=dev-python/oslotest-1.5.1[${PYTHON_USEDEP}] + <dev-python/oslotest-1.6.0[${PYTHON_USEDEP}] + >=dev-python/sphinx-1.1.2[${PYTHON_USEDEP}] + !~dev-python/sphinx-1.2.0[${PYTHON_USEDEP}] + <dev-python/sphinx-1.3[${PYTHON_USEDEP}] + >=dev-python/webtest-2.0[${PYTHON_USEDEP}] + >=dev-python/subunit-0.0.18[${PYTHON_USEDEP}] + >=dev-python/testrepository-0.0.18[${PYTHON_USEDEP}] + >=dev-python/testtools-0.9.36[${PYTHON_USEDEP}] + !~dev-python/testtools-1.2.0[${PYTHON_USEDEP}] + >=dev-python/oslo-sphinx-2.5.0[${PYTHON_USEDEP}] + <dev-python/oslo-sphinx-2.6.0[${PYTHON_USEDEP}] + >=dev-python/tempest-lib-0.4.0[${PYTHON_USEDEP}] + <dev-python/tempest-lib-0.5.0[${PYTHON_USEDEP}] + )" +RDEPEND=" + >=dev-python/webob-1.2.3-r1[${PYTHON_USEDEP}] + >=dev-python/eventlet-0.16.1[${PYTHON_USEDEP}] + !~dev-python/eventlet-0.17.0[${PYTHON_USEDEP}] + >=dev-python/greenlet-0.3.2[${PYTHON_USEDEP}] + >=dev-python/netaddr-0.7.12[${PYTHON_USEDEP}] + >=dev-python/pastedeploy-1.5.0[${PYTHON_USEDEP}] + dev-python/paste[${PYTHON_USEDEP}] + >=dev-python/routes-1.12.3[${PYTHON_USEDEP}] + !~dev-python/routes-2.0[${PYTHON_USEDEP}] + >=dev-python/cryptography-0.8[${PYTHON_USEDEP}] + >=dev-python/six-1.9.0[${PYTHON_USEDEP}] + sqlite? ( + >=dev-python/sqlalchemy-0.9.7[sqlite,${PYTHON_USEDEP}] + <=dev-python/sqlalchemy-0.9.99[sqlite,${PYTHON_USEDEP}] + ) + mysql? ( + dev-python/mysql-python + >=dev-python/sqlalchemy-0.9.7[${PYTHON_USEDEP}] + <=dev-python/sqlalchemy-0.9.99[${PYTHON_USEDEP}] + ) + postgres? ( + dev-python/psycopg:2 + >=dev-python/sqlalchemy-0.9.7[${PYTHON_USEDEP}] + <=dev-python/sqlalchemy-0.9.99[${PYTHON_USEDEP}] + ) + >=dev-python/sqlalchemy-migrate-0.9.5[${PYTHON_USEDEP}] + dev-python/passlib[${PYTHON_USEDEP}] + >=dev-python/iso8601-0.1.9[${PYTHON_USEDEP}] + >=dev-python/python-keystoneclient-1.2.0[${PYTHON_USEDEP}] + <dev-python/python-keystoneclient-1.4.0[${PYTHON_USEDEP}] + >=dev-python/keystonemiddleware-1.5.0[${PYTHON_USEDEP}] + <dev-python/keystonemiddleware-1.6.0[${PYTHON_USEDEP}] + >=dev-python/oslo-concurrency-1.8.0[${PYTHON_USEDEP}] + <dev-python/oslo-concurrency-1.9.0[${PYTHON_USEDEP}] + >=dev-python/oslo-config-1.9.3[${PYTHON_USEDEP}] + <dev-python/oslo-config-1.10.0[${PYTHON_USEDEP}] + >=dev-python/oslo-messaging-1.8.0[${PYTHON_USEDEP}] + <dev-python/oslo-messaging-1.9.0[${PYTHON_USEDEP}] + >=dev-python/oslo-db-1.7.0[${PYTHON_USEDEP}] + <dev-python/oslo-db-1.8.0[${PYTHON_USEDEP}] + >=dev-python/oslo-i18n-1.5.0[${PYTHON_USEDEP}] + <dev-python/oslo-i18n-1.6.0[${PYTHON_USEDEP}] + >=dev-python/oslo-log-1.0.0[${PYTHON_USEDEP}] + <dev-python/oslo-log-1.1.0[${PYTHON_USEDEP}] + >=dev-python/oslo-middleware-1.0.0[${PYTHON_USEDEP}] + <dev-python/oslo-middleware-1.1.0[${PYTHON_USEDEP}] + >=dev-python/oslo-policy-0.3.1[${PYTHON_USEDEP}] + <dev-python/oslo-policy-0.4.0[${PYTHON_USEDEP}] + >=dev-python/oslo-serialization-1.4.0[${PYTHON_USEDEP}] + <dev-python/oslo-serialization-1.5.0[${PYTHON_USEDEP}] + >=dev-python/oslo-utils-1.4.0[${PYTHON_USEDEP}] + <dev-python/oslo-utils-1.5.0[${PYTHON_USEDEP}] + >=dev-python/oauthlib-0.6.0[${PYTHON_USEDEP}] + dev-python/pysaml2[${PYTHON_USEDEP}] + >=dev-python/dogpile-cache-0.5.3[${PYTHON_USEDEP}] + >=dev-python/jsonschema-2.0.0[${PYTHON_USEDEP}] + <dev-python/jsonschema-3.0.0[${PYTHON_USEDEP}] + >=dev-python/pycadf-0.8.0[${PYTHON_USEDEP}] + <dev-python/pycadf-0.9.0[${PYTHON_USEDEP}] + dev-python/posix_ipc[${PYTHON_USEDEP}] + >=dev-python/msgpack-0.4.0[${PYTHON_USEDEP}]" + +PATCHES=( +) + +pkg_setup() { + enewgroup keystone + enewuser keystone -1 -1 /var/lib/keystone keystone +} + +python_prepare_all() { + # it's in git, but not in the tarball..... + mkdir -p ${PN}/tests/tmp/ || die + cp etc/keystone-paste.ini ${PN}/tests/tmp/ || die + distutils-r1_python_prepare_all +} + +# Ignore (naughty) test_.py files & 1 test that connect to the network +#-I 'test_keystoneclient*' \ +python_test() { + nosetests -I 'test_keystoneclient*' \ + -e test_static_translated_string_is_Message \ + -e test_get_token_id_error_handling \ + -e test_provider_token_expiration_validation \ + -e test_import --process-restartworker --process-timeout=60 || die "testsuite failed under python2.7" +} + +python_install() { + distutils-r1_python_install + newconfd "${FILESDIR}/keystone.confd" keystone + newinitd "${FILESDIR}/keystone.initd" keystone + + diropts -m 0750 + keepdir /etc/keystone /var/log/keystone + insinto /etc/keystone + doins etc/keystone.conf.sample etc/logging.conf.sample + doins etc/default_catalog.templates etc/policy.json + doins etc/policy.v3cloudsample.json etc/keystone-paste.ini + + fowners keystone:keystone /etc/keystone /var/log/keystone +} + +pkg_postinst() { + elog "You might want to run:" + elog "emerge --config =${CATEGORY}/${PF}" + elog "if this is a new install." + elog "If you have not already configured your openssl installation" + elog "please do it by modifying /etc/ssl/openssl.cnf" + elog "BEFORE issuing the configuration command." + elog "Otherwise default values will be used." +} + +pkg_config() { + if [ ! -d "${ROOT}"/etc/keystone/ssl ] ; then + einfo "Press ENTER to configure the keystone PKI, or Control-C to abort now..." + read + "${ROOT}"/usr/bin/keystone-manage pki_setup --keystone-user keystone --keystone-group keystone + else + einfo "keystone PKI certificates directory already present, skipping configuration" + fi +} diff --git a/sys-auth/keystone/keystone-2015.1.9999.ebuild b/sys-auth/keystone/keystone-2015.1.9999.ebuild new file mode 100644 index 000000000000..843687a1777b --- /dev/null +++ b/sys-auth/keystone/keystone-2015.1.9999.ebuild @@ -0,0 +1,185 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +PYTHON_COMPAT=( python2_7 ) + +inherit distutils-r1 git-2 user + +DESCRIPTION="The Openstack authentication, authorization, and service catalog" +HOMEPAGE="https://launchpad.net/keystone" +EGIT_REPO_URI="https://github.com/openstack/keystone.git" +EGIT_BRANCH="stable/kilo" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="" +IUSE="+sqlite memcached mongo mysql postgres ldap test" +REQUIRED_USE="|| ( mysql postgres sqlite )" + +DEPEND=" + dev-python/setuptools[${PYTHON_USEDEP}] + >=dev-python/pbr-0.8[${PYTHON_USEDEP}] + <dev-python/pbr-1.0[${PYTHON_USEDEP}] + test? ( + ${RDEPEND} + >=dev-python/hacking-0.10.0[${PYTHON_USEDEP}] + <dev-python/hacking-0.11[${PYTHON_USEDEP}] + >=dev-python/bashate-0.2[${PYTHON_USEDEP}] + dev-lang/python[sqlite] + memcached? ( + >=dev-python/python-memcached-1.48[${PYTHON_USEDEP}] + ) + mongo? ( + >=dev-python/pymongo-2.6.3[${PYTHON_USEDEP}] + <dev-python/pymongo-3.0[${PYTHON_USEDEP}] + ) + ldap? ( + >=dev-python/python-ldap-2.4[${PYTHON_USEDEP}] + >=dev-python/ldappool-1.0[${PYTHON_USEDEP}] + ) + >=dev-python/coverage-3.6[${PYTHON_USEDEP}] + >=dev-python/fixtures-0.3.14[${PYTHON_USEDEP}] + <dev-python/fixtures-1.3.0[${PYTHON_USEDEP}] + >=dev-python/lxml-2.3[${PYTHON_USEDEP}] + >=dev-python/mock-1.0[${PYTHON_USEDEP}] + <dev-python/mock-1.1.0[${PYTHON_USEDEP}] + >=dev-python/oslotest-1.5.1[${PYTHON_USEDEP}] + <dev-python/oslotest-1.6.0[${PYTHON_USEDEP}] + >=dev-python/sphinx-1.1.2[${PYTHON_USEDEP}] + !~dev-python/sphinx-1.2.0[${PYTHON_USEDEP}] + <dev-python/sphinx-1.3[${PYTHON_USEDEP}] + >=dev-python/webtest-2.0[${PYTHON_USEDEP}] + >=dev-python/subunit-0.0.18[${PYTHON_USEDEP}] + >=dev-python/testrepository-0.0.18[${PYTHON_USEDEP}] + >=dev-python/testtools-0.9.36[${PYTHON_USEDEP}] + !~dev-python/testtools-1.2.0[${PYTHON_USEDEP}] + >=dev-python/oslo-sphinx-2.5.0[${PYTHON_USEDEP}] + <dev-python/oslo-sphinx-2.6.0[${PYTHON_USEDEP}] + >=dev-python/tempest-lib-0.4.0[${PYTHON_USEDEP}] + <dev-python/tempest-lib-0.5.0[${PYTHON_USEDEP}] + )" +RDEPEND=" + >=dev-python/webob-1.2.3-r1[${PYTHON_USEDEP}] + >=dev-python/eventlet-0.16.1[${PYTHON_USEDEP}] + !~dev-python/eventlet-0.17.0[${PYTHON_USEDEP}] + >=dev-python/greenlet-0.3.2[${PYTHON_USEDEP}] + >=dev-python/netaddr-0.7.12[${PYTHON_USEDEP}] + >=dev-python/pastedeploy-1.5.0[${PYTHON_USEDEP}] + dev-python/paste[${PYTHON_USEDEP}] + >=dev-python/routes-1.12.3[${PYTHON_USEDEP}] + !~dev-python/routes-2.0[${PYTHON_USEDEP}] + >=dev-python/cryptography-0.8[${PYTHON_USEDEP}] + >=dev-python/six-1.9.0[${PYTHON_USEDEP}] + sqlite? ( + >=dev-python/sqlalchemy-0.9.7[sqlite,${PYTHON_USEDEP}] + <=dev-python/sqlalchemy-0.9.99[sqlite,${PYTHON_USEDEP}] + ) + mysql? ( + dev-python/mysql-python + >=dev-python/sqlalchemy-0.9.7[${PYTHON_USEDEP}] + <=dev-python/sqlalchemy-0.9.99[${PYTHON_USEDEP}] + ) + postgres? ( + dev-python/psycopg:2 + >=dev-python/sqlalchemy-0.9.7[${PYTHON_USEDEP}] + <=dev-python/sqlalchemy-0.9.99[${PYTHON_USEDEP}] + ) + >=dev-python/sqlalchemy-migrate-0.9.5[${PYTHON_USEDEP}] + dev-python/passlib[${PYTHON_USEDEP}] + >=dev-python/iso8601-0.1.9[${PYTHON_USEDEP}] + >=dev-python/python-keystoneclient-1.2.0[${PYTHON_USEDEP}] + <dev-python/python-keystoneclient-1.4.0[${PYTHON_USEDEP}] + >=dev-python/keystonemiddleware-1.5.0[${PYTHON_USEDEP}] + <dev-python/keystonemiddleware-1.6.0[${PYTHON_USEDEP}] + >=dev-python/oslo-concurrency-1.8.0[${PYTHON_USEDEP}] + <dev-python/oslo-concurrency-1.9.0[${PYTHON_USEDEP}] + >=dev-python/oslo-config-1.9.3[${PYTHON_USEDEP}] + <dev-python/oslo-config-1.10.0[${PYTHON_USEDEP}] + >=dev-python/oslo-messaging-1.8.0[${PYTHON_USEDEP}] + <dev-python/oslo-messaging-1.9.0[${PYTHON_USEDEP}] + >=dev-python/oslo-db-1.7.0[${PYTHON_USEDEP}] + <dev-python/oslo-db-1.8.0[${PYTHON_USEDEP}] + >=dev-python/oslo-i18n-1.5.0[${PYTHON_USEDEP}] + <dev-python/oslo-i18n-1.6.0[${PYTHON_USEDEP}] + >=dev-python/oslo-log-1.0.0[${PYTHON_USEDEP}] + <dev-python/oslo-log-1.1.0[${PYTHON_USEDEP}] + >=dev-python/oslo-middleware-1.0.0[${PYTHON_USEDEP}] + <dev-python/oslo-middleware-1.1.0[${PYTHON_USEDEP}] + >=dev-python/oslo-policy-0.3.1[${PYTHON_USEDEP}] + <dev-python/oslo-policy-0.4.0[${PYTHON_USEDEP}] + >=dev-python/oslo-serialization-1.4.0[${PYTHON_USEDEP}] + <dev-python/oslo-serialization-1.5.0[${PYTHON_USEDEP}] + >=dev-python/oslo-utils-1.4.0[${PYTHON_USEDEP}] + <dev-python/oslo-utils-1.5.0[${PYTHON_USEDEP}] + >=dev-python/oauthlib-0.6.0[${PYTHON_USEDEP}] + dev-python/pysaml2[${PYTHON_USEDEP}] + >=dev-python/dogpile-cache-0.5.3[${PYTHON_USEDEP}] + >=dev-python/jsonschema-2.0.0[${PYTHON_USEDEP}] + <dev-python/jsonschema-3.0.0[${PYTHON_USEDEP}] + >=dev-python/pycadf-0.8.0[${PYTHON_USEDEP}] + <dev-python/pycadf-0.9.0[${PYTHON_USEDEP}] + dev-python/posix_ipc[${PYTHON_USEDEP}] + >=dev-python/msgpack-0.4.0[${PYTHON_USEDEP}]" + +PATCHES=( +) + +pkg_setup() { + enewgroup keystone + enewuser keystone -1 -1 /var/lib/keystone keystone +} + +python_prepare_all() { + # it's in git, but not in the tarball..... + mkdir -p ${PN}/tests/tmp/ || die + cp etc/keystone-paste.ini ${PN}/tests/tmp/ || die + distutils-r1_python_prepare_all +} + +# Ignore (naughty) test_.py files & 1 test that connect to the network +#-I 'test_keystoneclient*' \ +python_test() { + nosetests -I 'test_keystoneclient*' \ + -e test_static_translated_string_is_Message \ + -e test_get_token_id_error_handling \ + -e test_provider_token_expiration_validation \ + -e test_import --process-restartworker --process-timeout=60 || die "testsuite failed under python2.7" +} + +python_install() { + distutils-r1_python_install + newconfd "${FILESDIR}/keystone.confd" keystone + newinitd "${FILESDIR}/keystone.initd" keystone + + diropts -m 0750 + keepdir /etc/keystone /var/log/keystone + insinto /etc/keystone + doins etc/keystone.conf.sample etc/logging.conf.sample + doins etc/default_catalog.templates etc/policy.json + doins etc/policy.v3cloudsample.json etc/keystone-paste.ini + + fowners keystone:keystone /etc/keystone /var/log/keystone +} + +pkg_postinst() { + elog "You might want to run:" + elog "emerge --config =${CATEGORY}/${PF}" + elog "if this is a new install." + elog "If you have not already configured your openssl installation" + elog "please do it by modifying /etc/ssl/openssl.cnf" + elog "BEFORE issuing the configuration command." + elog "Otherwise default values will be used." +} + +pkg_config() { + if [ ! -d "${ROOT}"/etc/keystone/ssl ] ; then + einfo "Press ENTER to configure the keystone PKI, or Control-C to abort now..." + read + "${ROOT}"/usr/bin/keystone-manage pki_setup --keystone-user keystone --keystone-group keystone + else + einfo "keystone PKI certificates directory already present, skipping configuration" + fi +} diff --git a/sys-auth/keystone/metadata.xml b/sys-auth/keystone/metadata.xml new file mode 100644 index 000000000000..02cace46cf77 --- /dev/null +++ b/sys-auth/keystone/metadata.xml @@ -0,0 +1,20 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <use> + <flag name="memcached">Installs dependencies needed for using memcached as a backend</flag> + <flag name="mongo">Installs dependencies needed for using mongo as a backend</flag> + </use> + <herd>openstack</herd> + <maintainer> + <email>prometheanfire@gentoo.org</email> + <name>Matthew Thode</name> + </maintainer> + <longdescription lang="en"> + Keystone is the Openstack authentication, authorization, and service + catalog written in Python. + </longdescription> + <upstream> + <remote-id type="launchpad">keystone</remote-id> + </upstream> +</pkgmetadata> diff --git a/sys-auth/libfprint/Manifest b/sys-auth/libfprint/Manifest new file mode 100644 index 000000000000..597400411cb9 --- /dev/null +++ b/sys-auth/libfprint/Manifest @@ -0,0 +1,4 @@ +DIST libfprint-0.4.0.tar.bz2 228518 SHA256 58f4056f498b8ba564a8ba2ee4a59cf2c3edb53c03e5df390fcf77be75ea7117 SHA512 26361101f5b73f722c14109d7e9cb78738968d2cfc6fcb824dc56f0044c8cd866fcb57e7f432e3ec3eeba956d92b2a091b5daed77c992f61d75cb3ed323adc09 WHIRLPOOL 94502f1350c1d6a1f401671f739f0bd42a581aaff97f1f89517c3c76eeebbef7783ec673a0834e43335a5c8d3231eafcf1c23f6b1ad769e909872844b114b650 +DIST libfprint-0.5.0.tar.bz2 277118 SHA256 1d4d6832fe61e934a40cbe2b9fe9a92153ddccb5c874fce10f476f1113c1d76c SHA512 2a5a4d45bd11060964e34c70b2a41e45d220e3b97d07a962c939ec84988a85a4d97898c86b1e7f7c571d85bb7f4333231cf327f62907b40e6a1262cc5b365981 WHIRLPOOL a3c7763ab62d65e2bdf44e93a5230dcbde7065121427063c8b3bb19d597be1f1b5ae58e55e1e635b03eb004f1e08085585958b5ae0d85a5004dff939657190ad +DIST libfprint-0.5.1-add-vfs5011-driver.patch 338763 SHA256 329af64cc7273d46a56c603b8d242a51d3485655d475548ea47c66ef874946dd SHA512 446de6dea67c4b4d257f5427b5981f28ba6ab422dcd022862541e6216c1733f146f86ee5a8ad855c142ce1bc7795c72820112d68d68bb74bd68751a02dd42fb5 WHIRLPOOL d08b0011a0363497079c9a16b35e2eae64976c1a3b840e92560c55b399770e62ed4940278c729d24129e34503269876c8bd54d923b7656785ad1cda3ee6c0e1c +DIST libfprint-0.5.1.tar.bz2 277342 SHA256 0a2ea0e3bd4115bbe7261a0f43d5091ca32f9eaf8ca3364cca2b89c0f30c7962 SHA512 e1596e28f2730501b5957d2b4365f8eead7c0941434d064ceb6e5321d0e8495e71ab576b214881441bf1abc6ecba2b3ffafe5027f738f80c8c38b4e95866c8c7 WHIRLPOOL 444798713bf7603f7aa2bde104c9a62049566fa1e1e5bcf442d3f6212561dae41c69f579a6c5bc9a8df8efd09a60f12b8eb5b9909d1884413ea7e7caba637a37 diff --git a/sys-auth/libfprint/files/libfprint-0.5.0-automake-1.13.patch b/sys-auth/libfprint/files/libfprint-0.5.0-automake-1.13.patch new file mode 100644 index 000000000000..e82082ab6d6a --- /dev/null +++ b/sys-auth/libfprint/files/libfprint-0.5.0-automake-1.13.patch @@ -0,0 +1,24 @@ +From 43eca622cd49b58c87157e1ff1a2fcfdfba0934e Mon Sep 17 00:00:00 2001 +From: Vasily Khoruzhick <anarsoul@gmail.com> +Date: Sun, 13 Jan 2013 13:42:13 +0000 +Subject: configure.ac: Use AC_CONFIG_HEADERS + +AM_CONFIG_HEADER is obsolete, use AC_CONFIG_HEADERS instead of it. + +https://bugs.freedesktop.org/show_bug.cgi?id=59320 +--- +diff --git a/configure.ac b/configure.ac +index 6737256..978ef0d 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -2,7 +2,7 @@ AC_INIT([libfprint], [0.5.0]) + AM_INIT_AUTOMAKE([1.11 no-dist-gzip dist-xz check-news]) + AC_CONFIG_MACRO_DIR([m4]) + AC_CONFIG_SRCDIR([libfprint/core.c]) +-AM_CONFIG_HEADER([config.h]) ++AC_CONFIG_HEADERS([config.h]) + + # Enable silent build when available (Automake 1.11) + m4_ifdef([AM_SILENT_RULES],[AM_SILENT_RULES([yes])]) +-- +cgit v0.9.0.2-2-gbebe diff --git a/sys-auth/libfprint/files/libfprint-0.5.0-support-147e_2020.patch b/sys-auth/libfprint/files/libfprint-0.5.0-support-147e_2020.patch new file mode 100644 index 000000000000..98f72aed5a0d --- /dev/null +++ b/sys-auth/libfprint/files/libfprint-0.5.0-support-147e_2020.patch @@ -0,0 +1,48 @@ +From 3b3679c900f6739f7067f8d720e15d548bb39be9 Mon Sep 17 00:00:00 2001 +From: Vasily Khoruzhick <anarsoul@gmail.com> +Date: Sun, 13 Jan 2013 13:43:38 +0000 +Subject: upeke2: Add support for 147e:2020 ID + +https://bugs.freedesktop.org/show_bug.cgi?id=59320 +--- +diff --git a/libfprint/drivers/upeke2.c b/libfprint/drivers/upeke2.c +index ed8f43d..a7db54d 100644 +--- a/libfprint/drivers/upeke2.c ++++ b/libfprint/drivers/upeke2.c +@@ -46,6 +46,11 @@ + #define MSG_READ_BUF_SIZE 0x40 + #define MAX_DATA_IN_READ_BUF (MSG_READ_BUF_SIZE - 9) + ++enum { ++ UPEKE2_2016, ++ UPEKE2_2020, ++}; ++ + struct upeke2_dev { + gboolean enroll_passed; + gboolean first_verify_iteration; +@@ -848,8 +853,10 @@ static struct fpi_ssm *deinitsm_new(struct fp_dev *dev) + + static int discover(struct libusb_device_descriptor *dsc, uint32_t *devtype) + { +- /* Revision 2 is what we're interested in */ +- if (dsc->bcdDevice == 2) ++ if (dsc->idProduct == 0x2016 && dsc->bcdDevice == 2) ++ return 1; ++ ++ if (dsc->idProduct == 0x2020 && dsc->bcdDevice == 1) + return 1; + + return 0; +@@ -1453,7 +1460,8 @@ static int verify_stop(struct fp_dev *dev, gboolean iterating) + } + + static const struct usb_id id_table[] = { +- { .vendor = 0x147e, .product = 0x2016 }, ++ { .vendor = 0x147e, .product = 0x2016, .driver_data = UPEKE2_2016 }, ++ { .vendor = 0x147e, .product = 0x2020, .driver_data = UPEKE2_2020 }, + { 0, 0, 0, }, /* terminating entry */ + }; + +-- +cgit v0.9.0.2-2-gbebe diff --git a/sys-auth/libfprint/libfprint-0.4.0.ebuild b/sys-auth/libfprint/libfprint-0.4.0.ebuild new file mode 100644 index 000000000000..21f014a28a38 --- /dev/null +++ b/sys-auth/libfprint/libfprint-0.4.0.ebuild @@ -0,0 +1,52 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=4 + +inherit autotools eutils udev + +MY_PV="v_${PV//./_}" +DESCRIPTION="library to add support for consumer fingerprint readers" +HOMEPAGE="http://cgit.freedesktop.org/libfprint/libfprint/" +SRC_URI="http://cgit.freedesktop.org/${PN}/${PN}/snapshot/${MY_PV}.tar.bz2 -> ${P}.tar.bz2" + +LICENSE="LGPL-2.1" +SLOT="0" +KEYWORDS="alpha amd64 arm ia64 ppc ppc64 sparc x86" +IUSE="debug static-libs" + +RDEPEND="virtual/libusb:1 + dev-libs/nss + || ( media-gfx/imagemagick media-gfx/graphicsmagick[imagemagick] x11-libs/gdk-pixbuf )" +DEPEND="${RDEPEND} + virtual/pkgconfig" + +S=${WORKDIR}/${MY_PV} + +src_prepare() { + mkdir m4 || die + eautoreconf +} + +pkg_setup() { + einfo + elog "This version does not support fdu2000 and upektc (yet)." + einfo +} + +src_configure() { + econf \ + $(use_enable debug debug-log) \ + $(use_enable static-libs static) +} + +src_install() { + emake \ + DESTDIR="${D}" \ + udev_rulesdir="$(get_udevdir)/rules.d" \ + install + + prune_libtool_files + dodoc AUTHORS HACKING NEWS README THANKS TODO +} diff --git a/sys-auth/libfprint/libfprint-0.5.0-r1.ebuild b/sys-auth/libfprint/libfprint-0.5.0-r1.ebuild new file mode 100644 index 000000000000..85f373bc462b --- /dev/null +++ b/sys-auth/libfprint/libfprint-0.5.0-r1.ebuild @@ -0,0 +1,48 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=4 + +inherit autotools eutils udev vcs-snapshot + +MY_PV="v_${PV//./_}" +DESCRIPTION="library to add support for consumer fingerprint readers" +HOMEPAGE="http://cgit.freedesktop.org/libfprint/libfprint/" +SRC_URI="http://cgit.freedesktop.org/${PN}/${PN}/snapshot/${MY_PV}.tar.bz2 -> ${P}.tar.bz2" + +LICENSE="LGPL-2.1" +SLOT="0" +KEYWORDS="alpha amd64 ia64 ppc ppc64 x86" +IUSE="debug static-libs" + +RDEPEND="virtual/libusb:1 + dev-libs/nss + || ( media-gfx/imagemagick media-gfx/graphicsmagick[imagemagick] x11-libs/gdk-pixbuf )" +DEPEND="${RDEPEND} + virtual/pkgconfig" + +src_prepare() { + epatch "${FILESDIR}/${P}-automake-1.13.patch" + epatch "${FILESDIR}/${P}-support-147e_2020.patch" + eautoreconf +} + +src_configure() { + econf \ + --with-drivers=all \ + $(use_enable debug debug-log) \ + $(use_enable static-libs static) \ + -enable-udev-rules \ + --with-udev-rules-dir=$(get_udevdir)/rules.d + # --disable-udev-rules fails https://bugs.freedesktop.org/show_bug.cgi?id=59076 + # $(use_enable udev udev-rules) \ +} + +src_install() { + emake DESTDIR="${D}" install + + prune_libtool_files + + dodoc AUTHORS HACKING NEWS README THANKS TODO +} diff --git a/sys-auth/libfprint/libfprint-0.5.0.ebuild b/sys-auth/libfprint/libfprint-0.5.0.ebuild new file mode 100644 index 000000000000..50d8c817e468 --- /dev/null +++ b/sys-auth/libfprint/libfprint-0.5.0.ebuild @@ -0,0 +1,47 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=4 + +inherit autotools eutils udev vcs-snapshot + +MY_PV="v_${PV//./_}" +DESCRIPTION="library to add support for consumer fingerprint readers" +HOMEPAGE="http://cgit.freedesktop.org/libfprint/libfprint/" +SRC_URI="http://cgit.freedesktop.org/${PN}/${PN}/snapshot/${MY_PV}.tar.bz2 -> ${P}.tar.bz2" + +LICENSE="LGPL-2.1" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~ia64 ~ppc ~ppc64 ~x86" +IUSE="debug static-libs" + +RDEPEND="virtual/libusb:1 + dev-libs/nss + || ( media-gfx/imagemagick media-gfx/graphicsmagick[imagemagick] x11-libs/gdk-pixbuf )" +DEPEND="${RDEPEND} + virtual/pkgconfig" + +src_prepare() { + epatch "${FILESDIR}/${P}-automake-1.13.patch" + eautoreconf +} + +src_configure() { + econf \ + --with-drivers=all \ + $(use_enable debug debug-log) \ + $(use_enable static-libs static) \ + -enable-udev-rules \ + --with-udev-rules-dir=$(get_udevdir)/rules.d + # --disable-udev-rules fails https://bugs.freedesktop.org/show_bug.cgi?id=59076 + # $(use_enable udev udev-rules) \ +} + +src_install() { + emake DESTDIR="${D}" install + + prune_libtool_files + + dodoc AUTHORS HACKING NEWS README THANKS TODO +} diff --git a/sys-auth/libfprint/libfprint-0.5.1-r1.ebuild b/sys-auth/libfprint/libfprint-0.5.1-r1.ebuild new file mode 100644 index 000000000000..7311c2279d4b --- /dev/null +++ b/sys-auth/libfprint/libfprint-0.5.1-r1.ebuild @@ -0,0 +1,48 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +inherit autotools eutils udev vcs-snapshot + +MY_PV="v_${PV//./_}" +DESCRIPTION="library to add support for consumer fingerprint readers" +HOMEPAGE="http://cgit.freedesktop.org/libfprint/libfprint/" +SRC_URI="http://cgit.freedesktop.org/${PN}/${PN}/snapshot/${MY_PV}.tar.bz2 -> ${P}.tar.bz2 + http://dev.gentoo.org/~patrick/libfprint-0.5.1-add-vfs5011-driver.patch" + +LICENSE="LGPL-2.1" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~ia64 ~ppc ~ppc64 ~x86" +IUSE="debug static-libs" + +RDEPEND="virtual/libusb:1 + dev-libs/nss + || ( media-gfx/imagemagick media-gfx/graphicsmagick[imagemagick] x11-libs/gdk-pixbuf )" +DEPEND="${RDEPEND} + virtual/pkgconfig" + +src_prepare() { + epatch "${DISTDIR}/${P}-add-vfs5011-driver.patch" || die + eautoreconf +} + +src_configure() { + econf \ + --with-drivers=all \ + $(use_enable debug debug-log) \ + $(use_enable static-libs static) \ + -enable-udev-rules \ + --with-udev-rules-dir=$(get_udevdir)/rules.d + # --disable-udev-rules fails https://bugs.freedesktop.org/show_bug.cgi?id=59076 + # $(use_enable udev udev-rules) \ +} + +src_install() { + emake DESTDIR="${D}" install + + prune_libtool_files + + dodoc AUTHORS HACKING NEWS README THANKS TODO +} diff --git a/sys-auth/libfprint/libfprint-0.5.1.ebuild b/sys-auth/libfprint/libfprint-0.5.1.ebuild new file mode 100644 index 000000000000..e4e7f348e13c --- /dev/null +++ b/sys-auth/libfprint/libfprint-0.5.1.ebuild @@ -0,0 +1,46 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=4 + +inherit autotools eutils udev vcs-snapshot + +MY_PV="v_${PV//./_}" +DESCRIPTION="library to add support for consumer fingerprint readers" +HOMEPAGE="http://cgit.freedesktop.org/libfprint/libfprint/" +SRC_URI="http://cgit.freedesktop.org/${PN}/${PN}/snapshot/${MY_PV}.tar.bz2 -> ${P}.tar.bz2" + +LICENSE="LGPL-2.1" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~ia64 ~ppc ~ppc64 ~x86" +IUSE="debug static-libs" + +RDEPEND="virtual/libusb:1 + dev-libs/nss + || ( media-gfx/imagemagick media-gfx/graphicsmagick[imagemagick] x11-libs/gdk-pixbuf )" +DEPEND="${RDEPEND} + virtual/pkgconfig" + +src_prepare() { + eautoreconf +} + +src_configure() { + econf \ + --with-drivers=all \ + $(use_enable debug debug-log) \ + $(use_enable static-libs static) \ + -enable-udev-rules \ + --with-udev-rules-dir=$(get_udevdir)/rules.d + # --disable-udev-rules fails https://bugs.freedesktop.org/show_bug.cgi?id=59076 + # $(use_enable udev udev-rules) \ +} + +src_install() { + emake DESTDIR="${D}" install + + prune_libtool_files + + dodoc AUTHORS HACKING NEWS README THANKS TODO +} diff --git a/sys-auth/libfprint/metadata.xml b/sys-auth/libfprint/metadata.xml new file mode 100644 index 000000000000..506bfe24122f --- /dev/null +++ b/sys-auth/libfprint/metadata.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<maintainer> +<email>xmw@gentoo.org</email> +<name>Michael Weber</name> +</maintainer> +<upstream> + <bugs-to>https://bugs.freedesktop.org/enter_bug.cgi?product=libfprint</bugs-to> +</upstream> +</pkgmetadata> diff --git a/sys-auth/libnss-cache/Manifest b/sys-auth/libnss-cache/Manifest new file mode 100644 index 000000000000..9f2eaf863a57 --- /dev/null +++ b/sys-auth/libnss-cache/Manifest @@ -0,0 +1,3 @@ +DIST libnss-cache-0.1.tar.gz 7371 SHA256 d7931100d0de9d4ce0e169d2bc06df85945495444d110f8fe57b312eb4464b94 +DIST libnss-cache-0.10.1.tar.gz 11339 SHA256 3dc52c23b9dca2c97c4e685f4cb0d61ac3f0337504f2852ebee2b654606013a2 SHA512 09de9234622df0e31d342134ce54475547694eee1fbca2ce61cfeab5b0000b9a21672c48db347221a14859d81cced8d85d298eda1b65c18f8b610b6a3761ea74 WHIRLPOOL 1b454dec80060c3da79c95505eae1a6463fdfe10335cd1e9e69f30b93f9e62caec7da517c87c0457e1d940d0e7d42700cdb179e72317d012ef29304e5530e3d8 +DIST libnss-cache-0.10.2.tar.gz 11967 SHA256 8f0bd1583a0368534ae537552ffb667720134d94375d66b11898faf5cfba7728 SHA512 453624e85ff2692f0724f578ad72df76c96ecb2657eb3a701349025811af4e0c3ecf8e42c35a9a4eddabf4e731c361f4235d7cef34a61aec2e80e1b8728ea98f WHIRLPOOL 00f68545ac5f1a7b7cdb814650fadd29780006786e55398b5d1c6f0767c6039ab91685664f5471dadd7990195414ab7bb73fe7e50cfa5b74d38fc8758576c9f3 diff --git a/sys-auth/libnss-cache/files/libnss-cache-0.1-r1-make-install.patch b/sys-auth/libnss-cache/files/libnss-cache-0.1-r1-make-install.patch new file mode 100644 index 000000000000..798aa2f0ef33 --- /dev/null +++ b/sys-auth/libnss-cache/files/libnss-cache-0.1-r1-make-install.patch @@ -0,0 +1,34 @@ +--- Makefile 2010-09-15 02:16:20.851387801 +0200 ++++ Makefile 2010-09-15 02:23:26.651387798 +0200 +@@ -1,21 +1,24 @@ +-CC=gcc ++CC?=gcc + #CFLAGS=-Wall -fPIC -DDEBUG -g -O0 +-CFLAGS=-Wall -fPIC ++CFLAGS+=-Wall -fPIC ++LDFLAGS+= + LIBRARY=libnss_cache.so.2.0 + LINKS=libnss_cache.so.2 libnss_cache.so ++DESTDIR?= + PREFIX=/usr + BUILD=.libs +-LIBDIR=$(PREFIX)/lib ++LIBDIR?=$(PREFIX)/lib ++SONAME=libnss_cache.so.2 + + nss_cache: + [ -d $(BUILD) ] || mkdir $(BUILD) + $(CC) $(CFLAGS) -c nss_cache.c -o $(BUILD)/nss_cache.o +- $(CC) -shared -o $(BUILD)/$(LIBRARY) $(BUILD)/nss_cache.o ++ $(CC) -shared -Wl,-soname,$(SONAME) -o $(BUILD)/$(LIBRARY) $(BUILD)/nss_cache.o $(LDFLAGS) + + clean: + rm -rf $(BUILD) + + install: +- [ -d $(LIBDIR) ] || install -d $(LIBDIR) +- install $(BUILD)/$(LIBRARY) $(LIBDIR) +- cd $(LIBDIR); for link in $(LINKS); do ln -sf $(LIBRARY) $$link ; done ++ [ -d $(DESTDIR)$(LIBDIR) ] || install -d $(DESTDIR)$(LIBDIR) ++ install $(BUILD)/$(LIBRARY) $(DESTDIR)$(LIBDIR) ++ cd $(DESTDIR)$(LIBDIR); for link in $(LINKS); do ln -sf $(LIBRARY) $$link ; done diff --git a/sys-auth/libnss-cache/files/libnss-cache-0.10-fix-shadow-test.patch b/sys-auth/libnss-cache/files/libnss-cache-0.10-fix-shadow-test.patch new file mode 100644 index 000000000000..e68546c603a2 --- /dev/null +++ b/sys-auth/libnss-cache/files/libnss-cache-0.10-fix-shadow-test.patch @@ -0,0 +1,12 @@ +diff -Nuar libnss-cache-0.10.orig//gen_getent.c libnss-cache-0.10//gen_getent.c +--- libnss-cache-0.10.orig//gen_getent.c 2011-01-10 19:56:01.000000000 +0000 ++++ libnss-cache-0.10//gen_getent.c 2011-01-13 06:43:05.475875153 +0000 +@@ -133,7 +133,7 @@ + int errnop; + enum nss_status ret; + +- _nss_cache_setpwent_path(SHADOW_FILE); ++ _nss_cache_setspent_path(SHADOW_FILE); + + buffer = malloc(buflen); + diff --git a/sys-auth/libnss-cache/files/libnss-cache-0.10.1-make.patch b/sys-auth/libnss-cache/files/libnss-cache-0.10.1-make.patch new file mode 100644 index 000000000000..b1ba149529c3 --- /dev/null +++ b/sys-auth/libnss-cache/files/libnss-cache-0.10.1-make.patch @@ -0,0 +1,49 @@ +diff --git a/Makefile b/Makefile +index 1e34d3b..563e467 100644 +--- a/Makefile ++++ b/Makefile +@@ -1,16 +1,16 @@ +-CC=gcc ++CC?=gcc + #CFLAGS=-Wall -Wstrict-prototypes -Werror -fPIC -DDEBUG -g -O0 +-CFLAGS=-Wall -Wstrict-prototypes -Werror -fPIC ++CFLAGS+=-Wall -Wstrict-prototypes -fPIC + LIBRARY=libnss_cache.so.2.0 + LINKS=libnss_cache.so.2 libnss_cache.so +-DESTDIR=/ +-PREFIX=$(DESTDIR)/usr ++DESTDIR?= ++PREFIX?=$(DESTDIR)/usr + BUILD=.libs + BUILD64=.libs64 + BUILD32=.libs32 +-LIBDIR=$(PREFIX)/lib +-LIBDIR64=$(PREFIX)/lib64 +-LIBDIR32=$(PREFIX)/lib32 ++LIBDIR?=$(PREFIX)/lib ++LIBDIR64?=$(PREFIX)/lib64 ++LIBDIR32?=$(PREFIX)/lib32 + SONAME=libnss_cache.so.2 + LD_SONAME=-Wl,-soname,$(SONAME) + TESTBIN=.testbin +@@ -97,17 +97,17 @@ install_amd64: install32 + nss_cache: + [ -d $(BUILD) ] || mkdir $(BUILD) + $(CC) $(CFLAGS) -c nss_cache.c -o $(BUILD)/nss_cache.o +- $(CC) -shared $(LD_SONAME) -o $(BUILD)/$(LIBRARY) $(BUILD)/nss_cache.o ++ $(CC) $(LDFLAGS) -shared $(LD_SONAME) -o $(BUILD)/$(LIBRARY) $(BUILD)/nss_cache.o + + nss_cache64: nss_cache + [ -d $(BUILD64) ] || mkdir $(BUILD64) + $(CC) $(CFLAGS) -m64 -c nss_cache.c -o $(BUILD64)/nss_cache.o +- $(CC) -m64 -shared $(LD_SONAME) -o $(BUILD64)/$(LIBRARY) $(BUILD64)/nss_cache.o ++ $(CC) $(LDFLAGS) -m64 -shared $(LD_SONAME) -o $(BUILD64)/$(LIBRARY) $(BUILD64)/nss_cache.o + + nss_cache32: nss_cache + [ -d $(BUILD32) ] || mkdir $(BUILD32) + $(CC) $(CFLAGS) -m32 -c nss_cache.c -o $(BUILD32)/nss_cache.o +- $(CC) -m32 -shared $(LD_SONAME) -o $(BUILD32)/$(LIBRARY) $(BUILD32)/nss_cache.o ++ $(CC) $(LDFLAGS) -m32 -shared $(LD_SONAME) -o $(BUILD32)/$(LIBRARY) $(BUILD32)/nss_cache.o + + clean: + rm -rf $(BUILD) diff --git a/sys-auth/libnss-cache/libnss-cache-0.1-r1.ebuild b/sys-auth/libnss-cache/libnss-cache-0.1-r1.ebuild new file mode 100644 index 000000000000..1f62fd260eb0 --- /dev/null +++ b/sys-auth/libnss-cache/libnss-cache-0.1-r1.ebuild @@ -0,0 +1,30 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=2 + +inherit eutils multilib toolchain-funcs + +DESCRIPTION="libnss-cache is a library that serves nss lookups" +HOMEPAGE="http://code.google.com/p/nsscache/" +SRC_URI="http://nsscache.googlecode.com/files/${P}.tar.gz" + +LICENSE="GPL-3" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="" + +S=${WORKDIR}/${PN} + +src_prepare() { + epatch "${FILESDIR}"/${PF}-make-install.patch +} + +src_compile() { + emake CC="$(tc-getCC)" || die +} + +src_install() { + emake DESTDIR="${D}" LIBDIR="/usr/$(get_libdir)" install || die +} diff --git a/sys-auth/libnss-cache/libnss-cache-0.10.1.ebuild b/sys-auth/libnss-cache/libnss-cache-0.10.1.ebuild new file mode 100644 index 000000000000..461a73206133 --- /dev/null +++ b/sys-auth/libnss-cache/libnss-cache-0.10.1.ebuild @@ -0,0 +1,35 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=3 + +inherit eutils multilib toolchain-funcs + +DESCRIPTION="libnss-cache is a library that serves nss lookups" +HOMEPAGE="http://code.google.com/p/nsscache/" +SRC_URI="http://nsscache.googlecode.com/files/${P}.tar.gz" + +LICENSE="GPL-3" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="multilib" + +src_prepare() { + epatch "${FILESDIR}"/${P}-make.patch + epatch "${FILESDIR}"/${PN}-0.10-fix-shadow-test.patch +} + +src_compile() { + emake CC="$(tc-getCC)" nss_cache || die + if use multilib && has_multilib_profile; then + emake CC="$(tc-getCC)" nss_cache32 || die + fi +} + +src_install() { + emake DESTDIR="${D}" LIBDIR="${D}/usr/$(get_libdir)" install || die + if use multilib && has_multilib_profile; then + emake DESTDIR="${D}" LIBDIR="${D}/usr/$(get_libdir)" install32 || die + fi +} diff --git a/sys-auth/libnss-cache/libnss-cache-0.10.2.ebuild b/sys-auth/libnss-cache/libnss-cache-0.10.2.ebuild new file mode 100644 index 000000000000..6988a28ca09e --- /dev/null +++ b/sys-auth/libnss-cache/libnss-cache-0.10.2.ebuild @@ -0,0 +1,35 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=3 + +inherit eutils multilib toolchain-funcs + +DESCRIPTION="libnss-cache is a library that serves nss lookups" +HOMEPAGE="http://code.google.com/p/nsscache/" +SRC_URI="http://nsscache.googlecode.com/files/${P}.tar.gz" + +LICENSE="GPL-3" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="multilib" + +src_prepare() { + epatch "${FILESDIR}"/${PN}-0.10.1-make.patch + epatch "${FILESDIR}"/${PN}-0.10-fix-shadow-test.patch +} + +src_compile() { + emake CC="$(tc-getCC)" nss_cache || die + if use multilib && has_multilib_profile; then + emake CC="$(tc-getCC)" nss_cache32 || die + fi +} + +src_install() { + emake DESTDIR="${D}" LIBDIR="${D}/usr/$(get_libdir)" install || die + if use multilib && has_multilib_profile; then + emake DESTDIR="${D}" LIBDIR="${D}/usr/$(get_libdir)" install32 || die + fi +} diff --git a/sys-auth/libnss-cache/metadata.xml b/sys-auth/libnss-cache/metadata.xml new file mode 100644 index 000000000000..b38a94f524aa --- /dev/null +++ b/sys-auth/libnss-cache/metadata.xml @@ -0,0 +1,15 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer> + <email>xmw@gentoo.org</email> + <name>Michael Weber</name> + </maintainer> + <maintainer> + <email>idl0r@gentoo.org</email> + <name>Christian Ruppert</name> + </maintainer> + <upstream> + <remote-id type="google-code">nsscache</remote-id> + </upstream> +</pkgmetadata> diff --git a/sys-auth/libnss-mysql/Manifest b/sys-auth/libnss-mysql/Manifest new file mode 100644 index 000000000000..d51cd765df9e --- /dev/null +++ b/sys-auth/libnss-mysql/Manifest @@ -0,0 +1 @@ +DIST libnss-mysql-20060915.tgz 689970 SHA256 d0705ab7a185146d050a9ef486c4af03d66fb61fb511c4e0d29714b4c3e5848f SHA512 fc92438b413b175b9bcead222013eab3bf63088a33ece0c4b6cc69edbefb9cc9145138ce786059acf502c2378a2af45588a5a506e45928b9ac600fe05e62e0c7 WHIRLPOOL ca817d9ce10394455cee6ba5790d02ce658c184700706fbb9ccc90cdf67a57003bb47795c63023e18a0e79b4bfcdeaf1b001ba45f2242d0a664e3705a57040d0 diff --git a/sys-auth/libnss-mysql/files/libnss-mysql-1.5_p20060915-no-automagic-debug.diff b/sys-auth/libnss-mysql/files/libnss-mysql-1.5_p20060915-no-automagic-debug.diff new file mode 100644 index 000000000000..292ae9e19476 --- /dev/null +++ b/sys-auth/libnss-mysql/files/libnss-mysql-1.5_p20060915-no-automagic-debug.diff @@ -0,0 +1,14 @@ +diff -NuarwPbB libnss-mysql.orig/configure.in libnss-mysql/configure.in +--- libnss-mysql.orig/configure.in 2005-09-04 03:34:00.000000000 +0000 ++++ libnss-mysql/configure.in 2010-09-08 18:12:24.577317098 +0000 +@@ -38,7 +38,9 @@ + AC_ARG_WITH(mysql, + [ --with-mysql=DIR Location of your MySQL installation]) + AC_ARG_ENABLE(debug, +- [ --enable-debug Enable debug (see DEBUGGING)], ++ [ --enable-debug Enable debug (see DEBUGGING)]) ++ ++AS_IF([test "x$enable_debug" = "xyes"], + [AC_DEFINE([DEBUG], 1, [Enable debug])]) + + case "$target_os" in diff --git a/sys-auth/libnss-mysql/libnss-mysql-1.5_p20060915-r2.ebuild b/sys-auth/libnss-mysql/libnss-mysql-1.5_p20060915-r2.ebuild new file mode 100644 index 000000000000..c825030587ba --- /dev/null +++ b/sys-auth/libnss-mysql/libnss-mysql-1.5_p20060915-r2.ebuild @@ -0,0 +1,50 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=2 + +inherit eutils multilib autotools + +KEYWORDS="amd64 ppc ~sparc x86" + +DESCRIPTION="NSS MySQL Library" +HOMEPAGE="http://libnss-mysql.sourceforge.net/" +SRC_URI="http://libnss-mysql.sourceforge.net/snapshot/${PN}-${PV/1.5_p/}.tgz" +LICENSE="GPL-2" +SLOT="0" +IUSE="debug" + +DEPEND="virtual/mysql" +RDEPEND="${DEPEND}" +S="${WORKDIR}/${PN}" + +src_prepare() { + epatch "${FILESDIR}"/${P}-no-automagic-debug.diff + eautoconf +} + +src_configure() { + # Usually, authentication libraries don't belong into usr. + # But here, it's required that the lib is in the same dir + # as libmysql, because else failures may occur on boot if + # udev tries to access a user / group that doesn't exist + # on the system before /usr is mounted. + econf --libdir="/usr/$(get_libdir)" \ + $(use_enable debug) +} + +src_install() { + emake DESTDIR="${D}" install || die + + find "${D}" -name '*.la' -delete + + newdoc sample/README README.sample + dodoc AUTHORS DEBUGGING FAQ INSTALL NEWS README THANKS \ + TODO UPGRADING ChangeLog + + for subdir in sample/{linux,freebsd,complex,minimal} ; do + docinto "${subdir}" + dodoc "${subdir}/"{*.sql,*.cfg} + done +} diff --git a/sys-auth/libnss-mysql/libnss-mysql-1.5_p20060915-r3.ebuild b/sys-auth/libnss-mysql/libnss-mysql-1.5_p20060915-r3.ebuild new file mode 100644 index 000000000000..b249ccd9f778 --- /dev/null +++ b/sys-auth/libnss-mysql/libnss-mysql-1.5_p20060915-r3.ebuild @@ -0,0 +1,52 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +inherit eutils multilib autotools + +KEYWORDS="~amd64 ~ppc ~sparc ~x86" + +DESCRIPTION="NSS MySQL Library" +HOMEPAGE="http://libnss-mysql.sourceforge.net/" +SRC_URI="http://libnss-mysql.sourceforge.net/snapshot/${PN}-${PV/1.5_p/}.tgz" +LICENSE="GPL-2" +SLOT="0" +IUSE="debug" + +DEPEND="virtual/mysql" +RDEPEND="${DEPEND}" +S="${WORKDIR}/${PN}" + +DOCS=( AUTHORS DEBUGGING FAQ INSTALL NEWS README THANKS + TODO UPGRADING ChangeLog +) + +src_prepare() { + epatch "${FILESDIR}"/${P}-no-automagic-debug.diff + eautoconf +} + +src_configure() { + # Usually, authentication libraries don't belong into usr. + # But here, it's required that the lib is in the same dir + # as libmysql, because else failures may occur on boot if + # udev tries to access a user / group that doesn't exist + # on the system before /usr is mounted. + econf --libdir="/usr/$(get_libdir)" \ + $(use_enable debug) +} + +src_install() { + default + + find "${D}" -name '*.la' -delete + + newdoc sample/README README.sample + + for subdir in sample/{linux,freebsd,complex,minimal} ; do + docinto "${subdir}" + dodoc "${subdir}/"{*.sql,*.cfg} + done +} diff --git a/sys-auth/libnss-mysql/metadata.xml b/sys-auth/libnss-mysql/metadata.xml new file mode 100644 index 000000000000..32489e3d4bcb --- /dev/null +++ b/sys-auth/libnss-mysql/metadata.xml @@ -0,0 +1,6 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <herd>mysql</herd> + <maintainer><email>hanno@gentoo.org</email></maintainer> +</pkgmetadata> diff --git a/sys-auth/libnss-pgsql/Manifest b/sys-auth/libnss-pgsql/Manifest new file mode 100644 index 000000000000..dbf0ad6b1070 --- /dev/null +++ b/sys-auth/libnss-pgsql/Manifest @@ -0,0 +1,2 @@ +DIST libnss-pgsql-1.4.0.tgz 244076 SHA256 776efc43b21323380f9b1cf32b4463eddd7050d19912418ea58b856b96c9ee25 +DIST libnss-pgsql-1.5.0-beta.tgz 305543 SHA256 84808c47fd21a09e2c487a0efc72cc18b352275082335be8c6de39d325e6c000 diff --git a/sys-auth/libnss-pgsql/files/libnss-pgsql-1.4.0-gentoo.patch b/sys-auth/libnss-pgsql/files/libnss-pgsql-1.4.0-gentoo.patch new file mode 100644 index 000000000000..7a2a938b5c78 --- /dev/null +++ b/sys-auth/libnss-pgsql/files/libnss-pgsql-1.4.0-gentoo.patch @@ -0,0 +1,12 @@ +diff -Nur libnss-pgsql-1.4.0.orig/src/backend.c libnss-pgsql-1.4.0/src/backend.c +--- libnss-pgsql-1.4.0.orig/src/backend.c 2001-10-18 13:32:52.000000000 +0200 ++++ libnss-pgsql-1.4.0/src/backend.c 2003-11-28 16:14:38.000000000 +0100 +@@ -9,7 +9,7 @@ + */ + + #include "nss-pgsql.h" +-#include <postgresql/libpq-fe.h> ++#include <libpq-fe.h> + #include <stdlib.h> + #include <string.h> + #include <stdio.h> diff --git a/sys-auth/libnss-pgsql/files/libnss-pgsql-1.4.0-schema.patch b/sys-auth/libnss-pgsql/files/libnss-pgsql-1.4.0-schema.patch new file mode 100644 index 000000000000..6d2b338f45cf --- /dev/null +++ b/sys-auth/libnss-pgsql/files/libnss-pgsql-1.4.0-schema.patch @@ -0,0 +1,22 @@ +--- conf/dbschema.sql.orig 2005-05-04 04:27:51.000000000 +0200 ++++ conf/dbschema.sql 2006-11-11 22:37:01.000000000 +0100 +@@ -19,15 +19,16 @@ + "gecos" character varying(128), + "homedir" character varying(256) NOT NULL, + "shell" character varying DEFAULT '/bin/bash' NOT NULL, +- PRIMARY KEY ("username") ++ PRIMARY KEY ("username"), ++ UNIQUE ("uid") + ); + + CREATE TABLE "usergroups" ( + "gid" int4 NOT NULL, + "uid" int4 NOT NULL, + PRIMARY KEY ("gid", "uid"), +- CONSTRAINT "ug_gid_fkey" FOREIGN KEY ("gid") REFERENCES "groups"("gid"), +- CONSTRAINT "ug_uid_fkey" FOREIGN KEY ("uid") REFERENCES "accounts"("uid") ++ CONSTRAINT "ug_gid_fkey" FOREIGN KEY ("gid") REFERENCES "group_table"("gid"), ++ CONSTRAINT "ug_uid_fkey" FOREIGN KEY ("uid") REFERENCES "passwd_table"("uid") + ); + + CREATE TABLE "shadow_table" ( diff --git a/sys-auth/libnss-pgsql/files/libnss-pgsql-1.5.0_beta-gentoo.patch b/sys-auth/libnss-pgsql/files/libnss-pgsql-1.5.0_beta-gentoo.patch new file mode 100644 index 000000000000..69aefa8c6064 --- /dev/null +++ b/sys-auth/libnss-pgsql/files/libnss-pgsql-1.5.0_beta-gentoo.patch @@ -0,0 +1,44 @@ +Index: libnss-pgsql-1.5.0-beta/src/backend.c +=================================================================== +--- libnss-pgsql-1.5.0-beta.orig/src/backend.c ++++ libnss-pgsql-1.5.0-beta/src/backend.c +@@ -11,7 +11,7 @@ + */ + + #include "nss-pgsql.h" +-#include <postgresql/libpq-fe.h> ++#include <libpq-fe.h> + #include <stdlib.h> + #include <string.h> + #include <stdio.h> +Index: libnss-pgsql-1.5.0-beta/doc/Makefile.am +=================================================================== +--- libnss-pgsql-1.5.0-beta.orig/doc/Makefile.am ++++ libnss-pgsql-1.5.0-beta/doc/Makefile.am +@@ -1,14 +1,6 @@ + TARGETS = nss-pgsql.html + +-all html: $(TARGETS) +- +-install-data-local: $(TARGETS) +- $(mkinstalldirs) $(DESTDIR)$(docdir) +- $(INSTALL_DATA) nss-pgsql.html $(DESTDIR)$(docdir) +- $(INSTALL_DATA) $(srcdir)/caution.png $(DESTDIR)$(docdir) +- +-clean-local: +- rm -f $(TARGETS) ++html_DATA = $(TARGETS) caution.png + + nss-pgsql.html: config.xsl nss-pgsql.xml + xmlto xhtml-nochunks -m $(srcdir)/config.xsl $(srcdir)/nss-pgsql.xml +Index: libnss-pgsql-1.5.0-beta/src/Makefile.am +=================================================================== +--- libnss-pgsql-1.5.0-beta.orig/src/Makefile.am ++++ libnss-pgsql-1.5.0-beta/src/Makefile.am +@@ -1,5 +1,5 @@ + lib_LTLIBRARIES = libnss_pgsql.la + libnss_pgsql_la_SOURCES = interface.c config.c backend.c util.c +-libnss_pgsql_la_LDFLAGS = -module -version-info 2 ++libnss_pgsql_la_LDFLAGS = -module -version-info 2 -shared + EXTRA_DIST = nss-pgsql.h + diff --git a/sys-auth/libnss-pgsql/libnss-pgsql-1.4.0.ebuild b/sys-auth/libnss-pgsql/libnss-pgsql-1.4.0.ebuild new file mode 100644 index 000000000000..3e0c2b5f0eaa --- /dev/null +++ b/sys-auth/libnss-pgsql/libnss-pgsql-1.4.0.ebuild @@ -0,0 +1,55 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +inherit autotools eutils multilib + +KEYWORDS="~x86" + +DESCRIPTION="Name Service Switch module for use with PostgreSQL" +HOMEPAGE="http://pgfoundry.org/projects/sysauth/" +SRC_URI="http://pgfoundry.org/frs/download.php/605/${P}.tgz" +LICENSE="GPL-2" +SLOT="0" +IUSE="" + +DEPEND="dev-db/postgresql + app-text/xmlto" +RDEPEND="${DEPEND}" + +src_unpack() { + unpack ${A} + cd "${S}" + epatch "${FILESDIR}/${P}-gentoo.patch" + epatch "${FILESDIR}/${P}-schema.patch" + eautoreconf +} + +src_compile() { + econf \ + --libdir=/lib \ + --with-docdir=/usr/share/doc/${PF}/html || die "econf failed" + emake || die "emake failed" +} + +src_install() { + insinto /$(get_libdir) + doins src/.libs/libnss_pgsql.so.2.0.0 + dosym libnss_pgsql.so.2.0.0 /lib/libnss_pgsql.so.2 + dosym libnss_pgsql.so.2.0.0 /lib/libnss_pgsql.so + + dodoc AUTHORS ChangeLog NEWS README + dohtml doc/*.{png,html} + insinto /usr/share/doc/${PF}/examples + doins conf/* +} + +pkg_postinst() { + elog "Next steps:" + elog "1. Create the required tables in the database:" + elog " $ psql a_database -f ${ROOT}usr/share/${PN}/conf/dbschema.sql" + elog "2. Create the configuration file '/etc/nss-pgsql.conf'" + elog " You can copy the example from ${ROOT}usr/share/doc/${PF}/examples/nss-pgsql.conf" + elog "3. Edit /etc/nsswitch.conf to use the NSS service 'pgsql'" + elog " An example is available here: ${ROOT}usr/share/doc/${PF}/examples/nsswitch.conf" +} diff --git a/sys-auth/libnss-pgsql/libnss-pgsql-1.5.0_beta.ebuild b/sys-auth/libnss-pgsql/libnss-pgsql-1.5.0_beta.ebuild new file mode 100644 index 000000000000..c8e11122c607 --- /dev/null +++ b/sys-auth/libnss-pgsql/libnss-pgsql-1.5.0_beta.ebuild @@ -0,0 +1,54 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +inherit autotools eutils multilib + +KEYWORDS="~amd64 ~x86" + +DESCRIPTION="Name Service Switch module for use with PostgreSQL" +HOMEPAGE="http://pgfoundry.org/projects/sysauth/" + +MY_P="${P/_/-}" +SRC_URI="http://pgfoundry.org/frs/download.php/1878/${MY_P}.tgz" +S="${WORKDIR}/${MY_P}" + +LICENSE="GPL-2" +SLOT="0" +IUSE="" + +RDEPEND="dev-db/postgresql" +DEPEND="${RDEPEND} + app-text/xmlto" + +src_unpack() { + unpack ${A} + cd "${S}" + epatch "${FILESDIR}/${P}-gentoo.patch" + eautoreconf +} + +src_compile() { + econf \ + --htmldir=/usr/share/doc/${PF}/html || die "econf failed" + emake || die "emake failed" +} + +src_install() { + emake DESTDIR="${D}" install || die + find "${D}" -name '*.la' -delete || die + + dodoc AUTHORS ChangeLog NEWS README || die + insinto /usr/share/doc/${PF}/examples + doins conf/* || die +} + +pkg_postinst() { + elog "Next steps:" + elog "1. Create the required tables in the database:" + elog " $ psql a_database -f /usr/share/doc/${PF}/examples/dbschema.sql" + elog "2. Create the configuration file '/etc/nss-pgsql.conf'" + elog " You can copy the example from /usr/share/doc/${PF}/examples/nss-pgsql.conf" + elog "3. Edit /etc/nsswitch.conf to use the NSS service 'pgsql'" + elog " An example is available here: /usr/share/doc/${PF}/examples/nsswitch.conf" +} diff --git a/sys-auth/libnss-pgsql/metadata.xml b/sys-auth/libnss-pgsql/metadata.xml new file mode 100644 index 000000000000..309b51e9a965 --- /dev/null +++ b/sys-auth/libnss-pgsql/metadata.xml @@ -0,0 +1,5 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<herd>postgresql</herd> +</pkgmetadata> diff --git a/sys-auth/libyubikey/Manifest b/sys-auth/libyubikey/Manifest new file mode 100644 index 000000000000..db092c8f249a --- /dev/null +++ b/sys-auth/libyubikey/Manifest @@ -0,0 +1,2 @@ +DIST libyubikey-1.12.tar.gz 346729 SHA256 b95387f791dad4d2544282299800f016736c363838e1e732f199bf90eba717b8 SHA512 dcfe0f0f33e98a56ca0971140e9fb0d7689236c0062f38eb92b6c3f6df3d576882aaffc153f5fc1c6f5edca5781c34801aa6a87e63c726999f5de003ad366d27 WHIRLPOOL 558f8b4664ce888b8871f214c7022d14ecca7c12bd1550b74e1810a421381ae29ef1064d7ed1726680d5847facdb48f1a3065dc9bde9b5093ff3f648706710fa +DIST libyubikey-1.13.tar.gz 347337 SHA256 04edd0eb09cb665a05d808c58e1985f25bb7c5254d2849f36a0658ffc51c3401 SHA512 28f45cb9817c30a70d168ae507d3f8014051058d730eed92b31d92e96784138dea291bda4275511c5f92a6427cb4249d76c802b8abb867cec50e62fb770950f2 WHIRLPOOL c961fb9efa5eea9c5256b62c4363c9c5cfae8623518e9cbff851dce698d90880e0b6443739da7c955d869428a12b226ad52da55bcd7d64199619315d1495bfc8 diff --git a/sys-auth/libyubikey/libyubikey-1.12.ebuild b/sys-auth/libyubikey/libyubikey-1.12.ebuild new file mode 100644 index 000000000000..b2ff6e302783 --- /dev/null +++ b/sys-auth/libyubikey/libyubikey-1.12.ebuild @@ -0,0 +1,19 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +inherit eutils autotools-utils + +DESCRIPTION="Yubico C low-level library" +HOMEPAGE="https://github.com/Yubico/yubico-c" +#http://opensource.yubico.com/yubico-c/releases.html +SRC_URI="http://opensource.yubico.com/yubico-c/releases/${P}.tar.gz" + +KEYWORDS="~amd64 ~x86" +SLOT="0" +LICENSE="BSD-2" +IUSE="static-libs" + +DOCS=( AUTHORS ChangeLog NEWS README THANKS ) diff --git a/sys-auth/libyubikey/libyubikey-1.13.ebuild b/sys-auth/libyubikey/libyubikey-1.13.ebuild new file mode 100644 index 000000000000..bae5ceb49bae --- /dev/null +++ b/sys-auth/libyubikey/libyubikey-1.13.ebuild @@ -0,0 +1,19 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +inherit eutils autotools-utils + +DESCRIPTION="Yubico C low-level library" +HOMEPAGE="https://github.com/Yubico/yubico-c" +#http://opensource.yubico.com/yubico-c/releases.html +SRC_URI="http://opensource.yubico.com/yubico-c/releases/${P}.tar.gz" + +SLOT="0" +LICENSE="BSD-2" +KEYWORDS="~amd64 ~x86" +IUSE="static-libs" + +DOCS=( AUTHORS ChangeLog NEWS README THANKS ) diff --git a/sys-auth/libyubikey/metadata.xml b/sys-auth/libyubikey/metadata.xml new file mode 100644 index 000000000000..86aee3bb63dc --- /dev/null +++ b/sys-auth/libyubikey/metadata.xml @@ -0,0 +1,19 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <herd>proxy-maintainers</herd> + <maintainer> + <email>brant@gurganus.name</email> + <name>Brant Gurganus</name> + <description>Proxied co-maintainer, assign bugs to him</description> + </maintainer> + <maintainer> + <email>flameeyes@gentoo.org</email> + <name>Diego Elio Pettenò</name> + <description>Proxy maintainer, CC him on bugs</description> + </maintainer> + <upstream> + <remote-id type="google-code">yubico-c</remote-id> + <remote-id type="github">Yubico/yubico-c</remote-id> + </upstream> +</pkgmetadata> diff --git a/sys-auth/metadata.xml b/sys-auth/metadata.xml new file mode 100644 index 000000000000..4b8897c1fd72 --- /dev/null +++ b/sys-auth/metadata.xml @@ -0,0 +1,44 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE catmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<catmetadata> + <longdescription lang="en"> + The sys-auth category contains applications and libraries to support + authentication and authorization facilities. + Here belongs PAM modules, NSS modules and login apps. + </longdescription> + <longdescription lang="ja"> + sys-authカテゴリには確認を採用するアプリケーションとライブラリが + 含まれます。これはPAMとNSSモジュールとログインアプリケーションの場所です。 + </longdescription> + <longdescription lang="vi"> + Nhóm sys-auth chứa các ứng dụng và thư viện hỗ trợ xác thực và phân quyền. + Ở đây bao gồm các module PAM, NSS và các ứng dụng đăng nhập. + </longdescription> + <longdescription lang="de"> + Die Kategorie sys-auth enthält Programme und Bibliotheken die Funktionen + zur Authentifizierung und Authorisierung zur Verfügung stellen. Module für PAM + und NSS sowie Loginapplikationen finden sich hier. + </longdescription> + <longdescription lang="it"> + La categoria sys-auth contiene applicazioni e librerie di supporto per + gli strumenti di autenticazione e autorizzazione. Appartengono a questa categoria + i moduli PAM, i moduli NSS e le applicazioni di login. + </longdescription> + <longdescription lang="pt"> + A categoria sys-auth contém aplicações e bibliotecas para + suportar instrumentos de autenticação e autorização. + Nesta categoria pertencem módulos de PAM, módulos de NSS e + aplicações de login. + </longdescription> + <longdescription lang="pl"> + Kategoria sys-auth zawiera biblioteki oraz programy związane z + autoryzacją i uwierzytelnianiem. Znajdują się tu moduły PAM, NSS oraz + aplikacje służące do logowania. + </longdescription> + <longdescription lang="es"> + La categoría sys-auth contiene aplicaciones y librerías para dar + soporte a los servicios de autenticación y autorización. + A esta categoría pertenecen los módulos PAM, NSS y las aplicaciones + para ingresar en el sistema. + </longdescription> +</catmetadata> diff --git a/sys-auth/munge/Manifest b/sys-auth/munge/Manifest new file mode 100644 index 000000000000..2d0b685c4689 --- /dev/null +++ b/sys-auth/munge/Manifest @@ -0,0 +1,2 @@ +DIST munge-0.5.10.tar.bz2 424285 SHA256 00e0125c2895877b555872647b0a98d13838a54acda78614bb6c6e70daadabc6 SHA512 b1b780d205d6cfbadfe6096156840d559c70de5b0023cbd604acfc29e1135036c98a949981d5c022e994c77213ee3d8d70e8fe825b645b030ad1adef92ed9479 WHIRLPOOL 72bb331f3651473b482b3ad5b4f0e934537d93911e8c55e5d253511de273da7719a26f2f9d98ee6bee7968a705f41f648f52cdf67107edbc2565cadd473d0d46 +DIST munge-0.5.11.tar.bz2 423232 SHA256 8e075614f81cb0a6df21a0aafdc825498611a04429d0876f074fc828739351a5 SHA512 b9d4cd76c4fe605ad67934af48809205de0f0e5fa1a10dd3b6e382da2cb8bc274bd2a8c0d4bc49d1d58155bf008945a584afd0b6e01cc8052aa1d21c8de2815b WHIRLPOOL 00898e86b05955109799d81b1da7cdb9300c8af6f73a7d0d2d9f678c8fce6878f093b77ce1406797b7814a7c099d3f22d2c93b08e4cdbf77cc61ec624604b87c diff --git a/sys-auth/munge/files/fixed-recursive-use-of-make-in-makefiles.patch b/sys-auth/munge/files/fixed-recursive-use-of-make-in-makefiles.patch new file mode 100644 index 000000000000..1810abc91f4a --- /dev/null +++ b/sys-auth/munge/files/fixed-recursive-use-of-make-in-makefiles.patch @@ -0,0 +1,134 @@ +From 5634ce9890da48f9ea88feece856361ce8f1563c Mon Sep 17 00:00:00 2001 +From: Brendan Horan <brendan@horan.hk> +Date: Tue, 23 Jun 2015 09:32:31 +0800 +Subject: [PATCH] Fixed recursive use of make in makefiles [ make -> $(MAKE) ] + +--- + Makefile.in | 2 +- + config/Make-inc.mk | 2 +- + src/Makefile.in | 2 +- + src/etc/Makefile.in | 2 +- + src/libcommon/Makefile.in | 2 +- + src/libmissing/Makefile.in | 2 +- + src/libmunge/Makefile.in | 2 +- + src/munge/Makefile.in | 2 +- + src/munged/Makefile.in | 2 +- + 9 files changed, 9 insertions(+), 9 deletions(-) + +diff --git a/Makefile.in b/Makefile.in +index 8b8ca76..df53ff1 100644 +--- a/Makefile.in ++++ b/Makefile.in +@@ -830,7 +830,7 @@ $(top_builddir)/src/libcommon/libcommon.la \ + $(top_builddir)/src/libmissing/libmissing.la \ + $(top_builddir)/src/libmunge/libmunge.la \ + : force-dependency-check +- @cd `dirname $@` && make `basename $@` ++ @cd `dirname $@` && $(MAKE) `basename $@` + + force-dependency-check: + +diff --git a/config/Make-inc.mk b/config/Make-inc.mk +index 03a9622..edffea1 100644 +--- a/config/Make-inc.mk ++++ b/config/Make-inc.mk +@@ -31,7 +31,7 @@ $(top_builddir)/src/libcommon/libcommon.la \ + $(top_builddir)/src/libmissing/libmissing.la \ + $(top_builddir)/src/libmunge/libmunge.la \ + : force-dependency-check +- @cd `dirname $@` && make `basename $@` ++ @cd `dirname $@` && $(MAKE) `basename $@` + + force-dependency-check: + +diff --git a/src/Makefile.in b/src/Makefile.in +index c89ec9c..38c32da 100644 +--- a/src/Makefile.in ++++ b/src/Makefile.in +@@ -648,7 +648,7 @@ $(top_builddir)/src/libcommon/libcommon.la \ + $(top_builddir)/src/libmissing/libmissing.la \ + $(top_builddir)/src/libmunge/libmunge.la \ + : force-dependency-check +- @cd `dirname $@` && make `basename $@` ++ @cd `dirname $@` && $(MAKE) `basename $@` + + force-dependency-check: + +diff --git a/src/etc/Makefile.in b/src/etc/Makefile.in +index ffd41a0..d1eed84 100644 +--- a/src/etc/Makefile.in ++++ b/src/etc/Makefile.in +@@ -451,7 +451,7 @@ $(top_builddir)/src/libcommon/libcommon.la \ + $(top_builddir)/src/libmissing/libmissing.la \ + $(top_builddir)/src/libmunge/libmunge.la \ + : force-dependency-check +- @cd `dirname $@` && make `basename $@` ++ @cd `dirname $@` && $(MAKE) `basename $@` + + force-dependency-check: + +diff --git a/src/libcommon/Makefile.in b/src/libcommon/Makefile.in +index 45419a8..8512b74 100644 +--- a/src/libcommon/Makefile.in ++++ b/src/libcommon/Makefile.in +@@ -683,7 +683,7 @@ $(top_builddir)/src/libcommon/libcommon.la \ + $(top_builddir)/src/libmissing/libmissing.la \ + $(top_builddir)/src/libmunge/libmunge.la \ + : force-dependency-check +- @cd `dirname $@` && make `basename $@` ++ @cd `dirname $@` && $(MAKE) `basename $@` + + force-dependency-check: + +diff --git a/src/libmissing/Makefile.in b/src/libmissing/Makefile.in +index 10b1a78..187f4b3 100644 +--- a/src/libmissing/Makefile.in ++++ b/src/libmissing/Makefile.in +@@ -572,7 +572,7 @@ $(top_builddir)/src/libcommon/libcommon.la \ + $(top_builddir)/src/libmissing/libmissing.la \ + $(top_builddir)/src/libmunge/libmunge.la \ + : force-dependency-check +- @cd `dirname $@` && make `basename $@` ++ @cd `dirname $@` && $(MAKE) `basename $@` + + force-dependency-check: + +diff --git a/src/libmunge/Makefile.in b/src/libmunge/Makefile.in +index 69dc54f..ab21fdc 100644 +--- a/src/libmunge/Makefile.in ++++ b/src/libmunge/Makefile.in +@@ -752,7 +752,7 @@ $(top_builddir)/src/libcommon/libcommon.la \ + $(top_builddir)/src/libmissing/libmissing.la \ + $(top_builddir)/src/libmunge/libmunge.la \ + : force-dependency-check +- @cd `dirname $@` && make `basename $@` ++ @cd `dirname $@` && $(MAKE) `basename $@` + + force-dependency-check: + +diff --git a/src/munge/Makefile.in b/src/munge/Makefile.in +index f411d7e..411ec3b 100644 +--- a/src/munge/Makefile.in ++++ b/src/munge/Makefile.in +@@ -752,7 +752,7 @@ $(top_builddir)/src/libcommon/libcommon.la \ + $(top_builddir)/src/libmissing/libmissing.la \ + $(top_builddir)/src/libmunge/libmunge.la \ + : force-dependency-check +- @cd `dirname $@` && make `basename $@` ++ @cd `dirname $@` && $(MAKE) `basename $@` + + force-dependency-check: + +diff --git a/src/munged/Makefile.in b/src/munged/Makefile.in +index c14fd0b..5112da3 100644 +--- a/src/munged/Makefile.in ++++ b/src/munged/Makefile.in +@@ -1243,7 +1243,7 @@ $(top_builddir)/src/libcommon/libcommon.la \ + $(top_builddir)/src/libmissing/libmissing.la \ + $(top_builddir)/src/libmunge/libmunge.la \ + : force-dependency-check +- @cd `dirname $@` && make `basename $@` ++ @cd `dirname $@` && $(MAKE) `basename $@` + + force-dependency-check: + diff --git a/sys-auth/munge/files/munged.confd b/sys-auth/munge/files/munged.confd new file mode 100644 index 000000000000..8ab2f69284a3 --- /dev/null +++ b/sys-auth/munge/files/munged.confd @@ -0,0 +1,13 @@ +# Specify secret key file. If the keyfile does not already exist +# it will be created on first startup using pseudorandom data via +# dd if=/dev/urandom bs=1 count=1024 >/etc/munge/munge.key +KEYFILE="/etc/munge/munge.key" + +# Specify whether to check "/etc/group" mtime +GROUP_CHECK_MTIME=1 + +# Specify seconds between group info updates +GROUP_UPDATE_TIME=3600 + +# Specify number of threads to spawn +NUM_THREADS=2 diff --git a/sys-auth/munge/files/munged.initd b/sys-auth/munge/files/munged.initd new file mode 100644 index 000000000000..7fee87e499ce --- /dev/null +++ b/sys-auth/munge/files/munged.initd @@ -0,0 +1,44 @@ +#!/sbin/runscript +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +depend() { + after localmount +} + +check_key() { + [ -s "${KEYFILE}" ] && return 0 + dd if=/dev/urandom bs=1 count=1024 >/etc/munge/munge.key 2>/dev/null || return 1 + chown munge:munge "${KEYFILE}" || return 1 + chmod 700 "${KEYFILE}" || return 1 +} + +start() { + ebegin "Starting munged" + if ! check_key; then + eerror "Failed to verify/create munge key" + eend 1 && exit 1 + fi + checkpath -d -m 755 -o munge:munge /var/run/munge + checkpath -d -m 711 -o munge:munge /var/lib/munge + checkpath -d -m 700 -o munge:munge /var/log/munge + start-stop-daemon -S /usr/sbin/munged \ + --user munge \ + --group munge \ + --pidfile /var/run/munge/munged.pid \ + -- \ + --key-file="${KEYFILE}" \ + --group-check-mtime="${GROUP_CHECK_MTIME}" \ + --group-update-time="${GROUP_UPDATE_TIME}" \ + --num-threads="${NUM_THREADS}" + eend ${?} +} + +stop() { + ebegin "Stopping munged" + start-stop-daemon -K /usr/sbin/munged \ + --pidfile /var/run/munge/munged.pid + eend ${?} +} + diff --git a/sys-auth/munge/metadata.xml b/sys-auth/munge/metadata.xml new file mode 100644 index 000000000000..428b63069550 --- /dev/null +++ b/sys-auth/munge/metadata.xml @@ -0,0 +1,23 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <herd>cluster</herd> + <maintainer> + <email>jsbronder@gentoo.org</email> + </maintainer> + <use> + <flag name="gcrypt">Use libgcrypt instead of openssl</flag> + </use> + <longdescription>MUNGE (MUNGE Uid 'N' Gid Emporium) is an authentication service for creating + and validating credentials. It is designed to be highly scalable for use in + an HPC cluster environment. It allows a process to authenticate the UID and + GID of another local or remote process within a group of hosts having common + users and groups. These hosts form a security realm that is defined by a + shared cryptographic key. Clients within this security realm can create and + validate credentials without the use of root privileges, reserved ports, or + platform-specific methods.</longdescription> + <upstream> + <remote-id type="google-code">munge</remote-id> + <remote-id type="github">dun/munge</remote-id> + </upstream> +</pkgmetadata> diff --git a/sys-auth/munge/munge-0.5.10-r1.ebuild b/sys-auth/munge/munge-0.5.10-r1.ebuild new file mode 100644 index 000000000000..dfdda2ec4ee8 --- /dev/null +++ b/sys-auth/munge/munge-0.5.10-r1.ebuild @@ -0,0 +1,62 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=4 +inherit user + +DESCRIPTION="An authentication service for creating and validating credentials" +HOMEPAGE="http://code.google.com/p/munge/" +SRC_URI="http://munge.googlecode.com/files/${P}.tar.bz2" + +LICENSE="GPL-3" +SLOT="0" +KEYWORDS="alpha amd64 hppa ia64 ~mips ppc ppc64 sparc x86" +IUSE="gcrypt" + +DEPEND="app-arch/bzip2 + sys-libs/zlib + gcrypt? ( dev-libs/libgcrypt:0 ) + !gcrypt? ( dev-libs/openssl )" +RDEPEND="${DEPEND}" + +pkg_setup() { + enewgroup munge + enewuser munge -1 -1 /var/lib/munge munge +} + +src_configure() { + local conf="" + + if use gcrypt; then + conf="${conf} --with-crypto-lib=libgcrypt" + else + conf="${conf} --with-crypto-lib=openssl" + fi + + econf ${conf} \ + --localstatedir=/var +} + +src_install() { + emake DESTDIR="${D}" install || die + + # 450830 + if [ -d "${D}"/var/run ]; then + rm -rf "${D}"/var/run || die + fi + + diropts -o munge -g munge -m700 + dodir /etc/munge || die + + [ -d "${D}"/etc/init.d ] && rm -r "${D}"/etc/init.d + [ -d "${D}"/etc/default ] && rm -r "${D}"/etc/default + [ -d "${D}"/etc/sysconfig ] && rm -r "${D}"/etc/sysconfig + + newconfd "${FILESDIR}"/${PN}d.confd ${PN}d || die + newinitd "${FILESDIR}"/${PN}d.initd ${PN}d || die +} + +src_test() { + emake check || die +} diff --git a/sys-auth/munge/munge-0.5.11.ebuild b/sys-auth/munge/munge-0.5.11.ebuild new file mode 100644 index 000000000000..64bc557ae9ef --- /dev/null +++ b/sys-auth/munge/munge-0.5.11.ebuild @@ -0,0 +1,63 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 +inherit autotools eutils user + +DESCRIPTION="An authentication service for creating and validating credentials" +HOMEPAGE="https://github.com/dun/munge" +SRC_URI="https://github.com/dun/munge/releases/download/munge-${PV}/munge-${PV}.tar.bz2" + +LICENSE="GPL-3" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86" + +IUSE="gcrypt" + +DEPEND="app-arch/bzip2 + sys-libs/zlib + gcrypt? ( dev-libs/libgcrypt:0 ) + !gcrypt? ( dev-libs/openssl:0 )" +RDEPEND="${DEPEND}" + +pkg_setup() { + enewgroup munge + enewuser munge -1 -1 /var/lib/munge munge +} + +src_prepare() { + # Accepted upstream, https://github.com/dun/munge/pull/40 + epatch "${FILESDIR}"/fixed-recursive-use-of-make-in-makefiles.patch + + eautoreconf +} + +src_configure() { + econf \ + --localstatedir=/var \ + --with-crypto-lib=$(usex gcrypt libgcrypt openssl) +} + +src_install() { + local d + + default + + # 450830 + if [ -d "${D}"/var/run ]; then + rm -rf "${D}"/var/run || die + fi + + diropts -o munge -g munge -m700 + dodir /etc/munge + + for d in "init.d" "default" "sysconfig"; do + if [ -d "${D}"/etc/${d} ]; then + rm -r "${D}"/etc/${d} || die + fi + done + + newconfd "${FILESDIR}"/${PN}d.confd ${PN}d + newinitd "${FILESDIR}"/${PN}d.initd ${PN}d +} diff --git a/sys-auth/nss-mdns/Manifest b/sys-auth/nss-mdns/Manifest new file mode 100644 index 000000000000..622843c261f8 --- /dev/null +++ b/sys-auth/nss-mdns/Manifest @@ -0,0 +1 @@ +DIST nss-mdns-0.10.tar.gz 353130 SHA256 1e683c2e7c3921814706d62fbbd3e9cbf493a75fa00255e0e715508d8134fa6d SHA512 7c9f4150648dfab34bc6f8551e5b58b0b7065e4c1472efb8ce1b00b2bd75627e5928b2c199d9dae742abe839968a8774e39c7646f8ce855d342b4d90252efc0e WHIRLPOOL 27298dd51e307d0c3798096b1e8ccfc7b0f454ebca15e1abea1502326f17e8850af789cb8fa926be4d4918cc81819487603e3f8eb3ad76605325da97be23db66 diff --git a/sys-auth/nss-mdns/files/mdns.allow b/sys-auth/nss-mdns/files/mdns.allow new file mode 100644 index 000000000000..80b49b097b03 --- /dev/null +++ b/sys-auth/nss-mdns/files/mdns.allow @@ -0,0 +1,3 @@ +# mdns.allow: +.local. +.local diff --git a/sys-auth/nss-mdns/files/nss-mdns-0.10-avahi-socket.patch b/sys-auth/nss-mdns/files/nss-mdns-0.10-avahi-socket.patch new file mode 100644 index 000000000000..189d108814a6 --- /dev/null +++ b/sys-auth/nss-mdns/files/nss-mdns-0.10-avahi-socket.patch @@ -0,0 +1,10 @@ +--- src/Makefile.am 2006-12-30 01:00:22.000000000 -0600 ++++ src/Makefile.am 2006-12-30 01:01:11.000000000 -0600 +@@ -20,7 +20,7 @@ + AM_CFLAGS = \ + -DMDNS_ALLOW_FILE=\"$(sysconfdir)/mdns.allow\" \ + -DRESOLV_CONF_FILE=\"$(sysconfdir)/resolv.conf\" \ +- -DAVAHI_SOCKET=\"$(localstatedir)/run/avahi-daemon/socket\" ++ -DAVAHI_SOCKET=\"$(ROOT)var/run/avahi-daemon/socket\" + + #AM_CFLAGS += -DNDEBUG=1 -Os diff --git a/sys-auth/nss-mdns/metadata.xml b/sys-auth/nss-mdns/metadata.xml new file mode 100644 index 000000000000..8a582533183e --- /dev/null +++ b/sys-auth/nss-mdns/metadata.xml @@ -0,0 +1,17 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer> + <email>maintainer-needed@gentoo.org</email> + </maintainer> +<use> + <flag name="search-domains">Honour search domains from + /etc/resolv.conf (see bug #201948 for possible side effects)</flag> +</use> + <longdescription lang="en"> + Name service switch module for multicast dns. + </longdescription> + <longdescription lang="ja"> + マルチキャスト DNS 向けネーム・サービス・スイッチのモジュールです。 + </longdescription> +</pkgmetadata> diff --git a/sys-auth/nss-mdns/nss-mdns-0.10-r2.ebuild b/sys-auth/nss-mdns/nss-mdns-0.10-r2.ebuild new file mode 100644 index 000000000000..5255cd10c8de --- /dev/null +++ b/sys-auth/nss-mdns/nss-mdns-0.10-r2.ebuild @@ -0,0 +1,62 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="5" +inherit autotools eutils multilib-minimal + +DESCRIPTION="Name Service Switch module for Multicast DNS" +HOMEPAGE="http://0pointer.de/lennart/projects/nss-mdns/" +SRC_URI="http://0pointer.de/lennart/projects/nss-mdns/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="amd64 ~arm ~hppa ~mips ppc x86" +IUSE="search-domains" + +RDEPEND=">=net-dns/avahi-0.6.31-r2[${MULTILIB_USEDEP}]" +DEPEND="${RDEPEND}" +RDEPEND="${RDEPEND} + abi_x86_32? ( + !<=app-emulation/emul-linux-x86-baselibs-20140508-r7 + !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] + )" + +src_prepare() { + epatch "${FILESDIR}"/${PN}-0.10-avahi-socket.patch + epatch_user + eautoreconf +} + +multilib_src_configure() { + ECONF_SOURCE=${S} \ + econf \ + $(use_enable search-domains) \ + --enable-avahi +} + +multilib_src_install_all() { + dodoc README + + insinto /etc + doins "${FILESDIR}"/mdns.allow +} + +pkg_postinst() { + ewarn + ewarn "You must modify your name service switch look up file to enable" + ewarn "multicast DNS lookups. If you wish to resolve only IPv6 addresses" + ewarn "use mdns6. For IPv4 addresses only, use mdns4. To resolve both" + ewarn "use mdns. Keep in mind that mdns will be slower if there are no" + ewarn "IPv6 addresses published via mDNS on the network. There are also" + ewarn "minimal (mdns?_minimal) libraries which only lookup .local hosts" + ewarn "and 169.254.x.x addresses." + ewarn + ewarn "Add the appropriate mdns into the hosts line in /etc/nsswitch.conf" + ewarn "An example line looks like:" + ewarn "hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4" + ewarn + ewarn "If you want to perform mDNS lookups for domains other than the ones" + ewarn "ending in .local, add them to /etc/mdns.allow" + ewarn +} diff --git a/sys-auth/nss-myhostname/Manifest b/sys-auth/nss-myhostname/Manifest new file mode 100644 index 000000000000..a0a0812e8282 --- /dev/null +++ b/sys-auth/nss-myhostname/Manifest @@ -0,0 +1 @@ +DIST nss-myhostname-0.3.tar.gz 330031 SHA256 2ba744ea8d578d1c57c85884e94a3042ee17843a5294434d3a7f6c4d67e7caf2 SHA512 8f14091f887991532bc3cedcdee607c89f403c7869063919c299cdd7ee8207a9759ab9105093bae151a79e08944053598104a59e9987949ee146d742a12e8c34 WHIRLPOOL 9161372c1e5dea6ea925f96fadfbb955786e812a079fea621b3c212bafe6fcbb6a20f6979d3cb474ccba73ce9e2ebdd7d51ef7f994413dcdc20fb0f1572f6d9d diff --git a/sys-auth/nss-myhostname/metadata.xml b/sys-auth/nss-myhostname/metadata.xml new file mode 100644 index 000000000000..1aba3db38f01 --- /dev/null +++ b/sys-auth/nss-myhostname/metadata.xml @@ -0,0 +1,19 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<herd>freedesktop</herd> +<longdescription lang="en"> +nss-myhostname is a plugin for the GNU Name Service Switch (NSS) functionality +of the GNU C Library (glibc) providing host name resolution for the locally +configured system hostname as returned by gethostname(2). Various software +relies on an always resolvable local host name. When using dynamic hostnames +this is usually achieved by patching /etc/hosts at the same time as changing +the host name. This however is not ideal since it requires a writable /etc +file system and is fragile because the file might be edited by the +administrator at the same time. nss-myhostname simply returns all locally +configure public IP addresses, or -- if none are configured -- the IPv4 +address 127.0.0.2 (wich is on the local loopback) and the IPv6 address ::1 +(which is the local host) for whatever system hostname is configured locally. +Patching /etc/hosts is thus no longer necessary. +</longdescription> +</pkgmetadata> diff --git a/sys-auth/nss-myhostname/nss-myhostname-0.3.ebuild b/sys-auth/nss-myhostname/nss-myhostname-0.3.ebuild new file mode 100644 index 000000000000..8b51e1cdf275 --- /dev/null +++ b/sys-auth/nss-myhostname/nss-myhostname-0.3.ebuild @@ -0,0 +1,39 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="4" + +DESCRIPTION="Name Service Switch module for resolving the local hostname" +HOMEPAGE="http://0pointer.de/lennart/projects/nss-myhostname/" +SRC_URI="http://0pointer.de/lennart/projects/${PN}/${P}.tar.gz" + +LICENSE="LGPL-2.1+" +SLOT="0" +KEYWORDS="alpha amd64 arm ia64 ppc ppc64 sparc x86" +IUSE="" + +COMMON_DEPEND="" +RDEPEND="${COMMON_DEPEND} + !>=sys-apps/systemd-197" +DEPEND="${COMMON_DEPEND}" + +src_prepare() { + # The documentation in doc/ is just the README file in other formats + sed -e 's:SUBDIRS *= *doc:SUBDIRS =:' -i Makefile.{am,in} || + die "sed failed" +} + +src_configure() { + econf --disable-lynx +} + +pkg_postinst() { + elog "You must modify your name service switch lookup file to enable" + elog "nss-myhostname. To do so, add 'myhostname' to the hosts line in" + elog "/etc/nsswitch.conf" + elog + elog "An example hosts line looks like this:" + elog "hosts: files dns myhostname" + elog +} diff --git a/sys-auth/nss-pam-ldapd/Manifest b/sys-auth/nss-pam-ldapd/Manifest new file mode 100644 index 000000000000..97885bbcf581 --- /dev/null +++ b/sys-auth/nss-pam-ldapd/Manifest @@ -0,0 +1,2 @@ +DIST nss-pam-ldapd-0.8.14.tar.gz 508949 SHA256 a29ceb9b7eda386ca38f16115ffec61425462cca6b5e560c44c3d51edc03a63f SHA512 70abb1836b5b3304e583fd3b71f11fee7586e181b26f4630779ec1d90b856da6e4fcc76327c51b20a158aa36708dd12ceb5f543a33c826881f2ad3e092f542c9 WHIRLPOOL 5d30088d73e464bf380dd5e7d34f8c5200680712693c97ee1f1df1880b4680236d9168ac7ec08b161ae463236c0feddc2171442a956c872113caa6e2b07a6bb8 +DIST nss-pam-ldapd-0.9.6.tar.gz 754681 SHA256 101d5a7fa10549cc77be48d07f2b8141f59182f10f2cc0fea93efd13c3a5a6f2 SHA512 213bc55554290042623ef4cce071045bab569a824aef7d960e3aa9c2f64f0c4928c5c28a4b5d9225fd35ea5026bb11f710d9c620f790e9d82c73d89b272e972a WHIRLPOOL 8902d48a6e889e697f7ddf9bd7d481493a0e2e302223317647f24fd3cd10b176cf66287553b8eafc2b996d0c073055afeb42b4f29d93e8f05f3967bb0aeaee16 diff --git a/sys-auth/nss-pam-ldapd/files/nslcd-init b/sys-auth/nss-pam-ldapd/files/nslcd-init new file mode 100644 index 000000000000..5774fe70cab0 --- /dev/null +++ b/sys-auth/nss-pam-ldapd/files/nslcd-init @@ -0,0 +1,37 @@ +#!/sbin/runscript +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +extra_commands="checkconfig" +cfg="/etc/nslcd.conf" + +depend() { + need net + use dns logger +} + +checkconfig() { + if [ ! -f "$cfg" ] ; then + eerror "Please create $cfg" + eerror "Example config: /usr/share/nss-ldapd/nslcd.conf" + return 1 + fi + return 0 +} + +start() { + checkpath -q -d /var/run/nslcd -o nslcd:nslcd + checkconfig || return $? + + ebegin "Starting nslcd" + start-stop-daemon --start --pidfile /var/run/nslcd/nslcd.pid \ + --exec /usr/sbin/nslcd + eend $? "Failed to start nslcd" +} + +stop() { + ebegin "Stopping nslcd" + start-stop-daemon --stop --pidfile /var/run/nslcd/nslcd.pid + eend $? "Failed to stop nslcd" +} diff --git a/sys-auth/nss-pam-ldapd/files/nslcd-init-r1 b/sys-auth/nss-pam-ldapd/files/nslcd-init-r1 new file mode 100644 index 000000000000..238a008063f7 --- /dev/null +++ b/sys-auth/nss-pam-ldapd/files/nslcd-init-r1 @@ -0,0 +1,37 @@ +#!/sbin/runscript +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +extra_commands="checkconfig" +cfg="/etc/nslcd.conf" + +depend() { + need net + use dns logger +} + +checkconfig() { + if [ ! -f "$cfg" ] ; then + eerror "Please create $cfg" + eerror "Example config: /usr/share/nss-ldapd/nslcd.conf" + return 1 + fi + return 0 +} + +start() { + checkpath -q -d /run/nslcd -o nslcd:nslcd + checkconfig || return $? + + ebegin "Starting nslcd" + start-stop-daemon --start --pidfile /var/run/nslcd/nslcd.pid \ + --exec /usr/sbin/nslcd + eend $? "Failed to start nslcd" +} + +stop() { + ebegin "Stopping nslcd" + start-stop-daemon --stop --pidfile /var/run/nslcd/nslcd.pid + eend $? "Failed to stop nslcd" +} diff --git a/sys-auth/nss-pam-ldapd/files/nslcd-init-r2 b/sys-auth/nss-pam-ldapd/files/nslcd-init-r2 new file mode 100644 index 000000000000..6c203be7343f --- /dev/null +++ b/sys-auth/nss-pam-ldapd/files/nslcd-init-r2 @@ -0,0 +1,29 @@ +#!/sbin/openrc-run +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +command=/usr/sbin/nslcd +pidfile=/var/run/nslcd/nslcd.pid +extra_commands="checkconfig" +cfg="/etc/nslcd.conf" + +depend() { + need net + use dns logger +} + +checkconfig() { + if [ ! -f "$cfg" ] ; then + eerror "Please create $cfg" + eerror "Example config: /usr/share/nss-ldapd/nslcd.conf" + return 1 + fi + return 0 +} + +start_pre() { + checkpath -q -d /run/nslcd -o nslcd:nslcd + checkconfig + return $? +} diff --git a/sys-auth/nss-pam-ldapd/files/nslcd-init-s6 b/sys-auth/nss-pam-ldapd/files/nslcd-init-s6 new file mode 100644 index 000000000000..e69de29bb2d1 --- /dev/null +++ b/sys-auth/nss-pam-ldapd/files/nslcd-init-s6 diff --git a/sys-auth/nss-pam-ldapd/files/nslcd-run-s6 b/sys-auth/nss-pam-ldapd/files/nslcd-run-s6 new file mode 100644 index 000000000000..264da009ba11 --- /dev/null +++ b/sys-auth/nss-pam-ldapd/files/nslcd-run-s6 @@ -0,0 +1,3 @@ +#!/bin/sh +exec 2>&1 +exec /usr/sbin/nslcd -n diff --git a/sys-auth/nss-pam-ldapd/files/nslcd-tmpfiles.conf b/sys-auth/nss-pam-ldapd/files/nslcd-tmpfiles.conf new file mode 100644 index 000000000000..ac4ee0ad8649 --- /dev/null +++ b/sys-auth/nss-pam-ldapd/files/nslcd-tmpfiles.conf @@ -0,0 +1 @@ +d /run/nslcd 0755 nslcd nslcd - diff --git a/sys-auth/nss-pam-ldapd/files/nslcd.rc b/sys-auth/nss-pam-ldapd/files/nslcd.rc new file mode 100644 index 000000000000..916f78f8d8b1 --- /dev/null +++ b/sys-auth/nss-pam-ldapd/files/nslcd.rc @@ -0,0 +1,35 @@ +#!/sbin/runscript +# Copyright 1999-2008 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +opts="checkconfig" + +depend() { + need net + use dns logger +} + +checkconfig() { + if [ ! -f /etc/nss-ldapd.conf ] ; then + eerror "Please create /etc/nss-ldapd.conf" + eerror "Example config: /usr/share/nss-ldapd/nss-ldapd.conf" + return 1 + fi + return 0 +} + +start() { + checkconfig || return $? + + ebegin "Starting nslcd" + start-stop-daemon --start --pidfile /var/run/nslcd/nslcd.pid \ + --exec /usr/sbin/nslcd + eend $? "Failed to start nslcd" +} + +stop() { + ebegin "Stopping nslcd" + start-stop-daemon --stop --pidfile /var/run/nslcd/nslcd.pid + eend $? "Failed to stop nslcd" +} diff --git a/sys-auth/nss-pam-ldapd/files/nslcd.service b/sys-auth/nss-pam-ldapd/files/nslcd.service new file mode 100644 index 000000000000..030cc2c90eb1 --- /dev/null +++ b/sys-auth/nss-pam-ldapd/files/nslcd.service @@ -0,0 +1,14 @@ +[Unit] +Description=NSS and PAM LDAP client daemon +After=network-online.target +Wants=network-online.target nss-lookup.target syslog.service +Before=nss-user-lookup.target + +[Service] +Type=forking +PIDFile=/var/run/nslcd/nslcd.pid +ExecStart=/usr/sbin/nslcd + +[Install] +WantedBy=multi-user.target +RequiredBy=nss-user-lookup.target diff --git a/sys-auth/nss-pam-ldapd/files/nss-pam-ldapd-0.9.4-disable-py3-only-linters.patch b/sys-auth/nss-pam-ldapd/files/nss-pam-ldapd-0.9.4-disable-py3-only-linters.patch new file mode 100644 index 000000000000..06dcc2513a39 --- /dev/null +++ b/sys-auth/nss-pam-ldapd/files/nss-pam-ldapd-0.9.4-disable-py3-only-linters.patch @@ -0,0 +1,13 @@ +diff --git a/tests/pylint.rc b/tests/pylint.rc +index 7f0bc13..b66d018 100644 +--- a/tests/pylint.rc ++++ b/tests/pylint.rc +@@ -19,7 +19,7 @@ enable= + # can either give multiple identifier separated by comma (,) or put this option + # multiple time (only on the command line, not in the configuration file where + # it should appear only once). +-disable=E1101 ++disable=E1101,E1608,E1606,E1601 + + + [REPORTS] diff --git a/sys-auth/nss-pam-ldapd/metadata.xml b/sys-auth/nss-pam-ldapd/metadata.xml new file mode 100644 index 000000000000..458c550d203e --- /dev/null +++ b/sys-auth/nss-pam-ldapd/metadata.xml @@ -0,0 +1,26 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer> + <email>prometheanfire@gentoo.org</email> + <name>Matthew Thode</name> + </maintainer> + <maintainer> + <email>chutzpah@gentoo.org</email> + <name>Patrick McLean</name> + </maintainer> + <use> + <flag name="utils">Install the command-line utilities</flag> + </use> + <longdescription lang="en"> + Provides a Name Service Switch (NSS) module that allows your LDAP + server to provide user account, group, host name, alias, netgroup, and + basically any other information that you would normally get from /etc + flat files or NIS. It also provides a Pluggable Authentication Module + (PAM) to do authentication to an LDAP server. + + This is implemented using thin NSS and PAM modules which delegate to a + dedicated service (nslcd) that queries the LDAP server with persistent + connections, authentication, attribute translation, etc. + </longdescription> +</pkgmetadata> diff --git a/sys-auth/nss-pam-ldapd/nss-pam-ldapd-0.8.14-r2.ebuild b/sys-auth/nss-pam-ldapd/nss-pam-ldapd-0.8.14-r2.ebuild new file mode 100644 index 000000000000..16a99df8cd63 --- /dev/null +++ b/sys-auth/nss-pam-ldapd/nss-pam-ldapd-0.8.14-r2.ebuild @@ -0,0 +1,87 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +inherit multilib-minimal user + +DESCRIPTION="NSS module for name lookups using LDAP" +HOMEPAGE="http://arthurdejong.org/nss-pam-ldapd/" +SRC_URI="http://arthurdejong.org/nss-pam-ldapd/${P}.tar.gz" + +LICENSE="LGPL-2.1" +SLOT="0" +KEYWORDS="amd64 x86" +IUSE="debug kerberos sasl +pam" + +DEPEND=" + net-nds/openldap + sasl? ( dev-libs/cyrus-sasl ) + kerberos? ( virtual/krb5 ) + pam? ( virtual/pam ) + !sys-auth/nss_ldap + !sys-auth/pam_ldap" +RDEPEND="${DEPEND}" + +pkg_setup() { + enewgroup nslcd + enewuser nslcd -1 -1 -1 nslcd +} + +multilib_src_configure() { + # nss libraries always go in /lib on Gentoo + myconf=" + --enable-warnings + --with-ldap-lib=openldap + --with-ldap-conf-file=/etc/nslcd.conf + --with-nslcd-pidfile=/run/nslcd/nslcd.pid + --with-nslcd-socket=/run/nslcd/socket + --with-pam-seclib-dir=/$(get_libdir)/security + --libdir=/$(get_libdir) + $(use_enable debug) + $(use_enable kerberos) + $(use_enable pam) + $(use_enable sasl)" + + if use x86-fbsd; then + myconf+=" --with-nss-flavour=freebsd" + else + myconf+=" --with-nss-flavour=glibc" + fi + + ECONF_SOURCE="${S}" econf ${myconf} +} + +multilib_src_install() { + default + + # for socket and pid file (not needed bug 452992) + #keepdir /run/nslcd + + # init script + newinitd "${FILESDIR}"/nslcd-init-r1 nslcd + + # make an example copy + insinto /usr/share/nss-pam-ldapd + doins "${WORKDIR}/${P}/nslcd.conf" + + fperms o-r /etc/nslcd.conf +} + +pkg_postinst() { + echo + elog "For this to work you must configure /etc/nslcd.conf" + elog "This configuration is similar to pam_ldap's /etc/ldap.conf" + echo + elog "In order to use nss-pam-ldapd, nslcd needs to be running. You can" + elog "start it like this:" + elog " # /etc/init.d/nslcd start" + echo + elog "You can add it to the default runlevel like so:" + elog " # rc-update add nslcd default" + elog + elog "If you are upgrading, keep in mind that /etc/nss-ldapd.conf" + elog " is now named /etc/nslcd.conf" + echo +} diff --git a/sys-auth/nss-pam-ldapd/nss-pam-ldapd-0.9.6.ebuild b/sys-auth/nss-pam-ldapd/nss-pam-ldapd-0.9.6.ebuild new file mode 100644 index 000000000000..3c530e45635f --- /dev/null +++ b/sys-auth/nss-pam-ldapd/nss-pam-ldapd-0.9.6.ebuild @@ -0,0 +1,129 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +PYTHON_COMPAT=(python2_7) +inherit eutils prefix user python-r1 multilib multilib-minimal systemd s6 + +DESCRIPTION="NSS module for name lookups using LDAP" +HOMEPAGE="http://arthurdejong.org/nss-pam-ldapd/" +SRC_URI="http://arthurdejong.org/${PN}/${P}.tar.gz" + +LICENSE="LGPL-2.1" +SLOT="0" +KEYWORDS="" +IUSE="debug kerberos +pam sasl test +utils" + +COMMON_DEP=" + net-nds/openldap[${MULTILIB_USEDEP}] + sasl? ( dev-libs/cyrus-sasl[${MULTILIB_USEDEP}] ) + kerberos? ( virtual/krb5[${MULTILIB_USEDEP}] ) + pam? ( virtual/pam[${MULTILIB_USEDEP}] ) + utils? ( ${PYTHON_DEPS} ) + !sys-auth/nss_ldap + !sys-auth/pam_ldap" +RDEPEND="${COMMON_DEP}" +DEPEND="${COMMON_DEP} + test? ( + ${PYTHON_DEPS} + dev-python/pylint[${PYTHON_USEDEP}] + ) + sys-devel/automake" + +REQUIRED_USE=" + utils? ( ${PYTHON_REQUIRED_USE} ) + test? ( ${PYTHON_REQUIRED_USE} )" + +pkg_setup() { + enewgroup nslcd + enewuser nslcd -1 -1 -1 nslcd +} + +src_prepare() { + epatch "${FILESDIR}"/${PN}-0.9.4-disable-py3-only-linters.patch + epatch_user + use utils && python_setup +} + +multilib_src_configure() { + local -a myconf + + myconf=( + --disable-utils + --enable-warnings + --with-ldap-lib=openldap + --with-ldap-conf-file=/etc/nslcd.conf + --with-nslcd-pidfile=/run/nslcd/nslcd.pid + --with-nslcd-socket=/run/nslcd/socket + $(usex x86-fbsd '--with-nss-flavour=' '--with-nss-flavour=' 'freebsd' 'glibc') + $(use_enable debug) + $(use_enable kerberos) + $(use_enable pam) + $(use_enable sasl) + ) + + # nss libraries always go in /lib on Gentoo + if multilib_is_native_abi ; then + myconf+=("--with-pam-seclib-dir=${EPREFIX}/$(get_libdir)/security") + myconf+=("--libdir=${EPREFIX}/$(get_libdir)") + else + myconf+=("--with-pam-seclib-dir=/$(get_libdir)/security") + myconf+=("--libdir=/$(get_libdir)") + fi + + ECONF_SOURCE="${S}" econf "${myconf[@]}" +} + +multilib_src_install_all() { + local script + + newinitd "${FILESDIR}"/nslcd-init-r1 nslcd + newinitd "${FILESDIR}"/nslcd-init-r2 nslcd + newinitd "${FILESDIR}"/nslcd-init-s6 nslcd-s6 + s6_install_service nslcd "${FILESDIR}"/nslcd-run-s6 + + insinto /usr/share/nss-pam-ldapd + doins "${WORKDIR}/${P}/nslcd.conf" + + fperms o-r /etc/nslcd.conf + + if use utils; then + python_moduleinto nslcd + python_foreach_impl && python_domodule utils/*.py + + for script in chsh getent; do + python_foreach_impl python_newscript utils/${script}.py ${script}.ldap + done + fi + + systemd_newtmpfilesd "${FILESDIR}"/nslcd-tmpfiles.conf nslcd.conf + systemd_dounit "${FILESDIR}"/nslcd.service +} + +multilib_src_test() { + python_foreach_impl emake check +} + +pkg_postinst() { + echo + elog "For this to work you must configure /etc/nslcd.conf" + elog "This configuration is similar to pam_ldap's /etc/ldap.conf" + echo + elog "In order to use nss-pam-ldapd, nslcd needs to be running. You can" + elog "start it like this:" + elog " # /etc/init.d/nslcd start" + echo + elog "You can add it to the default runlevel like so:" + elog " # rc-update add nslcd default" + elog + elog "If you have >=sys-apps/openrc-0.16.3, you can also use s6" + elog "to supervise this service." + elog "To do this, emerge sys-apps/s6 then add nslcd-s6" + elog "default runlevel instead of nslcd." + elog + elog "If you are upgrading, keep in mind that /etc/nss-ldapd.conf" + elog " is now named /etc/nslcd.conf" + echo +} diff --git a/sys-auth/nss_ldap/Manifest b/sys-auth/nss_ldap/Manifest new file mode 100644 index 000000000000..8a1698c3ee19 --- /dev/null +++ b/sys-auth/nss_ldap/Manifest @@ -0,0 +1,6 @@ +DIST nss_ldap-258.tar.gz 274694 SHA256 afa3bb64cd29557e775219585655721ac220de5804d95d0c307dab86f2308346 SHA512 0a92076214e6ffaa60929a9fdc34fe7c9a584a0789d54ea505e65a69eda88a3ee0382ea5a90c581073c95671fa3a50b8a8a529e30f4260afacb3820695773ecb WHIRLPOOL 2d9f5e950886b9714c9c8ca348df855054b9505ca0c7891ec919016c1fa8cd1ddc9723fe74c7ecadfa75504f8bb77b78c50a7e64d67f934d4064a26e3b381db1 +DIST nss_ldap-259.tar.gz 274878 SHA256 8b65a32717f6173911aaea8e89b2c89ccb901f14f1063f5e49b5ab77d45f1790 +DIST nss_ldap-261.tar.gz 276065 SHA256 7e9a6e8e1f07607b63f5f61fda755778fb1257e6599ac467327b6e817de5aad7 +DIST nss_ldap-262.tar.gz 274927 SHA256 179cd8458ae3cc23cb726cf15afb94089482dd22559ac503e7df5fd6fc2c4cbf +DIST nss_ldap-264.tar.gz 278134 SHA256 556198f2774bdb61a597da3fa8a5ecc80a3271ed9ab177760df7c4f22d6b1d25 SHA512 e7decde11377f10ec98fd360a38cbf08b9af7e328e967e417367e9e501faf0868be67a6f8fc1dd9b1fe7ee2ae720ee791ed481e21e80f686e750351b3ea6e689 WHIRLPOOL 717bb86422fc93fdf157949e261858afbd61976d329d039854fab7c912b130c07ef226fa5c50ec3f2e3e7171e2ad0830017816eade377e36885cb5d0f8142245 +DIST nss_ldap-265.tar.gz 280976 SHA256 77b54d905f50d774f28d5559d49126f1bc76720f741b0864a64bb4936ec226a8 SHA512 c4584682968861dd5880992fe7d11c6005d94f0c17252ab1cda04380fd7a81b419ba7e87d0efa44c24c5ce5bf76b9fd8331034dddb4f1400f132eb2192472077 WHIRLPOOL 3e24f18cc9d40738b22f2f0747c081a70e788bc6eb4c742c4d70b153db1b500f27ea2a5bbb935438f020075a6dd198398dd335509fb523239a3f5184f92223c7 diff --git a/sys-auth/nss_ldap/files/nss_ldap-239-tls-security-bug.patch b/sys-auth/nss_ldap/files/nss_ldap-239-tls-security-bug.patch new file mode 100644 index 000000000000..1dbd8dc889a1 --- /dev/null +++ b/sys-auth/nss_ldap/files/nss_ldap-239-tls-security-bug.patch @@ -0,0 +1,42 @@ +--- ldap-nss.c 2004-09-28 03:20:11.000000000 +0100 ++++ ldap-nss.c.new 2005-07-04 01:32:12.000000000 +0100 +@@ -330,6 +330,39 @@ + + timelimit = __session.ls_config->ldc_bind_timelimit; + ++#ifdef HAVE_LDAP_START_TLS_S ++ if (__session.ls_config->ldc_ssl_on == SSL_START_TLS) ++ { ++ int version; ++ ++ if (ldap_get_option ++ (__session.ls_conn, LDAP_OPT_PROTOCOL_VERSION, ++ &version) == LDAP_OPT_SUCCESS) ++ { ++ if (version < LDAP_VERSION3) ++ { ++ version = LDAP_VERSION3; ++ ldap_set_option (__session.ls_conn, LDAP_OPT_PROTOCOL_VERSION, ++ &version); ++ } ++ } ++ ++ debug ("==> start_tls"); ++ if (ldap_start_tls_s (__session.ls_conn, NULL, NULL) == LDAP_SUCCESS) ++ { ++ debug ("TLS startup succeeded"); ++ } ++ else ++ { ++ debug ("TLS startup failed"); ++ do_close (); ++ debug ("<== do_open"); ++ return NSS_UNAVAIL; ++ } ++ debug ("<== start_tls"); ++ } ++#endif /* HAVE_LDAP_START_TLS_S */ ++ + return do_bind (ld, timelimit, who, cred, with_sasl); + } + #else diff --git a/sys-auth/nss_ldap/files/nss_ldap-249-sasl-compile.patch b/sys-auth/nss_ldap/files/nss_ldap-249-sasl-compile.patch new file mode 100644 index 000000000000..1e92c9bb6fe5 --- /dev/null +++ b/sys-auth/nss_ldap/files/nss_ldap-249-sasl-compile.patch @@ -0,0 +1,11 @@ +--- ldap-nss.c~ 2006-02-25 02:43:33.503639826 -0800 ++++ ldap-nss.c 2006-02-25 02:50:51.943806612 -0800 +@@ -72,6 +72,8 @@ + #include <sasl/sasl.h> + #elif defined(HAVE_SASL_H) + #include <sasl.h> ++#elif defined(HAVE_SASL_SASL_H) ++#include <sasl/sasl.h> + #endif + + #ifndef HAVE_SNPRINTF diff --git a/sys-auth/nss_ldap/files/nss_ldap-252-reconnect-timeouts.patch b/sys-auth/nss_ldap/files/nss_ldap-252-reconnect-timeouts.patch new file mode 100644 index 000000000000..285a34e3df4b --- /dev/null +++ b/sys-auth/nss_ldap/files/nss_ldap-252-reconnect-timeouts.patch @@ -0,0 +1,65 @@ +This patch changes the default timeouts, so that they are much lower, and do +not cause major delays when booting a system. This is a workaround until the +core /etc/{passwd,group} contain all of the data needed for a system boot. + +Also add a note that 'ssl on' is broken and TLS should be used instead. + +Signed-off-by: Robin H. Johnson <robbat2@gentoo.org> + +diff -Nuar --exclude '*~' nss_ldap-250.orig/ldap-nss.h nss_ldap-250/ldap-nss.h +--- nss_ldap-250.orig/ldap-nss.h 2006-04-26 18:19:00.000000000 -0700 ++++ nss_ldap-250/ldap-nss.h 2006-06-14 01:58:01.933005492 -0700 +@@ -96,9 +96,9 @@ + * unacceptable, in which case you may wish to adjust + * the constants below. + */ +-#define LDAP_NSS_TRIES 5 /* number of sleeping reconnect attempts */ +-#define LDAP_NSS_SLEEPTIME 4 /* seconds to sleep; doubled until max */ +-#define LDAP_NSS_MAXSLEEPTIME 64 /* maximum seconds to sleep */ ++#define LDAP_NSS_TRIES 4 /* number of sleeping reconnect attempts */ ++#define LDAP_NSS_SLEEPTIME 1 /* seconds to sleep; doubled until max */ ++#define LDAP_NSS_MAXSLEEPTIME 16 /* maximum seconds to sleep */ + #define LDAP_NSS_MAXCONNTRIES 2 /* reconnect attempts before sleeping */ + + #if defined(HAVE_NSSWITCH_H) || defined(HAVE_IRS_H) +diff -Nuar --exclude '*~' nss_ldap-250.orig/ldap.conf nss_ldap-250/ldap.conf +--- nss_ldap-250.orig/ldap.conf 2006-04-26 18:19:00.000000000 -0700 ++++ nss_ldap-250/ldap.conf 2006-06-14 02:12:02.008444745 -0700 +@@ -283,7 +283,8 @@ + # OpenLDAP SSL mechanism + # start_tls mechanism uses the normal LDAP port, LDAPS typically 636 + #ssl start_tls +-#ssl on ++###ssl on ++# Gentoo note: Don't use 'ssl on' in 249/250. They are broken in some cases! Use start_tls instead. + + # OpenLDAP SSL options + # Require and verify server certificate (yes/no) +@@ -315,3 +316,27 @@ + # Override the default Kerberos ticket cache location. + #krb5_ccname FILE:/etc/.ldapcache + ++# Timeout behavior ++# Upstream nss_ldap hard-codes these values: ++#nss_reconnect_tries 5 # number of times to double the sleep time ++#nss_reconnect_sleeptime 4 # initial sleep value ++#nss_reconnect_maxsleeptime 64 # max sleep value to cap at ++#nss_reconnect_maxconntries 2 # how many tries before sleeping ++# This leads to a delay of 124 seconds (4+8+16+32+64=124) per lookup if the ++# server is not available. ++ ++# For Gentoo's distribution of nss_ldap, as of 250-r1, we use these values ++# (The hardwired constants in the code are changed to them as well): ++nss_reconnect_tries 4 # number of times to double the sleep time ++nss_reconnect_sleeptime 1 # initial sleep value ++nss_reconnect_maxsleeptime 16 # max sleep value to cap at ++nss_reconnect_maxconntries 2 # how many tries before sleeping ++# This leads to a delay of 15 seconds (1+2+4+8=15) ++ ++# If you are impatient, and know your LDAP server is reliable, fast or local, ++# you may wish to use these values instead: ++#nss_reconnect_tries 1 # number of times to double the sleep time ++#nss_reconnect_sleeptime 1 # initial sleep value ++#nss_reconnect_maxsleeptime 1 # max sleep value to cap at ++#nss_reconnect_maxconntries 3 # how many tries before sleeping ++# This leads to a delay of 1 second. diff --git a/sys-auth/nss_ldap/files/nss_ldap-254-nss_getgrent_skipmembers.patch b/sys-auth/nss_ldap/files/nss_ldap-254-nss_getgrent_skipmembers.patch new file mode 100644 index 000000000000..68809bcf1b1b --- /dev/null +++ b/sys-auth/nss_ldap/files/nss_ldap-254-nss_getgrent_skipmembers.patch @@ -0,0 +1,226 @@ +diff -c -r nss_ldap-250/ChangeLog nss_ldap-250.1/ChangeLog +*** nss_ldap-250/ChangeLog Wed Apr 26 18:19:00 2006 +--- nss_ldap-250.1/ChangeLog Wed Aug 16 16:58:57 2006 +*************** +*** 1,6 **** +--- 1,13 ---- + $Id$ + =============================================================== + ++ 250.1 Paul B. Henson <henson@acm.org> ++ ++ * add nss_getgrent_skipmembers parameter to ldap.conf, ++ if enabled will not request member attributes for ++ group lookups, greatly increasing performance in the ++ face of large groups ++ + 250 Luke Howard <lukeh@padl.com> + + * don't use static _nss_ldap_no_members buffer, +diff -c -r nss_ldap-250/ldap-nss.c nss_ldap-250.1/ldap-nss.c +*** nss_ldap-250/ldap-nss.c Wed Apr 26 18:19:00 2006 +--- nss_ldap-250.1/ldap-nss.c Wed Aug 16 16:51:49 2006 +*************** +*** 1258,1264 **** + + cfg = __config; + +! _nss_ldap_init_attributes (cfg->ldc_attrtab); + _nss_ldap_init_filters (); + + #ifdef HAVE_LDAP_SET_OPTION +--- 1258,1264 ---- + + cfg = __config; + +! _nss_ldap_init_attributes (cfg->ldc_attrtab, cfg->ldc_getgrent_skipmembers); + _nss_ldap_init_filters (); + + #ifdef HAVE_LDAP_SET_OPTION +diff -c -r nss_ldap-250/ldap-nss.h nss_ldap-250.1/ldap-nss.h +*** nss_ldap-250/ldap-nss.h Wed Apr 26 18:19:00 2006 +--- nss_ldap-250.1/ldap-nss.h Wed Aug 16 16:51:59 2006 +*************** +*** 390,395 **** +--- 390,396 ---- + time_t ldc_mtime; + + char **ldc_initgroups_ignoreusers; ++ int ldc_getgrent_skipmembers; + }; + + typedef struct ldap_config ldap_config_t; +diff -c -r nss_ldap-250/ldap-schema.c nss_ldap-250.1/ldap-schema.c +*** nss_ldap-250/ldap-schema.c Wed Apr 26 18:19:00 2006 +--- nss_ldap-250.1/ldap-schema.c Wed Aug 16 16:54:52 2006 +*************** +*** 273,279 **** + + static void init_pwd_attributes (const char ***pwd_attrs); + static void init_sp_attributes (const char ***sp_attrs); +! static void init_grp_attributes (const char ***grp_attrs); + static void init_hosts_attributes (const char ***hosts_attrs); + static void init_services_attributes (const char ***services_attrs); + static void init_network_attributes (const char ***network_attrs); +--- 273,279 ---- + + static void init_pwd_attributes (const char ***pwd_attrs); + static void init_sp_attributes (const char ***sp_attrs); +! static void init_grp_attributes (const char ***grp_attrs, int ldc_getgrent_skipmembers); + static void init_hosts_attributes (const char ***hosts_attrs); + static void init_services_attributes (const char ***services_attrs); + static void init_network_attributes (const char ***network_attrs); +*************** +*** 289,299 **** + * attribute table initialization routines + */ + void +! _nss_ldap_init_attributes (const char ***attrtab) + { + init_pwd_attributes (&attrtab[LM_PASSWD]); + init_sp_attributes (&attrtab[LM_SHADOW]); +! init_grp_attributes (&attrtab[LM_GROUP]); + init_hosts_attributes (&attrtab[LM_HOSTS]); + init_services_attributes (&attrtab[LM_SERVICES]); + init_network_attributes (&attrtab[LM_NETWORKS]); +--- 289,299 ---- + * attribute table initialization routines + */ + void +! _nss_ldap_init_attributes (const char ***attrtab, int ldc_getgrent_skipmembers) + { + init_pwd_attributes (&attrtab[LM_PASSWD]); + init_sp_attributes (&attrtab[LM_SHADOW]); +! init_grp_attributes (&attrtab[LM_GROUP], ldc_getgrent_skipmembers); + init_hosts_attributes (&attrtab[LM_HOSTS]); + init_services_attributes (&attrtab[LM_SERVICES]); + init_network_attributes (&attrtab[LM_NETWORKS]); +*************** +*** 357,363 **** + } + + static void +! init_grp_attributes (const char ***grp_attrs) + { + int i = 0; + static const char *__grp_attrs[ATTRTAB_SIZE + 1]; +--- 357,363 ---- + } + + static void +! init_grp_attributes (const char ***grp_attrs, int ldc_getgrent_skipmembers) + { + int i = 0; + static const char *__grp_attrs[ATTRTAB_SIZE + 1]; +*************** +*** 366,374 **** + + (*grp_attrs)[i++] = (char *) ATM (LM_GROUP, cn); + (*grp_attrs)[i++] = (char *) ATM (LM_GROUP, userPassword); +! (*grp_attrs)[i++] = (char *) AT (memberUid); +! if (_nss_ldap_test_config_flag (NSS_LDAP_FLAGS_RFC2307BIS)) +! (*grp_attrs)[i++] = (char *) AT (uniqueMember); + (*grp_attrs)[i++] = (char *) ATM (LM_GROUP, gidNumber); + (*grp_attrs)[i] = NULL; + } +--- 366,377 ---- + + (*grp_attrs)[i++] = (char *) ATM (LM_GROUP, cn); + (*grp_attrs)[i++] = (char *) ATM (LM_GROUP, userPassword); +! if (!ldc_getgrent_skipmembers) +! { +! (*grp_attrs)[i++] = (char *) AT (memberUid); +! if (_nss_ldap_test_config_flag (NSS_LDAP_FLAGS_RFC2307BIS)) +! (*grp_attrs)[i++] = (char *) AT (uniqueMember); +! } + (*grp_attrs)[i++] = (char *) ATM (LM_GROUP, gidNumber); + (*grp_attrs)[i] = NULL; + } +diff -c -r nss_ldap-250/ldap-schema.h nss_ldap-250.1/ldap-schema.h +*** nss_ldap-250/ldap-schema.h Wed Apr 26 18:19:00 2006 +--- nss_ldap-250.1/ldap-schema.h Wed Aug 16 16:54:07 2006 +*************** +*** 30,36 **** + * function to initialize global lookup filters. + */ + void _nss_ldap_init_filters (); +! void _nss_ldap_init_attributes (const char ***attrtab); + + /** + * make filters formerly declared in ldap-*.h globally available. +--- 30,36 ---- + * function to initialize global lookup filters. + */ + void _nss_ldap_init_filters (); +! void _nss_ldap_init_attributes (const char ***attrtab, int ldc_getgrent_skipmembers); + + /** + * make filters formerly declared in ldap-*.h globally available. +diff -c -r nss_ldap-250/nss_ldap.5 nss_ldap-250.1/nss_ldap.5 +*** nss_ldap-250/nss_ldap.5 Wed Apr 26 18:19:00 2006 +--- nss_ldap-250.1/nss_ldap.5 Wed Aug 16 17:07:19 2006 +*************** +*** 445,450 **** +--- 445,458 ---- + to return NSS_STATUS_NOTFOUND if called with a listed users as + its argument. + .TP ++ .B nss_getgrent_skipmembers <yes|no> ++ Specifies whether or not to populate the members list in ++ the group structure for group lookups. If very large groups ++ are present, enabling this option will greatly increase ++ perforance, at the cost of some lost functionality. You should ++ verify no local applications rely on this information before ++ enabling this on a production system. ++ .TP + .B nss_srv_domain <domain> + This option determines the DNS domain used for performing SRV + lookups. +diff -c -r nss_ldap-250/util.c nss_ldap-250.1/util.c +*** nss_ldap-250/util.c Wed Apr 26 18:19:00 2006 +--- nss_ldap-250.1/util.c Wed Aug 16 16:52:55 2006 +*************** +*** 660,665 **** +--- 660,666 ---- + result->ldc_reconnect_maxsleeptime = LDAP_NSS_MAXSLEEPTIME; + result->ldc_reconnect_maxconntries = LDAP_NSS_MAXCONNTRIES; + result->ldc_initgroups_ignoreusers = NULL; ++ result->ldc_getgrent_skipmembers = 0; + + for (i = 0; i <= LM_NONE; i++) + { +*************** +*** 1137,1142 **** +--- 1138,1156 ---- + break; + } + } ++ else if (!strcasecmp (k, NSS_LDAP_KEY_GETGRENT_SKIPMEMBERS)) ++ { ++ if (!strcasecmp (v, "on") || !strcasecmp (v, "yes") ++ || !strcasecmp (v, "true")) ++ { ++ result->ldc_getgrent_skipmembers = 1; ++ } ++ else if (!strcasecmp (v, "off") || !strcasecmp (v, "no") ++ || !strcasecmp (v, "false")) ++ { ++ result->ldc_getgrent_skipmembers = 0; ++ } ++ } + else if (!strcasecmp (k, NSS_LDAP_KEY_CONNECT_POLICY)) + { + if (!strcasecmp (v, "oneshot")) +diff -c -r nss_ldap-250/util.h nss_ldap-250.1/util.h +*** nss_ldap-250/util.h Wed Apr 26 18:19:00 2006 +--- nss_ldap-250.1/util.h Wed Aug 16 16:49:52 2006 +*************** +*** 83,88 **** +--- 83,89 ---- + #define NSS_LDAP_KEY_PAGESIZE "pagesize" + #define NSS_LDAP_KEY_INITGROUPS "nss_initgroups" + #define NSS_LDAP_KEY_INITGROUPS_IGNOREUSERS "nss_initgroups_ignoreusers" ++ #define NSS_LDAP_KEY_GETGRENT_SKIPMEMBERS "nss_getgrent_skipmembers" + + /* more reconnect policy fine-tuning */ + #define NSS_LDAP_KEY_RECONNECT_TRIES "nss_reconnect_tries" diff --git a/sys-auth/nss_ldap/files/nss_ldap-254-soname.patch b/sys-auth/nss_ldap/files/nss_ldap-254-soname.patch new file mode 100644 index 000000000000..e832c2f0d218 --- /dev/null +++ b/sys-auth/nss_ldap/files/nss_ldap-254-soname.patch @@ -0,0 +1,12 @@ +Set the soname which glibc expects us to have. +--- nss_ldap-254/configure.in 2007-02-26 16:40:53.000000000 -0500 ++++ nss_ldap-254/configure.in 2007-02-26 16:40:47.000000000 -0500 +@@ -92,7 +92,7 @@ + nss_ldap_so_LDFLAGS="-b -dynamic -G `cat exports.hpux`" + CPPFLAGS="$CPPFLAGS -I. -DHPUX" + TARGET_OS=HPUX ;; +-linux*) nss_ldap_so_LDFLAGS="-shared -Wl,-Bdynamic -Wl,--version-script,\$(srcdir)/exports.linux" ;; ++linux*) nss_ldap_so_LDFLAGS="-shared -Wl,-Bdynamic -Wl,--version-script,\$(srcdir)/exports.linux -Wl,-soname=libnss_ldap.so.2" ;; + *) nss_ldap_so_LDFLAGS="-shared -Wl,-Bdynamic" ;; + esac + diff --git a/sys-auth/nss_ldap/files/nss_ldap-257-nss_max_group_depth.patch b/sys-auth/nss_ldap/files/nss_ldap-257-nss_max_group_depth.patch new file mode 100644 index 000000000000..d2f8efeec751 --- /dev/null +++ b/sys-auth/nss_ldap/files/nss_ldap-257-nss_max_group_depth.patch @@ -0,0 +1,92 @@ +Gentoo-Bug: 155492 +Original-Author: Heath Caldwell <hncaldwell@csupomona.edu> +Rediffed-by: Robin H. Johnson <robbat2@gentoo.org> + +--- nss_ldap-257.orig/ChangeLog 2007-09-18 15:02:59.997686000 -0700 ++++ nss_ldap-257/ChangeLog 2007-09-18 15:04:07.925113592 -0700 +@@ -3,2 +3,7 @@ + ++257.1 Heath Caldwell <hncaldwell@csupomona.edu> ++ ++ * add configurable maximum group depth with new ++ configuration file option called nss_max_group_depth ++ + 257 Luke Howard <lukeh@padl.com> +--- nss_ldap-257.orig/ldap-grp.c 2007-08-02 21:51:09.000000000 -0700 ++++ nss_ldap-257/ldap-grp.c 2007-09-18 15:03:23.734619150 -0700 +@@ -308,7 +308,7 @@ + uniquemember_attrs[0] = uniquemember_attr; + uniquemember_attrs[1] = NULL; + +- if (*depth > LDAP_NSS_MAXGR_DEPTH) ++ if (*depth > _nss_ldap_max_group_depth) + { + return NSS_NOTFOUND; + } +@@ -844,7 +844,7 @@ + const char *gidnumber_attrs[2]; + int erange; + +- if (lia->depth > LDAP_NSS_MAXGR_DEPTH) ++ if (lia->depth > _nss_ldap_max_group_depth) + return NSS_NOTFOUND; + + if (_nss_ldap_namelist_find (lia->known_groups, dn)) +@@ -890,7 +890,7 @@ + size_t memberCount, i; + int erange; + +- if (lia->depth > LDAP_NSS_MAXGR_DEPTH) ++ if (lia->depth > _nss_ldap_max_group_depth) + return NSS_NOTFOUND; + + for (memberCount = 0; membersOf[memberCount] != NULL; memberCount++) +--- nss_ldap-257.orig/ldap-nss.h 2007-09-18 15:02:59.997686000 -0700 ++++ nss_ldap-257/ldap-nss.h 2007-09-18 15:03:23.734619150 -0700 +@@ -105,7 +105,8 @@ + #define LDAP_NSS_MAXNETGR_DEPTH 16 /* maximum depth of netgroup nesting for innetgr() */ + #endif /* HAVE_NSSWITCH_H */ + +-#define LDAP_NSS_MAXGR_DEPTH 16 /* maximum depth of group nesting for getgrent()/initgroups() */ ++#define LDAP_NSS_MAXGR_DEPTH 16 /* default maximum depth of group nesting for getgrent()/initgroups() */ ++extern int _nss_ldap_max_group_depth; /* global variable to hold maximum group depth */ + + #if LDAP_NSS_NGROUPS > 64 + #define LDAP_NSS_BUFLEN_GROUP (NSS_BUFSIZ + (LDAP_NSS_NGROUPS * (sizeof (char *) + LOGNAME_MAX))) +--- nss_ldap-257.orig/nss_ldap.5 2007-09-18 15:03:00.001020000 -0700 ++++ nss_ldap-257/nss_ldap.5 2007-09-18 15:05:42.779508238 -0700 +@@ -453,6 +453,10 @@ + verify no local applications rely on this information before + enabling this on a production system. + .TP ++.B nss_max_group_depth <value> ++Specifies the maximum depth to which nested groups are queried. ++A value of 0 effectively disables querying for nested groups. ++.TP + .B nss_srv_domain <domain> + This option determines the DNS domain used for performing SRV + lookups. +--- nss_ldap-257.orig/util.c 2007-09-18 15:03:00.001020000 -0700 ++++ nss_ldap-257/util.c 2007-09-18 15:04:35.032083555 -0700 +@@ -62,2 +62,5 @@ + ++/* Initialize global maximum group depth to default. */ ++int _nss_ldap_max_group_depth = LDAP_NSS_MAXGR_DEPTH; ++ + static NSS_STATUS do_getrdnvalue (const char *dn, +@@ -805,2 +808,5 @@ + ++ /* Reset global maximum group depth to default. */ ++ _nss_ldap_max_group_depth = LDAP_NSS_MAXGR_DEPTH; ++ + while (fgets (b, sizeof (b), fp) != NULL) +--- nss_ldap-257.orig/util.h 2007-09-18 15:03:00.001020000 -0700 ++++ nss_ldap-257/util.h 2007-09-18 15:05:11.295822638 -0700 +@@ -84,6 +84,7 @@ + #define NSS_LDAP_KEY_INITGROUPS "nss_initgroups" + #define NSS_LDAP_KEY_INITGROUPS_IGNOREUSERS "nss_initgroups_ignoreusers" + #define NSS_LDAP_KEY_GETGRENT_SKIPMEMBERS "nss_getgrent_skipmembers" ++#define NSS_LDAP_KEY_MAX_GROUP_DEPTH "nss_max_group_depth" + + /* more reconnect policy fine-tuning */ + #define NSS_LDAP_KEY_RECONNECT_TRIES "nss_reconnect_tries" diff --git a/sys-auth/nss_ldap/files/nss_ldap-257.2-gssapi-headers.patch b/sys-auth/nss_ldap/files/nss_ldap-257.2-gssapi-headers.patch new file mode 100644 index 000000000000..cec5517e741c --- /dev/null +++ b/sys-auth/nss_ldap/files/nss_ldap-257.2-gssapi-headers.patch @@ -0,0 +1,65 @@ +http://bugs.gentoo.org/show_bug.cgi?id=165638 +http://bugzilla.padl.com/show_bug.cgi?id=308 + +Make nss_ldap compile with gssapi/gssapi.h even if there is no +gssapi/gssapi_krb5.h present. This seems to be needed to compile against +heimdal. Extended header checks and modified preprocessor logic a bit. + +2007-02-07 Martin von Gagern <Martin.vGagern@gmx.net> + +diff -ruN nss_ldap-257.2.orig/config.h.in nss_ldap-257.2/config.h.in +--- nss_ldap-257.2.orig/config.h.in 2007-10-24 14:22:55.000000000 +0200 ++++ nss_ldap-257.2/config.h.in 2007-10-24 14:25:15.000000000 +0200 +@@ -87,6 +87,9 @@ + /* Define to 1 if you have the <gssapi/gssapi_krb5.h> header file. */ + #undef HAVE_GSSAPI_GSSAPI_KRB5_H + ++/* Define to 1 if you have the <gssapi/gssapi.h> header file. */ ++#undef HAVE_GSSAPI_GSSAPI_H ++ + /* Define to 1 if you have the <gssapi.h> header file. */ + #undef HAVE_GSSAPI_H + +diff -ruN nss_ldap-257.2.orig/configure nss_ldap-257.2/configure +--- nss_ldap-257.2.orig/configure 2007-10-24 14:22:55.000000000 +0200 ++++ nss_ldap-257.2/configure 2007-10-24 14:25:49.000000000 +0200 +@@ -8409,7 +8409,7 @@ + + + +-for ac_header in gssapi/gssapi_krb5.h gssapi.h ++for ac_header in gssapi/gssapi_krb5.h gssapi/gssapi.h gssapi.h + do + as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` + if eval "test \"\${$as_ac_Header+set}\" = set"; then +diff -ruN nss_ldap-257.2.orig/configure.in nss_ldap-257.2/configure.in +--- nss_ldap-257.2.orig/configure.in 2007-10-24 14:22:55.000000000 +0200 ++++ nss_ldap-257.2/configure.in 2007-10-24 14:26:26.000000000 +0200 +@@ -182,7 +182,7 @@ + AC_CHECK_HEADERS(strings.h) + AC_CHECK_HEADERS(gssldap.h) + AC_CHECK_HEADERS(gsssasl.h) +-AC_CHECK_HEADERS(gssapi/gssapi_krb5.h gssapi.h) ++AC_CHECK_HEADERS(gssapi/gssapi_krb5.h gssapi/gssapi.h gssapi.h) + AC_CHECK_HEADERS(krb5.h) + + AC_CHECK_LIB(resolv, main) +diff -ruN nss_ldap-257.2.orig/ldap-nss.c nss_ldap-257.2/ldap-nss.c +--- nss_ldap-257.2.orig/ldap-nss.c 2007-10-24 14:22:55.000000000 +0200 ++++ nss_ldap-257.2/ldap-nss.c 2007-10-24 14:27:32.000000000 +0200 +@@ -82,10 +82,14 @@ + #endif + #ifdef HAVE_GSSAPI_H + #include <gssapi.h> +-#elif defined(HAVE_GSSAPI_GSSAPI_KRB5_H) ++#else ++#ifdef HAVE_GSSAPI_GSSAPI_H + #include <gssapi/gssapi.h> ++#endif ++#ifdef HAVE_GSSAPI_GSSAPI_KRB5_H + #include <gssapi/gssapi_krb5.h> + #endif ++#endif + #ifdef CONFIGURE_KRB5_CCNAME + #include <krb5.h> + #endif diff --git a/sys-auth/nss_ldap/files/nss_ldap-264-disable-automagic.patch b/sys-auth/nss_ldap/files/nss_ldap-264-disable-automagic.patch new file mode 100644 index 000000000000..7671574da4da --- /dev/null +++ b/sys-auth/nss_ldap/files/nss_ldap-264-disable-automagic.patch @@ -0,0 +1,109 @@ +Explicitly provide a way to disable Kerberos/SASL/SSL usage in nss_ldap, so +that you can build non-kerberos versions on systems with Kerberos installed +WITHOUT it linking due to presence. + +Signed-off-by: Robin H. Johnson <robbat2@gentoo.org> + +diff -Nuar nss_ldap-264.orig/configure.in nss_ldap-264/configure.in +--- nss_ldap-264.orig/configure.in 2009-07-28 10:35:27.599965878 -0700 ++++ nss_ldap-264/configure.in 2009-07-28 10:36:00.620375469 -0700 +@@ -10,6 +10,21 @@ + AC_PROG_INSTALL + + dnl ++dnl Turn on/off SSL ++dnl ++AC_ARG_ENABLE(ssl, [ --enable-ssl enable SSL code ], [AC_DEFINE([WANT_SSL], [1], [Define if SSL is wanted])]) ++ ++dnl ++dnl Turn on/off Kerberos ++dnl ++AC_ARG_ENABLE(krb, [ --enable-krb enable Kerberos code ], [AC_DEFINE([WANT_KRB], [1], [Define if Kerberos is wanted])]) ++ ++dnl ++dnl Turn on/off SASL ++dnl ++AC_ARG_ENABLE(sasl, [ --enable-sasl enable Kerberos code ], [AC_DEFINE([WANT_SASL], [1], [Define if SASL is wanted])]) ++ ++dnl + dnl --enable-rfc2307bis is now deprecated; if this option is set, + dnl then RFC2307bis support will be enabled by default. However + dnl it can now always be enabled at runtime with the nss_schema +@@ -178,12 +193,18 @@ + AC_CHECK_HEADERS(sys/un.h) + AC_CHECK_HEADERS(libc-lock.h) + AC_CHECK_HEADERS(bits/libc-lock.h) +-AC_CHECK_HEADERS(sasl.h sasl/sasl.h) ++if test "$enable_sasl" \!= "no"; then ++ AC_CHECK_HEADERS(sasl.h sasl/sasl.h) ++fi + AC_CHECK_HEADERS(strings.h) +-AC_CHECK_HEADERS(gssldap.h) +-AC_CHECK_HEADERS(gsssasl.h) +-AC_CHECK_HEADERS(gssapi/gssapi_krb5.h gssapi/gssapi.h gssapi.h) +-AC_CHECK_HEADERS(krb5.h) ++if test "$enable_krb" \!= "no"; then ++ AC_CHECK_HEADERS(gssldap.h) ++ if test "$enable_sasl" \!= "no"; then ++ AC_CHECK_HEADERS(gsssasl.h) ++ fi ++ AC_CHECK_HEADERS(gssapi/gssapi_krb5.h gssapi/gssapi.h gssapi.h) ++ AC_CHECK_HEADERS(krb5.h) ++fi + + AC_CHECK_LIB(resolv, main) + AC_CHECK_LIB(nsl, main) +@@ -286,19 +307,25 @@ + AC_CHECK_LIB(dl, dlopen,[LIBS="-ldl $LIBS"],,$LIBS) + dnl AC_CHECK_LIB(db, main,[LIBS="-ldb $LIBS"],,$LIBS) + +-AC_CHECK_LIB(gssapi, gss_krb5_ccache_name,[LIBS="-lgssapi $LIBS" found_gssapi_lib=yes],,$LIBS) +-if test -z "$found_gssapi_lib"; then +- AC_CHECK_LIB(gssapi_krb5, gss_krb5_ccache_name,[LIBS="-lgssapi_krb5 $LIBS"],,$LIBS) ++if test "$enable_krb" \!= "no"; then ++ AC_CHECK_LIB(gssapi, gss_krb5_ccache_name,[LIBS="-lgssapi $LIBS" found_gssapi_lib=yes],,$LIBS) ++ if test -z "$found_gssapi_lib"; then ++ AC_CHECK_LIB(gssapi_krb5, gss_krb5_ccache_name,[LIBS="-lgssapi_krb5 $LIBS"],,$LIBS) ++ fi + fi + + dnl Following checks probably not strictly necessary. + dnl AC_CHECK_LIB(crypto, main,[LIBS="-lcrypto $LIBS"],,$LIBS) + dnl AC_CHECK_LIB(ssl, main,[LIBS="-lssl $LIBS"],,$LIBS) + AC_CHECK_LIB(com_err, main,[LIBS="-lcom_err $LIBS"],,$LIBS) +-dnl AC_CHECK_LIB(k5crypto, main,[LIBS="-lk5crypto $LIBS"],,$LIBS) +-AC_CHECK_LIB(krb5, main,[LIBS="-lkrb5 $LIBS"],,$LIBS) +-dnl AC_CHECK_LIB(krb4, main,[LIBS="-lkrb4 $LIBS"],,$LIBS) +-AC_CHECK_LIB(sasl2, sasl_client_init) ++if test "$enable_krb" \!= "no"; then ++ dnl AC_CHECK_LIB(k5crypto, main,[LIBS="-lk5crypto $LIBS"],,$LIBS) ++ AC_CHECK_LIB(krb5, main,[LIBS="-lkrb5 $LIBS"],,$LIBS) ++ dnl AC_CHECK_LIB(krb4, main,[LIBS="-lkrb4 $LIBS"],,$LIBS) ++fi ++if test "$enable_sasl" \!= "no"; then ++ AC_CHECK_LIB(sasl2, sasl_client_init) ++fi + + if test -z "$found_ldap_lib" -a \( $with_ldap_lib = auto -o $with_ldap_lib = umich -o $with_ldap_lib = openldap \); then + AC_CHECK_LIB(lber, main) +@@ -331,13 +358,17 @@ + AC_CHECK_LIB(pthread, main) + fi + +-AC_CHECK_LIB(gssldap, ldap_gss_bind,[LIBS="-lgssldap $LIBS"],,$LIBS) ++if test "$enable_krb" \!= "no"; then ++ AC_CHECK_LIB(gssldap, ldap_gss_bind,[LIBS="-lgssldap $LIBS"],,$LIBS) ++fi + +-AC_CHECK_FUNCS(sasl_auxprop_request) + AC_CHECK_FUNCS(ldap_init ldap_get_lderrno ldap_parse_result ldap_memfree ldap_controls_free) + AC_CHECK_FUNCS(ldap_ld_free ldap_explode_rdn ldap_set_option ldap_get_option) +-AC_CHECK_FUNCS(ldap_sasl_interactive_bind_s ldap_initialize ldap_search_ext) ++AC_CHECK_FUNCS(ldap_initialize ldap_search_ext) + AC_CHECK_FUNCS(ldap_create_control ldap_create_page_control ldap_parse_page_control) ++if test "$enable_sasl" \!= "no"; then ++ AC_CHECK_FUNCS(sasl_auxprop_request ldap_sasl_interactive_bind_s) ++fi + if test "$enable_ssl" \!= "no"; then + AC_CHECK_FUNCS(ldapssl_client_init ldap_start_tls_s ldap_pvt_tls_set_option ldap_start_tls) + fi diff --git a/sys-auth/nss_ldap/files/nss_ldap-265-fbsd.patch b/sys-auth/nss_ldap/files/nss_ldap-265-fbsd.patch new file mode 100644 index 000000000000..1ae1171f88e5 --- /dev/null +++ b/sys-auth/nss_ldap/files/nss_ldap-265-fbsd.patch @@ -0,0 +1,432 @@ +--- Makefile.am.orig 2009-11-06 05:28:08.000000000 -0500 ++++ Makefile.am 2010-01-12 23:24:17.000000000 -0500 +@@ -9,8 +9,12 @@ + if AIX + INST_GID=system + else ++if FreeBSD ++INST_GID=wheel ++else + INST_GID=root + endif ++endif + + EXTRA_DIST = CVSVersionInfo.txt ChangeLog \ + AUTHORS ANNOUNCE NEWS INSTALL README LICENSE.OpenLDAP COPYING\ +@@ -23,7 +27,7 @@ + ldap-alias.c ldap-service.c ldap-schema.c ldap-ethers.c \ + ldap-bp.c ldap-automount.c util.c ltf.c snprintf.c resolve.c \ + dnsconfig.c irs-nss.c pagectrl.c ldap-sldap.c ldap-init-krb5-cache.c \ +- vers.c ++ vers.c bsdnss.c + + nss_ldap_so_LDFLAGS = @nss_ldap_so_LDFLAGS@ + +@@ -103,11 +107,10 @@ + $(mkinstalldirs) $(DESTDIR)$(dir $(NSS_LDAP_PATH_CONF)); \ + $(INSTALL_DATA) -o $(INST_UID) -g $(INST_GID) $(srcdir)/ldap.conf $(DESTDIR)$(NSS_LDAP_PATH_CONF); \ + fi +- $(INSTALL_DATA) -o $(INST_UID) -g $(INST_GID) $(srcdir)/nsswitch.ldap $(DESTDIR)$(sysconfdir)/nsswitch.ldap; + + uninstall-local: + @$(NORMAL_UNINSTALL) + + vers.c: $(top_srcdir)/CVSVersionInfo.txt +- CVSVERSIONDIR=$(top_srcdir) ./vers_string -v ++ $(top_srcdir)/vers_string -v + + +--- configure.in.orig 2007-10-29 06:30:12.000000000 -0700 ++++ configure.in 2008-09-26 20:38:20.000000000 -0700 +@@ -97,11 +97,15 @@ + linux*) nss_ldap_so_LDFLAGS="-shared -Wl,-Bdynamic -Wl,--version-script,\$(srcdir)/exports.linux" ;; + *) nss_ldap_so_LDFLAGS="-shared -Wl,-Bdynamic" ;; + esac ++case "$target_os" in ++freebsd*) TARGET_OS=FreeBSD ;; ++esac + + AM_CONDITIONAL(GCC, test "$GCC" = "yes") + AM_CONDITIONAL(GLIBC, test "$target_os" = "linux" -o "$target_os" = "linux-gnu") + AM_CONDITIONAL(AIX, test "$TARGET_OS" = AIX) + AM_CONDITIONAL(HPUX, test "$TARGET_OS" = HPUX) ++AM_CONDITIONAL(FreeBSD, test "$TARGET_OS" = FreeBSD) + + AM_CONDITIONAL(USE_NATIVE_LINKER, test -n "$nss_ldap_so_LD") + +@@ -153,7 +157,6 @@ + aix*) AC_CHECK_HEADERS(irs.h usersec.h) ;; + hpux*) AC_CHECK_HEADERS(nsswitch.h) ;; + *) AC_CHECK_HEADERS(nss.h) +- AC_CHECK_HEADERS(nsswitch.h) + AC_CHECK_HEADERS(irs.h) ;; + esac + AC_CHECK_HEADERS(thread.h) +@@ -232,7 +235,6 @@ + AC_CHECK_FUNCS(gethostbyname) + AC_CHECK_FUNCS(nsdispatch) + AC_CHECK_LIB(pthread_nonshared, main) +-AC_CHECK_FUNCS(pthread_atfork) + AC_CHECK_FUNCS(pthread_once) + AC_CHECK_FUNCS(ether_aton) + AC_CHECK_FUNCS(ether_ntoa) + +--- ldap-ethers.c.orig 2009-11-06 10:28:08.000000000 +0000 ++++ ldap-ethers.c 2009-12-23 17:01:14.000000000 +0000 +@@ -217,9 +217,9 @@ + } + + snprintf(fullmac, sizeof(fullmac), "%02x:%02x:%02x:%02x:%02x:%02x", +- addr->ether_addr_octet[0], addr->ether_addr_octet[1], +- addr->ether_addr_octet[2], addr->ether_addr_octet[3], +- addr->ether_addr_octet[4], addr->ether_addr_octet[5]); ++ addr->octet[0], addr->octet[1], ++ addr->octet[2], addr->octet[3], ++ addr->octet[4], addr->octet[5]); + + LA_INIT(a); + LA_STRING(a) = ether_ntoa(addr); +@@ -343,14 +343,14 @@ + if (i != 6) + return NULL; + for (i = 0; i < 6; i++) +- ep.ether_addr_octet[i] = t[i]; ++ ep.octet[i] = t[i]; + + return &ep; + } + #endif /* !HAVE_ETHER_ATON */ + + #ifndef HAVE_ETHER_NTOA +-#define EI(i) (unsigned int)(e->ether_addr_octet[(i)]) ++#define EI(i) (unsigned int)(e->octet[(i)]) + static char *ether_ntoa (const struct ether_addr *e) + { + static char s[18]; + +--- ldap-ethers.h.orig 2009-11-06 10:28:08.000000000 +0000 ++++ ldap-ethers.h 2009-12-23 17:02:06.000000000 +0000 +@@ -32,7 +32,7 @@ + + #ifndef HAVE_STRUCT_ETHER_ADDR + struct ether_addr { +- u_char ether_addr_octet[6]; ++ u_char octet[6]; + }; + #endif + +--- ldap-nss.c.orig Sat May 27 16:23:40 2006 ++++ ldap-nss.c Sat May 27 16:23:52 2006 +@@ -69,7 +69,7 @@ + #endif + + /* Try to handle systems with both SASL libraries installed */ +-#if defined(HAVE_SASL_SASL_H) && defined(HAVE_SASL_AUXPROP_REQUEST) ++#if defined(HAVE_SASL_SASL_H) + #include <sasl/sasl.h> + #elif defined(HAVE_SASL_H) + #include <sasl.h> + +--- ldap-pwd.c.orig 2008-10-30 21:50:15.000000000 +0100 ++++ ldap-pwd.c 2008-12-06 00:37:30.216966282 +0100 +@@ -21,7 +21,10 @@ + static char rcsId[] = + "$Id$"; + ++#include <sys/types.h> ++#include <unistd.h> + #include "config.h" ++ + + #ifdef HAVE_PORT_BEFORE_H + #include <port_before.h> +@@ -90,9 +93,13 @@ + size_t tmplen; + char *tmp; + +- if (_nss_ldap_oc_check (e, "shadowAccount") == NSS_SUCCESS) +- { ++/* if (_nss_ldap_oc_check (e, "shadowAccount") == NSS_SUCCESS) ++ * { ++ */ + /* don't include password for shadowAccount */ ++ if (geteuid() != 0) ++ { ++ /* don't include password for non-root users */ + if (buflen < 3) + return NSS_TRYAGAIN; + +@@ -163,6 +170,15 @@ + } ++ ++#ifdef HAVE_LOGIN_CLASSES ++ stat = ++ _nss_ldap_assign_attrval (e, AT (loginClass), &pw->pw_class, &buffer, ++ &buflen); ++ if (stat != NSS_SUCCESS) ++ (void) _nss_ldap_assign_emptystring (&pw->pw_class, &buffer, &buflen); ++#endif ++ + + stat = + _nss_ldap_assign_attrval (e, AT (homeDirectory), &pw->pw_dir, &buffer, + &buflen); + if (stat != NSS_SUCCESS) + +--- ldap-schema.c 2009-08-29 09:21:43.000000000 -0400 ++++ ldap-schema.c 2009-08-28 12:09:52.000000000 -0400 +@@ -334,6 +334,9 @@ + #ifdef HAVE_PASSWD_PW_EXPIRE + (*pwd_attrs)[i++] = AT (shadowExpire); + #endif /* HAVE_PASSWD_PW_EXPIRE */ ++#ifdef HAVE_LOGIN_CLASSES ++ (*pwd_attrs)[i++] = AT (loginClass); ++#endif + (*pwd_attrs)[i] = NULL; + } + +--- ldap-schema.h 2009-08-29 09:21:43.000000000 -0400 ++++ ldap-schema.h 2009-08-29 06:37:18.000000000 -0400 +@@ -24,7 +24,7 @@ + #define _LDAP_NSS_LDAP_LDAP_SCHEMA_H + + /* max number of attributes per object class */ +-#define ATTRTAB_SIZE 15 ++#define ATTRTAB_SIZE 16 + + /** + * function to initialize global lookup filters. +@@ -153,6 +153,10 @@ + #define AT_gecos "gecos" + #define AT_homeDirectory "homeDirectory" + ++#ifdef HAVE_LOGIN_CLASSES ++/* FreeBSD extension -Jacob Myers <jacob@whotokspaz.org> */ ++#define AT_loginClass "loginClass" ++#endif + /* + * ( nisSchema.2.1 NAME 'shadowAccount' SUP top AUXILIARY + * DESC 'Additional attributes for shadow passwords' + +--- /dev/null 2013-04-13 01:27:01.290932001 +0200 ++++ bsdnss.c 2013-04-14 03:17:47.794195349 +0200 +@@ -0,0 +1,219 @@ ++#include <errno.h> ++#include <stdlib.h> ++#include <sys/param.h> ++#include <netinet/in.h> ++#include <pwd.h> ++#include <grp.h> ++#include <nss.h> ++#include <nsswitch.h> ++#include <netdb.h> ++ ++extern enum nss_status _nss_ldap_getgrent_r(struct group *, char *, size_t, ++ int *); ++extern enum nss_status _nss_ldap_getgrnam_r(const char *, struct group *, ++ char *, size_t, int *); ++extern enum nss_status _nss_ldap_getgrgid_r(gid_t gid, struct group *, char *, ++ size_t, int *); ++extern enum nss_status _nss_ldap_setgrent(void); ++extern enum nss_status _nss_ldap_endgrent(void); ++extern enum nss_status _nss_ldap_initgroups_dyn(const char *, gid_t, long int *, ++ long int *, gid_t **, long int, int *); ++ ++extern enum nss_status _nss_ldap_getpwent_r(struct passwd *, char *, size_t, ++ int *); ++extern enum nss_status _nss_ldap_getpwnam_r(const char *, struct passwd *, ++ char *, size_t, int *); ++extern enum nss_status _nss_ldap_getpwuid_r(gid_t gid, struct passwd *, char *, ++ size_t, int *); ++extern enum nss_status _nss_ldap_setpwent(void); ++extern enum nss_status _nss_ldap_endpwent(void); ++ ++extern enum nss_status _nss_ldap_gethostbyname_r (const char *name, struct hostent * result, ++ char *buffer, size_t buflen, int *errnop, ++ int *h_errnop); ++ ++extern enum nss_status _nss_ldap_gethostbyname2_r (const char *name, int af, struct hostent * result, ++ char *buffer, size_t buflen, int *errnop, ++ int *h_errnop); ++extern enum nss_status _nss_ldap_gethostbyaddr_r (struct in_addr * addr, int len, int type, ++ struct hostent * result, char *buffer, ++ size_t buflen, int *errnop, int *h_errnop); ++ ++NSS_METHOD_PROTOTYPE(__nss_compat_getgrnam_r); ++NSS_METHOD_PROTOTYPE(__nss_compat_getgrgid_r); ++NSS_METHOD_PROTOTYPE(__nss_compat_getgrent_r); ++NSS_METHOD_PROTOTYPE(__nss_compat_setgrent); ++NSS_METHOD_PROTOTYPE(__nss_compat_endgrent); ++static NSS_METHOD_PROTOTYPE(__freebsd_getgroupmembership); ++ ++NSS_METHOD_PROTOTYPE(__nss_compat_getpwnam_r); ++NSS_METHOD_PROTOTYPE(__nss_compat_getpwuid_r); ++NSS_METHOD_PROTOTYPE(__nss_compat_getpwent_r); ++NSS_METHOD_PROTOTYPE(__nss_compat_setpwent); ++NSS_METHOD_PROTOTYPE(__nss_compat_endpwent); ++ ++NSS_METHOD_PROTOTYPE(__nss_compat_gethostbyname); ++NSS_METHOD_PROTOTYPE(__nss_compat_gethostbyname2); ++NSS_METHOD_PROTOTYPE(__nss_compat_gethostbyaddr); ++ ++static ns_mtab methods[] = { ++{ NSDB_GROUP, "getgrnam_r", __nss_compat_getgrnam_r, _nss_ldap_getgrnam_r }, ++{ NSDB_GROUP, "getgrgid_r", __nss_compat_getgrgid_r, _nss_ldap_getgrgid_r }, ++{ NSDB_GROUP, "getgrent_r", __nss_compat_getgrent_r, _nss_ldap_getgrent_r }, ++{ NSDB_GROUP, "setgrent", __nss_compat_setgrent, _nss_ldap_setgrent }, ++{ NSDB_GROUP, "endgrent", __nss_compat_endgrent, _nss_ldap_endgrent }, ++{ NSDB_GROUP, "getgroupmembership", __freebsd_getgroupmembership, NULL }, ++ ++{ NSDB_PASSWD, "getpwnam_r", __nss_compat_getpwnam_r, _nss_ldap_getpwnam_r }, ++{ NSDB_PASSWD, "getpwuid_r", __nss_compat_getpwuid_r, _nss_ldap_getpwuid_r }, ++{ NSDB_PASSWD, "getpwent_r", __nss_compat_getpwent_r, _nss_ldap_getpwent_r }, ++{ NSDB_PASSWD, "setpwent", __nss_compat_setpwent, _nss_ldap_setpwent }, ++{ NSDB_PASSWD, "endpwent", __nss_compat_endpwent, _nss_ldap_endpwent }, ++ ++{ NSDB_HOSTS, "gethostbyname", __nss_compat_gethostbyname, _nss_ldap_gethostbyname_r }, ++{ NSDB_HOSTS, "gethostbyaddr", __nss_compat_gethostbyaddr, _nss_ldap_gethostbyaddr_r }, ++{ NSDB_HOSTS, "gethostbyname2", __nss_compat_gethostbyname2, _nss_ldap_gethostbyname2_r }, ++ ++{ NSDB_GROUP_COMPAT, "getgrnam_r", __nss_compat_getgrnam_r, _nss_ldap_getgrnam_r }, ++{ NSDB_GROUP_COMPAT, "getgrgid_r", __nss_compat_getgrgid_r, _nss_ldap_getgrgid_r }, ++{ NSDB_GROUP_COMPAT, "getgrent_r", __nss_compat_getgrent_r, _nss_ldap_getgrent_r }, ++{ NSDB_GROUP_COMPAT, "setgrent", __nss_compat_setgrent, _nss_ldap_setgrent }, ++{ NSDB_GROUP_COMPAT, "endgrent", __nss_compat_endgrent, _nss_ldap_endgrent }, ++ ++{ NSDB_PASSWD_COMPAT, "getpwnam_r", __nss_compat_getpwnam_r, _nss_ldap_getpwnam_r }, ++{ NSDB_PASSWD_COMPAT, "getpwuid_r", __nss_compat_getpwuid_r, _nss_ldap_getpwuid_r }, ++{ NSDB_PASSWD_COMPAT, "getpwent_r", __nss_compat_getpwent_r, _nss_ldap_getpwent_r }, ++{ NSDB_PASSWD_COMPAT, "setpwent", __nss_compat_setpwent, _nss_ldap_setpwent }, ++{ NSDB_PASSWD_COMPAT, "endpwent", __nss_compat_endpwent, _nss_ldap_endpwent }, ++ ++}; ++ ++ ++ns_mtab * ++nss_module_register(const char *source, unsigned int *mtabsize, ++ nss_module_unregister_fn *unreg) ++{ ++ *mtabsize = sizeof(methods)/sizeof(methods[0]); ++ *unreg = NULL; ++ return (methods); ++} ++ ++int __nss_compat_gethostbyname(void *retval, void *mdata, va_list ap) ++{ ++ enum nss_status (*fn)(const char *, struct hostent *, char *, size_t, int *, int *); ++ const char *name; ++ struct hostent *result; ++ char buffer[1024]; ++ size_t buflen = 1024; ++ int errnop; ++ int h_errnop; ++ int af; ++ enum nss_status status; ++ fn = mdata; ++ name = va_arg(ap, const char*); ++ af = va_arg(ap,int); ++ result = va_arg(ap,struct hostent *); ++ status = fn(name, result, buffer, buflen, &errnop, &h_errnop); ++ status = __nss_compat_result(status,errnop); ++ h_errno = h_errnop; ++ return (status); ++} ++ ++int __nss_compat_gethostbyname2(void *retval, void *mdata, va_list ap) ++{ ++ enum nss_status (*fn)(const char *, struct hostent *, char *, size_t, int *, int *); ++ const char *name; ++ struct hostent *result; ++ char buffer[1024]; ++ size_t buflen = 1024; ++ int errnop; ++ int h_errnop; ++ int af; ++ enum nss_status status; ++ fn = mdata; ++ name = va_arg(ap, const char*); ++ af = va_arg(ap,int); ++ result = va_arg(ap,struct hostent *); ++ status = fn(name, result, buffer, buflen, &errnop, &h_errnop); ++ status = __nss_compat_result(status,errnop); ++ h_errno = h_errnop; ++ return (status); ++} ++ ++int __nss_compat_gethostbyaddr(void *retval, void *mdata, va_list ap) ++{ ++ struct in_addr *addr; ++ int len; ++ int type; ++ struct hostent *result; ++ char buffer[1024]; ++ size_t buflen = 1024; ++ int errnop; ++ int h_errnop; ++ enum nss_status (*fn)(struct in_addr *, int, int, struct hostent *, char *, size_t, int *, int *); ++ enum nss_status status; ++ fn = mdata; ++ addr = va_arg(ap, struct in_addr*); ++ len = va_arg(ap,int); ++ type = va_arg(ap,int); ++ result = va_arg(ap, struct hostent*); ++ status = fn(addr, len, type, result, buffer, buflen, &errnop, &h_errnop); ++ status = __nss_compat_result(status,errnop); ++ h_errno = h_errnop; ++ return (status); ++} ++ ++static int ++__gr_addgid(gid_t gid, gid_t *groups, int maxgrp, int *groupc) ++{ ++ int ret, dupc; ++ ++ /* skip duplicates */ ++ for (dupc = 0; dupc < MIN(maxgrp, *groupc); dupc++) { ++ if (groups[dupc] == gid) ++ return 1; ++ } ++ ++ ret = 1; ++ if (*groupc < maxgrp) /* add this gid */ ++ groups[*groupc] = gid; ++ else ++ ret = 0; ++ (*groupc)++; ++ return ret; ++} ++ ++static int __freebsd_getgroupmembership(void *retval, void *mdata, va_list ap) ++{ ++ int err; ++ enum nss_status s; ++ const char *user = va_arg(ap, const char *); ++ gid_t group = va_arg(ap, gid_t); ++ gid_t *groups = va_arg(ap, gid_t *); ++ int limit = va_arg(ap, int); ++ int *size = va_arg(ap, int*); ++ gid_t *tmpgroups; ++ long int lstart, lsize; ++ int i; ++ ++ tmpgroups = malloc(limit * sizeof(gid_t)); ++ if (tmpgroups == NULL) ++ return NS_TRYAGAIN; ++ ++ /* insert primary membership */ ++ __gr_addgid(group, groups, limit, size); ++ ++ lstart = 0; ++ lsize = limit; ++ s = _nss_ldap_initgroups_dyn(user, group, &lstart, &lsize, ++ &tmpgroups, 0, &err); ++ if (s == NSS_STATUS_SUCCESS) { ++ for (i = 0; i < lstart; i++) ++ __gr_addgid(tmpgroups[i], groups, limit, size); ++ s = NSS_STATUS_NOTFOUND; ++ } ++ ++ free(tmpgroups); ++ ++ return __nss_compat_result(s, err); ++} diff --git a/sys-auth/nss_ldap/files/nss_ldap-265-installdir.patch b/sys-auth/nss_ldap/files/nss_ldap-265-installdir.patch new file mode 100644 index 000000000000..daf507ad594a --- /dev/null +++ b/sys-auth/nss_ldap/files/nss_ldap-265-installdir.patch @@ -0,0 +1,35 @@ +Index: nss_ldap-265/Makefile.am +=================================================================== +--- nss_ldap-265.orig/Makefile.am ++++ nss_ldap-265/Makefile.am +@@ -38,17 +38,13 @@ NSS_LDAP_LDFLAGS = @NSS_LDAP_LDFLAGS@ + DEFS = @DEFS@ + #INCLUDES = -I$(top_builddir) -I$(srcdir) + +-if GCC +-MULTI_OS_DIRECTORY=$(shell $(CC) $(CFLAGS) -print-multi-os-directory) +-else + MULTI_OS_DIRECTORY=. +-endif + + if GLIBC +-LIBC_VERS = $(shell ls /lib/$(MULTI_OS_DIRECTORY)/libc-*.so | tail -n 1 | sed -e 's|.*libc-\(.*\)\.so|\1|') ++LIBC_VERS = $(shell ls @GENTOO_PORTAGE_EPREFIX@/lib/$(MULTI_OS_DIRECTORY)/libc-*.so | tail -n 1 | sed -e 's|.*libc-\(.*\)\.so|\1|') + NSS_LDAP_LIBC_VERSIONED = libnss_ldap-$(LIBC_VERS).so + +-NSS_VERS = $(shell ls /lib/$(MULTI_OS_DIRECTORY)/libnss_files.so.? | tail -n 1 | sed -e 's|.*libnss_files\.so\.\(.*\)|\1|') ++NSS_VERS = $(shell ls @GENTOO_PORTAGE_EPREFIX@/lib/$(MULTI_OS_DIRECTORY)/libnss_files.so.? | tail -n 1 | sed -e 's|.*libnss_files\.so\.\(.*\)|\1|') + NSS_LDAP_NSS_VERSIONED = libnss_ldap.so.$(NSS_VERS) + endif + +@@ -83,8 +79,8 @@ if GLIBC + $(mkinstalldirs) $(DESTDIR)$(libdir) + $(INSTALL_PROGRAM) -o $(INST_UID) -g $(INST_GID) nss_ldap.so $(DESTDIR)$(libdir)/$(NSS_LDAP_LIBC_VERSIONED) + (cd $(DESTDIR)$(libdir); ln -sf $(NSS_LDAP_LIBC_VERSIONED) $(NSS_LDAP_NSS_VERSIONED)) +- $(mkinstalldirs) $(DESTDIR)/usr$(libdir) +- (cd $(DESTDIR)/usr$(libdir); ln -sf ../..$(libdir)/$(NSS_LDAP_NSS_VERSIONED) .) ++ $(mkinstalldirs) $(DESTDIR)$(libdir:/lib=/usr/lib) ++ (cd $(DESTDIR)/$(libdir:/lib=/usr/lib); ln -sf ../../lib/$(NSS_LDAP_NSS_VERSIONED) .) + else + $(mkinstalldirs) $(DESTDIR)$(libdir) + if HPUX diff --git a/sys-auth/nss_ldap/files/nss_ldap-265-missing-entries-oneshot.patch b/sys-auth/nss_ldap/files/nss_ldap-265-missing-entries-oneshot.patch new file mode 100644 index 000000000000..6730dc986dd1 --- /dev/null +++ b/sys-auth/nss_ldap/files/nss_ldap-265-missing-entries-oneshot.patch @@ -0,0 +1,101 @@ +Distinguish between contexts that are somewhat persistent and one-offs +which are used to fulfill part of a larger request. + +diff -up nss_ldap-253/ldap-grp.c nss_ldap-253/ldap-grp.c +--- nss_ldap-253/ldap-grp.c 2009-05-08 13:30:43.000000000 -0400 ++++ nss_ldap-253/ldap-grp.c 2009-05-08 13:34:41.000000000 -0400 +@@ -857,7 +857,7 @@ ng_chase (const char *dn, ldap_initgroup + LA_STRING (a) = dn; + LA_TYPE (a) = LA_TYPE_STRING; + +- if (_nss_ldap_ent_context_init_locked (&ctx) == NULL) ++ if (_nss_ldap_ent_context_init_internal_locked (&ctx) == NULL) + { + return NSS_UNAVAIL; + } +@@ -930,7 +930,7 @@ ng_chase_backlink (const char ** members + LA_STRING_LIST (a) = filteredMembersOf; + LA_TYPE (a) = LA_TYPE_STRING_LIST_OR; + +- if (_nss_ldap_ent_context_init_locked (&ctx) == NULL) ++ if (_nss_ldap_ent_context_init_internal_locked (&ctx) == NULL) + { + free (filteredMembersOf); + return NSS_UNAVAIL; +diff -up nss_ldap-253/ldap-netgrp.c nss_ldap-253/ldap-netgrp.c +--- nss_ldap-253/ldap-netgrp.c 2009-05-08 13:31:35.000000000 -0400 ++++ nss_ldap-253/ldap-netgrp.c 2009-05-08 13:33:14.000000000 -0400 +@@ -691,7 +691,7 @@ do_innetgr_nested (ldap_innetgr_args_t * + LA_TYPE (a) = LA_TYPE_STRING; + LA_STRING (a) = nested; /* memberNisNetgroup */ + +- if (_nss_ldap_ent_context_init_locked (&ctx) == NULL) ++ if (_nss_ldap_ent_context_init_internal_locked (&ctx) == NULL) + { + debug ("<== do_innetgr_nested: failed to initialize context"); + return NSS_UNAVAIL; +diff -up nss_ldap-253/ldap-nss.c nss_ldap-253/ldap-nss.c +--- nss_ldap-253/ldap-nss.c 2009-05-08 13:27:17.000000000 -0400 ++++ nss_ldap-253/ldap-nss.c 2009-05-08 14:05:51.000000000 -0400 +@@ -1961,6 +1961,7 @@ _nss_ldap_ent_context_init_locked (ent_c + debug ("<== _nss_ldap_ent_context_init_locked"); + return NULL; + } ++ ctx->ec_internal = 0; + *pctx = ctx; + } + else +@@ -1990,6 +1991,15 @@ _nss_ldap_ent_context_init_locked (ent_c + + return ctx; + } ++ent_context_t * ++_nss_ldap_ent_context_init_internal_locked (ent_context_t ** pctx) ++{ ++ ent_context_t *ctx; ++ ctx = _nss_ldap_ent_context_init_locked (pctx); ++ if (ctx != NULL) ++ ctx->ec_internal = 1; ++ return ctx; ++} + + /* + * Clears a given context; we require the caller +@@ -2031,7 +2041,8 @@ _nss_ldap_ent_context_release (ent_conte + + LS_INIT (ctx->ec_state); + +- if (_nss_ldap_test_config_flag (NSS_LDAP_FLAGS_CONNECT_POLICY_ONESHOT)) ++ if (!ctx->ec_internal && ++ _nss_ldap_test_config_flag (NSS_LDAP_FLAGS_CONNECT_POLICY_ONESHOT)) + { + do_close (); + } +diff -up nss_ldap-253/ldap-nss.h nss_ldap-253/ldap-nss.h +--- nss_ldap-253/ldap-nss.h 2009-05-08 13:35:47.000000000 -0400 ++++ nss_ldap-253/ldap-nss.h 2009-05-08 13:52:25.000000000 -0400 +@@ -560,6 +560,8 @@ struct ent_context + ldap_state_t ec_state; /* eg. for services */ + int ec_msgid; /* message ID */ + LDAPMessage *ec_res; /* result chain */ ++ int ec_internal; /* this context is just a part of a larger ++ * query for information */ + ldap_service_search_descriptor_t *ec_sd; /* current sd */ + struct berval *ec_cookie; /* cookie for paged searches */ + }; +@@ -744,6 +746,15 @@ ent_context_t *_nss_ldap_ent_context_ini + ent_context_t *_nss_ldap_ent_context_init_locked (ent_context_t **); + + /* ++ * _nss_ldap_ent_context_init_internal_locked() has the same ++ * behaviour, except it marks the context as one that's being ++ * used to fetch additional data used in answering a request, i.e. ++ * that this isn't the "main" context ++ */ ++ ++ent_context_t *_nss_ldap_ent_context_init_internal_locked (ent_context_t **); ++ ++/* + * _nss_ldap_ent_context_release() is used to manually free a context + */ + void _nss_ldap_ent_context_release (ent_context_t *); diff --git a/sys-auth/nss_ldap/files/nss_ldap-265-pthread.patch b/sys-auth/nss_ldap/files/nss_ldap-265-pthread.patch new file mode 100644 index 000000000000..622ee5845e44 --- /dev/null +++ b/sys-auth/nss_ldap/files/nss_ldap-265-pthread.patch @@ -0,0 +1,481 @@ +Index: ldap-nss.c +=================================================================== +--- ldap-nss.c.orig ++++ ldap-nss.c +@@ -142,7 +142,7 @@ static void (*__sigpipe_handler) (int) = + */ + static ldap_session_t __session = { NULL, NULL, 0, LS_UNINITIALIZED }; + +-#if defined(HAVE_PTHREAD_ATFORK) || defined(HAVE_LIBC_LOCK_H) || defined(HAVE_BITS_LIBC_LOCK_H) ++#if defined(HAVE_PTHREAD_ATFORK) || defined(HAVE___LIBC_ONCE) + static pthread_once_t __once = PTHREAD_ONCE_INIT; + #endif + +@@ -150,7 +150,7 @@ static pthread_once_t __once = PTHREAD_O + static FILE *__debugfile; + #endif /* LBER_OPT_LOG_PRINT_FILE */ + +-#ifndef HAVE_PTHREAD_ATFORK ++#if !defined(HAVE_PTHREAD_ATFORK) || !defined(HAVE___LIBC_ONCE) + /* + * Process ID that opened the session. + */ +@@ -162,7 +162,7 @@ static uid_t __euid = -1; + static int __ssl_initialized = 0; + #endif /* HAVE_LDAPSSL_CLIENT_INIT */ + +-#if defined(HAVE_PTHREAD_ATFORK) || defined(HAVE_LIBC_LOCK_H) || defined(HAVE_BITS_LIBC_LOCK_H) ++#if defined(HAVE_PTHREAD_ATFORK) || defined(HAVE___LIBC_ONCE) + /* + * Prepare for fork(); lock mutex. + */ +@@ -513,7 +513,7 @@ _nss_ldap_default_constr (nss_ldap_backe + } + #endif /* HAVE_NSSWITCH_H */ + +-#if defined(HAVE_PTHREAD_ATFORK) || defined(HAVE_LIBC_LOCK_H) || defined(HAVE_BITS_LIBC_LOCK_H) ++#if defined(HAVE_PTHREAD_ATFORK) || defined(HAVE___LIBC_ONCE) + static void + do_atfork_prepare (void) + { +@@ -547,7 +547,7 @@ do_atfork_setup (void) + #ifdef HAVE_PTHREAD_ATFORK + (void) pthread_atfork (do_atfork_prepare, do_atfork_parent, + do_atfork_child); +-#elif defined(HAVE_LIBC_LOCK_H) || defined(HAVE_BITS_LIBC_LOCK_H) ++#elif defined(HAVE___LIBC_ATFORK) + (void) __libc_atfork (do_atfork_prepare, do_atfork_parent, do_atfork_child); + #endif + +@@ -1096,7 +1096,7 @@ static NSS_STATUS + do_init (void) + { + ldap_config_t *cfg; +-#ifndef HAVE_PTHREAD_ATFORK ++#if !defined(HAVE_PTHREAD_ATFORK) || !defined(HAVE___LIBC_ONCE) + pid_t pid; + #endif + uid_t euid; +@@ -1113,7 +1113,7 @@ do_init (void) + } + + #ifndef HAVE_PTHREAD_ATFORK +-#if defined(HAVE_LIBC_LOCK_H) || defined(HAVE_BITS_LIBC_LOCK_H) ++#if defined(HAVE___LIBC_ONCE) + /* + * This bogosity is necessary because Linux uses different + * PIDs for different threads (like IRIX, which we don't +@@ -1145,7 +1145,7 @@ do_init (void) + pid = -1; /* linked against libpthreads, don't care */ + #else + pid = getpid (); +-#endif /* HAVE_LIBC_LOCK_H || HAVE_BITS_LIBC_LOCK_H */ ++#endif /* HAVE___LIBC_ONCE */ + #endif /* HAVE_PTHREAD_ATFORK */ + + euid = geteuid (); +@@ -1155,7 +1155,7 @@ do_init (void) + syslog (LOG_DEBUG, + "nss_ldap: __session.ls_state=%d, __session.ls_conn=%p, __euid=%i, euid=%i", + __session.ls_state, __session.ls_conn, __euid, euid); +-#elif defined(HAVE_LIBC_LOCK_H) || defined(HAVE_BITS_LIBC_LOCK_H) ++#elif defined(HAVE___LIBC_ONCE) + syslog (LOG_DEBUG, + "nss_ldap: libpthreads=%s, __session.ls_state=%d, __session.ls_conn=%p, __pid=%i, pid=%i, __euid=%i, euid=%i", + ((__pthread_once == NULL || __pthread_atfork == NULL) ? "FALSE" : "TRUE"), +@@ -1179,11 +1179,11 @@ do_init (void) + } + else + #ifndef HAVE_PTHREAD_ATFORK +-#if defined(HAVE_LIBC_LOCK_H) || defined(HAVE_BITS_LIBC_LOCK_H) ++#if defined(HAVE___LIBC_ONCE) + if ((__pthread_once == NULL || __pthread_atfork == NULL) && __pid != pid) + #else + if (__pid != pid) +-#endif /* HAVE_LIBC_LOCK_H || HAVE_BITS_LIBC_LOCK_H */ ++#endif /* HAVE___LIBC_ONCE */ + { + do_close_no_unbind (); + } +@@ -1244,9 +1244,9 @@ do_init (void) + debug ("<== do_init (pthread_once failed)"); + return NSS_UNAVAIL; + } +-#elif defined(HAVE_PTHREAD_ATFORK) && ( defined(HAVE_LIBC_LOCK_H) || defined(HAVE_BITS_LIBC_LOCK_H) ) ++#elif defined(HAVE_PTHREAD_ATFORK) && defined(HAVE___LIBC_ONCE) + __libc_once (__once, do_atfork_setup); +-#elif defined(HAVE_LIBC_LOCK_H) || defined(HAVE_BITS_LIBC_LOCK_H) ++#elif defined(HAVE___LIBC_ONCE) + /* + * Only install the pthread_atfork() handlers i + * we are linked against libpthreads. Otherwise, +Index: ldap-nss.h +=================================================================== +--- ldap-nss.h.orig ++++ ldap-nss.h +@@ -670,7 +670,7 @@ extern int __multi_threaded; + #define NSS_LDAP_LOCK(m) mutex_lock(&m) + #define NSS_LDAP_UNLOCK(m) mutex_unlock(&m) + #define NSS_LDAP_DEFINE_LOCK(m) static mutex_t m = DEFAULTMUTEX +-#elif defined(HAVE_LIBC_LOCK_H) || defined(HAVE_BITS_LIBC_LOCK_H) ++#elif defined(HAVE___LIBC_LOCK_LOCK) && defined(HAVE___LIBC_LOCK_UNLOCK) + #define NSS_LDAP_LOCK(m) __libc_lock_lock(m) + #define NSS_LDAP_UNLOCK(m) __libc_lock_unlock(m) + #define NSS_LDAP_DEFINE_LOCK(m) static pthread_mutex_t m = PTHREAD_MUTEX_INITIALIZER +Index: configure.in +=================================================================== +--- configure.in.orig ++++ configure.in +@@ -1,6 +1,7 @@ + AC_INIT(ldap-nss.c) + AC_CANONICAL_SYSTEM + AC_PREFIX_DEFAULT() ++AC_CONFIG_MACRO_DIR([m4]) + + AM_INIT_AUTOMAKE(nss_ldap, 265) + AM_CONFIG_HEADER(config.h) +@@ -229,11 +230,18 @@ fi + AC_CHECK_FUNCS(snprintf) + AC_CHECK_FUNCS(gethostbyname) + AC_CHECK_FUNCS(nsdispatch) ++AC_CHECK_FUNCS(ether_aton) ++AC_CHECK_FUNCS(ether_ntoa) ++ ++AX_PTHREAD ++LIBS="$PTHREAD_LIBS $LIBS" ++CFLAGS="$CFLAGS $PTHREAD_CFLAGS" ++CC="$PTHREAD_CC" ++ + AC_CHECK_LIB(pthread_nonshared, main) + AC_CHECK_FUNCS(pthread_atfork) + AC_CHECK_FUNCS(pthread_once) +-AC_CHECK_FUNCS(ether_aton) +-AC_CHECK_FUNCS(ether_ntoa) ++AC_CHECK_FUNCS(__libc_once __libc_atfork __libc_lock_lock __libc_lock_unlock) + + AC_MSG_CHECKING(for struct ether_addr) + AC_TRY_COMPILE([#include <sys/types.h> +Index: m4/ax_pthread.m4 +=================================================================== +--- /dev/null ++++ m4/ax_pthread.m4 +@@ -0,0 +1,309 @@ ++# =========================================================================== ++# http://www.gnu.org/software/autoconf-archive/ax_pthread.html ++# =========================================================================== ++# ++# SYNOPSIS ++# ++# AX_PTHREAD([ACTION-IF-FOUND[, ACTION-IF-NOT-FOUND]]) ++# ++# DESCRIPTION ++# ++# This macro figures out how to build C programs using POSIX threads. It ++# sets the PTHREAD_LIBS output variable to the threads library and linker ++# flags, and the PTHREAD_CFLAGS output variable to any special C compiler ++# flags that are needed. (The user can also force certain compiler ++# flags/libs to be tested by setting these environment variables.) ++# ++# Also sets PTHREAD_CC to any special C compiler that is needed for ++# multi-threaded programs (defaults to the value of CC otherwise). (This ++# is necessary on AIX to use the special cc_r compiler alias.) ++# ++# NOTE: You are assumed to not only compile your program with these flags, ++# but also link it with them as well. e.g. you should link with ++# $PTHREAD_CC $CFLAGS $PTHREAD_CFLAGS $LDFLAGS ... $PTHREAD_LIBS $LIBS ++# ++# If you are only building threads programs, you may wish to use these ++# variables in your default LIBS, CFLAGS, and CC: ++# ++# LIBS="$PTHREAD_LIBS $LIBS" ++# CFLAGS="$CFLAGS $PTHREAD_CFLAGS" ++# CC="$PTHREAD_CC" ++# ++# In addition, if the PTHREAD_CREATE_JOINABLE thread-attribute constant ++# has a nonstandard name, defines PTHREAD_CREATE_JOINABLE to that name ++# (e.g. PTHREAD_CREATE_UNDETACHED on AIX). ++# ++# Also HAVE_PTHREAD_PRIO_INHERIT is defined if pthread is found and the ++# PTHREAD_PRIO_INHERIT symbol is defined when compiling with ++# PTHREAD_CFLAGS. ++# ++# ACTION-IF-FOUND is a list of shell commands to run if a threads library ++# is found, and ACTION-IF-NOT-FOUND is a list of commands to run it if it ++# is not found. If ACTION-IF-FOUND is not specified, the default action ++# will define HAVE_PTHREAD. ++# ++# Please let the authors know if this macro fails on any platform, or if ++# you have any other suggestions or comments. This macro was based on work ++# by SGJ on autoconf scripts for FFTW (http://www.fftw.org/) (with help ++# from M. Frigo), as well as ac_pthread and hb_pthread macros posted by ++# Alejandro Forero Cuervo to the autoconf macro repository. We are also ++# grateful for the helpful feedback of numerous users. ++# ++# Updated for Autoconf 2.68 by Daniel Richard G. ++# ++# LICENSE ++# ++# Copyright (c) 2008 Steven G. Johnson <stevenj@alum.mit.edu> ++# Copyright (c) 2011 Daniel Richard G. <skunk@iSKUNK.ORG> ++# ++# This program is free software: you can redistribute it and/or modify it ++# under the terms of the GNU General Public License as published by the ++# Free Software Foundation, either version 3 of the License, or (at your ++# option) any later version. ++# ++# This program is distributed in the hope that it will be useful, but ++# WITHOUT ANY WARRANTY; without even the implied warranty of ++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General ++# Public License for more details. ++# ++# You should have received a copy of the GNU General Public License along ++# with this program. If not, see <http://www.gnu.org/licenses/>. ++# ++# As a special exception, the respective Autoconf Macro's copyright owner ++# gives unlimited permission to copy, distribute and modify the configure ++# scripts that are the output of Autoconf when processing the Macro. You ++# need not follow the terms of the GNU General Public License when using ++# or distributing such scripts, even though portions of the text of the ++# Macro appear in them. The GNU General Public License (GPL) does govern ++# all other use of the material that constitutes the Autoconf Macro. ++# ++# This special exception to the GPL applies to versions of the Autoconf ++# Macro released by the Autoconf Archive. When you make and distribute a ++# modified version of the Autoconf Macro, you may extend this special ++# exception to the GPL to apply to your modified version as well. ++ ++#serial 18 ++ ++AU_ALIAS([ACX_PTHREAD], [AX_PTHREAD]) ++AC_DEFUN([AX_PTHREAD], [ ++AC_REQUIRE([AC_CANONICAL_HOST]) ++AC_LANG_PUSH([C]) ++ax_pthread_ok=no ++ ++# We used to check for pthread.h first, but this fails if pthread.h ++# requires special compiler flags (e.g. on True64 or Sequent). ++# It gets checked for in the link test anyway. ++ ++# First of all, check if the user has set any of the PTHREAD_LIBS, ++# etcetera environment variables, and if threads linking works using ++# them: ++if test x"$PTHREAD_LIBS$PTHREAD_CFLAGS" != x; then ++ save_CFLAGS="$CFLAGS" ++ CFLAGS="$CFLAGS $PTHREAD_CFLAGS" ++ save_LIBS="$LIBS" ++ LIBS="$PTHREAD_LIBS $LIBS" ++ AC_MSG_CHECKING([for pthread_join in LIBS=$PTHREAD_LIBS with CFLAGS=$PTHREAD_CFLAGS]) ++ AC_TRY_LINK_FUNC(pthread_join, ax_pthread_ok=yes) ++ AC_MSG_RESULT($ax_pthread_ok) ++ if test x"$ax_pthread_ok" = xno; then ++ PTHREAD_LIBS="" ++ PTHREAD_CFLAGS="" ++ fi ++ LIBS="$save_LIBS" ++ CFLAGS="$save_CFLAGS" ++fi ++ ++# We must check for the threads library under a number of different ++# names; the ordering is very important because some systems ++# (e.g. DEC) have both -lpthread and -lpthreads, where one of the ++# libraries is broken (non-POSIX). ++ ++# Create a list of thread flags to try. Items starting with a "-" are ++# C compiler flags, and other items are library names, except for "none" ++# which indicates that we try without any flags at all, and "pthread-config" ++# which is a program returning the flags for the Pth emulation library. ++ ++ax_pthread_flags="pthreads none -Kthread -kthread lthread -pthread -pthreads -mthreads pthread --thread-safe -mt pthread-config" ++ ++# The ordering *is* (sometimes) important. Some notes on the ++# individual items follow: ++ ++# pthreads: AIX (must check this before -lpthread) ++# none: in case threads are in libc; should be tried before -Kthread and ++# other compiler flags to prevent continual compiler warnings ++# -Kthread: Sequent (threads in libc, but -Kthread needed for pthread.h) ++# -kthread: FreeBSD kernel threads (preferred to -pthread since SMP-able) ++# lthread: LinuxThreads port on FreeBSD (also preferred to -pthread) ++# -pthread: Linux/gcc (kernel threads), BSD/gcc (userland threads) ++# -pthreads: Solaris/gcc ++# -mthreads: Mingw32/gcc, Lynx/gcc ++# -mt: Sun Workshop C (may only link SunOS threads [-lthread], but it ++# doesn't hurt to check since this sometimes defines pthreads too; ++# also defines -D_REENTRANT) ++# ... -mt is also the pthreads flag for HP/aCC ++# pthread: Linux, etcetera ++# --thread-safe: KAI C++ ++# pthread-config: use pthread-config program (for GNU Pth library) ++ ++case ${host_os} in ++ solaris*) ++ ++ # On Solaris (at least, for some versions), libc contains stubbed ++ # (non-functional) versions of the pthreads routines, so link-based ++ # tests will erroneously succeed. (We need to link with -pthreads/-mt/ ++ # -lpthread.) (The stubs are missing pthread_cleanup_push, or rather ++ # a function called by this macro, so we could check for that, but ++ # who knows whether they'll stub that too in a future libc.) So, ++ # we'll just look for -pthreads and -lpthread first: ++ ++ ax_pthread_flags="-pthreads pthread -mt -pthread $ax_pthread_flags" ++ ;; ++ ++ darwin*) ++ ax_pthread_flags="-pthread $ax_pthread_flags" ++ ;; ++esac ++ ++if test x"$ax_pthread_ok" = xno; then ++for flag in $ax_pthread_flags; do ++ ++ case $flag in ++ none) ++ AC_MSG_CHECKING([whether pthreads work without any flags]) ++ ;; ++ ++ -*) ++ AC_MSG_CHECKING([whether pthreads work with $flag]) ++ PTHREAD_CFLAGS="$flag" ++ ;; ++ ++ pthread-config) ++ AC_CHECK_PROG(ax_pthread_config, pthread-config, yes, no) ++ if test x"$ax_pthread_config" = xno; then continue; fi ++ PTHREAD_CFLAGS="`pthread-config --cflags`" ++ PTHREAD_LIBS="`pthread-config --ldflags` `pthread-config --libs`" ++ ;; ++ ++ *) ++ AC_MSG_CHECKING([for the pthreads library -l$flag]) ++ PTHREAD_LIBS="-l$flag" ++ ;; ++ esac ++ ++ save_LIBS="$LIBS" ++ save_CFLAGS="$CFLAGS" ++ LIBS="$PTHREAD_LIBS $LIBS" ++ CFLAGS="$CFLAGS $PTHREAD_CFLAGS" ++ ++ # Check for various functions. We must include pthread.h, ++ # since some functions may be macros. (On the Sequent, we ++ # need a special flag -Kthread to make this header compile.) ++ # We check for pthread_join because it is in -lpthread on IRIX ++ # while pthread_create is in libc. We check for pthread_attr_init ++ # due to DEC craziness with -lpthreads. We check for ++ # pthread_cleanup_push because it is one of the few pthread ++ # functions on Solaris that doesn't have a non-functional libc stub. ++ # We try pthread_create on general principles. ++ AC_LINK_IFELSE([AC_LANG_PROGRAM([#include <pthread.h> ++ static void routine(void *a) { a = 0; } ++ static void *start_routine(void *a) { return a; }], ++ [pthread_t th; pthread_attr_t attr; ++ pthread_create(&th, 0, start_routine, 0); ++ pthread_join(th, 0); ++ pthread_attr_init(&attr); ++ pthread_cleanup_push(routine, 0); ++ pthread_cleanup_pop(0) /* ; */])], ++ [ax_pthread_ok=yes], ++ []) ++ ++ LIBS="$save_LIBS" ++ CFLAGS="$save_CFLAGS" ++ ++ AC_MSG_RESULT($ax_pthread_ok) ++ if test "x$ax_pthread_ok" = xyes; then ++ break; ++ fi ++ ++ PTHREAD_LIBS="" ++ PTHREAD_CFLAGS="" ++done ++fi ++ ++# Various other checks: ++if test "x$ax_pthread_ok" = xyes; then ++ save_LIBS="$LIBS" ++ LIBS="$PTHREAD_LIBS $LIBS" ++ save_CFLAGS="$CFLAGS" ++ CFLAGS="$CFLAGS $PTHREAD_CFLAGS" ++ ++ # Detect AIX lossage: JOINABLE attribute is called UNDETACHED. ++ AC_MSG_CHECKING([for joinable pthread attribute]) ++ attr_name=unknown ++ for attr in PTHREAD_CREATE_JOINABLE PTHREAD_CREATE_UNDETACHED; do ++ AC_LINK_IFELSE([AC_LANG_PROGRAM([#include <pthread.h>], ++ [int attr = $attr; return attr /* ; */])], ++ [attr_name=$attr; break], ++ []) ++ done ++ AC_MSG_RESULT($attr_name) ++ if test "$attr_name" != PTHREAD_CREATE_JOINABLE; then ++ AC_DEFINE_UNQUOTED(PTHREAD_CREATE_JOINABLE, $attr_name, ++ [Define to necessary symbol if this constant ++ uses a non-standard name on your system.]) ++ fi ++ ++ AC_MSG_CHECKING([if more special flags are required for pthreads]) ++ flag=no ++ case ${host_os} in ++ aix* | freebsd* | darwin*) flag="-D_THREAD_SAFE";; ++ osf* | hpux*) flag="-D_REENTRANT";; ++ solaris*) ++ if test "$GCC" = "yes"; then ++ flag="-D_REENTRANT" ++ else ++ flag="-mt -D_REENTRANT" ++ fi ++ ;; ++ esac ++ AC_MSG_RESULT(${flag}) ++ if test "x$flag" != xno; then ++ PTHREAD_CFLAGS="$flag $PTHREAD_CFLAGS" ++ fi ++ ++ AC_CACHE_CHECK([for PTHREAD_PRIO_INHERIT], ++ ax_cv_PTHREAD_PRIO_INHERIT, [ ++ AC_LINK_IFELSE([ ++ AC_LANG_PROGRAM([[#include <pthread.h>]], [[int i = PTHREAD_PRIO_INHERIT;]])], ++ [ax_cv_PTHREAD_PRIO_INHERIT=yes], ++ [ax_cv_PTHREAD_PRIO_INHERIT=no]) ++ ]) ++ AS_IF([test "x$ax_cv_PTHREAD_PRIO_INHERIT" = "xyes"], ++ AC_DEFINE([HAVE_PTHREAD_PRIO_INHERIT], 1, [Have PTHREAD_PRIO_INHERIT.])) ++ ++ LIBS="$save_LIBS" ++ CFLAGS="$save_CFLAGS" ++ ++ # More AIX lossage: must compile with xlc_r or cc_r ++ if test x"$GCC" != xyes; then ++ AC_CHECK_PROGS(PTHREAD_CC, xlc_r cc_r, ${CC}) ++ else ++ PTHREAD_CC=$CC ++ fi ++else ++ PTHREAD_CC="$CC" ++fi ++ ++AC_SUBST(PTHREAD_LIBS) ++AC_SUBST(PTHREAD_CFLAGS) ++AC_SUBST(PTHREAD_CC) ++ ++# Finally, execute ACTION-IF-FOUND/ACTION-IF-NOT-FOUND: ++if test x"$ax_pthread_ok" = xyes; then ++ ifelse([$1],,AC_DEFINE(HAVE_PTHREAD,1,[Define if you have POSIX threads libraries and header files.]),[$1]) ++ : ++else ++ ax_pthread_ok=no ++ $2 ++fi ++AC_LANG_POP ++])dnl AX_PTHREAD +Index: Makefile.am +=================================================================== +--- Makefile.am.orig ++++ Makefile.am +@@ -1,3 +1,5 @@ ++ACLOCAL_AMFLAGS = -I m4 ++ + if AIX + authmod = NSS_LDAP + else diff --git a/sys-auth/nss_ldap/files/nss_ldap-265-reconnect-timeouts.patch b/sys-auth/nss_ldap/files/nss_ldap-265-reconnect-timeouts.patch new file mode 100644 index 000000000000..b377ad7bb326 --- /dev/null +++ b/sys-auth/nss_ldap/files/nss_ldap-265-reconnect-timeouts.patch @@ -0,0 +1,57 @@ +diff -Nuar --exclude '*.orig' nss_ldap-265.orig/ldap.conf nss_ldap-265/ldap.conf +--- nss_ldap-265.orig/ldap.conf 2009-11-06 10:28:08.000000000 +0000 ++++ nss_ldap-265/ldap.conf 2010-02-19 18:36:58.272236290 +0000 +@@ -279,7 +279,8 @@ + # OpenLDAP SSL mechanism + # start_tls mechanism uses the normal LDAP port, LDAPS typically 636 + #ssl start_tls +-#ssl on ++###ssl on ++# Gentoo note: Don't use 'ssl on' in 249/250. They are broken in some cases! Use start_tls instead. + + # OpenLDAP SSL options + # Require and verify server certificate (yes/no) +@@ -311,3 +312,27 @@ + # Override the default Kerberos ticket cache location. + #krb5_ccname FILE:/etc/.ldapcache + ++# Timeout behavior ++# Upstream nss_ldap hard-codes these values: ++#nss_reconnect_tries 5 # number of times to double the sleep time ++#nss_reconnect_sleeptime 4 # initial sleep value ++#nss_reconnect_maxsleeptime 64 # max sleep value to cap at ++#nss_reconnect_maxconntries 2 # how many tries before sleeping ++# This leads to a delay of 124 seconds (4+8+16+32+64=124) per lookup if the ++# server is not available. ++ ++# For Gentoo's distribution of nss_ldap, as of 250-r1, we use these values ++# (The hardwired constants in the code are changed to them as well): ++nss_reconnect_tries 4 # number of times to double the sleep time ++nss_reconnect_sleeptime 1 # initial sleep value ++nss_reconnect_maxsleeptime 16 # max sleep value to cap at ++nss_reconnect_maxconntries 2 # how many tries before sleeping ++# This leads to a delay of 15 seconds (1+2+4+8=15) ++ ++# If you are impatient, and know your LDAP server is reliable, fast or local, ++# you may wish to use these values instead: ++#nss_reconnect_tries 1 # number of times to double the sleep time ++#nss_reconnect_sleeptime 1 # initial sleep value ++#nss_reconnect_maxsleeptime 1 # max sleep value to cap at ++#nss_reconnect_maxconntries 3 # how many tries before sleeping ++# This leads to a delay of 1 second. +diff -Nuar --exclude '*.orig' nss_ldap-265.orig/ldap-nss.h nss_ldap-265/ldap-nss.h +--- nss_ldap-265.orig/ldap-nss.h 2009-11-06 10:28:08.000000000 +0000 ++++ nss_ldap-265/ldap-nss.h 2010-02-19 18:37:49.278474888 +0000 +@@ -96,9 +96,9 @@ + * unacceptable, in which case you may wish to adjust + * the constants below. + */ +-#define LDAP_NSS_TRIES 5 /* number of sleeping reconnect attempts */ +-#define LDAP_NSS_SLEEPTIME 4 /* seconds to sleep; doubled until max */ +-#define LDAP_NSS_MAXSLEEPTIME 64 /* maximum seconds to sleep */ ++#define LDAP_NSS_TRIES 4 /* number of sleeping reconnect attempts */ ++#define LDAP_NSS_SLEEPTIME 1 /* seconds to sleep; doubled until max */ ++#define LDAP_NSS_MAXSLEEPTIME 16 /* maximum seconds to sleep */ + #define LDAP_NSS_MAXCONNTRIES 2 /* reconnect attempts before sleeping */ + + #if defined(HAVE_NSSWITCH_H) || defined(HAVE_IRS_H) diff --git a/sys-auth/nss_ldap/files/nsswitch.ldap.diff b/sys-auth/nss_ldap/files/nsswitch.ldap.diff new file mode 100644 index 000000000000..a8e96e05e8d8 --- /dev/null +++ b/sys-auth/nss_ldap/files/nsswitch.ldap.diff @@ -0,0 +1,15 @@ +--- nsswitch.ldap 2004-06-08 00:34:09.895330016 -0500 ++++ nsswitch.ldap-modified 2004-06-08 00:35:21.518441648 -0500 +@@ -10,10 +10,10 @@ + passwd: files ldap + group: files ldap + +-# consult DNS first, we will need it to resolve the LDAP host. (If we ++# consult files/dns first, we will need it to resolve the LDAP host. (If we + # can't resolve it, we're in infinite recursion, because libldap calls + # gethostbyname(). Careful!) +-hosts: dns ldap ++hosts: files dns ldap + + # LDAP is nominally authoritative for the following maps. + services: ldap [NOTFOUND=return] files diff --git a/sys-auth/nss_ldap/metadata.xml b/sys-auth/nss_ldap/metadata.xml new file mode 100644 index 000000000000..6a0008335c0c --- /dev/null +++ b/sys-auth/nss_ldap/metadata.xml @@ -0,0 +1,15 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<maintainer> + <email>ldap-bugs@gentoo.org</email> + <name>Please assign bugs to this mail alias.</name> +</maintainer> +<maintainer> + <email>robbat2@gentoo.org</email> + <name>Robin H. Johnson</name> +</maintainer> +<maintainer> + <email>prometheanfire@gentoo.org</email> +</maintainer> +</pkgmetadata> diff --git a/sys-auth/nss_ldap/nss_ldap-258.ebuild b/sys-auth/nss_ldap/nss_ldap-258.ebuild new file mode 100644 index 000000000000..b08662905dbf --- /dev/null +++ b/sys-auth/nss_ldap/nss_ldap-258.ebuild @@ -0,0 +1,80 @@ +# Copyright 1999-2007 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +inherit fixheadtails eutils multilib autotools + +IUSE="debug sasl kerberos" + +DESCRIPTION="NSS LDAP Module" +HOMEPAGE="http://www.padl.com/OSS/nss_ldap.html" +SRC_URI="http://www.padl.com/download/${P}.tar.gz" + +SLOT="0" +LICENSE="LGPL-2" +KEYWORDS="alpha amd64 hppa ~ia64 ~mips ppc ppc64 sparc x86" + +DEPEND=">=net-nds/openldap-2.1.30-r5 + sasl? ( dev-libs/cyrus-sasl ) + kerberos? ( virtual/krb5 )" +RDEPEND="${DEPEND} + !<net-fs/autofs-4.1.3" + +src_unpack() { + unpack ${A} + cd "${S}" + epatch "${FILESDIR}"/nsswitch.ldap.diff + # Applied by upstream + #epatch "${FILESDIR}"/${PN}-239-tls-security-bug.patch + epatch "${FILESDIR}"/${PN}-249-sasl-compile.patch + EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-252-reconnect-timeouts.patch + # Applied by upstream + #EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-254-nss_getgrent_skipmembers.patch + EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-257-nss_max_group_depth.patch + sed -i.orig \ + -e '/^ @(#)\$Id: ldap.conf,v/s,^,#,' \ + "${S}"/ldap.conf || die "failed to clean up initial version marker" + # fix head/tail stuff + ht_fix_file "${S}"/Makefile.am "${S}"/Makefile.in "${S}"/depcomp + # fix build borkage + for i in Makefile.{in,am}; do + sed -i.orig \ + -e '/^install-exec-local: nss_ldap.so/s,nss_ldap.so,,g' \ + "${S}"/$i + done + epatch "${FILESDIR}"/${PN}-257.2-gssapi-headers.patch + eautoreconf +} + +src_compile() { + local myconf="" + use debug && myconf="${myconf} --enable-debugging" + use kerberos && myconf="${myconf} --enable-configurable-krb5-ccname-gssapi" + econf \ + --with-ldap-lib=openldap \ + --libdir=/$(get_libdir) \ + --enable-schema-mapping \ + --enable-paged-results \ + --enable-rfc2307bis \ + ${myconf} || die "configure failed" + + emake || die "make failed" +} + +src_install() { + dodir /$(get_libdir) + + emake -j1 DESTDIR="${D}" install || die "make install failed" + + insinto /etc + doins ldap.conf + + dodoc ldap.conf ANNOUNCE NEWS ChangeLog AUTHORS \ + COPYING CVSVersionInfo.txt README nsswitch.ldap certutil + docinto docs; dodoc doc/* +} + +pkg_postinst() { + elog "If you use a ldaps:// string in the 'uri' setting of" + elog "your /etc/ldap.conf, you must set 'ssl on'!" +} diff --git a/sys-auth/nss_ldap/nss_ldap-259.ebuild b/sys-auth/nss_ldap/nss_ldap-259.ebuild new file mode 100644 index 000000000000..b4d3fbec2f87 --- /dev/null +++ b/sys-auth/nss_ldap/nss_ldap-259.ebuild @@ -0,0 +1,80 @@ +# Copyright 1999-2008 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +inherit fixheadtails eutils multilib autotools + +IUSE="debug sasl kerberos" + +DESCRIPTION="NSS LDAP Module" +HOMEPAGE="http://www.padl.com/OSS/nss_ldap.html" +SRC_URI="http://www.padl.com/download/${P}.tar.gz" + +SLOT="0" +LICENSE="LGPL-2" +KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86" + +DEPEND=">=net-nds/openldap-2.1.30-r5 + sasl? ( dev-libs/cyrus-sasl ) + kerberos? ( virtual/krb5 )" +RDEPEND="${DEPEND} + !<net-fs/autofs-4.1.3" + +src_unpack() { + unpack ${A} + cd "${S}" + epatch "${FILESDIR}"/nsswitch.ldap.diff + # Applied by upstream + #epatch "${FILESDIR}"/${PN}-239-tls-security-bug.patch + epatch "${FILESDIR}"/${PN}-249-sasl-compile.patch + EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-252-reconnect-timeouts.patch + # Applied by upstream + #EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-254-nss_getgrent_skipmembers.patch + EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-257-nss_max_group_depth.patch + sed -i.orig \ + -e '/^ @(#)\$Id: ldap.conf,v/s,^,#,' \ + "${S}"/ldap.conf || die "failed to clean up initial version marker" + # fix head/tail stuff + ht_fix_file "${S}"/Makefile.am "${S}"/Makefile.in "${S}"/depcomp + # fix build borkage + for i in Makefile.{in,am}; do + sed -i.orig \ + -e '/^install-exec-local: nss_ldap.so/s,nss_ldap.so,,g' \ + "${S}"/$i + done + epatch "${FILESDIR}"/${PN}-257.2-gssapi-headers.patch + eautoreconf +} + +src_compile() { + local myconf="" + use debug && myconf="${myconf} --enable-debugging" + use kerberos && myconf="${myconf} --enable-configurable-krb5-ccname-gssapi" + econf \ + --with-ldap-lib=openldap \ + --libdir=/$(get_libdir) \ + --enable-schema-mapping \ + --enable-paged-results \ + --enable-rfc2307bis \ + ${myconf} || die "configure failed" + + emake || die "make failed" +} + +src_install() { + dodir /$(get_libdir) + + emake -j1 DESTDIR="${D}" install || die "make install failed" + + insinto /etc + doins ldap.conf + + dodoc ldap.conf ANNOUNCE NEWS ChangeLog AUTHORS \ + COPYING CVSVersionInfo.txt README nsswitch.ldap certutil + docinto docs; dodoc doc/* +} + +pkg_postinst() { + elog "If you use a ldaps:// string in the 'uri' setting of" + elog "your /etc/ldap.conf, you must set 'ssl on'!" +} diff --git a/sys-auth/nss_ldap/nss_ldap-261.ebuild b/sys-auth/nss_ldap/nss_ldap-261.ebuild new file mode 100644 index 000000000000..823ea94d4d4b --- /dev/null +++ b/sys-auth/nss_ldap/nss_ldap-261.ebuild @@ -0,0 +1,84 @@ +# Copyright 1999-2008 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +inherit fixheadtails eutils multilib autotools + +IUSE="debug sasl kerberos" + +DESCRIPTION="NSS LDAP Module" +HOMEPAGE="http://www.padl.com/OSS/nss_ldap.html" +SRC_URI="http://www.padl.com/download/${P}.tar.gz" + +SLOT="0" +LICENSE="LGPL-2" +KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86" + +DEPEND=">=net-nds/openldap-2.1.30-r5 + sasl? ( dev-libs/cyrus-sasl ) + kerberos? ( virtual/krb5 )" +RDEPEND="${DEPEND} + !<net-fs/autofs-4.1.3" + +src_unpack() { + unpack ${A} + cd "${S}" + epatch "${FILESDIR}"/nsswitch.ldap.diff + # Applied by upstream + #epatch "${FILESDIR}"/${PN}-239-tls-security-bug.patch + epatch "${FILESDIR}"/${PN}-249-sasl-compile.patch + EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-252-reconnect-timeouts.patch + # Applied by upstream + #EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-254-nss_getgrent_skipmembers.patch + EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-257-nss_max_group_depth.patch + sed -i.orig \ + -e '/^ @(#)\$Id: ldap.conf,v/s,^,#,' \ + "${S}"/ldap.conf || die "failed to clean up initial version marker" + # fix head/tail stuff + ht_fix_file "${S}"/Makefile.am "${S}"/Makefile.in "${S}"/depcomp + # fix build borkage + for i in Makefile.{in,am}; do + sed -i.orig \ + -e '/^install-exec-local: nss_ldap.so/s,nss_ldap.so,,g' \ + "${S}"/$i + done + # Upstream forgets the version number sometimes + epatch "${FILESDIR}"/${PN}-257.2-gssapi-headers.patch + sed -i \ + -e "/^AM_INIT_AUTOMAKE/s~2..~$PV~" \ + "${S}"/configure.in + eautoreconf +} + +src_compile() { + local myconf="" + use debug && myconf="${myconf} --enable-debugging" + use kerberos && myconf="${myconf} --enable-configurable-krb5-ccname-gssapi" + econf \ + --with-ldap-lib=openldap \ + --libdir=/$(get_libdir) \ + --enable-schema-mapping \ + --enable-paged-results \ + --enable-rfc2307bis \ + ${myconf} || die "configure failed" + + emake || die "make failed" +} + +src_install() { + dodir /$(get_libdir) + + emake -j1 DESTDIR="${D}" install || die "make install failed" + + insinto /etc + doins ldap.conf + + dodoc ldap.conf ANNOUNCE NEWS ChangeLog AUTHORS \ + COPYING CVSVersionInfo.txt README nsswitch.ldap certutil + docinto docs; dodoc doc/* +} + +pkg_postinst() { + elog "If you use a ldaps:// string in the 'uri' setting of" + elog "your /etc/ldap.conf, you must set 'ssl on'!" +} diff --git a/sys-auth/nss_ldap/nss_ldap-262.ebuild b/sys-auth/nss_ldap/nss_ldap-262.ebuild new file mode 100644 index 000000000000..823ea94d4d4b --- /dev/null +++ b/sys-auth/nss_ldap/nss_ldap-262.ebuild @@ -0,0 +1,84 @@ +# Copyright 1999-2008 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +inherit fixheadtails eutils multilib autotools + +IUSE="debug sasl kerberos" + +DESCRIPTION="NSS LDAP Module" +HOMEPAGE="http://www.padl.com/OSS/nss_ldap.html" +SRC_URI="http://www.padl.com/download/${P}.tar.gz" + +SLOT="0" +LICENSE="LGPL-2" +KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86" + +DEPEND=">=net-nds/openldap-2.1.30-r5 + sasl? ( dev-libs/cyrus-sasl ) + kerberos? ( virtual/krb5 )" +RDEPEND="${DEPEND} + !<net-fs/autofs-4.1.3" + +src_unpack() { + unpack ${A} + cd "${S}" + epatch "${FILESDIR}"/nsswitch.ldap.diff + # Applied by upstream + #epatch "${FILESDIR}"/${PN}-239-tls-security-bug.patch + epatch "${FILESDIR}"/${PN}-249-sasl-compile.patch + EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-252-reconnect-timeouts.patch + # Applied by upstream + #EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-254-nss_getgrent_skipmembers.patch + EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-257-nss_max_group_depth.patch + sed -i.orig \ + -e '/^ @(#)\$Id: ldap.conf,v/s,^,#,' \ + "${S}"/ldap.conf || die "failed to clean up initial version marker" + # fix head/tail stuff + ht_fix_file "${S}"/Makefile.am "${S}"/Makefile.in "${S}"/depcomp + # fix build borkage + for i in Makefile.{in,am}; do + sed -i.orig \ + -e '/^install-exec-local: nss_ldap.so/s,nss_ldap.so,,g' \ + "${S}"/$i + done + # Upstream forgets the version number sometimes + epatch "${FILESDIR}"/${PN}-257.2-gssapi-headers.patch + sed -i \ + -e "/^AM_INIT_AUTOMAKE/s~2..~$PV~" \ + "${S}"/configure.in + eautoreconf +} + +src_compile() { + local myconf="" + use debug && myconf="${myconf} --enable-debugging" + use kerberos && myconf="${myconf} --enable-configurable-krb5-ccname-gssapi" + econf \ + --with-ldap-lib=openldap \ + --libdir=/$(get_libdir) \ + --enable-schema-mapping \ + --enable-paged-results \ + --enable-rfc2307bis \ + ${myconf} || die "configure failed" + + emake || die "make failed" +} + +src_install() { + dodir /$(get_libdir) + + emake -j1 DESTDIR="${D}" install || die "make install failed" + + insinto /etc + doins ldap.conf + + dodoc ldap.conf ANNOUNCE NEWS ChangeLog AUTHORS \ + COPYING CVSVersionInfo.txt README nsswitch.ldap certutil + docinto docs; dodoc doc/* +} + +pkg_postinst() { + elog "If you use a ldaps:// string in the 'uri' setting of" + elog "your /etc/ldap.conf, you must set 'ssl on'!" +} diff --git a/sys-auth/nss_ldap/nss_ldap-264-r1.ebuild b/sys-auth/nss_ldap/nss_ldap-264-r1.ebuild new file mode 100644 index 000000000000..0f60d8096e91 --- /dev/null +++ b/sys-auth/nss_ldap/nss_ldap-264-r1.ebuild @@ -0,0 +1,102 @@ +# Copyright 1999-2010 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=2 +inherit fixheadtails eutils multilib autotools + +IUSE="debug ssl sasl kerberos" + +DESCRIPTION="NSS LDAP Module" +HOMEPAGE="http://www.padl.com/OSS/nss_ldap.html" +SRC_URI="http://www.padl.com/download/${P}.tar.gz" + +SLOT="0" +LICENSE="LGPL-2" +KEYWORDS="alpha amd64 hppa ia64 ~mips ppc ppc64 sparc x86" + +DEPEND=">=net-nds/openldap-2.1.30-r5 + sasl? ( dev-libs/cyrus-sasl ) + kerberos? ( virtual/krb5 ) + ssl? ( dev-libs/openssl )" +RDEPEND="${DEPEND} + !<net-fs/autofs-4.1.3" + +src_prepare() { + epatch "${FILESDIR}"/nsswitch.ldap.diff + + # Applied by upstream + #epatch "${FILESDIR}"/${PN}-239-tls-security-bug.patch + + epatch "${FILESDIR}"/${PN}-249-sasl-compile.patch + + EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-252-reconnect-timeouts.patch + + # Applied by upstream + #EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-254-nss_getgrent_skipmembers.patch + + EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-257-nss_max_group_depth.patch + + sed -i.orig \ + -e '/^ @(#)\$Id: ldap.conf,v/s,^,#,' \ + "${S}"/ldap.conf || die "failed to clean up initial version marker" + + # fix head/tail stuff + ht_fix_file "${S}"/Makefile.am "${S}"/Makefile.in "${S}"/depcomp + + # fix build borkage + for i in Makefile.{in,am}; do + sed -i.orig \ + -e '/^install-exec-local: nss_ldap.so/s,nss_ldap.so,,g' \ + "${S}"/$i + done + + epatch "${FILESDIR}"/${PN}-257.2-gssapi-headers.patch + + # Bug #214750, no automagic deps + epatch "${FILESDIR}"/${PN}-264-disable-automagic.patch + + # Upstream forgets the version number sometimes + #sed -i \ + # -e "/^AM_INIT_AUTOMAKE/s~2..~$PV~" \ + # "${S}"/configure.in + + # Include an SONAME + epatch "${FILESDIR}"/${PN}-254-soname.patch + + eautoreconf +} + +src_configure() { + local myconf="" + use debug && myconf="${myconf} --enable-debugging" + use kerberos && myconf="${myconf} --enable-configurable-krb5-ccname-gssapi" + # --enable-schema-mapping \ + econf \ + --with-ldap-lib=openldap \ + --libdir=/$(get_libdir) \ + --enable-paged-results \ + --enable-rfc2307bis \ + $(use_enable ssl) \ + $(use_enable sasl) \ + $(use_enable kerberos krb) \ + ${myconf} || die "configure failed" +} + +src_install() { + dodir /$(get_libdir) + + emake -j1 DESTDIR="${D}" install || die "make install failed" + + insinto /etc + doins ldap.conf + + dodoc ldap.conf ANNOUNCE NEWS ChangeLog AUTHORS \ + COPYING CVSVersionInfo.txt README nsswitch.ldap certutil + docinto docs; dodoc doc/* +} + +pkg_postinst() { + elog "If you use a ldaps:// string in the 'uri' setting of" + elog "your /etc/ldap.conf, you must set 'ssl on'!" +} diff --git a/sys-auth/nss_ldap/nss_ldap-264.ebuild b/sys-auth/nss_ldap/nss_ldap-264.ebuild new file mode 100644 index 000000000000..5b4782b98968 --- /dev/null +++ b/sys-auth/nss_ldap/nss_ldap-264.ebuild @@ -0,0 +1,99 @@ +# Copyright 1999-2010 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=2 +inherit fixheadtails eutils multilib autotools + +IUSE="debug ssl sasl kerberos" + +DESCRIPTION="NSS LDAP Module" +HOMEPAGE="http://www.padl.com/OSS/nss_ldap.html" +SRC_URI="http://www.padl.com/download/${P}.tar.gz" + +SLOT="0" +LICENSE="LGPL-2" +KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86" + +DEPEND=">=net-nds/openldap-2.1.30-r5 + sasl? ( dev-libs/cyrus-sasl ) + kerberos? ( virtual/krb5 ) + ssl? ( dev-libs/openssl )" +RDEPEND="${DEPEND} + !<net-fs/autofs-4.1.3" + +src_prepare() { + epatch "${FILESDIR}"/nsswitch.ldap.diff + + # Applied by upstream + #epatch "${FILESDIR}"/${PN}-239-tls-security-bug.patch + + epatch "${FILESDIR}"/${PN}-249-sasl-compile.patch + + EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-252-reconnect-timeouts.patch + + # Applied by upstream + #EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-254-nss_getgrent_skipmembers.patch + + EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-257-nss_max_group_depth.patch + + sed -i.orig \ + -e '/^ @(#)\$Id: ldap.conf,v/s,^,#,' \ + "${S}"/ldap.conf || die "failed to clean up initial version marker" + + # fix head/tail stuff + ht_fix_file "${S}"/Makefile.am "${S}"/Makefile.in "${S}"/depcomp + + # fix build borkage + for i in Makefile.{in,am}; do + sed -i.orig \ + -e '/^install-exec-local: nss_ldap.so/s,nss_ldap.so,,g' \ + "${S}"/$i + done + + epatch "${FILESDIR}"/${PN}-257.2-gssapi-headers.patch + + # Bug #214750, no automagic deps + epatch "${FILESDIR}"/${PN}-264-disable-automagic.patch + + # Upstream forgets the version number sometimes + #sed -i \ + # -e "/^AM_INIT_AUTOMAKE/s~2..~$PV~" \ + # "${S}"/configure.in + + eautoreconf +} + +src_configure() { + local myconf="" + use debug && myconf="${myconf} --enable-debugging" + use kerberos && myconf="${myconf} --enable-configurable-krb5-ccname-gssapi" + # --enable-schema-mapping \ + econf \ + --with-ldap-lib=openldap \ + --libdir=/$(get_libdir) \ + --enable-paged-results \ + --enable-rfc2307bis \ + $(use_enable ssl) \ + $(use_enable sasl) \ + $(use_enable kerberos krb) \ + ${myconf} || die "configure failed" +} + +src_install() { + dodir /$(get_libdir) + + emake -j1 DESTDIR="${D}" install || die "make install failed" + + insinto /etc + doins ldap.conf + + dodoc ldap.conf ANNOUNCE NEWS ChangeLog AUTHORS \ + COPYING CVSVersionInfo.txt README nsswitch.ldap certutil + docinto docs; dodoc doc/* +} + +pkg_postinst() { + elog "If you use a ldaps:// string in the 'uri' setting of" + elog "your /etc/ldap.conf, you must set 'ssl on'!" +} diff --git a/sys-auth/nss_ldap/nss_ldap-265-r1.ebuild b/sys-auth/nss_ldap/nss_ldap-265-r1.ebuild new file mode 100644 index 000000000000..abd731b35b3e --- /dev/null +++ b/sys-auth/nss_ldap/nss_ldap-265-r1.ebuild @@ -0,0 +1,114 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=2 +inherit fixheadtails eutils multilib autotools + +IUSE="debug ssl sasl kerberos" + +DESCRIPTION="NSS LDAP Module" +HOMEPAGE="http://www.padl.com/OSS/nss_ldap.html" +SRC_URI="http://www.padl.com/download/${P}.tar.gz" + +SLOT="0" +LICENSE="LGPL-2" +KEYWORDS="alpha amd64 ~arm hppa ia64 ~mips ppc ppc64 sparc x86" + +DEPEND=">=net-nds/openldap-2.1.30-r5 + sasl? ( dev-libs/cyrus-sasl ) + kerberos? ( virtual/krb5 ) + ssl? ( dev-libs/openssl )" +RDEPEND="${DEPEND} + !<net-fs/autofs-4.1.3" + +src_prepare() { + epatch "${FILESDIR}"/nsswitch.ldap.diff + + # Applied by upstream + #epatch "${FILESDIR}"/${PN}-239-tls-security-bug.patch + + epatch "${FILESDIR}"/${PN}-249-sasl-compile.patch + + EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-265-reconnect-timeouts.patch + + # Applied by upstream + #EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-254-nss_getgrent_skipmembers.patch + + EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-257-nss_max_group_depth.patch + + sed -i.orig \ + -e '/^ @(#)\$Id: ldap.conf,v/s,^,#,' \ + "${S}"/ldap.conf || die "failed to clean up initial version marker" + + # fix head/tail stuff + ht_fix_file "${S}"/Makefile.am "${S}"/Makefile.in "${S}"/depcomp + + # fix build borkage + for i in Makefile.{in,am}; do + sed -i.orig \ + -e '/^install-exec-local: nss_ldap.so/s,nss_ldap.so,,g' \ + "${S}"/$i + done + + epatch "${FILESDIR}"/${PN}-257.2-gssapi-headers.patch + + # Bug #214750, no automagic deps + epatch "${FILESDIR}"/${PN}-264-disable-automagic.patch + + # Upstream forgets the version number sometimes + #sed -i \ + # -e "/^AM_INIT_AUTOMAKE/s~2..~$PV~" \ + # "${S}"/configure.in + + # Include an SONAME + epatch "${FILESDIR}"/${PN}-254-soname.patch + + sed -i \ + -e 's, vers_string , ./vers_string ,g' \ + "${S}"/Makefile.am + + eautoreconf +} + +src_configure() { + local myconf="" + use debug && myconf="${myconf} --enable-debugging" + use kerberos && myconf="${myconf} --enable-configurable-krb5-ccname-gssapi" + # --enable-schema-mapping \ + econf \ + --with-ldap-lib=openldap \ + --libdir=/$(get_libdir) \ + --enable-paged-results \ + --enable-rfc2307bis \ + $(use_enable ssl) \ + $(use_enable sasl) \ + $(use_enable kerberos krb) \ + ${myconf} || die "configure failed" +} + +src_install() { + dodir /$(get_libdir) + + emake -j1 DESTDIR="${D}" install || die "make install failed" + + insinto /etc + doins ldap.conf + + # Append two blank lines and some skip entries + echo >>"${D}"/etc/ldap.conf + echo >>"${D}"/etc/ldap.conf + sed -i "${D}"/etc/ldap.conf \ + -e '$inss_initgroups_ignoreusers ldap,openldap,mysql,syslog,root,postgres' \ + || die "failed to sed /etc/ldap.conf" + + dodoc ldap.conf ANNOUNCE NEWS ChangeLog AUTHORS \ + COPYING CVSVersionInfo.txt README nsswitch.ldap certutil + docinto docs; dodoc doc/* + +} + +pkg_postinst() { + elog "If you use a ldaps:// string in the 'uri' setting of" + elog "your /etc/ldap.conf, you must set 'ssl on'!" +} diff --git a/sys-auth/nss_ldap/nss_ldap-265-r2.ebuild b/sys-auth/nss_ldap/nss_ldap-265-r2.ebuild new file mode 100644 index 000000000000..816c6f262391 --- /dev/null +++ b/sys-auth/nss_ldap/nss_ldap-265-r2.ebuild @@ -0,0 +1,122 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 +inherit fixheadtails eutils multilib autotools prefix + +IUSE="debug ssl sasl kerberos" + +DESCRIPTION="NSS LDAP Module" +HOMEPAGE="http://www.padl.com/OSS/nss_ldap.html" +SRC_URI="http://www.padl.com/download/${P}.tar.gz" + +SLOT="0" +LICENSE="LGPL-2" +KEYWORDS="alpha amd64 ~arm hppa ia64 ~mips ppc ppc64 sparc x86 ~amd64-linux" + +DEPEND=">=net-nds/openldap-2.1.30-r5 + sasl? ( dev-libs/cyrus-sasl ) + kerberos? ( virtual/krb5 ) + ssl? ( dev-libs/openssl )" +RDEPEND="${DEPEND} + !<net-fs/autofs-4.1.3" + +src_prepare() { + if use prefix; then + epatch "${FILESDIR}"/${P}-installdir.patch + eprefixify Makefile.am + fi + + # bug 438692 + epatch "${FILESDIR}"/${P}-pthread.patch + + epatch "${FILESDIR}"/nsswitch.ldap.diff + + # Applied by upstream + #epatch "${FILESDIR}"/${PN}-239-tls-security-bug.patch + + epatch "${FILESDIR}"/${PN}-249-sasl-compile.patch + + EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-265-reconnect-timeouts.patch + + # Applied by upstream + #EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-254-nss_getgrent_skipmembers.patch + + EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-257-nss_max_group_depth.patch + + sed -i.orig \ + -e '/^ @(#)\$Id: ldap.conf,v/s,^,#,' \ + "${S}"/ldap.conf + + # fix head/tail stuff + ht_fix_file "${S}"/Makefile.am "${S}"/Makefile.in "${S}"/depcomp + + # fix build borkage + for i in Makefile.{in,am}; do + sed -i.orig \ + -e '/^install-exec-local: nss_ldap.so/s,nss_ldap.so,,g' \ + "${S}"/$i + done + + epatch "${FILESDIR}"/${PN}-257.2-gssapi-headers.patch + + # Bug #214750, no automagic deps + epatch "${FILESDIR}"/${PN}-264-disable-automagic.patch + + # Upstream forgets the version number sometimes + #sed -i \ + # -e "/^AM_INIT_AUTOMAKE/s~2..~$PV~" \ + # "${S}"/configure.in + + # Include an SONAME + epatch "${FILESDIR}"/${PN}-254-soname.patch + + sed -i \ + -e 's, vers_string , ./vers_string ,g' \ + "${S}"/Makefile.am + + eautoreconf +} + +src_configure() { + local myconf="" + use debug && myconf="${myconf} --enable-debugging" + use kerberos && myconf="${myconf} --enable-configurable-krb5-ccname-gssapi" + # --enable-schema-mapping \ + econf \ + --with-ldap-lib=openldap \ + --libdir="${EPREFIX}/$(get_libdir)" \ + --with-ldap-conf-file="${EPREFIX}/etc/ldap.conf" \ + --enable-paged-results \ + --enable-rfc2307bis \ + $(use_enable ssl) \ + $(use_enable sasl) \ + $(use_enable kerberos krb) \ + ${myconf} +} + +src_install() { + dodir /$(get_libdir) + + emake -j1 DESTDIR="${D}" install \ + INST_UID=${PORTAGE_USER:-root} INST_GID=${PORTAGE_GROUP:-root} + + insinto /etc + doins ldap.conf + + # Append two blank lines and some skip entries + echo >>"${ED}"/etc/ldap.conf + echo >>"${ED}"/etc/ldap.conf + sed -i "${ED}"/etc/ldap.conf \ + -e '$inss_initgroups_ignoreusers ldap,openldap,mysql,syslog,root,postgres' + + dodoc ldap.conf ANNOUNCE NEWS ChangeLog AUTHORS \ + CVSVersionInfo.txt README nsswitch.ldap certutil + docinto docs; dodoc doc/* +} + +pkg_postinst() { + elog "If you use a ldaps:// string in the 'uri' setting of" + elog "your /etc/ldap.conf, you must set 'ssl on'!" +} diff --git a/sys-auth/nss_ldap/nss_ldap-265-r4.ebuild b/sys-auth/nss_ldap/nss_ldap-265-r4.ebuild new file mode 100644 index 000000000000..fadc3ca254ec --- /dev/null +++ b/sys-auth/nss_ldap/nss_ldap-265-r4.ebuild @@ -0,0 +1,141 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 +inherit fixheadtails eutils multilib autotools prefix + +IUSE="debug ssl sasl kerberos" + +DESCRIPTION="NSS LDAP Module" +HOMEPAGE="http://www.padl.com/OSS/nss_ldap.html" +SRC_URI="http://www.padl.com/download/${P}.tar.gz" + +SLOT="0" +LICENSE="LGPL-2" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86 ~amd64-linux" + +DEPEND=">=net-nds/openldap-2.1.30-r5 + sasl? ( dev-libs/cyrus-sasl ) + kerberos? ( virtual/krb5 ) + ssl? ( dev-libs/openssl )" +RDEPEND="${DEPEND} + !<net-fs/autofs-4.1.3" + +src_prepare() { + if use prefix; then + epatch "${FILESDIR}"/${P}-installdir.patch + eprefixify Makefile.am + fi + + # bug 438692 + epatch "${FILESDIR}"/${P}-pthread.patch + + epatch "${FILESDIR}"/nsswitch.ldap.diff + + # Applied by upstream + #epatch "${FILESDIR}"/${PN}-239-tls-security-bug.patch + + epatch "${FILESDIR}"/${PN}-249-sasl-compile.patch + + EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-265-reconnect-timeouts.patch + + # Applied by upstream + #EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-254-nss_getgrent_skipmembers.patch + + EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-257-nss_max_group_depth.patch + + sed -i.orig \ + -e '/^ @(#)\$Id: ldap.conf,v/s,^,#,' \ + "${S}"/ldap.conf + + # fix head/tail stuff + ht_fix_file "${S}"/Makefile.am "${S}"/Makefile.in "${S}"/depcomp + + # fix build borkage + for i in Makefile.{in,am}; do + sed -i.orig \ + -e '/^install-exec-local: nss_ldap.so/s,nss_ldap.so,,g' \ + "${S}"/$i + done + + epatch "${FILESDIR}"/${PN}-257.2-gssapi-headers.patch + + # Bug #214750, no automagic deps + epatch "${FILESDIR}"/${PN}-264-disable-automagic.patch + + # Upstream forgets the version number sometimes + #sed -i \ + # -e "/^AM_INIT_AUTOMAKE/s~2..~$PV~" \ + # "${S}"/configure.in + + # Include an SONAME + epatch "${FILESDIR}"/${PN}-254-soname.patch + + #fix broken oneshot connections + epatch "${FILESDIR}/nss_ldap-265-missing-entries-oneshot.patch" + + sed -i \ + -e 's, vers_string , ./vers_string ,g' \ + "${S}"/Makefile.am + + if use kernel_FreeBSD; then + #fix broken fbsd support + EPATCH_OPTS="-p0 -d ${S}" epatch "${FILESDIR}/nss_ldap-265-fbsd.patch" + fi + + eautoreconf +} + +src_configure() { + local myconf="" + use debug && myconf="${myconf} --enable-debugging" + use kerberos && myconf="${myconf} --enable-configurable-krb5-ccname-gssapi" + # --enable-schema-mapping \ + econf \ + --with-ldap-lib=openldap \ + --libdir="${EPREFIX}/$(get_libdir)" \ + --with-ldap-conf-file="${EPREFIX}/etc/ldap.conf" \ + --enable-paged-results \ + --enable-rfc2307bis \ + $(use_enable ssl) \ + $(use_enable sasl) \ + $(use_enable kerberos krb) \ + ${myconf} + + if use kernel_FreeBSD; then + # configure.in does not properly handle include dependencies + echo "#define HAVE_NETINET_IF_ETHER_H 1" >> ${S}/config.h + echo "#define HAVE_NET_ROUTE_H 1" >> ${S}/config.h + echo "#define HAVE_RESOLV_H 1" >> ${S}/config.h + fi +} + +src_install() { + dodir /$(get_libdir) + + if use kernel_FreeBSD; then + emake -j1 DESTDIR="${D}" install || die "make install failed" + else + emake -j1 DESTDIR="${D}" install \ + INST_UID=${PORTAGE_USER:-root} INST_GID=${PORTAGE_GROUP:-root} + fi + + insinto /etc + doins ldap.conf + + # Append two blank lines and some skip entries + echo >>"${ED}"/etc/ldap.conf + echo >>"${ED}"/etc/ldap.conf + sed -i "${ED}"/etc/ldap.conf \ + -e '$inss_initgroups_ignoreusers ldap,openldap,mysql,syslog,root,postgres' + + dodoc ldap.conf ANNOUNCE NEWS ChangeLog AUTHORS \ + CVSVersionInfo.txt README nsswitch.ldap certutil + docinto docs; dodoc doc/* +} + +pkg_postinst() { + elog "If you use a ldaps:// string in the 'uri' setting of" + elog "your /etc/ldap.conf, you must set 'ssl on'!" +} diff --git a/sys-auth/nss_ldap/nss_ldap-265-r5.ebuild b/sys-auth/nss_ldap/nss_ldap-265-r5.ebuild new file mode 100644 index 000000000000..01dd3ec8e084 --- /dev/null +++ b/sys-auth/nss_ldap/nss_ldap-265-r5.ebuild @@ -0,0 +1,149 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 +inherit fixheadtails eutils multilib multilib-minimal autotools prefix + +IUSE="debug ssl sasl kerberos" + +DESCRIPTION="NSS LDAP Module" +HOMEPAGE="http://www.padl.com/OSS/nss_ldap.html" +SRC_URI="http://www.padl.com/download/${P}.tar.gz" + +SLOT="0" +LICENSE="LGPL-2" +KEYWORDS="alpha amd64 arm hppa ia64 ~mips ppc ppc64 sparc x86 ~amd64-linux" + +DEPEND=">=net-nds/openldap-2.4.38-r1[${MULTILIB_USEDEP}] + sasl? ( >=dev-libs/cyrus-sasl-2.1.26-r3[${MULTILIB_USEDEP}] ) + kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] ) + ssl? ( >=dev-libs/openssl-1.0.1h-r2[${MULTILIB_USEDEP}] )" +RDEPEND="${DEPEND} + !<net-fs/autofs-4.1.3 + abi_x86_32? ( + !<=app-emulation/emul-linux-x86-baselibs-20140508-r7 + !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] + )" + +src_prepare() { + if use prefix; then + epatch "${FILESDIR}"/${P}-installdir.patch + eprefixify Makefile.am + fi + + # bug 438692 + epatch "${FILESDIR}"/${P}-pthread.patch + + epatch "${FILESDIR}"/nsswitch.ldap.diff + + # Applied by upstream + #epatch "${FILESDIR}"/${PN}-239-tls-security-bug.patch + + epatch "${FILESDIR}"/${PN}-249-sasl-compile.patch + + EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-265-reconnect-timeouts.patch + + # Applied by upstream + #EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-254-nss_getgrent_skipmembers.patch + + EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-257-nss_max_group_depth.patch + + sed -i.orig \ + -e '/^ @(#)\$Id: ldap.conf,v/s,^,#,' \ + "${S}"/ldap.conf + + # fix head/tail stuff + ht_fix_file "${S}"/Makefile.am "${S}"/Makefile.in "${S}"/depcomp + + # fix build borkage + for i in Makefile.{in,am}; do + sed -i.orig \ + -e '/^install-exec-local: nss_ldap.so/s,nss_ldap.so,,g' \ + "${S}"/$i + done + + epatch "${FILESDIR}"/${PN}-257.2-gssapi-headers.patch + + # Bug #214750, no automagic deps + epatch "${FILESDIR}"/${PN}-264-disable-automagic.patch + + # Upstream forgets the version number sometimes + #sed -i \ + # -e "/^AM_INIT_AUTOMAKE/s~2..~$PV~" \ + # "${S}"/configure.in + + # Include an SONAME + epatch "${FILESDIR}"/${PN}-254-soname.patch + + #fix broken oneshot connections + epatch "${FILESDIR}/nss_ldap-265-missing-entries-oneshot.patch" + + sed -i \ + -e 's, vers_string , PERL5LIB="@top_srcdir@" @top_srcdir@/vers_string ,g' \ + "${S}"/Makefile.am + + if use kernel_FreeBSD; then + #fix broken fbsd support + EPATCH_OPTS="-p0 -d ${S}" epatch "${FILESDIR}/nss_ldap-265-fbsd.patch" + fi + + eautoreconf +} + +multilib_src_configure() { + local myconf=() + use debug && myconf+=( --enable-debugging ) + use kerberos && myconf+=( --enable-configurable-krb5-ccname-gssapi ) + multilib_is_native_abi && myconf+=( --libdir="${EPREFIX}/$(get_libdir)" ) + # --enable-schema-mapping \ + ECONF_SOURCE=${S} \ + econf \ + --with-ldap-lib=openldap \ + --with-ldap-conf-file="${EPREFIX}/etc/ldap.conf" \ + --enable-paged-results \ + --enable-rfc2307bis \ + $(use_enable ssl) \ + $(use_enable sasl) \ + $(use_enable kerberos krb) \ + "${myconf[@]}" + + if use kernel_FreeBSD; then + # configure.in does not properly handle include dependencies + echo "#define HAVE_NETINET_IF_ETHER_H 1" >> ${S}/config.h + echo "#define HAVE_NET_ROUTE_H 1" >> ${S}/config.h + echo "#define HAVE_RESOLV_H 1" >> ${S}/config.h + fi +} + +multilib_src_install() { + if use kernel_FreeBSD; then + emake -j1 DESTDIR="${D}" install + else + emake -j1 DESTDIR="${D}" install \ + INST_UID=${PORTAGE_USER:-root} INST_GID=${PORTAGE_GROUP:-root} + fi +} + +multilib_src_install_all() { + # dumb /usr/lib* -> /lib* symlinks gone wrong + rm -rf "${ED}"/usr/usr + + insinto /etc + doins ldap.conf + + # Append two blank lines and some skip entries + echo >>"${ED}"/etc/ldap.conf + echo >>"${ED}"/etc/ldap.conf + sed -i "${ED}"/etc/ldap.conf \ + -e '$inss_initgroups_ignoreusers ldap,openldap,mysql,syslog,root,postgres' + + dodoc ldap.conf ANNOUNCE NEWS ChangeLog AUTHORS \ + CVSVersionInfo.txt README nsswitch.ldap certutil + docinto docs; dodoc doc/* +} + +pkg_postinst() { + elog "If you use a ldaps:// string in the 'uri' setting of" + elog "your /etc/ldap.conf, you must set 'ssl on'!" +} diff --git a/sys-auth/nss_ldap/nss_ldap-265.ebuild b/sys-auth/nss_ldap/nss_ldap-265.ebuild new file mode 100644 index 000000000000..cc441c33f9ee --- /dev/null +++ b/sys-auth/nss_ldap/nss_ldap-265.ebuild @@ -0,0 +1,106 @@ +# Copyright 1999-2010 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=2 +inherit fixheadtails eutils multilib autotools + +IUSE="debug ssl sasl kerberos" + +DESCRIPTION="NSS LDAP Module" +HOMEPAGE="http://www.padl.com/OSS/nss_ldap.html" +SRC_URI="http://www.padl.com/download/${P}.tar.gz" + +SLOT="0" +LICENSE="LGPL-2" +KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86" + +DEPEND=">=net-nds/openldap-2.1.30-r5 + sasl? ( dev-libs/cyrus-sasl ) + kerberos? ( virtual/krb5 ) + ssl? ( dev-libs/openssl )" +RDEPEND="${DEPEND} + !<net-fs/autofs-4.1.3" + +src_prepare() { + epatch "${FILESDIR}"/nsswitch.ldap.diff + + # Applied by upstream + #epatch "${FILESDIR}"/${PN}-239-tls-security-bug.patch + + epatch "${FILESDIR}"/${PN}-249-sasl-compile.patch + + EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-265-reconnect-timeouts.patch + + # Applied by upstream + #EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-254-nss_getgrent_skipmembers.patch + + EPATCH_OPTS="-p1 -d ${S}" epatch "${FILESDIR}"/${PN}-257-nss_max_group_depth.patch + + sed -i.orig \ + -e '/^ @(#)\$Id: ldap.conf,v/s,^,#,' \ + "${S}"/ldap.conf || die "failed to clean up initial version marker" + + # fix head/tail stuff + ht_fix_file "${S}"/Makefile.am "${S}"/Makefile.in "${S}"/depcomp + + # fix build borkage + for i in Makefile.{in,am}; do + sed -i.orig \ + -e '/^install-exec-local: nss_ldap.so/s,nss_ldap.so,,g' \ + "${S}"/$i + done + + epatch "${FILESDIR}"/${PN}-257.2-gssapi-headers.patch + + # Bug #214750, no automagic deps + epatch "${FILESDIR}"/${PN}-264-disable-automagic.patch + + # Upstream forgets the version number sometimes + #sed -i \ + # -e "/^AM_INIT_AUTOMAKE/s~2..~$PV~" \ + # "${S}"/configure.in + + # Include an SONAME + epatch "${FILESDIR}"/${PN}-254-soname.patch + + sed -i \ + -e 's, vers_string , ./vers_string ,g' \ + "${S}"/Makefile.am + + eautoreconf +} + +src_configure() { + local myconf="" + use debug && myconf="${myconf} --enable-debugging" + use kerberos && myconf="${myconf} --enable-configurable-krb5-ccname-gssapi" + # --enable-schema-mapping \ + econf \ + --with-ldap-lib=openldap \ + --libdir=/$(get_libdir) \ + --enable-paged-results \ + --enable-rfc2307bis \ + $(use_enable ssl) \ + $(use_enable sasl) \ + $(use_enable kerberos krb) \ + ${myconf} || die "configure failed" +} + +src_install() { + dodir /$(get_libdir) + + emake -j1 DESTDIR="${D}" install || die "make install failed" + + insinto /etc + doins ldap.conf + + dodoc ldap.conf ANNOUNCE NEWS ChangeLog AUTHORS \ + COPYING CVSVersionInfo.txt README nsswitch.ldap certutil + docinto docs; dodoc doc/* +} + +pkg_postinst() { + elog "If you use a ldaps:// string in the 'uri' setting of" + elog "your /etc/ldap.conf, you must set 'ssl on'!" +} diff --git a/sys-auth/oath-toolkit/Manifest b/sys-auth/oath-toolkit/Manifest new file mode 100644 index 000000000000..684132144488 --- /dev/null +++ b/sys-auth/oath-toolkit/Manifest @@ -0,0 +1 @@ +DIST oath-toolkit-2.4.1.tar.gz 4136649 SHA256 9bfa42cbc100eb6c43d2bf83e3badc51d9e6f4950a92e07513ae586d0c5e9b24 SHA512 2a3440d5c97afef00dacd235d5471e8bf68086dfdb20234a894e7534d75670808fef444fe1062525800bc5ffe368898302e6cf250cd76b7238cd602d7d05e89b WHIRLPOOL f74dc524a6845054f0d3126ac3a5555ca4ac8e5e70e108abc603622e8e73795e6cba81f3d39debca22a22c7c0f7aba133ec975acfbf8cf64a0b919f0ee1a802c diff --git a/sys-auth/oath-toolkit/metadata.xml b/sys-auth/oath-toolkit/metadata.xml new file mode 100644 index 000000000000..d184566c4896 --- /dev/null +++ b/sys-auth/oath-toolkit/metadata.xml @@ -0,0 +1,15 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer> + <email>robbat2@gentoo.org</email> + </maintainer> + <herd>sysadmin</herd> + <use> + <flag name="pskc">Build tools & library for the Portable Symmetric Key Container (PSKC) format per RFC6030</flag> + <flag name="pam">Build PAM module for pluggable login authentication for OATH</flag> + </use> + <upstream> + <remote-id type="gitorious">oath-toolkit</remote-id> + </upstream> +</pkgmetadata> diff --git a/sys-auth/oath-toolkit/oath-toolkit-2.4.1.ebuild b/sys-auth/oath-toolkit/oath-toolkit-2.4.1.ebuild new file mode 100644 index 000000000000..a41e3dd4ffac --- /dev/null +++ b/sys-auth/oath-toolkit/oath-toolkit-2.4.1.ebuild @@ -0,0 +1,55 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ +EAPI=5 + +inherit pam eutils autotools +DESCRIPTION="Toolkit for using one-time password authentication with HOTP/TOTP algorithms" +HOMEPAGE="http://www.nongnu.org/oath-toolkit/ http://gitorious.org/oath-toolkit/" +SRC_URI="http://download.savannah.gnu.org/releases/${PN}/${P}.tar.gz" +LICENSE="GPL-3 LGPL-2.1" + +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="pam pskc test" + +RDEPEND=" + pam? ( virtual/pam ) + pskc? ( dev-libs/xmlsec )" +DEPEND="${RDEPEND} + test? ( dev-libs/libxml2 ) + dev-util/gtk-doc-am" + +src_prepare() { + # These tests need git/cvs and don't reflect anything in the final app + sed -i -r \ + -e '/TESTS/s,test-vc-list-files-(git|cvs).sh,,g' \ + gl/tests/Makefile.am + eautoreconf + default +} + +src_configure() { + econf \ + $(use_enable test xmltest ) \ + $(use_enable pam) \ + $(use_with pam pam-dir $(getpam_mod_dir)) \ + $(use_enable pskc) +} + +src_install() { + default + if use pam; then + newdoc pam_oath/README README.pam + fi + if use pskc; then + doman pskctool/pskctool.1 + fi +} + +src_test() { + # without keep-going, it will bail out after the first testsuite failure, + # skipping the other testsuites. as they are mostly independant, this sucks. + emake --keep-going check + [ $? -ne 0 ] && die "At least one testsuite failed" +} diff --git a/sys-auth/openpam/Manifest b/sys-auth/openpam/Manifest new file mode 100644 index 000000000000..ee008d61483a --- /dev/null +++ b/sys-auth/openpam/Manifest @@ -0,0 +1 @@ +DIST openpam-20140912.tar.gz 457600 SHA256 82bc29397fa68ce49742618e0affdaa9abd4341d9ffbe607f9b10cdf1242bc87 SHA512 c6cfbd669fe1b67af43a33c33bf2587e1512c27f1b96b9b38df37b81ecc4999d85e04b361b19a7265dbf271ebd3de3bd55342ee4fdbee9c68836b69714706423 WHIRLPOOL 35e066f131be15c9427ebf21c062e9274d4745f47ede2df2082135dc5eb4b568067be28f71d373d2bd5e4f93fbc6ec29ef7f0baa8a7cbc399ab679192ebd2e44 diff --git a/sys-auth/openpam/files/openpam-20130907-gentoo.patch b/sys-auth/openpam/files/openpam-20130907-gentoo.patch new file mode 100644 index 000000000000..89a63f26460d --- /dev/null +++ b/sys-auth/openpam/files/openpam-20130907-gentoo.patch @@ -0,0 +1,149 @@ +diff -Nur openpam-20130907.orig/include/security/Makefile.am openpam-20130907/include/security/Makefile.am +--- openpam-20130907.orig/include/security/Makefile.am 2013-09-07 22:28:00.000000000 +0900 ++++ openpam-20130907/include/security/Makefile.am 2013-11-26 23:24:54.000000000 +0900 +@@ -9,4 +9,5 @@ + pam_appl.h \ + pam_constants.h \ + pam_modules.h \ +- pam_types.h ++ pam_types.h \ ++ pam_mod_misc.h +diff -Nur openpam-20130907.orig/include/security/pam_mod_misc.h openpam-20130907/include/security/pam_mod_misc.h +--- openpam-20130907.orig/include/security/pam_mod_misc.h 1970-01-01 09:00:00.000000000 +0900 ++++ openpam-20130907/include/security/pam_mod_misc.h 2013-11-26 23:24:54.000000000 +0900 +@@ -0,0 +1,56 @@ ++/*- ++ * Copyright 1998 Juniper Networks, Inc. ++ * All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in the ++ * documentation and/or other materials provided with the distribution. ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND ++ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ++ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE ++ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL ++ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS ++ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT ++ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY ++ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF ++ * SUCH DAMAGE. ++ * ++ * $FreeBSD: src/lib/libpam/libpam/security/pam_mod_misc.h,v 1.12 2003/05/31 16:56:35 des Exp $ ++ */ ++ ++#ifndef PAM_MOD_MISC_H ++#define PAM_MOD_MISC_H ++ ++#include <sys/cdefs.h> ++ ++/* ++ * Common option names ++ */ ++#define PAM_OPT_NULLOK "nullok" ++#define PAM_OPT_AUTH_AS_SELF "auth_as_self" ++#define PAM_OPT_ECHO_PASS "echo_pass" ++#define PAM_OPT_DEBUG "debug" ++ ++__BEGIN_DECLS ++void _pam_verbose_error(pam_handle_t *, int, const char *, ++ const char *, const char *, ...); ++__END_DECLS ++ ++#define PAM_LOG(...) \ ++ openpam_log(PAM_LOG_DEBUG, __VA_ARGS__) ++ ++#define PAM_RETURN(arg) \ ++ return (arg) ++ ++#define PAM_VERBOSE_ERROR(...) \ ++ _pam_verbose_error(pamh, flags, __FILE__, __FUNCTION__, __VA_ARGS__) ++ ++#endif +diff -Nur openpam-20130907.orig/lib/libpam/Makefile.am openpam-20130907/lib/libpam/Makefile.am +--- openpam-20130907.orig/lib/libpam/Makefile.am 2013-09-07 22:28:00.000000000 +0900 ++++ openpam-20130907/lib/libpam/Makefile.am 2013-11-26 23:25:33.000000000 +0900 +@@ -75,6 +75,7 @@ + pam_verror.c \ + pam_vinfo.c \ + pam_vprompt.c \ ++ pam_debug_log.c \ + $(NULL) + + libpam_la_LDFLAGS = -no-undefined -version-info @LIB_MAJ@ +diff -Nur openpam-20130907.orig/lib/libpam/pam_debug_log.c openpam-20130907/lib/libpam/pam_debug_log.c +--- openpam-20130907.orig/lib/libpam/pam_debug_log.c 1970-01-01 09:00:00.000000000 +0900 ++++ openpam-20130907/lib/libpam/pam_debug_log.c 2013-11-26 23:24:54.000000000 +0900 +@@ -0,0 +1,64 @@ ++/*- ++ * Copyright 2001 Mark R V Murray ++ * All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in the ++ * documentation and/or other materials provided with the distribution. ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND ++ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ++ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE ++ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL ++ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS ++ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT ++ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY ++ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF ++ * SUCH DAMAGE. ++ */ ++ ++#include <sys/cdefs.h> ++ ++#ifndef __GLIBC__ ++#include <libgen.h> ++#endif ++ ++#include <stdarg.h> ++#include <stdio.h> ++#include <stdlib.h> ++#include <string.h> ++ ++#include <security/pam_appl.h> ++#include <security/openpam.h> ++#include <security/pam_mod_misc.h> ++ ++/* Print a verbose error, including the function name and a ++ * cleaned up filename. ++ */ ++void ++_pam_verbose_error(pam_handle_t *pamh, int flags, ++ const char *file, const char *function, const char *format, ...) ++{ ++ va_list ap; ++ char *fmtbuf, *modname, *period; ++ ++ if (!(flags & PAM_SILENT) && !openpam_get_option(pamh, "no_warn")) { ++ modname = basename(file); ++ period = strchr(modname, '.'); ++ if (period == NULL) ++ period = strchr(modname, '\0'); ++ va_start(ap, format); ++ asprintf(&fmtbuf, "%.*s: %s: %s\n", (int)(period - modname), ++ modname, function, format); ++ pam_verror(pamh, fmtbuf, ap); ++ free(fmtbuf); ++ va_end(ap); ++ } ++} diff --git a/sys-auth/openpam/files/openpam-20130907-module-dir.patch b/sys-auth/openpam/files/openpam-20130907-module-dir.patch new file mode 100644 index 000000000000..01afadbbfb8d --- /dev/null +++ b/sys-auth/openpam/files/openpam-20130907-module-dir.patch @@ -0,0 +1,15 @@ +diff --git a/openpam-20130907/lib/libpam/openpam_constants.c b/openpam-20130907/lib/libpam/openpam_constants.c +index 1cdd810..f66e469 100644 +--- a/openpam-20130907/lib/libpam/openpam_constants.c ++++ b/openpam-20130907/lib/libpam/openpam_constants.c +@@ -135,8 +135,8 @@ const char *openpam_policy_path[] = { + }; + + const char *openpam_module_path[] = { +-#ifdef OPENPAM_MODULES_DIRECTORY +- OPENPAM_MODULES_DIRECTORY, ++#ifdef OPENPAM_MODULES_DIR ++ OPENPAM_MODULES_DIR, + #else + "/usr/lib", + "/usr/local/lib", diff --git a/sys-auth/openpam/files/openpam-20130907-nbsd.patch b/sys-auth/openpam/files/openpam-20130907-nbsd.patch new file mode 100644 index 000000000000..9e76c9f30541 --- /dev/null +++ b/sys-auth/openpam/files/openpam-20130907-nbsd.patch @@ -0,0 +1,12 @@ +--- openpam-20050201.orig/lib/libpam/pam_debug_log.c 2006-02-18 01:15:39.000000000 -0200 ++++ openpam-20050201/lib/libpam/pam_debug_log.c 2006-02-18 01:16:30.000000000 -0200 +@@ -47,7 +47,8 @@ + const char *file, const char *function, const char *format, ...) + { + va_list ap; +- char *fmtbuf, *modname, *period; ++ char *fmtbuf; ++ const char *modname, *period; + + if (!(flags & PAM_SILENT) && !openpam_get_option(pamh, "no_warn")) { + modname = basename(file); diff --git a/sys-auth/openpam/metadata.xml b/sys-auth/openpam/metadata.xml new file mode 100644 index 000000000000..35d02a20bf1c --- /dev/null +++ b/sys-auth/openpam/metadata.xml @@ -0,0 +1,8 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <herd>bsd</herd> + <upstream> + <remote-id type="sourceforge">openpam</remote-id> + </upstream> +</pkgmetadata> diff --git a/sys-auth/openpam/openpam-20140912.ebuild b/sys-auth/openpam/openpam-20140912.ebuild new file mode 100644 index 000000000000..4151bd76a491 --- /dev/null +++ b/sys-auth/openpam/openpam-20140912.ebuild @@ -0,0 +1,50 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="5" + +AUTOTOOLS_AUTORECONF=1 +AUTOTOOLS_PRUNE_LIBTOOL_FILES=all + +inherit multilib autotools-multilib + +DESCRIPTION="Open source PAM library" +HOMEPAGE="http://www.openpam.org/" +SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz" + +LICENSE="BSD" +SLOT="0" +KEYWORDS="~amd64-fbsd ~sparc-fbsd ~x86-fbsd" +IUSE="debug vim-syntax" + +RDEPEND="!sys-libs/pam" +DEPEND="sys-devel/make + dev-lang/perl" +PDEPEND="sys-auth/pambase + vim-syntax? ( app-vim/pam-syntax )" + +PATCHES=( + "${FILESDIR}/${PN}-20130907-gentoo.patch" + "${FILESDIR}/${PN}-20130907-nbsd.patch" + "${FILESDIR}/${PN}-20130907-module-dir.patch" + ) + +DOCS=( CREDITS HISTORY RELNOTES README ) + +src_prepare() { + sed -i -e 's:-Werror::' "${S}/configure.ac" + + autotools-multilib_src_prepare +} + +my_configure() { + local myeconfargs=( + --with-modules-dir=/$(get_libdir)/security + ) + autotools-utils_src_configure +} + +src_configure() { + multilib_parallel_foreach_abi my_configure +} diff --git a/sys-auth/otpcalc/Manifest b/sys-auth/otpcalc/Manifest new file mode 100644 index 000000000000..36425b6a8fc6 --- /dev/null +++ b/sys-auth/otpcalc/Manifest @@ -0,0 +1 @@ +DIST otpCalc-0.97.tar.gz 123704 SHA256 e2c19fa6178ed42f0576650db6f94942cac366feadf82c2a679b35197c65f745 SHA512 5d22bd01fe90b32801d6f1c5ac3105036c14ac8197dda3c8454974ec72830a5f8cd693bd0520a51defdb0a7c7703483770410ba560436168826f8b6133a2524f WHIRLPOOL f73c745e336e9196003869c76cbf30a69dd94fde2549a2cd3391de531b36e36504e4d5c779159f254c425f69381be3bae05f0cdd13a1a920d593f82db0052459 diff --git a/sys-auth/otpcalc/files/otpcalc-0.97-badindex.diff b/sys-auth/otpcalc/files/otpcalc-0.97-badindex.diff new file mode 100644 index 000000000000..53a32c4e1cc8 --- /dev/null +++ b/sys-auth/otpcalc/files/otpcalc-0.97-badindex.diff @@ -0,0 +1,13 @@ +Allocate enough elements for array of func ptrs, bug 123976. + +--- otpCalc-0.97.orig/callbacks.c ++++ otpCalc-0.97/callbacks.c +@@ -81,7 +81,7 @@ + void calculate(void) + { + +- void (*hashes[4])(); ++ void (*hashes[5])(); + + gchar *challenge, *passwd, *message, *response; + struct tokens *set; diff --git a/sys-auth/otpcalc/files/otpcalc-0.97-gtk-deprecated.patch b/sys-auth/otpcalc/files/otpcalc-0.97-gtk-deprecated.patch new file mode 100644 index 000000000000..83661773193b --- /dev/null +++ b/sys-auth/otpcalc/files/otpcalc-0.97-gtk-deprecated.patch @@ -0,0 +1,261 @@ +Do not use deprecated GTK symbols. +Use accessor functions for GTK struct members. + +--- otpCalc-0.97-orig/callbacks.c ++++ otpCalc-0.97/callbacks.c +@@ -65,14 +65,16 @@ + + bu_about_close = gtk_button_new_with_label("Close"); + +- gtk_container_add(GTK_CONTAINER(GTK_DIALOG(di_about)->vbox), ++ gtk_container_add(GTK_CONTAINER(gtk_dialog_get_content_area( ++ GTK_DIALOG(di_about))), + la_about); +- gtk_container_add(GTK_CONTAINER(GTK_DIALOG(di_about)->action_area), ++ gtk_container_add(GTK_CONTAINER(gtk_dialog_get_action_area( ++ GTK_DIALOG(di_about))), + bu_about_close); + +- gtk_signal_connect_object(GTK_OBJECT(bu_about_close), "clicked", +- GTK_SIGNAL_FUNC(gtk_widget_destroy), +- (gpointer)di_about); ++ g_signal_connect_swapped(G_OBJECT(bu_about_close), "clicked", ++ G_CALLBACK(gtk_widget_destroy), ++ (gpointer)di_about); + + gtk_widget_show_all(di_about); + +@@ -176,10 +178,11 @@ + ); + gtk_misc_set_padding(GTK_MISC(la_netwarn), 10, 10); + gtk_label_set_line_wrap(GTK_LABEL(la_netwarn), TRUE); +- gtk_container_add(GTK_CONTAINER(GTK_DIALOG(di_netwarn)->vbox), ++ gtk_container_add(GTK_CONTAINER(gtk_dialog_get_content_area( ++ GTK_DIALOG(di_netwarn))), + la_netwarn); + +- aa_netwarn = GTK_DIALOG(di_netwarn)->action_area; ++ aa_netwarn = gtk_dialog_get_action_area(GTK_DIALOG(di_netwarn)); + + bu_netwarn_ok = gtk_button_new_with_label("Yes"); + gtk_container_add(GTK_CONTAINER(aa_netwarn), bu_netwarn_ok); +@@ -187,12 +190,12 @@ + bu_netwarn_canc = gtk_button_new_with_label("No"); + gtk_container_add(GTK_CONTAINER(aa_netwarn), bu_netwarn_canc); + +- gtk_signal_connect_object(GTK_OBJECT(bu_netwarn_ok), "clicked", +- GTK_SIGNAL_FUNC(gtk_widget_destroy), +- (gpointer)di_netwarn); ++ g_signal_connect_swapped(G_OBJECT(bu_netwarn_ok), "clicked", ++ G_CALLBACK(gtk_widget_destroy), ++ (gpointer)di_netwarn); + +- gtk_signal_connect_object(GTK_OBJECT(bu_netwarn_canc), "clicked", +- GTK_SIGNAL_FUNC(gtk_main_quit), NULL); ++ g_signal_connect_swapped(G_OBJECT(bu_netwarn_canc), "clicked", ++ G_CALLBACK(gtk_main_quit), NULL); + + gtk_widget_show_all(di_netwarn); + +@@ -207,13 +210,13 @@ + unsigned short parsed; + + +- if (selection->length < 1) ++ if (gtk_selection_data_get_length(selection) < 1) + return; + + set = g_malloc(sizeof(struct tokens)); +- set->seed = g_malloc(selection->length); ++ set->seed = g_malloc(gtk_selection_data_get_length(selection)); + +- parsed = parse(selection->data, set); ++ parsed = parse(gtk_selection_data_get_data(selection), set); + + g_free(set->seed); + g_free(set); +@@ -221,7 +224,8 @@ + if (!parsed) + return; + +- gtk_entry_set_text(GTK_ENTRY(te_challenge), selection->data); ++ gtk_entry_set_text(GTK_ENTRY(te_challenge), ++ gtk_selection_data_get_data(selection)); + + } + +--- otpCalc-0.97-orig/gui.c ++++ otpCalc-0.97/gui.c +@@ -51,17 +51,17 @@ + /* Setup the main window... */ + wi_top = gtk_window_new(GTK_WINDOW_TOPLEVEL); + gtk_window_set_title(GTK_WINDOW(wi_top), "otpCalc"); +- gtk_window_set_policy(GTK_WINDOW(wi_top), FALSE, FALSE, TRUE); ++ gtk_window_set_resizable(GTK_WINDOW(wi_top), FALSE); + gtk_window_set_wmclass(GTK_WINDOW(wi_top), "otpCalc", "Calc"); + +- gtk_signal_connect(GTK_OBJECT(wi_top), "delete_event", +- GTK_SIGNAL_FUNC(gtk_main_quit), NULL); ++ g_signal_connect(G_OBJECT(wi_top), "delete_event", ++ G_CALLBACK(gtk_main_quit), NULL); + +- gtk_signal_connect(GTK_OBJECT(wi_top), "focus_in_event", +- GTK_SIGNAL_FUNC(focus), NULL); ++ g_signal_connect(G_OBJECT(wi_top), "focus_in_event", ++ G_CALLBACK(focus), NULL); + +- gtk_signal_connect(GTK_OBJECT(wi_top), "selection_received", +- GTK_SIGNAL_FUNC(selector), NULL); ++ g_signal_connect(G_OBJECT(wi_top), "selection_received", ++ G_CALLBACK(selector), NULL); + /* Done. */ + + +@@ -82,9 +82,9 @@ + /* Setup the file menu... */ + me_file = gtk_menu_new(); + mi_file_quit = gtk_menu_item_new_with_label("Quit"); +- gtk_menu_append(GTK_MENU(me_file), mi_file_quit); +- gtk_signal_connect_object(GTK_OBJECT(mi_file_quit), "activate", +- GTK_SIGNAL_FUNC(gtk_main_quit), NULL); ++ gtk_menu_shell_append(GTK_MENU_SHELL(me_file), mi_file_quit); ++ g_signal_connect_swapped(G_OBJECT(mi_file_quit), "activate", ++ G_CALLBACK(gtk_main_quit), NULL); + + gtk_widget_add_accelerator(mi_file_quit, "activate", accel_group, 0x071, + GDK_CONTROL_MASK, GTK_ACCEL_VISIBLE); +@@ -97,40 +97,45 @@ + me_sett = gtk_menu_new(); + + mi_sett_sha1 = gtk_radio_menu_item_new_with_label(hashes, "sha1"); +- gtk_menu_append(GTK_MENU(me_sett), mi_sett_sha1); +- gtk_signal_connect_object(GTK_OBJECT(mi_sett_sha1), "activate", +- GTK_SIGNAL_FUNC(sethash), (void *)SHA1); +- hashes = gtk_radio_menu_item_group(GTK_RADIO_MENU_ITEM(mi_sett_sha1)); ++ gtk_menu_shell_append(GTK_MENU_SHELL(me_sett), mi_sett_sha1); ++ g_signal_connect_swapped(G_OBJECT(mi_sett_sha1), "activate", ++ G_CALLBACK(sethash), (void *)SHA1); ++ hashes = gtk_radio_menu_item_get_group( ++ GTK_RADIO_MENU_ITEM(mi_sett_sha1)); + gtk_widget_show(mi_sett_sha1); + + mi_sett_rmd160 = gtk_radio_menu_item_new_with_label(hashes, "rmd160"); +- gtk_menu_append(GTK_MENU(me_sett), mi_sett_rmd160); +- gtk_signal_connect_object(GTK_OBJECT(mi_sett_rmd160), "activate", +- GTK_SIGNAL_FUNC(sethash), (void *)RMD160); +- hashes = gtk_radio_menu_item_group(GTK_RADIO_MENU_ITEM(mi_sett_rmd160)); ++ gtk_menu_shell_append(GTK_MENU_SHELL(me_sett), mi_sett_rmd160); ++ g_signal_connect_swapped(G_OBJECT(mi_sett_rmd160), "activate", ++ G_CALLBACK(sethash), (void *)RMD160); ++ hashes = gtk_radio_menu_item_get_group( ++ GTK_RADIO_MENU_ITEM(mi_sett_rmd160)); + gtk_widget_show(mi_sett_rmd160); + + mi_sett_md5 = gtk_radio_menu_item_new_with_label(hashes, "md5"); +- gtk_menu_append(GTK_MENU(me_sett), mi_sett_md5); +- gtk_signal_connect_object(GTK_OBJECT(mi_sett_md5), "activate", +- GTK_SIGNAL_FUNC(sethash), (void *)MD5); +- hashes = gtk_radio_menu_item_group(GTK_RADIO_MENU_ITEM(mi_sett_md5)); ++ gtk_menu_shell_append(GTK_MENU_SHELL(me_sett), mi_sett_md5); ++ g_signal_connect_swapped(G_OBJECT(mi_sett_md5), "activate", ++ G_CALLBACK(sethash), (void *)MD5); ++ hashes = gtk_radio_menu_item_get_group( ++ GTK_RADIO_MENU_ITEM(mi_sett_md5)); + gtk_widget_show(mi_sett_md5); + + gtk_check_menu_item_set_active(GTK_CHECK_MENU_ITEM(mi_sett_md5), TRUE); + + mi_sett_md4 = gtk_radio_menu_item_new_with_label(hashes, "md4"); +- gtk_menu_append(GTK_MENU(me_sett), mi_sett_md4); +- gtk_signal_connect_object(GTK_OBJECT(mi_sett_md4), "activate", +- GTK_SIGNAL_FUNC(sethash), (void *)MD4); +- hashes = gtk_radio_menu_item_group(GTK_RADIO_MENU_ITEM(mi_sett_md4)); ++ gtk_menu_shell_append(GTK_MENU_SHELL(me_sett), mi_sett_md4); ++ g_signal_connect_swapped(G_OBJECT(mi_sett_md4), "activate", ++ G_CALLBACK(sethash), (void *)MD4); ++ hashes = gtk_radio_menu_item_get_group( ++ GTK_RADIO_MENU_ITEM(mi_sett_md4)); + gtk_widget_show(mi_sett_md4); + + mi_sett_skey = gtk_radio_menu_item_new_with_label(hashes, "s/key"); +- gtk_menu_append(GTK_MENU(me_sett), mi_sett_skey); +- gtk_signal_connect_object(GTK_OBJECT(mi_sett_skey), "activate", +- GTK_SIGNAL_FUNC(sethash), (void *)SKEY); +- hashes = gtk_radio_menu_item_group(GTK_RADIO_MENU_ITEM(mi_sett_skey)); ++ gtk_menu_shell_append(GTK_MENU_SHELL(me_sett), mi_sett_skey); ++ g_signal_connect_swapped(G_OBJECT(mi_sett_skey), "activate", ++ G_CALLBACK(sethash), (void *)SKEY); ++ hashes = gtk_radio_menu_item_get_group( ++ GTK_RADIO_MENU_ITEM(mi_sett_skey)); + gtk_widget_show(mi_sett_skey); + /* Done. */ + +@@ -138,9 +143,9 @@ + /* Setup the help menu... */ + me_help = gtk_menu_new(); + mi_help_about = gtk_menu_item_new_with_label("About..."); +- gtk_menu_append(GTK_MENU(me_help), mi_help_about); +- gtk_signal_connect_object(GTK_OBJECT(mi_help_about), "activate", +- GTK_SIGNAL_FUNC(about), NULL); ++ gtk_menu_shell_append(GTK_MENU_SHELL(me_help), mi_help_about); ++ g_signal_connect_swapped(G_OBJECT(mi_help_about), "activate", ++ G_CALLBACK(about), NULL); + gtk_widget_show(mi_help_about); + /* Done. */ + +@@ -156,18 +161,18 @@ + mi_file = gtk_menu_item_new_with_label("File"); + gtk_widget_show(mi_file); + gtk_menu_item_set_submenu(GTK_MENU_ITEM(mi_file), me_file); +- gtk_menu_bar_append(GTK_MENU_BAR(mb_top), mi_file); ++ gtk_menu_shell_append(GTK_MENU_SHELL(mb_top), mi_file); + + mi_sett = gtk_menu_item_new_with_label("Settings"); + gtk_widget_show(mi_sett); + gtk_menu_item_set_submenu(GTK_MENU_ITEM(mi_sett), me_sett); +- gtk_menu_bar_append(GTK_MENU_BAR(mb_top), mi_sett); ++ gtk_menu_shell_append(GTK_MENU_SHELL(mb_top), mi_sett); + + mi_help = gtk_menu_item_new_with_label("Help"); + gtk_widget_show(mi_help); + gtk_menu_item_set_submenu(GTK_MENU_ITEM(mi_help), me_help); +- gtk_menu_bar_append(GTK_MENU_BAR(mb_top), mi_help); +- gtk_menu_item_right_justify(GTK_MENU_ITEM(mi_help)); ++ gtk_menu_shell_append(GTK_MENU_SHELL(mb_top), mi_help); ++ gtk_menu_item_set_right_justified(GTK_MENU_ITEM(mi_help), TRUE); + /* Done. */ + + +@@ -208,8 +213,8 @@ + (GtkAttachOptions)(0), 5, 0); + gtk_widget_show(bu_calc); + +- gtk_signal_connect_object(GTK_OBJECT(bu_calc), "clicked", +- GTK_SIGNAL_FUNC(calculate), NULL); ++ g_signal_connect_swapped(G_OBJECT(bu_calc), "clicked", ++ G_CALLBACK(calculate), NULL); + /* Done. */ + + +@@ -221,8 +226,8 @@ + gtk_entry_set_visibility(GTK_ENTRY(te_passwd), FALSE); + gtk_widget_show(te_passwd); + +- gtk_signal_connect(GTK_OBJECT(te_passwd), "activate", +- GTK_SIGNAL_FUNC(click), bu_calc); ++ g_signal_connect(G_OBJECT(te_passwd), "activate", ++ G_CALLBACK(click), bu_calc); + /* Done. */ + + +@@ -234,8 +239,8 @@ + (GtkAttachOptions)(0), 5, 0); + gtk_widget_show(bu_clear); + +- gtk_signal_connect(GTK_OBJECT(bu_clear), "clicked", +- GTK_SIGNAL_FUNC(clear), NULL); ++ g_signal_connect(G_OBJECT(bu_clear), "clicked", ++ G_CALLBACK(clear), NULL); + /* Done. */ + + diff --git a/sys-auth/otpcalc/files/otpcalc-0.97-gtk2-gentoo.patch b/sys-auth/otpcalc/files/otpcalc-0.97-gtk2-gentoo.patch new file mode 100644 index 000000000000..f781b7372c43 --- /dev/null +++ b/sys-auth/otpcalc/files/otpcalc-0.97-gtk2-gentoo.patch @@ -0,0 +1,72 @@ +Make it work with GTK+ 2. + +--- otpCalc-0.97-orig/Makefile.in ++++ otpCalc-0.97/Makefile.in +@@ -3,8 +3,8 @@ + + CC = @CC@ + DEFS = -DVERSION=\"$(VER)\" @DEFS@ +-CFLAGS = -s -O3 -Wall -pipe `gtk-config --cflags` +-LIBS = `gtk-config --libs` @LIBS@ ++CFLAGS = -s -O3 -Wall -pipe `pkg-config --cflags gtk+-2.0` ++LIBS = `pkg-config --libs gtk+-2.0` @LIBS@ + + prefix = @prefix@ + exec_prefix = @exec_prefix@ +--- otpCalc-0.97-orig/callbacks.c ++++ otpCalc-0.97/callbacks.c +@@ -236,7 +236,7 @@ + } + + +-void focus(GtkWidget *widget, gpointer data) ++gboolean focus(GtkWidget *widget, GdkEvent *event, gpointer data) + { + + static GdkAtom targets; +@@ -244,12 +244,12 @@ + + + if (!autopaste) +- return; ++ return FALSE; + + targets = gdk_atom_intern("STRING", FALSE); + + gtk_selection_convert(widget, GDK_SELECTION_PRIMARY, targets, + GDK_CURRENT_TIME); + +- ++ return FALSE; + } +--- otpCalc-0.97-orig/gui.c ++++ otpCalc-0.97/gui.c +@@ -29,7 +29,7 @@ + GtkWidget *te_response; + + unsigned short hash; +-unsigned short newline = 1; ++unsigned short newline = 0; + unsigned short autopaste = 1; + + int main(int argc, char *argv[]) +@@ -147,7 +147,7 @@ + + /* Setup the menu bar... */ + mb_top = gtk_menu_bar_new(); +- gtk_menu_bar_set_shadow_type(GTK_MENU_BAR(mb_top), GTK_SHADOW_NONE); ++ /*gtk_menu_bar_set_shadow_type(GTK_MENU_BAR(mb_top), GTK_SHADOW_NONE);*/ + gtk_table_attach(GTK_TABLE(ta_top), mb_top, 0, 3, 0, 1, + (GtkAttachOptions)(GTK_FILL), + (GtkAttachOptions)(0), 0, 0); +--- otpCalc-0.97-orig/utility.c ++++ otpCalc-0.97/utility.c +@@ -422,7 +422,7 @@ + words[extract(message, 33, 11)], + words[extract(message, 44, 11)], + words[extract(message, 55, 11)], +- (newline == 1) ? "\n" : NULL); ++ (newline == 1) ? "\n" : ""); + + return response; + diff --git a/sys-auth/otpcalc/files/otpcalc-0.97-sha1-byteorder.patch b/sys-auth/otpcalc/files/otpcalc-0.97-sha1-byteorder.patch new file mode 100644 index 000000000000..79f869ad1f7e --- /dev/null +++ b/sys-auth/otpcalc/files/otpcalc-0.97-sha1-byteorder.patch @@ -0,0 +1,53 @@ +Fix SHA1 byte-order issue for conformance with RFC 2289. + +--- otpCalc-0.97-orig/crypto.c ++++ otpCalc-0.97/crypto.c +@@ -199,6 +199,8 @@ + for (i = 0; i < 4; i++) + digest[i] ^= digest[i+16]; + +- memcpy(message, digest, 8); ++ /* Fix byte order, as required by RFC 2289 Appendix A */ ++ for (i = 0; i < 8; i++) ++ message[i] = digest[i^3]; + + } +--- otpCalc-0.97-orig/sha1.h ++++ otpCalc-0.97/sha1.h +@@ -1,3 +1,5 @@ ++#include "config.h" ++ + #ifndef i386 + typedef long int int64; + typedef unsigned long int uint64; +@@ -28,7 +30,7 @@ + + #define rol(value, bits) (((value) << (bits)) | ((value) >> (32 - (bits)))) + +-#ifdef WORDS_BIGENDIAN ++#ifndef WORDS_BIGENDIAN + #define blk0(i) (block->l[i] = (rol(block->l[i],24)&0xFF00FF00) \ + |(rol(block->l[i],8)&0x00FF00FF)) + #else +--- otpCalc-0.97-orig/otpCalc.man ++++ otpCalc-0.97/otpCalc.man +@@ -47,9 +47,6 @@ + RFC 2289, RFC 1740 + .SH "AUTHOR" + Anthony D. Urso <anthonyu@killa.net>. +-.SH "BUGS" +-SHA1 output differs from RFC2289; however, the output is consistant with +-other implementations. + .SH "COPYRIGHT" + Copyright \(co 2001 Anthony D. Urso. + .br +--- otpCalc-0.97-orig/BUGS ++++ otpCalc-0.97/BUGS +@@ -16,3 +16,7 @@ + + Thanks, + Anthony ++ ++Note: Above-mentioned SHA1 issue is fixed in the Gentoo version. ++The output now agrees with RFC 2289 and with S/Key. ++ - Ulrich Mueller <ulm@gentoo.org> diff --git a/sys-auth/otpcalc/files/otpcalc-0.97-skey-md5.patch b/sys-auth/otpcalc/files/otpcalc-0.97-skey-md5.patch new file mode 100644 index 000000000000..39ab2675b210 --- /dev/null +++ b/sys-auth/otpcalc/files/otpcalc-0.97-skey-md5.patch @@ -0,0 +1,24 @@ +Change default s/key hash to MD5 (same as sys-auth/skey). + +--- otpCalc-0.97-orig/callbacks.c ++++ otpCalc-0.97/callbacks.c +@@ -90,7 +90,7 @@ + unsigned char results[9]; + + +- hashes[SKEY] = md4lite; ++ hashes[SKEY] = md5lite; + hashes[MD4] = md4lite; + hashes[MD5] = md5lite; + hashes[RMD160] = rmd160lite; +--- otpCalc-0.97-orig/otpCalc.man ++++ otpCalc-0.97/otpCalc.man +@@ -30,7 +30,7 @@ + cb l + cb l + cb l. +-s/key#MD4 ++s/key#MD5 + otp-md4#MD4 + otp-md5#MD5 + otp-rmd160#RIPEMD-160 diff --git a/sys-auth/otpcalc/files/otpcalc-crypto-proto.diff b/sys-auth/otpcalc/files/otpcalc-crypto-proto.diff new file mode 100644 index 000000000000..05ba89fc1fe4 --- /dev/null +++ b/sys-auth/otpcalc/files/otpcalc-crypto-proto.diff @@ -0,0 +1,13 @@ +Correct crypto prototypes, bug 123993. + +--- otpCalc-0.97.orig/crypto.h ++++ otpCalc-0.97/crypto.h +@@ -1,4 +1,4 @@ +-void md4lite(char *, size_t); +-void md5lite(char *, size_t); +-void rmd160lite(char *, size_t); +-void sha1lite(char *, size_t); ++void md4lite(char *message, unsigned int len); ++void md5lite(char *message, unsigned int len); ++void rmd160lite(char *message, unsigned int len); ++void sha1lite(char *message, unsigned int len); diff --git a/sys-auth/otpcalc/files/otpcalc-man-table-format.diff b/sys-auth/otpcalc/files/otpcalc-man-table-format.diff new file mode 100644 index 000000000000..bbd767ef215a --- /dev/null +++ b/sys-auth/otpcalc/files/otpcalc-man-table-format.diff @@ -0,0 +1,35 @@ +Make missing list appear in man page, bug 90900. + +--- otpCalc.man.orig ++++ otpCalc.man +@@ -24,18 +24,20 @@ + the Challenge input: + .IP + .TS +-s/key MD4 +-.br +-otp-md4 MD4 +-.br +-otp-md5 MD5 +-.br +-otp-rmd160 RIPEMD-160 +-.br +-otp-sha1 SHA1 +-.br ++allbox tab(#); ++cb l ++cb l ++cb l ++cb l ++cb l. ++s/key#MD4 ++otp-md4#MD4 ++otp-md5#MD5 ++otp-rmd160#RIPEMD-160 ++otp-sha1#SHA1 + .TE + .LP ++.LP + In the absence of a prefix, the default hash, specified in the Settings menu, + is used. + .SH "SEE ALSO" diff --git a/sys-auth/otpcalc/files/otpcalc.desktop b/sys-auth/otpcalc/files/otpcalc.desktop new file mode 100644 index 000000000000..25c84065238f --- /dev/null +++ b/sys-auth/otpcalc/files/otpcalc.desktop @@ -0,0 +1,8 @@ +[Desktop Entry] +Type=Application +Version=1.0 +Name=otpCalc +Comment=One Time Password and S/Key calculator +Icon=dialog-password +Exec=otpCalc +Categories=Utility;GTK;System;Security; diff --git a/sys-auth/otpcalc/metadata.xml b/sys-auth/otpcalc/metadata.xml new file mode 100644 index 000000000000..16b496842e5c --- /dev/null +++ b/sys-auth/otpcalc/metadata.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<maintainer> + <email>ulm@gentoo.org</email> +</maintainer> +<longdescription lang="en"> + otpCalc is an RFC2289 and RFC1760 compliant one time password calculator, + written to use the GTK+ library for screen I/O. +</longdescription> +</pkgmetadata> diff --git a/sys-auth/otpcalc/otpcalc-0.97-r6.ebuild b/sys-auth/otpcalc/otpcalc-0.97-r6.ebuild new file mode 100644 index 000000000000..7820ae85e2f3 --- /dev/null +++ b/sys-auth/otpcalc/otpcalc-0.97-r6.ebuild @@ -0,0 +1,54 @@ +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +inherit eutils toolchain-funcs + +DESCRIPTION="A One Time Password and S/Key calculator for X" +HOMEPAGE="http://killa.net/infosec/otpCalc/" +SRC_URI="http://killa.net/infosec/otpCalc/otpCalc-${PV}.tar.gz" + +LICENSE="GPL-2+" # bundled crypto functions are not used +SLOT="0" +KEYWORDS="alpha amd64 ppc sparc x86" +IUSE="" + +RDEPEND="x11-libs/gtk+:2 + dev-libs/openssl" +DEPEND="${RDEPEND} + virtual/pkgconfig" + +S="${WORKDIR}/otpCalc-${PV}" + +src_prepare() { + epatch \ + "${FILESDIR}/${PN}-man-table-format.diff" \ + "${FILESDIR}/${P}-badindex.diff" \ + "${FILESDIR}/${PN}-crypto-proto.diff" \ + "${FILESDIR}/${P}-gtk2-gentoo.patch" \ + "${FILESDIR}/${P}-skey-md5.patch" \ + "${FILESDIR}/${P}-sha1-byteorder.patch" \ + "${FILESDIR}/${P}-gtk-deprecated.patch" + + # print correct version in manpage + sed -i -e "s/VERSION/${PV}/g" otpCalc.man || die + + # override hardcoded FLAGS + sed -i \ + -e 's:$(CC) $(CFLAGS) $^:$(CC) $(LDFLAGS) $(CFLAGS) $^:' \ + -e "s#-s -O3#${CFLAGS}#g" \ + Makefile.in || die + + tc-export CC +} + +src_install() { + dobin otpCalc + dosym otpCalc /usr/bin/otpcalc + newman otpCalc.man otpCalc.1 + newman - otpcalc.1 <<<".so man1/otpCalc.1" + domenu "${FILESDIR}/${PN}.desktop" + dodoc BUGS ChangeLog TODO +} diff --git a/sys-auth/pam-afs-session/Manifest b/sys-auth/pam-afs-session/Manifest new file mode 100644 index 000000000000..6d51c4a1437d --- /dev/null +++ b/sys-auth/pam-afs-session/Manifest @@ -0,0 +1,3 @@ +DIST pam-afs-session-1.3.tar.gz 98643 SHA256 f8cfaf01d0f3025ab6d51c55cf26746a4ddd63dd9156577981ee4cbb453856a9 +DIST pam-afs-session-1.5.tar.gz 101464 SHA256 473b8b1904f0ed1c3748667b037f92aff765f9c8f60e650d81452c6394e26768 +DIST pam-afs-session-1.6.tar.gz 115666 SHA256 c6ecfc69dc8e901f881f0a931797b44a10f47c8c35206e9289336d9435a9f2f8 diff --git a/sys-auth/pam-afs-session/metadata.xml b/sys-auth/pam-afs-session/metadata.xml new file mode 100644 index 000000000000..81ada335fc94 --- /dev/null +++ b/sys-auth/pam-afs-session/metadata.xml @@ -0,0 +1,5 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<herd>pam</herd> +</pkgmetadata> diff --git a/sys-auth/pam-afs-session/pam-afs-session-1.3.ebuild b/sys-auth/pam-afs-session/pam-afs-session-1.3.ebuild new file mode 100644 index 000000000000..33d10d6f4f9f --- /dev/null +++ b/sys-auth/pam-afs-session/pam-afs-session-1.3.ebuild @@ -0,0 +1,28 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +inherit pam + +DESCRIPTION="OpenAFS PAM Module" +HOMEPAGE="http://www.eyrie.org/~eagle/software/pam-afs-session/" +SRC_URI="http://archives.eyrie.org/software/afs/${P}.tar.gz" + +LICENSE="HPND openafs-krb5-a" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="" + +DEPEND="virtual/krb5 virtual/pam" +RDEPEND="${DEPEND}" + +src_compile() { + econf --with-kerberos || die "econf failed" + emake || die "emake failed" +} + +src_install() { + dopammod pam_afs_session.so + doman pam_afs_session.5 + dodoc CHANGES NEWS README TODO +} diff --git a/sys-auth/pam-afs-session/pam-afs-session-1.5.ebuild b/sys-auth/pam-afs-session/pam-afs-session-1.5.ebuild new file mode 100644 index 000000000000..33d10d6f4f9f --- /dev/null +++ b/sys-auth/pam-afs-session/pam-afs-session-1.5.ebuild @@ -0,0 +1,28 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +inherit pam + +DESCRIPTION="OpenAFS PAM Module" +HOMEPAGE="http://www.eyrie.org/~eagle/software/pam-afs-session/" +SRC_URI="http://archives.eyrie.org/software/afs/${P}.tar.gz" + +LICENSE="HPND openafs-krb5-a" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="" + +DEPEND="virtual/krb5 virtual/pam" +RDEPEND="${DEPEND}" + +src_compile() { + econf --with-kerberos || die "econf failed" + emake || die "emake failed" +} + +src_install() { + dopammod pam_afs_session.so + doman pam_afs_session.5 + dodoc CHANGES NEWS README TODO +} diff --git a/sys-auth/pam-afs-session/pam-afs-session-1.6.ebuild b/sys-auth/pam-afs-session/pam-afs-session-1.6.ebuild new file mode 100644 index 000000000000..33d10d6f4f9f --- /dev/null +++ b/sys-auth/pam-afs-session/pam-afs-session-1.6.ebuild @@ -0,0 +1,28 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +inherit pam + +DESCRIPTION="OpenAFS PAM Module" +HOMEPAGE="http://www.eyrie.org/~eagle/software/pam-afs-session/" +SRC_URI="http://archives.eyrie.org/software/afs/${P}.tar.gz" + +LICENSE="HPND openafs-krb5-a" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="" + +DEPEND="virtual/krb5 virtual/pam" +RDEPEND="${DEPEND}" + +src_compile() { + econf --with-kerberos || die "econf failed" + emake || die "emake failed" +} + +src_install() { + dopammod pam_afs_session.so + doman pam_afs_session.5 + dodoc CHANGES NEWS README TODO +} diff --git a/sys-auth/pam-csync/Manifest b/sys-auth/pam-csync/Manifest new file mode 100644 index 000000000000..3ddef839ee5c --- /dev/null +++ b/sys-auth/pam-csync/Manifest @@ -0,0 +1 @@ +DIST pam_csync-0.42.0.tar.gz 30457 SHA256 bba01854ee5929ecc90428275a50f804d361e92f2805f1d2eff7d3f2bca48802 SHA512 ef6d0fbadf6afdf5a5adad1905e976330506fdf60835aa4190959b855fbc2c4c61bd709fe2aaaab731ec5430c999b3fd5e23f3a81c35a7b266b23cd092d24e06 WHIRLPOOL b81a0a9ad1e0188856cc6ffc265c44cc67a3603fb550bc59c4aa8a63198a9898d389238a7582c439add1528eaba6bf2aa930d65dd3429c901d9e6b3ecb2328ac diff --git a/sys-auth/pam-csync/files/pam-csync-0.42.0-cmake.patch b/sys-auth/pam-csync/files/pam-csync-0.42.0-cmake.patch new file mode 100644 index 000000000000..2b650d232e2a --- /dev/null +++ b/sys-auth/pam-csync/files/pam-csync-0.42.0-cmake.patch @@ -0,0 +1,25 @@ +From 21dfcf6343cec2feb0e4ebd8b9e22a3aa39e5d9d Mon Sep 17 00:00:00 2001 +From: Jim McDonough <jmcd@samba.org> +Date: Mon, 10 Mar 2014 10:16:28 -0400 +Subject: [PATCH 1/2] Remove backward compatibility option for newer cmake + builds to work. + +--- + src/CMakeLists.txt | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt +index 6732a3f..40225e4 100644 +--- a/src/CMakeLists.txt ++++ b/src/CMakeLists.txt +@@ -41,7 +41,6 @@ include_directories( + ${PAM_CSYNC_PRIVATE_INCLUDE_DIRS} + ) + +-set(CMAKE_BACKWARDS_COMPATIBILITY "2.2") + macro_add_plugin(${PAM_CSYNC_LIBRARY} ${pam_SRCS}) + + target_link_libraries(${PAM_CSYNC_LINK_LIBRARIES}) +-- +1.8.4.5 + diff --git a/sys-auth/pam-csync/files/pam-csync-0.42.0-ocsync.patch b/sys-auth/pam-csync/files/pam-csync-0.42.0-ocsync.patch new file mode 100644 index 000000000000..117a2b0db26f --- /dev/null +++ b/sys-auth/pam-csync/files/pam-csync-0.42.0-ocsync.patch @@ -0,0 +1,33 @@ +Since 0.60.0, upstream renamed to "ocsync". + +--- cmake/Modules/FindCSYNC.cmake ++++ cmake/Modules/FindCSYNC.cmake +@@ -20,7 +20,7 @@ + else (CSYNC_LIBRARIES AND CSYNC_INCLUDE_DIRS) + find_path(CSYNC_INCLUDE_DIR + NAMES +- csync/csync.h ++ ocsync/csync.h + PATHS + /usr/include + /usr/local/include +@@ -30,7 +30,7 @@ + + find_library(CSYNC_LIBRARY + NAMES +- csync ++ ocsync + PATHS + /usr/lib + /usr/local/lib +--- src/pam_csync.c ++++ src/pam_csync.c +@@ -50,7 +50,7 @@ + #include <security/pam_modutil.h> + #include <security/pam_ext.h> + +-#include <csync/csync.h> ++#include <ocsync/csync.h> + + #include "pam_csync.h" + #include "config.h" diff --git a/sys-auth/pam-csync/metadata.xml b/sys-auth/pam-csync/metadata.xml new file mode 100644 index 000000000000..91f4e72fb544 --- /dev/null +++ b/sys-auth/pam-csync/metadata.xml @@ -0,0 +1,7 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer> + <email>maintainer-needed@gentoo.org</email> + </maintainer> +</pkgmetadata> diff --git a/sys-auth/pam-csync/pam-csync-0.42.0-r1.ebuild b/sys-auth/pam-csync/pam-csync-0.42.0-r1.ebuild new file mode 100644 index 000000000000..52c4b9a89d5a --- /dev/null +++ b/sys-auth/pam-csync/pam-csync-0.42.0-r1.ebuild @@ -0,0 +1,32 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=4 + +inherit cmake-utils + +DESCRIPTION="PAM module to provide roaming home directories for a user session" +HOMEPAGE="http://www.csync.org/" +SRC_URI="http://www.csync.org/files/${P/-/_}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="" + +RDEPEND=" + >=dev-libs/iniparser-3.1 + >=net-misc/ocsync-0.60.0 + virtual/pam +" +DEPEND="${DEPEND} + app-text/asciidoc +" + +S="${WORKDIR}/${P/-/_}" + +PATCHES=( + "${FILESDIR}/${P}-cmake.patch" + "${FILESDIR}/${P}-ocsync.patch" +) diff --git a/sys-auth/pam-pgsql/Manifest b/sys-auth/pam-pgsql/Manifest new file mode 100644 index 000000000000..1989fc8cc1c7 --- /dev/null +++ b/sys-auth/pam-pgsql/Manifest @@ -0,0 +1,2 @@ +DIST pam-pgsql-0.7.3.1.tar.gz 301678 SHA256 c9327e7636e81a2d2bbaf4f017edbd9319a08df1654c9d1875e6f933750548dd +DIST pam-pgsql-0.7.3.tar.gz 302305 SHA256 0d1f4c2ca220a746b8750fa9c4c019e4129e16312b2cb46c78ef282dc018571b diff --git a/sys-auth/pam-pgsql/metadata.xml b/sys-auth/pam-pgsql/metadata.xml new file mode 100644 index 000000000000..4b531216ac27 --- /dev/null +++ b/sys-auth/pam-pgsql/metadata.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <herd>pam</herd> + <maintainer> + <email>pam-bugs@gentoo.org</email> + </maintainer> + <upstream> + <remote-id type="sourceforge">pam-pgsql</remote-id> + </upstream> +</pkgmetadata> diff --git a/sys-auth/pam-pgsql/pam-pgsql-0.7.3.1.ebuild b/sys-auth/pam-pgsql/pam-pgsql-0.7.3.1.ebuild new file mode 100644 index 000000000000..37b913a5bee4 --- /dev/null +++ b/sys-auth/pam-pgsql/pam-pgsql-0.7.3.1.ebuild @@ -0,0 +1,51 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=2 + +inherit eutils pam + +DESCRIPTION="pam_pgsql is a module for pam to authenticate users with PostgreSQL" +HOMEPAGE="http://sourceforge.net/projects/pam-pgsql/" + +if [[ ${PV} = *_p* ]]; then + SRC_URI="http://www.flameeyes.eu/gentoo-distfiles/${P}.tar.gz" +else + SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz" +fi + +RDEPEND="virtual/pam + >=dev-db/postgresql-8.0 + >=dev-libs/libgcrypt-1.2.0:0" +DEPEND="${RDEPEND}" + +LICENSE="GPL-2" + +IUSE="" +SLOT="0" +KEYWORDS="~amd64 ~x86" + +src_configure() { + econf \ + --sysconfdir=/etc/security \ + --libdir=/$(get_libdir) \ + --docdir=/usr/share/doc/${PF} || die "econf failed" +} + +src_compile() { + emake pammoddir="$(getpam_mod_dir)" || die "emake failed" +} + +src_install() { + emake DESTDIR="${D}" pammoddir="$(getpam_mod_dir)" install || die "emake install failed" + find "${D}" -name '*.la' -delete +} + +pkg_postinst() { + elog "Please see the documentation and configuration examples in the" + elog "documentation directory at /usr/share/doc/${PF}." + elog "" + elog "Please note that the default configuration file in Gentoo has been" + elog "moved to /etc/security/pam-pgsql.conf to follow the other PAM modules." +} diff --git a/sys-auth/pam-pgsql/pam-pgsql-0.7.3.ebuild b/sys-auth/pam-pgsql/pam-pgsql-0.7.3.ebuild new file mode 100644 index 000000000000..37b913a5bee4 --- /dev/null +++ b/sys-auth/pam-pgsql/pam-pgsql-0.7.3.ebuild @@ -0,0 +1,51 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=2 + +inherit eutils pam + +DESCRIPTION="pam_pgsql is a module for pam to authenticate users with PostgreSQL" +HOMEPAGE="http://sourceforge.net/projects/pam-pgsql/" + +if [[ ${PV} = *_p* ]]; then + SRC_URI="http://www.flameeyes.eu/gentoo-distfiles/${P}.tar.gz" +else + SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz" +fi + +RDEPEND="virtual/pam + >=dev-db/postgresql-8.0 + >=dev-libs/libgcrypt-1.2.0:0" +DEPEND="${RDEPEND}" + +LICENSE="GPL-2" + +IUSE="" +SLOT="0" +KEYWORDS="~amd64 ~x86" + +src_configure() { + econf \ + --sysconfdir=/etc/security \ + --libdir=/$(get_libdir) \ + --docdir=/usr/share/doc/${PF} || die "econf failed" +} + +src_compile() { + emake pammoddir="$(getpam_mod_dir)" || die "emake failed" +} + +src_install() { + emake DESTDIR="${D}" pammoddir="$(getpam_mod_dir)" install || die "emake install failed" + find "${D}" -name '*.la' -delete +} + +pkg_postinst() { + elog "Please see the documentation and configuration examples in the" + elog "documentation directory at /usr/share/doc/${PF}." + elog "" + elog "Please note that the default configuration file in Gentoo has been" + elog "moved to /etc/security/pam-pgsql.conf to follow the other PAM modules." +} diff --git a/sys-auth/pam-script/Manifest b/sys-auth/pam-script/Manifest new file mode 100644 index 000000000000..dd51f4f7e5f4 --- /dev/null +++ b/sys-auth/pam-script/Manifest @@ -0,0 +1,2 @@ +DIST pam-script-1.1.6.tar.gz 326758 SHA256 d7cb2fadf8db8fcd099a7a7151ec1b018e79f110af79955df0e0081ea3a93e1d SHA512 4c0f03e4ee3ad062c0a6c71982c283e944cd595d3af656f149ea89b583568373f72478130a614cd851f12a1440976abcd51c8932c5fd4753858d13d91888728a WHIRLPOOL 7bdc21db809f61243d3750a74f038cae3a61f2f5ee66c12a12159fa2094b6dc7f9ce9e3c095a0c4dd258dbda277d85e0c29f30047e1255cf35412a7ff0399c98 +DIST pam-script-1.1.7.tar.gz 328385 SHA256 ae38ed76e8e5aec47d6838212b92ce2ced4ba93adbdcfead69f956703a809ff3 SHA512 c0e1df7d3b91cb5be4166fd4680556d5ee4f74df0de299f3629c91081b89ab58390d7b5d0dde5acf3509b30a62553d08e4b2fdf154bce064937f45e2ec08db35 WHIRLPOOL 9c743a5de6695fae8433a1d26fddbb95e67276f382c106116b3fb9ddef80a7f283fafa13cce0f7212caac0fe6162f0f94eff2adb53834d154fe8127ca8df5220 diff --git a/sys-auth/pam-script/metadata.xml b/sys-auth/pam-script/metadata.xml new file mode 100644 index 000000000000..91f671da8400 --- /dev/null +++ b/sys-auth/pam-script/metadata.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer> + <email>chutzpah@gentoo.org</email> + <name>Patrick McLean</name> + </maintainer> + <upstream> + <remote-id type="github">jeroennijhof/pam_script</remote-id> + </upstream> +</pkgmetadata> diff --git a/sys-auth/pam-script/pam-script-1.1.6.ebuild b/sys-auth/pam-script/pam-script-1.1.6.ebuild new file mode 100644 index 000000000000..c0c587b5a918 --- /dev/null +++ b/sys-auth/pam-script/pam-script-1.1.6.ebuild @@ -0,0 +1,37 @@ +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +inherit multilib + +DESCRIPTION="PAM module for executing scripts during authorization, password changes, and sessions" +HOMEPAGE="http://sourceforge.net/projects/pam-script/ https://github.com/jeroennijhof/pam_script/" +SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="examples" + +RDEPEND="virtual/pam" +DEPEND="${RDEPEND}" + +src_configure() { + econf \ + --libdir=/$(get_libdir)/security \ + --sysconfdir=/etc/security/${PN} +} + +src_install() { + default + + if use examples ; then + docinto examples + dodoc etc/README.examples + exeinto /usr/share/doc/${PF}/examples + doexe etc/{logscript,tally} + docompress -x /usr/share/doc/${PF}/examples/{logscript,tally} + fi +} diff --git a/sys-auth/pam-script/pam-script-1.1.7.ebuild b/sys-auth/pam-script/pam-script-1.1.7.ebuild new file mode 100644 index 000000000000..59c1581f8ff0 --- /dev/null +++ b/sys-auth/pam-script/pam-script-1.1.7.ebuild @@ -0,0 +1,37 @@ +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +inherit multilib + +DESCRIPTION="PAM module for executing scripts during authorization, password changes, and sessions" +HOMEPAGE="http://sourceforge.net/projects/pam-script/ https://github.com/jeroennijhof/pam_script/" +SRC_URI="http://dev.gentoo.org/~radhermit/dist/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="examples" + +RDEPEND="virtual/pam" +DEPEND="${RDEPEND}" + +src_configure() { + econf \ + --libdir=/$(get_libdir)/security \ + --sysconfdir=/etc/security/${PN} +} + +src_install() { + default + + if use examples ; then + docinto examples + dodoc etc/README.examples + exeinto /usr/share/doc/${PF}/examples + doexe etc/{logscript,tally} + docompress -x /usr/share/doc/${PF}/examples/{logscript,tally} + fi +} diff --git a/sys-auth/pam_abl/Manifest b/sys-auth/pam_abl/Manifest new file mode 100644 index 000000000000..e21261f206e4 --- /dev/null +++ b/sys-auth/pam_abl/Manifest @@ -0,0 +1,3 @@ +DIST pam-abl-0.4.1.tar.bz2 250473 SHA256 42680216ab541510c33c7303ebc2a81e3d2f1a64f5df0ae78e7b335eaa767a5e SHA512 a266fcc1aeb0fd95f9d3da69a4e9eac15e9fe0c10ed32d2af3ce5e00f4ee1f599fea6b7695902f3a13bcc0f9a831ccde24b1f3cbcce6b6988b60b04a9c420509 WHIRLPOOL 27aa7456836d38704dc67299e2f3bff3ad68e0610f3986dc716ee278d4191cdab3db30d5fa3b2e8cc5bd95b80c55f7ce6c2a4b3b33c70605dd19b5155dd20f4e +DIST pam-abl-0.5.0.tar.gz 41038 SHA256 2ef75438179e15a0d657e73659c083938dde10706008fd73c960f848d791ec38 SHA512 3b87c0bd0ee42f72bbef202735bf53f04336d19618a8edbd75ccb2d71d8ce8772fde475bdb4236bd422b723eb3771029e259f70e49e8de80d2d2a27a571f5ccc WHIRLPOOL e077c69c9cd127055fc5d2e3e4c941fbfe364e0fd9637b91a75f0d08d9aadf8d2b4fd790698f1a570c7da1110f49a603e5da38c1b1c05cf1f8298ec4fc2184b9 +DIST pam-abl-0.6.0.tar.gz 48882 SHA256 dff9437af247fee19e8269919a3eed44c1e69874c1fa06325997c8d1eeb7eeb4 SHA512 fd4fca672800683f87eba4c9804925d0f1c0e5991a32af7d045787cf571d5d98996d2303460fada4796432916c713973c82c3a70da06d686194e97bfb0e8198e WHIRLPOOL 69363207a20a8c7ee935eb4f716ca61c019de8416d54cff0b41fac474dc6da089cc77d2b13c6e344f7296be0425fe804e63dbb61962018b9559f871fe9c36f38 diff --git a/sys-auth/pam_abl/metadata.xml b/sys-auth/pam_abl/metadata.xml new file mode 100644 index 000000000000..b0b1e5478f5a --- /dev/null +++ b/sys-auth/pam_abl/metadata.xml @@ -0,0 +1,23 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <herd>pam</herd> + <herd>proxy-maintainers</herd> + <maintainer> + <email>swapon@gmail.com</email> + <name>Alessio Cassibba</name> + </maintainer> + <longdescription lang="en"> +PAM module that provides auto blacklisting of hosts and users responsible for repeated failed authentication attempts. +Once a host is blacklisted it is guaranteed to fail authentication even if the correct credentials are provided. +Hosts which stop attempting to authenticate will, after a period of time, be un-blacklisted. +</longdescription> + <longdescription lang="it"> +Modulo Pam che permette di mantenere automaticamente una blacklist di host ed utenti responsabili di ripetuti tentativi di autenticazione falliti. +Gli host soggetti a blacklist vedranno fallire i tentativi di login anche qualora le corrette credenziali vengano fornite. +Una volta cessati i tentativi di autenticazione, dopo un certo periodo di tempo, gli host verranno riabilitati. +</longdescription> + <upstream> + <remote-id type="sourceforge">pam-abl</remote-id> + </upstream> +</pkgmetadata> diff --git a/sys-auth/pam_abl/pam_abl-0.4.1.ebuild b/sys-auth/pam_abl/pam_abl-0.4.1.ebuild new file mode 100644 index 000000000000..925ad353b523 --- /dev/null +++ b/sys-auth/pam_abl/pam_abl-0.4.1.ebuild @@ -0,0 +1,48 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=2 + +MY_PN="${PN/_/-}" +MY_P="${MY_PN}-${PV}" + +inherit flag-o-matic pam + +DESCRIPTION="PAM module for blacklisting of hosts and users on repeated failed authentication attempts" +HOMEPAGE="http://pam-abl.deksai.com/" +SRC_URI="mirror://sourceforge/${MY_PN}/${MY_P}.tar.bz2" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="amd64 x86" +IUSE="" + +DEPEND=">=sys-libs/pam-0.78-r2 + >=sys-libs/db-4.2.52_p2" +RDEPEND="${DEPEND}" + +S="${WORKDIR}/${MY_P}" + +src_configure() { + econf \ + --enable-shared \ + --disable-static \ + --disable-dependency-tracking \ + --enable-fast-install \ + --docdir=/usr/share/doc/${PF} \ + --with-pam-dir=$(getpam_mod_dir) \ + || die +} + +src_install() { + emake DESTDIR="${D}" install || die + dopamsecurity . conf/pam_abl.conf + + keepdir /var/db/abl +} + +pkg_postinst() { + elog "See /usr/share/doc/${PF}/ for configuration info and set up " + elog "/etc/security/pam_abl.conf as needed." +} diff --git a/sys-auth/pam_abl/pam_abl-0.5.0.ebuild b/sys-auth/pam_abl/pam_abl-0.5.0.ebuild new file mode 100644 index 000000000000..a2a2792e5597 --- /dev/null +++ b/sys-auth/pam_abl/pam_abl-0.5.0.ebuild @@ -0,0 +1,44 @@ +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +MY_PN="${PN/_/-}" +MY_P="${MY_PN}-${PV}" + +inherit flag-o-matic pam cmake-utils db-use multilib + +DESCRIPTION="PAM module for blacklisting of hosts and users on repeated failed authentication attempts" +HOMEPAGE="http://pam-abl.sourceforge.net/" +SRC_URI="mirror://sourceforge/${MY_PN}/${MY_P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="" + +DEPEND=">=sys-libs/pam-0.78-r2 + >=sys-libs/db-4.2.52_p2" +RDEPEND="${DEPEND}" + +S="${WORKDIR}/${MY_PN}" + +src_configure() { + pammod_hide_symbols + + local mycmakeargs=( + -DDB_INCLUDE_DIR=$(db_includedir) + -DDB_LINK_DIR=/usr/$(get_libdir) + -DDB_LIBRARY=$(db_libname) + ) + cmake-utils_src_configure +} + +src_install() { + cmake-utils_src_install + dodir $(getpam_mod_dir) + mv "${D}"/usr/lib/security/*.so "${D}"/"$(getpam_mod_dir)" || die + + dodoc doc/*.txt README +} diff --git a/sys-auth/pam_abl/pam_abl-0.6.0.ebuild b/sys-auth/pam_abl/pam_abl-0.6.0.ebuild new file mode 100644 index 000000000000..d8335d40b2f6 --- /dev/null +++ b/sys-auth/pam_abl/pam_abl-0.6.0.ebuild @@ -0,0 +1,51 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +MY_PN="${PN/_/-}" +MY_P="${MY_PN}-${PV}" + +inherit flag-o-matic pam cmake-utils db-use multilib + +DESCRIPTION="PAM module for blacklisting of hosts and users on repeated failed authentication attempts" +HOMEPAGE="http://pam-abl.sourceforge.net/" +SRC_URI="mirror://sourceforge/${MY_PN}/${MY_P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="" + +DEPEND=">=sys-libs/pam-0.78-r2 + >=sys-libs/db-4.2.52_p2" +RDEPEND="${DEPEND}" + +S=${WORKDIR} + +src_configure() { + pammod_hide_symbols + + local mycmakeargs=( + -DDB_INCLUDE_DIR=$(db_includedir) + -DDB_LINK_DIR=/usr/$(get_libdir) + -DDB_LIBRARY=$(db_libname) + ) + cmake-utils_src_configure +} + +src_install() { + cmake-utils_src_install + dodir $(getpam_mod_dir) + mv "${D}"/usr/lib/security/*.so "${D}"/"$(getpam_mod_dir)" || die + + dodoc doc/*.txt README +} + +pkg_preinst() { + if has_version "~${CATEGORY}/${PN}-0.5.0" ; then + ewarn "Note: the 0.5.0 release named the module 'pam-abl.so' by accident; this version" + ewarn "fixes that and uses 'pam_abl.so' again. Please update your config files." + fi +} diff --git a/sys-auth/pam_bioapi/Manifest b/sys-auth/pam_bioapi/Manifest new file mode 100644 index 000000000000..d73be86a78fe --- /dev/null +++ b/sys-auth/pam_bioapi/Manifest @@ -0,0 +1 @@ +DIST pam_bioapi-0.4.0.tar.gz 383529 SHA256 635df4a27c3f9485a2eabbc672f0cf2771a96756792b5f4078481f2df9bceb8c SHA512 fb2527b44ec8070fdc7a32fd1e272a6b98095fba827365f5427ae5fe6a5681b2f3be246ac34aaeb313d776890bd122c25ba68a58d9a728e68e4b341842dcb6d3 WHIRLPOOL 2c12463c8d248b3be7c110a7257dc3ec662dfef012099bc3ec4fb8527c1e1c22b1c9a438a279545efdc95de63eefa09637d7b97278d5a6233e78f2b7810a99ae diff --git a/sys-auth/pam_bioapi/files/pam_bioapi-0.4.0-headers.patch b/sys-auth/pam_bioapi/files/pam_bioapi-0.4.0-headers.patch new file mode 100644 index 000000000000..d5acc4db61bc --- /dev/null +++ b/sys-auth/pam_bioapi/files/pam_bioapi-0.4.0-headers.patch @@ -0,0 +1,27 @@ +fix building with -O0 + +http://code.google.com/p/pam-bioapi/issues/detail?id=3 +http://bugs.gentoo.org/241322 + +fix building with newer glibc + +https://bugs.gentoo.org/512106 + +--- libpam_bioapi/pam_bioapi.h ++++ libpam_bioapi/pam_bioapi.h +@@ -19,6 +19,7 @@ + #include <sys/stat.h> + #include <sys/types.h> /* defines 'uid_t', etc. */ + ++#include <sys/resource.h> + #include <sys/types.h> + #include <sys/wait.h> + #include "earray.h" +@@ -23,6 +23,7 @@ + #include <sys/wait.h> + #include "earray.h" + ++#include <locale.h> + #include <libintl.h> /* gnu gettext support */ + #define _(String) gettext (String) + diff --git a/sys-auth/pam_bioapi/metadata.xml b/sys-auth/pam_bioapi/metadata.xml new file mode 100644 index 000000000000..dfc162ec95dd --- /dev/null +++ b/sys-auth/pam_bioapi/metadata.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer> + <email>vapier@gentoo.org</email> + <name>Mike Frysinger</name> + </maintainer> + <upstream> + <remote-id type="google-code">pam-bioapi</remote-id> + </upstream> +</pkgmetadata> diff --git a/sys-auth/pam_bioapi/pam_bioapi-0.4.0-r1.ebuild b/sys-auth/pam_bioapi/pam_bioapi-0.4.0-r1.ebuild new file mode 100644 index 000000000000..91880d6ae796 --- /dev/null +++ b/sys-auth/pam_bioapi/pam_bioapi-0.4.0-r1.ebuild @@ -0,0 +1,47 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +inherit eutils + +DESCRIPTION="PAM interface to bioapi package" +HOMEPAGE="http://code.google.com/p/pam-bioapi/" +SRC_URI="http://pam-bioapi.googlecode.com/files/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="x86" +IUSE="" + +DEPEND="sys-auth/bioapi + sys-libs/pam + dev-db/sqlite" +RDEPEND="${DEPEND} + sys-auth/tfm-fingerprint" + +src_unpack() { + unpack ${A} + cd "${S}" + epatch "${FILESDIR}"/${P}-headers.patch #241322 + sed -i \ + -e 's/-version-info 0:4:0/-avoid-version/' \ + libpam_bioapi/Makefile.in #261598 + sed -i \ + -e 's:@prefix@::' \ + -e '/pam_unix.so/s:.*:auth include system-auth:' \ + etc/pam.d/{bioapi_chbird,test-pam_bioapi}.in #261598 +} + +src_compile() { + econf --sbindir=/sbin || die + emake || die +} + +src_install() { + emake install DESTDIR="${D}" || die + dodoc AUTHORS ChangeLog NEWS README TODO + + dodir /$(get_libdir) + mv "${D}"/usr/$(get_libdir)/security "${D}"/$(get_libdir)/ || die + rm -f "${D}"/$(get_libdir)/security/*.la +} diff --git a/sys-auth/pam_bioapi/pam_bioapi-0.4.0.ebuild b/sys-auth/pam_bioapi/pam_bioapi-0.4.0.ebuild new file mode 100644 index 000000000000..519c3cddde1a --- /dev/null +++ b/sys-auth/pam_bioapi/pam_bioapi-0.4.0.ebuild @@ -0,0 +1,41 @@ +# Copyright 1999-2008 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +inherit eutils toolchain-funcs + +DESCRIPTION="PAM interface to bioapi package" +HOMEPAGE="http://code.google.com/p/pam-bioapi/" +SRC_URI="http://pam-bioapi.googlecode.com/files/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="x86" +IUSE="" + +DEPEND="sys-auth/bioapi + sys-libs/pam + dev-db/sqlite" +RDEPEND="${DEPEND} + sys-auth/tfm-fingerprint" + +src_unpack() { + unpack ${A} + cd "${S}" + epatch "${FILESDIR}"/${P}-headers.patch #241322 +} + +src_compile() { + econf --sbindir=/sbin || die + emake || die +} + +src_install() { + emake install DESTDIR="${D}" || die + dodoc AUTHORS ChangeLog NEWS README TODO + + dodir /$(get_libdir) + mv "${D}"/usr/$(get_libdir)/{lib*.so*,security} "${D}"/$(get_libdir)/ || die + rm -f "${D}"/$(get_libdir)/security/*.la + gen_usr_ldscript libbirdb.so libbirdb_sqlite3.so +} diff --git a/sys-auth/pam_blue/Manifest b/sys-auth/pam_blue/Manifest new file mode 100644 index 000000000000..0b704a2eb99d --- /dev/null +++ b/sys-auth/pam_blue/Manifest @@ -0,0 +1 @@ +DIST pam_blue-0.9.0.tar.bz2 251688 SHA256 4ff0f6528d29ae77cf890defcbaf16ee2065dc85fe8edd2e6e53d48e7f27b535 SHA512 f611b6e3b509d2b917dd15a82f6fa3219ce554cdbf3bd224981c740bb3161dea67db9275b9bc13cd54644e0cb546eb2bb32dbff7e510170a0911b40d81f2d620 WHIRLPOOL 51a9d6f920b3420187c29a009020d4a9aa3f2598a8ce07bd440e871ab4e493e09bce3cb4cf2d6cef63e734be20f29b1ee2ea2aa0ed6f14add7aa9704f23a8eec diff --git a/sys-auth/pam_blue/files/pam_blue-0.9.0-bad-log.patch b/sys-auth/pam_blue/files/pam_blue-0.9.0-bad-log.patch new file mode 100644 index 000000000000..5f2a2628e4b0 --- /dev/null +++ b/sys-auth/pam_blue/files/pam_blue-0.9.0-bad-log.patch @@ -0,0 +1,11 @@ +--- a/src/bluepmain.c ++++ b/src/bluepmain.c +@@ -88,7 +88,7 @@ + + if ( (lst = parse_rc()) == NULL) { /* something goes wrong (no config file, ...) */ + user = NULL; +- syslog (LOG_ERR, "Can't parse configuration file [%s]!" CONFIG_FILE); ++ syslog (LOG_ERR, "Can't parse configuration file [%s]!", CONFIG_FILE); + return PAM_AUTH_ERR; + } + diff --git a/sys-auth/pam_blue/files/pam_blue-0.9.0-char-locales.patch b/sys-auth/pam_blue/files/pam_blue-0.9.0-char-locales.patch new file mode 100644 index 000000000000..40d2810f486c --- /dev/null +++ b/sys-auth/pam_blue/files/pam_blue-0.9.0-char-locales.patch @@ -0,0 +1,17 @@ +https://bugs.gentoo.org/412941 + +fix matching in various locales + +patch by Leho Kraav <leho@kraav.com> + +--- a/src/lexer.l ++++ b/src/lexer.l +@@ -28,7 +28,7 @@ + bluemac { return BLUEMAC; } + @ { return AT;} + ; { return SEMICOLON; } +-[a-zA-Z][a-zA-Z0-9_]* { yylval.word = (char *) strdup(yytext); return WORD; } ++[[:alpha:]][[:alnum:]_-]* { yylval.word = (char *) strdup(yytext); return WORD; } + {HXDIGD}{HXDIGD}{HXDIG} { yylval.word = (char *) strdup(yytext); return MAC; } + [0-9][0-9]* { yylval.value = atoi(yytext); return DIGIT; } + = { return EQUAL; } diff --git a/sys-auth/pam_blue/metadata.xml b/sys-auth/pam_blue/metadata.xml new file mode 100644 index 000000000000..faf0bf05443f --- /dev/null +++ b/sys-auth/pam_blue/metadata.xml @@ -0,0 +1,13 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <herd>pam</herd> + <longdescription lang="en"> + Bluepam is an extension for the common pam modules, give the user the + ability for authenticaten via a bluetooth compatible device like a cell + phone or various other bluetooth dongles (e.g. epox-presenter). Due to the + fact that a whole part of the bluetooth stack is implemented in hardware it + is relatively difficult to change the bluetoth hardware mac address which + makes this module more secure. + </longdescription> +</pkgmetadata> diff --git a/sys-auth/pam_blue/pam_blue-0.9.0-r1.ebuild b/sys-auth/pam_blue/pam_blue-0.9.0-r1.ebuild new file mode 100644 index 000000000000..82adfeb0a31a --- /dev/null +++ b/sys-auth/pam_blue/pam_blue-0.9.0-r1.ebuild @@ -0,0 +1,48 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="5" + +inherit pam autotools multilib + +DESCRIPTION="Linux PAM module providing ability to authenticate via a bluetooth compatible device" +HOMEPAGE="http://pam.0xdef.net/" +SRC_URI="http://pam.0xdef.net/source/${P}.tar.bz2" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="" + +DEPEND="virtual/pam + net-wireless/bluez" +RDEPEND="${DEPEND}" + +S=${WORKDIR}/${PN} + +src_prepare() { + epatch "${FILESDIR}"/${P}-char-locales.patch #412941 + epatch "${FILESDIR}"/${P}-bad-log.patch + mv configure.{in,ac} || die + eautoreconf +} + +src_configure() { + econf --libdir="$(getpam_mod_dir)" +} + +src_install() { + # manual install to avoid sandbox violation and installing useless .la file + dopammod src/.libs/pam_blue.so + newpamsecurity . data/sample.conf bluesscan.conf.sample + + dodoc AUTHORS NEWS README ChangeLog + doman doc/${PN}.7 +} + +pkg_postinst() { + elog "For configuration info, see /etc/security/bluesscan.conf.sample" + elog "http://pam.0xdef.net/doc.html and http://pam.0xdef.net/faq.html" + elog "Edit the file as required and copy/rename to bluesscan.conf when done." +} diff --git a/sys-auth/pam_blue/pam_blue-0.9.0.ebuild b/sys-auth/pam_blue/pam_blue-0.9.0.ebuild new file mode 100644 index 000000000000..c9a78ed11850 --- /dev/null +++ b/sys-auth/pam_blue/pam_blue-0.9.0.ebuild @@ -0,0 +1,46 @@ +# Copyright 1999-2010 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +inherit pam autotools multilib + +DESCRIPTION="Linux PAM module providing ability to authenticate via a bluetooth compatible device" +HOMEPAGE="http://pam.0xdef.net/" +SRC_URI="http://pam.0xdef.net/source/${P}.tar.bz2" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="" + +DEPEND="virtual/pam + net-wireless/bluez" +RDEPEND="${DEPEND}" + +S=${WORKDIR}/${PN} + +src_unpack() { + unpack ${A} + cd "${S}" + eautoreconf +} + +src_compile() { + econf --libdir="$(getpam_mod_dir)" + emake || die "emake failed" +} + +src_install() { + # manual install to avoid sandbox violation and installing useless .la file + dopammod src/.libs/pam_blue.so + newpamsecurity . data/sample.conf bluesscan.conf.sample + + dodoc AUTHORS NEWS README ChangeLog + doman doc/${PN}.7 +} + +pkg_postinst() { + elog "For configuration info, see /etc/security/bluesscan.conf.sample" + elog "http://pam.0xdef.net/doc.html and http://pam.0xdef.net/faq.html" + elog "Edit the file as required and copy/rename to bluesscan.conf when done." +} diff --git a/sys-auth/pam_chroot/Manifest b/sys-auth/pam_chroot/Manifest new file mode 100644 index 000000000000..837749b30a33 --- /dev/null +++ b/sys-auth/pam_chroot/Manifest @@ -0,0 +1 @@ +DIST pam_chroot-0.9.2.tar.bz2 15657 SHA256 101bd0e175c16f7410fdf6a4c04e4015283411efe92790f614f0e0c43cc05ce5 diff --git a/sys-auth/pam_chroot/metadata.xml b/sys-auth/pam_chroot/metadata.xml new file mode 100644 index 000000000000..24210a5eee45 --- /dev/null +++ b/sys-auth/pam_chroot/metadata.xml @@ -0,0 +1,8 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <herd>pam</herd> + <upstream> + <remote-id type="sourceforge">pam-chroot</remote-id> + </upstream> +</pkgmetadata> diff --git a/sys-auth/pam_chroot/pam_chroot-0.9.2.ebuild b/sys-auth/pam_chroot/pam_chroot-0.9.2.ebuild new file mode 100644 index 000000000000..827977aff805 --- /dev/null +++ b/sys-auth/pam_chroot/pam_chroot-0.9.2.ebuild @@ -0,0 +1,36 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +inherit toolchain-funcs pam flag-o-matic eutils + +DESCRIPTION="Linux-PAM module that allows a user to be chrooted in auth, account, or session" +HOMEPAGE="http://sourceforge.net/projects/pam-chroot/" +SRC_URI="mirror://sourceforge/pam-chroot/${P}.tar.bz2" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86" +IUSE="" + +DEPEND="virtual/pam + !<sys-libs/pam-0.99" +RDEPEND="${DEPEND}" + +doecho() { + echo "$@" + "$@" || die +} + +src_compile() { + # using the Makefile would require patching it to work properly, so + # rather simply re-create it here. + doecho $(tc-getCC) ${LDFLAGS} -shared -fPIC ${CFLAGS} ${PN}.c -o ${PN}.so -lpam +} + +src_install() { + dopammod pam_chroot.so + dopamsecurity . chroot.conf + + dodoc CREDITS README.history TROUBLESHOOTING options || die "dodoc failed" +} diff --git a/sys-auth/pam_dotfile/Manifest b/sys-auth/pam_dotfile/Manifest new file mode 100644 index 000000000000..d75afa539d70 --- /dev/null +++ b/sys-auth/pam_dotfile/Manifest @@ -0,0 +1,2 @@ +DIST pam_dotfile-0.7.tar.gz 229009 SHA256 88e99da6aaecec19ea294eb10bcb432f1ce506d1ca53d416ea74bb165a3a4534 SHA512 544160068af2c6a488271d36cfae43340d4d7801702aef629ba781dff12b99334bc76ec14396783d0a9823d0f976c847335fe8b1b07cbbb6e43d0bd658ff7500 WHIRLPOOL 528f41b15955d196d1be39a58d014e094d34dd57ed2681c22618407f34a849bd26cf07b3450c78dbd850b2d8b1d8700520c61f8299d5a17bee81b6c43bfd0030 +DIST pam_dotfile-patches-1.tar.bz2 2172 SHA256 fa78ddf1bc2c4938925a8bb71be2705d8a38904c1693b0bbb9f2f3c5f4e8dc5b SHA512 a6b29361e089f7223c3f915320a921b5f20603a16673d518300ea458a816360950a76a4f8e1842040f7b0e676d4c67c6de2586640c2bb4638a4e63138b78600a WHIRLPOOL 1fc23a8169d3cd020aae43f59f6fa2866553e61cc7e26a60c7ea5b091fd66b13c1a8f0e05525b92a5a5ab590263d3d10d82faec97e5f3a4fbdba4a927755f130 diff --git a/sys-auth/pam_dotfile/files/pam_dotfile-0.7-gentoo.patch b/sys-auth/pam_dotfile/files/pam_dotfile-0.7-gentoo.patch new file mode 100644 index 000000000000..023f86553c39 --- /dev/null +++ b/sys-auth/pam_dotfile/files/pam_dotfile-0.7-gentoo.patch @@ -0,0 +1,157 @@ +diff --git a/configure.ac b/configure.ac +index 4730bdf..b8d8747 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -44,16 +44,26 @@ CFLAGS="$CFLAGS -L/lib" + # Checks for libraries. + AC_CHECK_HEADER([security/pam_modules.h],, [AC_MSG_ERROR([*** Sorry, you have to install the PAM development files ***])]) + +-LIBS="$LIBS -ldl -lpam -lpam_misc" +- +-case "$host" in +- *-*-linux*) +- PAM_MODDIR="/lib/security" +- ;; +- *) +- PAM_MODDIR="/usr/lib" +- ;; +-esac ++AC_CHECK_HEADERS([security/_pam_macros.h security/pam_misc.h security/openpam.h]) ++ ++AC_CHECK_LIB([pam], [pam_start]) ++AC_CHECK_LIB([pam_misc], [misc_conv]) ++ ++AC_ARG_WITH([pammoddir], ++ AC_HELP_STRING([--with-pammoddir], [Install module in specified directory]), ++ [ ++ PAM_MODDIR=$withval ++ ], [ ++ case "$host" in ++ *-*-linux*) ++ PAM_MODDIR="/lib/security" ++ ;; ++ *) ++ PAM_MODDIR="/usr/lib" ++ ;; ++ esac ++ ]) ++ + AC_SUBST(PAM_MODDIR) + + # Checks for header files. +@@ -64,7 +74,7 @@ AC_FUNC_LSTAT + AC_FUNC_LSTAT_FOLLOWS_SLASHED_SYMLINK + AC_FUNC_VPRINTF + +-AC_CHECK_HEADERS([fcntl.h limits.h syslog.h termios.h]) ++AC_CHECK_HEADERS([fcntl.h limits.h syslog.h termios.h sys/types.h]) + AC_HEADER_STDC + AC_HEADER_SYS_WAIT + +diff --git a/src/Makefile.am b/src/Makefile.am +index 2905b7c..e7e47d2 100644 +--- a/src/Makefile.am ++++ b/src/Makefile.am +@@ -22,7 +22,7 @@ moduledir = @PAM_MODDIR@ + module_LTLIBRARIES = pam_dotfile.la + + pam_dotfile_la_SOURCES = pam_dotfile.c md5.c md5util.c md5.h md5util.h log.c log.h common.c common.h +-pam_dotfile_la_LDFLAGS = -module -avoid-version ++pam_dotfile_la_LDFLAGS = -module -avoid-version -export-symbols-regex '^pam_' + pam_dotfile_la_CFLAGS = $(AM_CFLAGS) + + sbin_PROGRAMS = pam-dotfile-helper +diff --git a/src/common.h b/src/common.h +index ef34cf3..6a57116 100644 +--- a/src/common.h ++++ b/src/common.h +@@ -21,7 +21,10 @@ + ***/ + + #include <security/pam_modules.h> +-#include <security/_pam_macros.h> ++#include <security/pam_appl.h> ++#ifdef HAVE_SECURITY__PAM_MACROS_H ++# include <security/_pam_macros.h> ++#endif + + typedef struct context { + int opt_debug; +diff --git a/src/pam-dotfile-helper.c b/src/pam-dotfile-helper.c +index 04c73de..1c09b18 100644 +--- a/src/pam-dotfile-helper.c ++++ b/src/pam-dotfile-helper.c +@@ -23,6 +23,14 @@ + #include <signal.h> + #include <pwd.h> + ++#ifdef HAVE_CONFIG_H ++# include <config.h> ++#endif ++ ++#ifdef HAVE_SYS_TYPES_H ++# include <sys/types.h> ++#endif ++ + #include "common.h" + #include "log.h" + +diff --git a/src/pam_dotfile.c b/src/pam_dotfile.c +index 405f494..183aafd 100644 +--- a/src/pam_dotfile.c ++++ b/src/pam_dotfile.c +@@ -29,11 +29,19 @@ + #include <sys/types.h> + #include <sys/wait.h> + #include <fcntl.h> ++#include <stdlib.h> + + #define PAM_SM_AUTH + + #include <security/pam_modules.h> +-#include <security/_pam_macros.h> ++#include <security/pam_appl.h> ++#ifdef HAVE_SECURITY__PAM_MACROS_H ++# include <security/_pam_macros.h> ++#endif ++ ++#ifndef x_strdup ++# define x_strdup(s) ( (s) ? strdup(s):NULL ) ++#endif + + #include "md5.h" + #include "md5util.h" +diff --git a/src/pamtest.c b/src/pamtest.c +index 171e601..6583de1 100644 +--- a/src/pamtest.c ++++ b/src/pamtest.c +@@ -19,11 +19,28 @@ + + #include <stdio.h> + ++#ifdef HAVE_CONFIG_H ++# include <config.h> ++#endif ++ + #include <security/pam_appl.h> +-#include <security/pam_misc.h> ++ ++#ifdef HAVE_SECURITY_PAM_MISC_H ++# include <security/pam_misc.h> ++#endif ++ ++#ifdef HAVE_SECURITY_OPENPAM_H ++# include <security/openpam.h> ++#endif + + int main(int argc, char*argv[]) { ++#ifdef HAVE_LIBPAM_MISC + static struct pam_conv pc = { misc_conv, NULL }; ++#elif defined(_OPENPAM) ++ static struct pam_conv pc = { openpam_nullconv, NULL }; ++#else ++ static struct pam_conv pc = { NULL }; ++#endif + pam_handle_t *ph = NULL; + int r, ret; + char *username, *procname, *service; diff --git a/sys-auth/pam_dotfile/metadata.xml b/sys-auth/pam_dotfile/metadata.xml new file mode 100644 index 000000000000..55ce0267ecc6 --- /dev/null +++ b/sys-auth/pam_dotfile/metadata.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <herd>pam</herd> + <maintainer> + <email>pam-bugs@gentoo.org</email> + </maintainer> + <upstream> + <remote-id type="github">gentoo/pam_dotfile</remote-id> + </upstream> +</pkgmetadata> diff --git a/sys-auth/pam_dotfile/pam_dotfile-0.7-r1.ebuild b/sys-auth/pam_dotfile/pam_dotfile-0.7-r1.ebuild new file mode 100644 index 000000000000..03258521861b --- /dev/null +++ b/sys-auth/pam_dotfile/pam_dotfile-0.7-r1.ebuild @@ -0,0 +1,53 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +inherit eutils pam autotools + +MY_P="${P/_beta/beta}" +S="${WORKDIR}/${MY_P}" + +PATCHLEVEL="1" +DESCRIPTION="pam module to allow password-storing in \$HOME/dotfiles" +HOMEPAGE="http://0pointer.de/lennart/projects/pam_dotfile/" +SRC_URI="http://0pointer.de/lennart/projects/pam_dotfile/${MY_P}.tar.gz + http://digilander.libero.it/dgp85/gentoo/${PN}-patches-${PATCHLEVEL}.tar.bz2" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="amd64 ppc x86" +IUSE="doc" + +RDEPEND="virtual/pam" +DEPEND="${RDEPEND} + doc? ( www-client/lynx )" + +src_unpack() { + unpack ${A} + cd "${S}" + + EPATCH_SUFFIX="patch" epatch ${WORKDIR}/${PV} + + AT_M4DIR="${WORKDIR}/${PV}/m4" eautoreconf +} + +src_compile() { + local myconf + + econf \ + $(use_enable doc lynx) \ + "--with-pammoddir=$(getpam_mod_dir)" \ + || die + emake || die +} + +src_install() { + make -C src DESTDIR="${D}" install || die "make -C src install failed" + make -C man DESTDIR="${D}" install || die "make -C src install failed" + + rm -f "${D}"/$(getpam_mod_dir)/pam_dotfile.la + fperms 4111 /usr/sbin/pam-dotfile-helper + + dodoc README + dohtml doc/* +} diff --git a/sys-auth/pam_dotfile/pam_dotfile-0.7-r2.ebuild b/sys-auth/pam_dotfile/pam_dotfile-0.7-r2.ebuild new file mode 100644 index 000000000000..b0497df2e874 --- /dev/null +++ b/sys-auth/pam_dotfile/pam_dotfile-0.7-r2.ebuild @@ -0,0 +1,46 @@ +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +inherit eutils pam autotools autotools-utils + +MY_P="${P/_beta/beta}" +S="${WORKDIR}/${MY_P}" + +DESCRIPTION="pam module to allow password-storing in \$HOME/dotfiles" +HOMEPAGE="http://0pointer.de/lennart/projects/pam_dotfile/ + https://github.com/gentoo/pam_dotfile/" +SRC_URI="http://0pointer.de/lennart/projects/pam_dotfile/${MY_P}.tar.gz" + +LICENSE="GPL-2+" +SLOT="0" +KEYWORDS="amd64 ppc x86" +IUSE="doc" + +RDEPEND="virtual/pam" +DEPEND="${RDEPEND} + doc? ( www-client/lynx )" + +HTML_DOCS="doc" + +src_prepare() { + epatch "${FILESDIR}"/${P}-gentoo.patch + eautoreconf +} + +src_configure() { + local myeconfargs=( + $(use_enable doc lynx) + --with-pammoddir=$(getpam_mod_dir) + ) + autotools-utils_src_configure +} + +src_install() { + autotools-utils_src_install + + # kill the libtool archives + rm -rf "${D}"/$(getpam_mod_dir)/*.la +} diff --git a/sys-auth/pam_fprint/Manifest b/sys-auth/pam_fprint/Manifest new file mode 100644 index 000000000000..3a734b1ed097 --- /dev/null +++ b/sys-auth/pam_fprint/Manifest @@ -0,0 +1 @@ +DIST pam_fprint-0.2.tar.bz2 72781 SHA256 57cba8a951d4127e5be4c3b2ced0c1c6fac0201a08c833f1644f0ea2e3fa8a72 SHA512 c860488efabfd6301b4e19596e15545bbcb1a15f79bfd7c61a357ef47cf0a621ec0d15328d5be30f7ef045813e18333bd0aea7fb8fcb06681007dcacca6396fd WHIRLPOOL 6a9025b6db956300de2b0dcb9b52452680c562c1b54d161d183221281dfb375f07a24b022227755a7aa4ce13113b3387d2d3bd9d0a94a9f35a52df95eebca6b2 diff --git a/sys-auth/pam_fprint/files/pam_fprint-0.2-headers.patch b/sys-auth/pam_fprint/files/pam_fprint-0.2-headers.patch new file mode 100644 index 000000000000..9ff6e551ee87 --- /dev/null +++ b/sys-auth/pam_fprint/files/pam_fprint-0.2-headers.patch @@ -0,0 +1,12 @@ +Add definition of free and setenv, Michael Weber <xmw@gentoo.org> Oct 18th, 2010 + +--- pam_fprint-0.2/src/pam_fprint.c ++++ pam_fprint-0.2/src/pam_fprint.c +@@ -22,6 +22,7 @@ + #include <sys/types.h> + #include <pwd.h> + #include <string.h> ++#include <stdlib.h> + + #include <fprint.h> + diff --git a/sys-auth/pam_fprint/metadata.xml b/sys-auth/pam_fprint/metadata.xml new file mode 100644 index 000000000000..4d5fc9b2d75d --- /dev/null +++ b/sys-auth/pam_fprint/metadata.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer> + <email>xmw@gentoo.org</email> + <name>Michael Weber</name> + </maintainer> + <upstream> + <remote-id type="sourceforge">fprint</remote-id> + </upstream> +</pkgmetadata> diff --git a/sys-auth/pam_fprint/pam_fprint-0.2-r1.ebuild b/sys-auth/pam_fprint/pam_fprint-0.2-r1.ebuild new file mode 100644 index 000000000000..17f9f4e7a611 --- /dev/null +++ b/sys-auth/pam_fprint/pam_fprint-0.2-r1.ebuild @@ -0,0 +1,31 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=3 + +inherit eutils pam + +DESCRIPTION="a simple PAM module which uses libfprint's functionality for authentication" +HOMEPAGE="http://www.reactivated.net/fprint/wiki/Pam_fprint" +SRC_URI="mirror://sourceforge/fprint/${P}.tar.bz2" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="alpha amd64 arm ia64 ppc ppc64 sparc x86" +IUSE="" + +RDEPEND="sys-auth/libfprint + sys-libs/pam" +DEPEND="${RDEPEND}" + +src_prepare() { + epatch "${FILESDIR}"/${P}-headers.patch +} + +src_install() { + dopammod src/${PN}.so || die + newbin src/pamtest pamtest.fprint || die + dobin src/pam_fprint_enroll || die + dodoc AUTHORS ChangeLog NEWS README || die +} diff --git a/sys-auth/pam_keystore/Manifest b/sys-auth/pam_keystore/Manifest new file mode 100644 index 000000000000..b6d3dba20814 --- /dev/null +++ b/sys-auth/pam_keystore/Manifest @@ -0,0 +1 @@ +DIST pam_keystore-0.1.3.tar.bz2 5894 SHA256 edc8bafd89cc8e5a18b23ce521beaba250fcfd4a53d8c2bdab4d17b77058f493 diff --git a/sys-auth/pam_keystore/metadata.xml b/sys-auth/pam_keystore/metadata.xml new file mode 100644 index 000000000000..81ada335fc94 --- /dev/null +++ b/sys-auth/pam_keystore/metadata.xml @@ -0,0 +1,5 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<herd>pam</herd> +</pkgmetadata> diff --git a/sys-auth/pam_keystore/pam_keystore-0.1.3.ebuild b/sys-auth/pam_keystore/pam_keystore-0.1.3.ebuild new file mode 100644 index 000000000000..f64c830a4551 --- /dev/null +++ b/sys-auth/pam_keystore/pam_keystore-0.1.3.ebuild @@ -0,0 +1,32 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +inherit pam toolchain-funcs + +DESCRIPTION="Keeps a login and the password the user in the kernel" +HOMEPAGE="http://www.calculate-linux.org/main/en/pam_keystore" +SRC_URI="ftp://ftp.calculate.ru/pub/calculate/${PN}/${P}.tar.bz2" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64" +IUSE="" + +DEPEND="virtual/pam + >=sys-apps/keyutils-1.1" +RDEPEND="${DEPEND}" + +src_compile() { + emake \ + CC="$(tc-getCC)" \ + LD_D="$(tc-getCC) -shared ${LDFLAGS}" \ + CFLAGS="-fPIC ${CFLAGS}" \ + SHARE= \ + || die "make failed" +} + +src_install() { + dopammod pam_keystore.so || die + newdoc README README.ru || die +} diff --git a/sys-auth/pam_krb5/Manifest b/sys-auth/pam_krb5/Manifest new file mode 100644 index 000000000000..12f6830db291 --- /dev/null +++ b/sys-auth/pam_krb5/Manifest @@ -0,0 +1,2 @@ +DIST pam-krb5-4.6.tar.gz 528901 SHA256 dbd7887bc3be9d0962719df53ff67209b27fedc64104fb2a0956a72f809640dd SHA512 d5dbd735f4d1e55ba0a09c22945bbb2bacc54942544f1cace186cd9d2e669923933af7ac448a566211486beda03c384abda2a0cc146294b0cb1f6d53403b7a60 WHIRLPOOL 4556c845d92d3e8182381234989fc452fcd8993b45e489269172e3c45902b98a0c4a378da8485ae85aaf27ffa8d24dc3c9d4cfcee7ca3922080af8b4cb9603f0 +DIST pam-krb5-4.7.tar.gz 557325 SHA256 9b4ff52d0456939a0fe6d6676a965a6c2351d9f2c011de8402bfc12c547a7412 SHA512 b6f5a4788a4e809f21ef3e89fff50c76679ac8e7d10bc2617275e06e84ce7bd8a02089ff7682ec64827d45409c968c469a0dca730d676ad2db082e09b9dd31ce WHIRLPOOL a9833e1d1650878c79a7385aa50c73462d0546ddda73868ad4b84544df044203b9601a4d22ed718a8c9a9d2897738450be23fbb98c871ecf0e60fc6bef7d7ccb diff --git a/sys-auth/pam_krb5/metadata.xml b/sys-auth/pam_krb5/metadata.xml new file mode 100644 index 000000000000..e8a4773c1a0d --- /dev/null +++ b/sys-auth/pam_krb5/metadata.xml @@ -0,0 +1,12 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <herd>kerberos</herd> + <maintainer> + <email>pam-bugs@gentoo.org</email> + </maintainer> + <maintainer> + <email>eras@gentoo.org</email> + <name>Eray Aslan</name> + </maintainer> +</pkgmetadata> diff --git a/sys-auth/pam_krb5/pam_krb5-4.6.ebuild b/sys-auth/pam_krb5/pam_krb5-4.6.ebuild new file mode 100644 index 000000000000..e3cbc8fe992b --- /dev/null +++ b/sys-auth/pam_krb5/pam_krb5-4.6.ebuild @@ -0,0 +1,35 @@ +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=4 + +inherit multilib + +DESCRIPTION="Kerberos 5 PAM Authentication Module" +HOMEPAGE="http://www.eyrie.org/~eagle/software/pam-krb5" +SRC_URI="http://archives.eyrie.org/software/kerberos/pam-krb5-${PV}.tar.gz" + +LICENSE="|| ( BSD-2 GPL-2 )" +SLOT="0" +KEYWORDS="alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86 ~amd64-fbsd" +IUSE="" + +DEPEND="virtual/krb5 + virtual/pam" + +RDEPEND="${DEPEND}" + +S="${WORKDIR}/${P/_/-}" + +src_configure() { + econf \ + --libdir=/$(get_libdir) +} + +src_install() { + emake DESTDIR="${D}" install + dodoc NEWS README TODO + + rm "${D}/$(get_libdir)/security/pam_krb5.la" +} diff --git a/sys-auth/pam_krb5/pam_krb5-4.7.ebuild b/sys-auth/pam_krb5/pam_krb5-4.7.ebuild new file mode 100644 index 000000000000..f1291889704a --- /dev/null +++ b/sys-auth/pam_krb5/pam_krb5-4.7.ebuild @@ -0,0 +1,34 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 +inherit multilib + +DESCRIPTION="Kerberos 5 PAM Authentication Module" +HOMEPAGE="http://www.eyrie.org/~eagle/software/pam-krb5" +SRC_URI="http://archives.eyrie.org/software/kerberos/pam-krb5-${PV}.tar.gz" + +LICENSE="|| ( BSD-2 GPL-2 )" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd" +IUSE="" + +DEPEND="virtual/krb5 + virtual/pam" + +RDEPEND="${DEPEND}" + +S="${WORKDIR}/${P/_/-}" + +src_configure() { + econf \ + --libdir=/$(get_libdir) +} + +src_install() { + emake DESTDIR="${D}" install + dodoc NEWS README TODO + + rm "${D}/$(get_libdir)/security/pam_krb5.la" +} diff --git a/sys-auth/pam_ldap/Manifest b/sys-auth/pam_ldap/Manifest new file mode 100644 index 000000000000..1b6e73edf099 --- /dev/null +++ b/sys-auth/pam_ldap/Manifest @@ -0,0 +1,3 @@ +DIST pam_ldap-183.tar.gz 127500 SHA256 aabce29413280efc992ba10f16ec8ab3c1bf06feebebf598d3b625ad36a715d0 SHA512 ad1ec398904c54f31aa71d3b59ecbdf4af14c590077f9e683d87fa3940f4e20aab7e1bd59eac7a9bfb985e30c1ea04a1569aa2dc2dfc39d8ccec8b871cc032c7 WHIRLPOOL b20fc273e1b0c97e51d10d7e7f8f706b28e896842e3d65638aa2cc304fe88f1cadc6d76271e9e49fa17d4a8ca4ad8ef1c7bc44701a7bf6a6eddb81cf37c2d0b3 +DIST pam_ldap-184.tar.gz 128053 SHA256 2dd4df6bfddd80580af599dbfb631f907d796df478c22949af4552eaf750c6f3 +DIST pam_ldap-186.tar.gz 163437 SHA256 c8fe22d559d5a3f528b24eb97175085f188c0f11ade337a868590ac0e0716453 SHA512 aaa6fbc48150db53bf92dcf600bcb8f0526baa2e6124f46468f59958c8a91495eb003d16a45b659c8cbb2d3481c4732a0d1f5945a2c98c09549ef8a51ed18a3d WHIRLPOOL c5024e94a1c93eb701cc5b9694e401cd5e03d33ca8fa5043d70c1b35fa092e916e89c206d8c2eb635410e32a6a1059705d23ca541a0e4c47efa42605b88258d0 diff --git a/sys-auth/pam_ldap/metadata.xml b/sys-auth/pam_ldap/metadata.xml new file mode 100644 index 000000000000..b3bf86cd59b4 --- /dev/null +++ b/sys-auth/pam_ldap/metadata.xml @@ -0,0 +1,8 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<herd>pam</herd> +<maintainer> +<email>pam-bugs@gentoo.org</email> +</maintainer> +</pkgmetadata> diff --git a/sys-auth/pam_ldap/pam_ldap-183.ebuild b/sys-auth/pam_ldap/pam_ldap-183.ebuild new file mode 100644 index 000000000000..26d0b176c654 --- /dev/null +++ b/sys-auth/pam_ldap/pam_ldap-183.ebuild @@ -0,0 +1,42 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +inherit eutils pam autotools + +DESCRIPTION="PAM LDAP Module" +HOMEPAGE="http://www.padl.com/OSS/pam_ldap.html" +SRC_URI="http://www.padl.com/download/${P}.tar.gz" + +LICENSE="|| ( GPL-2 LGPL-2 )" +SLOT="0" +KEYWORDS="alpha amd64 hppa ~mips ppc ppc64 sparc x86" +IUSE="ssl sasl" +DEPEND=">=sys-libs/glibc-2.1.3 + >=sys-libs/pam-0.72 + >=net-nds/openldap-2.1.30-r5 + sasl? ( dev-libs/cyrus-sasl )" + +src_unpack() { + unpack ${A} + #EPATCH_OPTS="-p1 -d ${S}" epatch ${FILESDIR}/${PN}-176-fix-referral-tls.patch + + cd "${S}" + eautoreconf +} + +src_compile() { + econf --with-ldap-lib=openldap `use_enable ssl` || die + emake || die +} + +src_install() { + dopammod pam_ldap.so + + dodoc pam.conf ldap.conf ldapns.schema chsh chfn certutil + dodoc ChangeLog CVSVersionInfo.txt README AUTHORS ns-pwd-policy.schema + doman pam_ldap.5 + + docinto pam.d + dodoc pam.d/* +} diff --git a/sys-auth/pam_ldap/pam_ldap-184.ebuild b/sys-auth/pam_ldap/pam_ldap-184.ebuild new file mode 100644 index 000000000000..81553da9589e --- /dev/null +++ b/sys-auth/pam_ldap/pam_ldap-184.ebuild @@ -0,0 +1,42 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +inherit eutils pam autotools + +DESCRIPTION="PAM LDAP Module" +HOMEPAGE="http://www.padl.com/OSS/pam_ldap.html" +SRC_URI="http://www.padl.com/download/${P}.tar.gz" + +LICENSE="|| ( GPL-2 LGPL-2 )" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86" +IUSE="ssl sasl" +DEPEND=">=sys-libs/glibc-2.1.3 + >=sys-libs/pam-0.72 + >=net-nds/openldap-2.1.30-r5 + sasl? ( dev-libs/cyrus-sasl )" + +src_unpack() { + unpack ${A} + #EPATCH_OPTS="-p1 -d ${S}" epatch ${FILESDIR}/${PN}-176-fix-referral-tls.patch + + cd "${S}" + eautoreconf +} + +src_compile() { + econf --with-ldap-lib=openldap `use_enable ssl` || die + emake || die +} + +src_install() { + dopammod pam_ldap.so + + dodoc pam.conf ldap.conf ldapns.schema chsh chfn certutil + dodoc ChangeLog CVSVersionInfo.txt README AUTHORS ns-pwd-policy.schema + doman pam_ldap.5 + + docinto pam.d + dodoc pam.d/* +} diff --git a/sys-auth/pam_ldap/pam_ldap-186-r1.ebuild b/sys-auth/pam_ldap/pam_ldap-186-r1.ebuild new file mode 100644 index 000000000000..74ef49e2e291 --- /dev/null +++ b/sys-auth/pam_ldap/pam_ldap-186-r1.ebuild @@ -0,0 +1,54 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 +inherit eutils multilib-minimal pam + +DESCRIPTION="PAM LDAP Module" +HOMEPAGE="http://www.padl.com/OSS/pam_ldap.html" +SRC_URI="http://www.padl.com/download/${P}.tar.gz" + +LICENSE="|| ( GPL-2 LGPL-2 )" +SLOT="0" +KEYWORDS="alpha amd64 arm hppa ia64 ~mips ppc ppc64 sparc x86 ~x86-fbsd" +IUSE="ssl sasl" + +DEPEND="|| ( >=sys-libs/glibc-2.1.3 >=sys-freebsd/freebsd-lib-9.1 ) + >=virtual/pam-0-r1[${MULTILIB_USEDEP}] + >=net-nds/openldap-2.4.38-r1[${MULTILIB_USEDEP}] + sasl? ( >=dev-libs/cyrus-sasl-2.1.26-r3[${MULTILIB_USEDEP}] )" +RDEPEND="${DEPEND} + abi_x86_32? ( + !<=app-emulation/emul-linux-x86-baselibs-20140508-r7 + !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] + )" + +multilib_src_configure() { + local myconf=( + --with-ldap-lib=openldap + $(use_enable ssl) + ) + use sasl || myconf+=( ac_cv_header_sasl_sasl_h=no ) + + ECONF_SOURCE=${S} \ + econf "${myconf[@]}" +} + +multilib_src_compile() { + PERL5LIB=${S} \ + emake +} + +multilib_src_install() { + dopammod pam_ldap.so +} + +multilib_src_install_all() { + dodoc pam.conf ldap.conf ldapns.schema chsh chfn certutil + dodoc ChangeLog CVSVersionInfo.txt README AUTHORS ns-pwd-policy.schema + doman pam_ldap.5 + + docinto pam.d + dodoc pam.d/* +} diff --git a/sys-auth/pam_ldap/pam_ldap-186.ebuild b/sys-auth/pam_ldap/pam_ldap-186.ebuild new file mode 100644 index 000000000000..3ff2bfb7b1a3 --- /dev/null +++ b/sys-auth/pam_ldap/pam_ldap-186.ebuild @@ -0,0 +1,40 @@ +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +inherit eutils pam + +DESCRIPTION="PAM LDAP Module" +HOMEPAGE="http://www.padl.com/OSS/pam_ldap.html" +SRC_URI="http://www.padl.com/download/${P}.tar.gz" + +LICENSE="|| ( GPL-2 LGPL-2 )" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd" +IUSE="ssl sasl" +DEPEND="|| ( >=sys-libs/glibc-2.1.3 >=sys-freebsd/freebsd-lib-9.1 ) + virtual/pam + >=net-nds/openldap-2.1.30-r5 + sasl? ( dev-libs/cyrus-sasl )" + +src_unpack() { + unpack ${A} + + cd "${S}" +} + +src_compile() { + econf --with-ldap-lib=openldap `use_enable ssl` || die + emake || die +} + +src_install() { + dopammod pam_ldap.so + + dodoc pam.conf ldap.conf ldapns.schema chsh chfn certutil + dodoc ChangeLog CVSVersionInfo.txt README AUTHORS ns-pwd-policy.schema + doman pam_ldap.5 + + docinto pam.d + dodoc pam.d/* +} diff --git a/sys-auth/pam_mktemp/Manifest b/sys-auth/pam_mktemp/Manifest new file mode 100644 index 000000000000..95cf3aaf4a6e --- /dev/null +++ b/sys-auth/pam_mktemp/Manifest @@ -0,0 +1 @@ +DIST pam_mktemp-1.1.1.tar.gz 6754 SHA256 66cf80c18439ca3456db96402f2eeac14b1a0503cc1d1be7f2b16d5f079f3f3d SHA512 e2e42115a1fe70c128397d842dc69f96863d721dfa886ebc21b5e8249333adc671d74213ecf1222d65417cd4747eb6114f515271fd7eac4376a2b7e28925996d WHIRLPOOL 3d59873ffad85de82c385a3d5f6c221a2fac061463bc85c176e401ba2456995b21448ba9b6518a876763753a654d880c5a4e723e123c5a5e10ecdf005cd0c7e4 diff --git a/sys-auth/pam_mktemp/files/pam_mktemp-1.1.1-e2fsprogs-libs.patch b/sys-auth/pam_mktemp/files/pam_mktemp-1.1.1-e2fsprogs-libs.patch new file mode 100644 index 000000000000..34e1a8591f77 --- /dev/null +++ b/sys-auth/pam_mktemp/files/pam_mktemp-1.1.1-e2fsprogs-libs.patch @@ -0,0 +1,49 @@ +Index: pam_mktemp-1.1.1/pam_mktemp.c +=================================================================== +--- pam_mktemp-1.1.1.orig/pam_mktemp.c ++++ pam_mktemp-1.1.1/pam_mktemp.c +@@ -55,7 +55,7 @@ + */ + # include <fcntl.h> + # include <sys/ioctl.h> +-# include <ext2fs/ext2_fs.h> ++# include <linux/fs.h> + #else + # undef USE_APPEND_FL + #endif /* HAVE_APPEND_FL */ +@@ -88,7 +88,7 @@ static int ext2fs_chflags(const char *na + if ((fd = open(name, O_RDONLY)) < 0) + return -1; + +- if (ioctl(fd, EXT2_IOC_GETFLAGS, &old_flags)) { ++ if (ioctl(fd, FS_IOC_GETFLAGS, &old_flags)) { + if ((errno == ENOTTY) /* Inappropriate ioctl for device */ + || (errno == ENOSYS)) /* Function not implemented */ + errno = EOPNOTSUPP; +@@ -98,7 +98,7 @@ static int ext2fs_chflags(const char *na + + new_flags = (old_flags | set) & ~clear; + if (new_flags != old_flags) +- retval = ioctl(fd, EXT2_IOC_SETFLAGS, &new_flags); ++ retval = ioctl(fd, FS_IOC_SETFLAGS, &new_flags); + + if (close(fd)) + retval = -1; +@@ -233,7 +233,7 @@ PAM_EXTERN int pam_sm_open_session(pam_h + */ + + #ifdef USE_APPEND_FL +- ext2fs_chflags(PRIVATE_PREFIX, EXT2_APPEND_FL, 0); ++ ext2fs_chflags(PRIVATE_PREFIX, FS_APPEND_FL, 0); + #endif /* USE_APPEND_FL */ + + userdir = malloc(strlen(PRIVATE_PREFIX) + strlen(user) + 2); +@@ -260,7 +260,7 @@ PAM_EXTERN int pam_sm_open_session(pam_h + } else { + /* Don't let the append-only flag get inherited + * from the parent directory. */ +- if (ext2fs_chflags(userdir, 0, EXT2_APPEND_FL) && ++ if (ext2fs_chflags(userdir, 0, FS_APPEND_FL) && + errno != EOPNOTSUPP) + goto out; + #endif /* HAVE_APPEND_FL */ diff --git a/sys-auth/pam_mktemp/metadata.xml b/sys-auth/pam_mktemp/metadata.xml new file mode 100644 index 000000000000..d7c694df6206 --- /dev/null +++ b/sys-auth/pam_mktemp/metadata.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<herd>pam</herd> +<maintainer> +<email>swegener@gentoo.org</email> +</maintainer> +<use> +<flag name='prevent-removal'>If supported, set EXT2_APPEND_FL on /tmp/.private to prevent temporary directories from being removed</flag> +</use> +</pkgmetadata> diff --git a/sys-auth/pam_mktemp/pam_mktemp-1.1.1.ebuild b/sys-auth/pam_mktemp/pam_mktemp-1.1.1.ebuild new file mode 100644 index 000000000000..f394073b6e19 --- /dev/null +++ b/sys-auth/pam_mktemp/pam_mktemp-1.1.1.ebuild @@ -0,0 +1,47 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="4" + +inherit toolchain-funcs pam eutils + +DESCRIPTION="Create per-user private temporary directories during login" +HOMEPAGE="http://www.openwall.com/pam/" +SRC_URI="http://www.openwall.com/pam/modules/${PN}/${P}.tar.gz" + +LICENSE="BSD-2" # LICENSE file says "heavily cut-down 'BSD license'" +SLOT="0" +KEYWORDS="alpha amd64 arm hppa ia64 m68k ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~x86-freebsd ~amd64-linux ~ia64-linux ~x86-linux" +IUSE="selinux +prevent-removal" + +RDEPEND="virtual/pam + selinux? ( sys-libs/libselinux )" +DEPEND="${RDEPEND} + prevent-removal? ( sys-kernel/linux-headers )" + +src_prepare() { + epatch "${FILESDIR}"/${P}-e2fsprogs-libs.patch +} + +src_compile() { + emake \ + CC="$(tc-getCC)" \ + CFLAGS="${CFLAGS} -fPIC" \ + LDFLAGS="${LDFLAGS} --shared -Wl,--version-script,\$(MAP)" \ + USE_SELINUX="$(use selinux && echo 1 || echo 0)" \ + USE_APPEND_FL="$(use prevent-removal && echo 1 || echo 0)" +} + +src_install() { + dopammod pam_mktemp.so + dodoc README +} + +pkg_postinst() { + elog "To enable pam_mktemp put something like" + elog + elog "session optional pam_mktemp.so" + elog + elog "into /etc/pam.d/system-auth!" +} diff --git a/sys-auth/pam_mount/Manifest b/sys-auth/pam_mount/Manifest new file mode 100644 index 000000000000..d6183382f99f --- /dev/null +++ b/sys-auth/pam_mount/Manifest @@ -0,0 +1,2 @@ +DIST pam_mount-2.14.tar.xz 312776 SHA256 6f66cbb34568875772d854d3f2a8948f97f3f1c7f30e3ea2474e1d4b227adcf9 SHA512 621fc13f01c625bb0c8cb9ac1b7bcfd9851f239b37c4479eb9ff958ad2b7f00698df32e32893558119f486e2e5fa05514f6e8e34498359c432db75706cc2477e WHIRLPOOL 6d4f74067e73cb61cb777d8125c2d4bb4e41510e4ec031b23f00cc3eb06c70312b6c53d785c2a4e3509a16fa1880b726bb165e3a81ba27b16d820180a776b30e +DIST pam_mount-2.15.tar.xz 312076 SHA256 a54efb4a8e8dd52c77b15cd36d9354b4733bb9b4cae75083801c18e67fc12a24 SHA512 97252f3b65b1d1a42168b515c384a118e9f06fa68e2ceb9213cfc8ec4b967c52f2cb58742ebe117d7f5764551a371b7f71322a3de5f2912fc8722253081d77a4 WHIRLPOOL bbaacf839861d70e4fafdce07aad1f7fb35eb8c18cbd8d37520c60ff38cc8e21af428a0348a35d6ff134a5e198add201fb81b632832abd8ef75f04f8b3ce29e5 diff --git a/sys-auth/pam_mount/metadata.xml b/sys-auth/pam_mount/metadata.xml new file mode 100644 index 000000000000..d4f01ee52fea --- /dev/null +++ b/sys-auth/pam_mount/metadata.xml @@ -0,0 +1,14 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer> + <email>hanno@gentoo.org</email> + </maintainer> + <maintainer> + <email>mattst88@gentoo.org</email> + <name>Matt Turner</name> + </maintainer> + <upstream> + <remote-id type="sourceforge">pam-mount</remote-id> + </upstream> +</pkgmetadata> diff --git a/sys-auth/pam_mount/pam_mount-2.14.ebuild b/sys-auth/pam_mount/pam_mount-2.14.ebuild new file mode 100644 index 000000000000..d7cefddfe633 --- /dev/null +++ b/sys-auth/pam_mount/pam_mount-2.14.ebuild @@ -0,0 +1,42 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=4 + +inherit multilib + +DESCRIPTION="A PAM module that can mount volumes for a user session" +HOMEPAGE="http://pam-mount.sourceforge.net" +SRC_URI="mirror://sourceforge/pam-mount/${P}.tar.xz" + +LICENSE="GPL-3" +SLOT="0" +KEYWORDS="amd64 ppc x86" + +IUSE="crypt ssl selinux" + +COMMON_DEPEND=">=sys-libs/pam-0.99 + >=sys-libs/libhx-3.12.1 + >=dev-libs/libxml2-2.6 + crypt? ( >=sys-fs/cryptsetup-1.1.0 ) + ssl? ( >=dev-libs/openssl-0.9.8 ) + selinux? ( sys-libs/libselinux )" +DEPEND="${COMMON_DEPEND} + virtual/pkgconfig + app-arch/xz-utils" +RDEPEND="${COMMON_DEPEND} + >=sys-apps/util-linux-2.20" + +src_configure() { + econf --with-slibdir="/$(get_libdir)" \ + $(use_with crypt cryptsetup) \ + $(use_with ssl crypto) \ + $(use_with selinux) +} + +src_install() { + default + use selinux || rm -r "${D}"/etc/selinux + dodoc doc/*.txt +} diff --git a/sys-auth/pam_mount/pam_mount-2.15.ebuild b/sys-auth/pam_mount/pam_mount-2.15.ebuild new file mode 100644 index 000000000000..8a97aaa49bba --- /dev/null +++ b/sys-auth/pam_mount/pam_mount-2.15.ebuild @@ -0,0 +1,41 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +inherit multilib + +DESCRIPTION="A PAM module that can mount volumes for a user session" +HOMEPAGE="http://pam-mount.sourceforge.net" +SRC_URI="mirror://sourceforge/pam-mount/${P}.tar.xz" + +LICENSE="GPL-3" +SLOT="0" +KEYWORDS="amd64 ppc x86" + +IUSE="crypt ssl selinux" + +COMMON_DEPEND=">=sys-libs/pam-0.99 + >=sys-libs/libhx-3.12.1 + >=dev-libs/libxml2-2.6 + crypt? ( >=sys-fs/cryptsetup-1.1.0 ) + ssl? ( >=dev-libs/openssl-0.9.8 ) + selinux? ( sys-libs/libselinux )" +DEPEND="${COMMON_DEPEND} + virtual/pkgconfig" +RDEPEND="${COMMON_DEPEND} + >=sys-apps/util-linux-2.20" + +src_configure() { + econf --with-slibdir="/$(get_libdir)" \ + $(use_with crypt cryptsetup) \ + $(use_with ssl crypto) \ + $(use_with selinux) +} + +src_install() { + default + use selinux || rm -r "${D}"/etc/selinux + dodoc doc/*.txt +} diff --git a/sys-auth/pam_mysql/Manifest b/sys-auth/pam_mysql/Manifest new file mode 100644 index 000000000000..0a9d6512e7a6 --- /dev/null +++ b/sys-auth/pam_mysql/Manifest @@ -0,0 +1 @@ +DIST pam_mysql-0.7RC1.tar.gz 335240 SHA256 cb3cf89b9b51cb196ee8d731f85acbab72b4878a3a7c4183c5534161d4385ce7 SHA512 c057999c62d29dfa7a07db9a8d33d0cf0377dae4770c73019bd85f67c9c92fc9dac36fa606739162a5f7b0f9fbd849e5833fee827febfe4af883b8c2ddbd8b4f WHIRLPOOL 4d47d4be6c95ad70705884f2023975a719d06915ac41738d7c28ceff2d57e0c58187b52314e1f11e0e4bcfe3b3471525a3e97591d653342847f1d2ed66ecdc57 diff --git a/sys-auth/pam_mysql/files/pam_mysql-0.7_rc1-link-to-pam.diff b/sys-auth/pam_mysql/files/pam_mysql-0.7_rc1-link-to-pam.diff new file mode 100644 index 000000000000..0b32b37e9e05 --- /dev/null +++ b/sys-auth/pam_mysql/files/pam_mysql-0.7_rc1-link-to-pam.diff @@ -0,0 +1,9 @@ +--- pam_mysql-0.7RC1/Makefile.am 2005-09-20 07:43:44.000000000 +0200 ++++ pam_mysql-0.7RC1-1/Makefile.am 2011-09-13 09:21:53.198200066 +0200 +@@ -3,5 +3,6 @@ + noinst_FILES=pam_mysql.la pam_mysql.a + pam_mysql_la_SOURCES=pam_mysql.c + pam_mysql_la_LDFLAGS=-module -avoid-version ++pam_mysql_la_LIBADD=-lpam + INCLUDES=@INCLUDES@ + EXTRA_DIST=COPYING NEWS README CREDITS ChangeLog INSTALL pam_mysql.spec.in install-sh missing mkinstalldirs pkg.m4 pam_mysql.spec diff --git a/sys-auth/pam_mysql/files/pam_mysql-0.7_rc1-memleak.diff b/sys-auth/pam_mysql/files/pam_mysql-0.7_rc1-memleak.diff new file mode 100644 index 000000000000..e746be72029d --- /dev/null +++ b/sys-auth/pam_mysql/files/pam_mysql-0.7_rc1-memleak.diff @@ -0,0 +1,10 @@ +--- pam_mysql-0.7RC1/pam_mysql.c 2006-01-09 11:35:59.000000000 +0100 ++++ pam_mysql-0.7RC1-1/pam_mysql.c 2011-10-18 20:26:38.655425994 +0200 +@@ -2338,6 +2338,7 @@ + } + + mysql_close(ctx->mysql_hdl); ++ mysql_library_end(); + + xfree(ctx->mysql_hdl); + ctx->mysql_hdl = NULL; diff --git a/sys-auth/pam_mysql/metadata.xml b/sys-auth/pam_mysql/metadata.xml new file mode 100644 index 000000000000..54820a93fe8c --- /dev/null +++ b/sys-auth/pam_mysql/metadata.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <herd>mysql</herd> + <use> + <flag name="openssl">Use OpenSSL for md5 and sha1 support</flag> + </use> + <upstream> + <remote-id type="sourceforge">pam-mysql</remote-id> + </upstream> +</pkgmetadata> diff --git a/sys-auth/pam_mysql/pam_mysql-0.7_rc1-r4.ebuild b/sys-auth/pam_mysql/pam_mysql-0.7_rc1-r4.ebuild new file mode 100644 index 000000000000..a7c79a131e17 --- /dev/null +++ b/sys-auth/pam_mysql/pam_mysql-0.7_rc1-r4.ebuild @@ -0,0 +1,39 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=2 +inherit autotools libtool pam eutils + +DESCRIPTION="pam_mysql is a module for pam to authenticate users with mysql" +HOMEPAGE="http://pam-mysql.sourceforge.net/" + +SRC_URI="mirror://sourceforge/pam-mysql/${P/_rc/RC}.tar.gz" +DEPEND=">=sys-libs/pam-0.72 virtual/mysql" +RDEPEND="${DEPEND}" +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="alpha amd64 ppc ~sparc x86" +IUSE="openssl" +S="${WORKDIR}/${P/_rc/RC}" + +src_prepare() { + epatch "${FILESDIR}/${P}-link-to-pam.diff" + epatch "${FILESDIR}/${P}-memleak.diff" + eautoreconf + elibtoolize +} + +src_configure() { + econf $(use_with openssl) +} + +src_compile() { + emake || die "emake failed" +} + +src_install() { + emake DESTDIR="${D}" libdir="$(getpam_mod_dir)" install || die "install failed" + rm "${D}/$(getpam_mod_dir)/pam_mysql.la" || die "Failed to remove pam_mysql.la" + dodoc CREDITS ChangeLog NEWS README +} diff --git a/sys-auth/pam_mysql/pam_mysql-0.7_rc1-r5.ebuild b/sys-auth/pam_mysql/pam_mysql-0.7_rc1-r5.ebuild new file mode 100644 index 000000000000..8d0f58c02614 --- /dev/null +++ b/sys-auth/pam_mysql/pam_mysql-0.7_rc1-r5.ebuild @@ -0,0 +1,46 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 +inherit autotools-utils pam + +DESCRIPTION="pam_mysql is a module for pam to authenticate users with mysql" +HOMEPAGE="http://pam-mysql.sourceforge.net/" + +SRC_URI="mirror://sourceforge/pam-mysql/${P/_rc/RC}.tar.gz" +DEPEND=" + openssl? ( dev-libs/openssl:0= ) + >=sys-libs/pam-0.72:0= + virtual/mysql:0= + " +RDEPEND="${DEPEND}" +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="alpha amd64 ppc sparc x86" +IUSE="openssl" +S="${WORKDIR}/${P/_rc/RC}" + +PATCHES=( + "${FILESDIR}/${P}-link-to-pam.diff" + "${FILESDIR}/${P}-memleak.diff" + ) +DOCS=( CREDITS ChangeLog NEWS README ) +AUTOTOOLS_AUTORECONF="yes" +AUTOTOOLS_PRUNE_LIBTOOL_FILES="modules" + +src_prepare() { + # Update autotools deprecated file name and macro for bug 468750 + mv configure.in configure.ac || die "configure rename failed" + sed -i s/AM_CONFIG_HEADER/AC_CONFIG_HEADERS/ configure.ac || die "sed failed" + autotools-utils_src_prepare +} + +src_configure() { + local myeconfargs=( $(use_with openssl) ) + autotools-utils_src_configure +} + +src_install() { + autotools-utils_src_install libdir="$(getpam_mod_dir)" +} diff --git a/sys-auth/pam_p11/Manifest b/sys-auth/pam_p11/Manifest new file mode 100644 index 000000000000..3273bd3800b2 --- /dev/null +++ b/sys-auth/pam_p11/Manifest @@ -0,0 +1 @@ +DIST pam_p11-0.1.5.tar.gz 348181 SHA256 74da875467c4ba156f7cb7eaec0718f92dded03f40db3c6c0423c03f44d9f25a SHA512 848c4671daa535db67c16b2eedc0495ed68cedeffe5a8c657310ff10fcfd17d2a8b4708f343b4b7b17498953ad47fdc133eb7ea885f94f795b29ff3973ceea12 WHIRLPOOL 462aa436e09669976fea5080157ef5d1dd4ce57baa7e807ea3e8443c7c2058827c5cfd51f59687aab4263973317e2d2a12b511b440607df0d752ba73add7fc42 diff --git a/sys-auth/pam_p11/files/pam_symbols.ver b/sys-auth/pam_p11/files/pam_symbols.ver new file mode 100644 index 000000000000..dbc677b77a2d --- /dev/null +++ b/sys-auth/pam_p11/files/pam_symbols.ver @@ -0,0 +1,4 @@ +{ + global: pam_sm_*; + local: *; +}; diff --git a/sys-auth/pam_p11/metadata.xml b/sys-auth/pam_p11/metadata.xml new file mode 100644 index 000000000000..241f5bf2327c --- /dev/null +++ b/sys-auth/pam_p11/metadata.xml @@ -0,0 +1,10 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <herd>crypto</herd> + <herd>pam</herd> + <upstream> + <remote-id type="sourceforge">opensc</remote-id> + <remote-id type="github">opensc/pam_p11</remote-id> + </upstream> +</pkgmetadata> diff --git a/sys-auth/pam_p11/pam_p11-0.1.5-r1.ebuild b/sys-auth/pam_p11/pam_p11-0.1.5-r1.ebuild new file mode 100644 index 000000000000..8795db62a44c --- /dev/null +++ b/sys-auth/pam_p11/pam_p11-0.1.5-r1.ebuild @@ -0,0 +1,43 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=2 + +inherit pam flag-o-matic + +DESCRIPTION="PAM module for authenticating against PKCS#11 tokens" +HOMEPAGE="https://github.com/opensc/pam_p11/wiki" +SRC_URI="mirror://sourceforge/opensc/${PN}/${P}.tar.gz" + +LICENSE="LGPL-2.1" +SLOT="0" +KEYWORDS="alpha amd64 hppa ia64 ppc ppc64 sparc x86" +IUSE="" + +RDEPEND="virtual/pam + dev-libs/libp11 + dev-libs/openssl" +DEPEND="${RDEPEND} + virtual/pkgconfig" + +src_configure() { + # hide all the otherwise-exported symbols that may clash with + # other software loading the PAM modules (see bug #274924 as an + # example). + append-ldflags -Wl,--version-script="${FILESDIR}"/pam_symbols.ver + + econf \ + --disable-static \ + --disable-dependency-tracking \ + --enable-fast-install \ + || die +} + +src_install() { + dopammod src/.libs/pam_p11_opensc.so + dopammod src/.libs/pam_p11_openssh.so + + dohtml doc/*.html doc/*.css || die + dodoc NEWS || die +} diff --git a/sys-auth/pam_passwdqc/Manifest b/sys-auth/pam_passwdqc/Manifest new file mode 100644 index 000000000000..5735f02749ad --- /dev/null +++ b/sys-auth/pam_passwdqc/Manifest @@ -0,0 +1,2 @@ +DIST pam_passwdqc-1.0.4.tar.gz 30572 SHA256 192d0eb131f203fd809c371751aa1a670df044190b56444b1e6576d8c8672cb6 +DIST pam_passwdqc-1.0.5.tar.gz 29973 SHA256 32528ddf7d8219c788b6e7702361611ff16c6340b6dc0f418ff164aadc4a4a88 SHA512 8ae6cb4cc520b06b05fadf60ac360964721a8a1e4481aff9cd7247c203e62b58d3aed4c14ba687b303de820689e0f5cdcf070fd396b7e13b0aae4cc5d1442235 WHIRLPOOL 78876bfcb8cf9225f393b5ad3edfb1b603f4a53d5c9f34856cffb838cacc97e270b94e14774e67f419599bbee0eb532bc62b32aa78f3e10f48ad8668cceb9008 diff --git a/sys-auth/pam_passwdqc/files/pam_passwdqc-1.0.4-makefile.patch b/sys-auth/pam_passwdqc/files/pam_passwdqc-1.0.4-makefile.patch new file mode 100644 index 000000000000..13f8bd435ddf --- /dev/null +++ b/sys-auth/pam_passwdqc/files/pam_passwdqc-1.0.4-makefile.patch @@ -0,0 +1,44 @@ +Index: pam_passwdqc-1.0.4/Makefile +=================================================================== +--- pam_passwdqc-1.0.4.orig/Makefile ++++ pam_passwdqc-1.0.4/Makefile +@@ -7,11 +7,11 @@ LD = $(CC) + RM = rm -f + MKDIR = mkdir -p + INSTALL = install -c +-CFLAGS = -Wall -fPIC -O2 +-LDFLAGS = -s --shared +-LDFLAGS_LINUX = -s --shared -Wl,--version-script,$(MAP) +-LDFLAGS_SUN = -s -G +-LDFLAGS_HP = -s -b ++CFLAGS = -Wall -fPIC $(OPTCFLAGS) ++LDFLAGS_GENERIC = --shared ++LDFLAGS_LINUX = --shared -Wl,--version-script,$(MAP) ++LDFLAGS_SUN = -G ++LDFLAGS_HP = -b + LDLIBS = -lpam -lcrypt + LDLIBS_LINUX = -lpam -lcrypt + LDLIBS_SUN = -lpam -lcrypt +@@ -41,18 +41,18 @@ MAP = pam_passwdqc.map + all: + if [ "`uname -s`" = "Linux" ]; then \ + $(MAKE) CFLAGS="$(CFLAGS) -DHAVE_SHADOW" \ +- LDFLAGS="$(LDFLAGS_LINUX)" LDLIBS="$(LDLIBS_LINUX)" \ ++ LDFLAGS="$(LDFLAGS) $(LDFLAGS_LINUX)" LDLIBS="$(LDLIBS_LINUX)" \ + $(PROJ); \ + elif [ "`uname -s`" = "SunOS" ]; then \ + $(MAKE) CFLAGS="$(CFLAGS) -DHAVE_SHADOW" \ +- LD=ld LDFLAGS="$(LDFLAGS_SUN)" LDLIBS="$(LDLIBS_SUN)" \ ++ LD=ld LDFLAGS="$(LDFLAGS) $(LDFLAGS_SUN)" LDLIBS="$(LDLIBS_SUN)" \ + $(PROJ); \ + elif [ "`uname -s`" = "HP-UX" ]; then \ + $(MAKE) CFLAGS="$(CFLAGS) -DHAVE_SHADOW" \ +- LD=ld LDFLAGS="$(LDFLAGS_HP)" LDLIBS="$(LDLIBS_HP)" \ ++ LD=ld LDFLAGS="$(LDFLAGS) $(LDFLAGS_HP)" LDLIBS="$(LDLIBS_HP)" \ + $(PROJ); \ + else \ +- $(MAKE) $(PROJ); \ ++ $(MAKE) LDFLAGS="$(LDFLAGS) $(LDFLAGS_GENERIC)" $(PROJ); \ + fi + + $(LIBSHARED): $(OBJS) $(MAP) diff --git a/sys-auth/pam_passwdqc/files/pam_passwdqc-1.0.5-makefile.patch b/sys-auth/pam_passwdqc/files/pam_passwdqc-1.0.5-makefile.patch new file mode 100644 index 000000000000..20375b76a381 --- /dev/null +++ b/sys-auth/pam_passwdqc/files/pam_passwdqc-1.0.5-makefile.patch @@ -0,0 +1,35 @@ +Index: pam_passwdqc-1.0.5/Makefile +=================================================================== +--- pam_passwdqc-1.0.5.orig/Makefile ++++ pam_passwdqc-1.0.5/Makefile +@@ -7,8 +7,8 @@ LD = $(CC) + RM = rm -f + MKDIR = mkdir -p + INSTALL = install -c +-CFLAGS = -Wall -fPIC -O2 +-LDFLAGS = --shared ++CFLAGS = -Wall -fPIC -O2 $(OPTCFLAGS) ++LDFLAGS_GENERIC = --shared + LDFLAGS_LINUX = --shared -Wl,--version-script,$(MAP) + LDFLAGS_SUN = -G + LDFLAGS_HP = -b +@@ -41,16 +41,16 @@ MAP = pam_passwdqc.map + all: + case "`uname -s`" in \ + Linux) $(MAKE) CFLAGS="$(CFLAGS) -DHAVE_SHADOW" \ +- LDFLAGS="$(LDFLAGS_LINUX)" LDLIBS="$(LDLIBS_LINUX)" \ ++ LDFLAGS="$(LDFLAGS) $(LDFLAGS_LINUX)" LDLIBS="$(LDLIBS_LINUX)" \ + $(PROJ);; \ + SunOS) $(MAKE) CFLAGS="$(CFLAGS) -DHAVE_SHADOW" \ +- LD=ld LDFLAGS="$(LDFLAGS_SUN)" LDLIBS="$(LDLIBS_SUN)" \ ++ LD=ld LDFLAGS="$(LDFLAGS) $(LDFLAGS_SUN)" LDLIBS="$(LDLIBS_SUN)" \ + $(PROJ);; \ + HP-UX) $(MAKE) CFLAGS="$(CFLAGS) -DHAVE_SHADOW" \ +- LD=ld LDFLAGS="$(LDFLAGS_HP)" LDLIBS="$(LDLIBS_HP)" \ ++ LD=ld LDFLAGS="$(LDFLAGS) $(LDFLAGS_HP)" LDLIBS="$(LDLIBS_HP)" \ + $(PROJ);; \ +- *) $(MAKE) $(PROJ);; \ ++ *) $(MAKE) LDFLAGS="$(LDFLAGS) $(LDFLAGS_GENERIC)" $(PROJ);; \ + esac + + $(LIBSHARED): $(OBJS) $(MAP) diff --git a/sys-auth/pam_passwdqc/metadata.xml b/sys-auth/pam_passwdqc/metadata.xml new file mode 100644 index 000000000000..21d4ed40d84b --- /dev/null +++ b/sys-auth/pam_passwdqc/metadata.xml @@ -0,0 +1,14 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<herd>pam</herd> +<maintainer> +<email>pam-bugs@gentoo.org</email> +</maintainer> +<longdescription> + Password strength checking for PAM aware password changing programs. This is an alternative to the default cracklib. +</longdescription> +<longdescription lang="ja"> + パスワード変更プログラムに反応する PAM のパスワード強度検査機能です。これはデフォルトの cracklib の代替です。 +</longdescription> +</pkgmetadata> diff --git a/sys-auth/pam_passwdqc/pam_passwdqc-1.0.4.ebuild b/sys-auth/pam_passwdqc/pam_passwdqc-1.0.4.ebuild new file mode 100644 index 000000000000..90256f4aaffd --- /dev/null +++ b/sys-auth/pam_passwdqc/pam_passwdqc-1.0.4.ebuild @@ -0,0 +1,47 @@ +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +inherit pam eutils toolchain-funcs + +DESCRIPTION="Password strength checking for PAM aware password changing programs" +HOMEPAGE="http://www.openwall.com/passwdqc/" +SRC_URI="http://www.openwall.com/pam/modules/pam_passwdqc/${P}.tar.gz" + +LICENSE="Openwall BSD public-domain" +SLOT="0" +KEYWORDS="alpha ~amd64 arm ~hppa m68k ~mips ppc s390 sh ~sparc x86" + +DEPEND="virtual/pam" +RDEPEND="${DEPEND}" + +src_unpack() { + unpack ${A} + + cd "${S}" + epatch "${FILESDIR}/${P}-makefile.patch" +} + +src_compile() { + emake \ + OPTCFLAGS="${CFLAGS}" \ + CC="$(tc-getCC)" \ + LD="$(tc-getCC)" \ + || die "emake failed" +} + +src_install() { + dopammod pam_passwdqc.so + + doman pam_passwdqc.8 + dodoc README PLATFORMS INTERNALS +} + +pkg_postinst() { + elog + elog "To activate pam_passwdqc use pam_passwdqc.so instead" + elog "of pam_cracklib.so in /etc/pam.d/system-auth." + elog "Also, if you want to change the parameters, read up" + elog "on the pam_passwdqc(8) man page." + elog +} diff --git a/sys-auth/pam_passwdqc/pam_passwdqc-1.0.5.ebuild b/sys-auth/pam_passwdqc/pam_passwdqc-1.0.5.ebuild new file mode 100644 index 000000000000..79ae91d2d5a2 --- /dev/null +++ b/sys-auth/pam_passwdqc/pam_passwdqc-1.0.5.ebuild @@ -0,0 +1,47 @@ +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +inherit pam eutils toolchain-funcs + +DESCRIPTION="Password strength checking for PAM aware password changing programs" +HOMEPAGE="http://www.openwall.com/passwdqc/" +SRC_URI="http://www.openwall.com/pam/modules/pam_passwdqc/${P}.tar.gz" + +LICENSE="Openwall BSD public-domain" +SLOT="0" +KEYWORDS="alpha amd64 arm hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~x86-freebsd ~amd64-linux ~ia64-linux ~x86-linux" + +DEPEND="virtual/pam" +RDEPEND="${DEPEND}" + +src_unpack() { + unpack ${A} + + cd "${S}" + epatch "${FILESDIR}/${P}-makefile.patch" +} + +src_compile() { + emake \ + OPTCFLAGS="${CFLAGS}" \ + CC="$(tc-getCC)" \ + LD="$(tc-getCC)" \ + || die "emake failed" +} + +src_install() { + dopammod pam_passwdqc.so + + doman pam_passwdqc.8 + dodoc README PLATFORMS INTERNALS +} + +pkg_postinst() { + elog + elog "To activate pam_passwdqc use pam_passwdqc.so instead" + elog "of pam_cracklib.so in /etc/pam.d/system-auth." + elog "Also, if you want to change the parameters, read up" + elog "on the pam_passwdqc(8) man page." + elog +} diff --git a/sys-auth/pam_passwdqc/pam_passwdqc-1.3.0.ebuild b/sys-auth/pam_passwdqc/pam_passwdqc-1.3.0.ebuild new file mode 100644 index 000000000000..cbb3e8b9f2ac --- /dev/null +++ b/sys-auth/pam_passwdqc/pam_passwdqc-1.3.0.ebuild @@ -0,0 +1,15 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="5" + +DESCRIPTION="Stub ebuild to help migrate to newer package name" +HOMEPAGE="http://www.openwall.com/passwdqc/" + +LICENSE="Openwall BSD public-domain" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~x86-freebsd ~amd64-linux ~ia64-linux ~x86-linux" + +DEPEND="sys-auth/passwdqc[pam]" +RDEPEND="${DEPEND}" diff --git a/sys-auth/pam_pkcs11/Manifest b/sys-auth/pam_pkcs11/Manifest new file mode 100644 index 000000000000..092c4bcf285f --- /dev/null +++ b/sys-auth/pam_pkcs11/Manifest @@ -0,0 +1 @@ +DIST pam_pkcs11-0.6.8.tar.gz 1147059 SHA256 9d942e542ef35d0e1f990d9ff5bf9df0af84c828ed081add2eb1b4d84f0efbda SHA512 6759ddb27eecb9e4dfbaf5423fcbeeb03b1ae2200b772e32b105d12845c202e461088f70c71712f13e7150ff03f7714d1225a1e62ced005ca1a36872622d72ac WHIRLPOOL 175ef94f6d80abc1ef374d39835dab0ce6e10f062650540880d9a98b7899c87cdd1066f1abed6c9310ec9b6dba19cae9267674274b2a3ebe4a003ccc2f6a1b5d diff --git a/sys-auth/pam_pkcs11/metadata.xml b/sys-auth/pam_pkcs11/metadata.xml new file mode 100644 index 000000000000..4b954a4e72f0 --- /dev/null +++ b/sys-auth/pam_pkcs11/metadata.xml @@ -0,0 +1,20 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <herd>crypto</herd> + <herd>pam</herd> + <use> + <flag name="pcsc-lite"> + Build the card_eventmanager binary used to detect card removal and lock the sessions. This + needs <pkg>sys-apps/pcsc-lite</pkg>. + </flag> + <flag name="nss"> + Use Mozilla NSS (<pkg>dev-libs/nss</pkg>) as provider for PKCS#11 access, rather than using + OpenSSL with a custom implementation of the PKC#11 protocol. + </flag> + </use> + <upstream> + <remote-id type="sourceforge">opensc</remote-id> + <remote-id type="github">opensc/pam_pkcs11</remote-id> + </upstream> +</pkgmetadata> diff --git a/sys-auth/pam_pkcs11/pam_pkcs11-0.6.8.ebuild b/sys-auth/pam_pkcs11/pam_pkcs11-0.6.8.ebuild new file mode 100644 index 000000000000..3085ec3d1d72 --- /dev/null +++ b/sys-auth/pam_pkcs11/pam_pkcs11-0.6.8.ebuild @@ -0,0 +1,107 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=4 + +inherit multilib pam + +DESCRIPTION="PKCS#11 PAM library" +HOMEPAGE="https://github.com/opensc/pam_pkcs11/wiki" +SRC_URI="mirror://sourceforge/opensc/${PN}/${P}.tar.gz" + +LICENSE="LGPL-2.1" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" +IUSE="curl ldap nss +pcsc-lite" + +RDEPEND="sys-libs/pam + curl? ( net-misc/curl ) + ldap? ( net-nds/openldap ) + nss? ( + dev-libs/nss + curl? ( || ( net-misc/curl[-ssl] net-misc/curl[ssl,curl_ssl_nss] ) ) + ) + !nss? ( + dev-libs/openssl + curl? ( || ( net-misc/curl[-ssl] net-misc/curl[ssl,-curl_ssl_nss] ) ) + ) + pcsc-lite? ( sys-apps/pcsc-lite )" +DEPEND="${RDEPEND} + virtual/pkgconfig" + +src_prepare() { + # Fix the example files to be somewhat decent, and usable as + # default configuration + sed -i \ + -e '/try_first_pass/s:false:true:' \ + -e '/debug =/s:true:false:' \ + -e 's:\(/usr\|\${exec_prefix}\)/lib/:/usr/'$(get_libdir)/':g' \ + etc/pam_pkcs11.conf.example.in \ + etc/pkcs11_eventmgr.conf.example || die "sed failed" +} + +src_configure() { + econf \ + $(use_with curl) \ + $(use_with pcsc-lite pcsclite) \ + $(use_with ldap) \ + $(use_with nss) \ + --docdir=/usr/share/doc/${PF} \ + --htmldir=/usr/share/doc/${PF}/html \ + --disable-silent-rules +} + +src_install() { + emake DESTDIR="${D}" pamdir="$(getpam_mod_dir)" install + + # These are all dlopened plugins, so .la files are useless. + find "${D}" -name '*.la' -delete || die + + dodoc AUTHORS ChangeLog ChangeLog.svn NEWS README TODO doc/README.* + dohtml doc/api/* + + # Provide some basic configuration + keepdir /etc/pam_pkcs11{,/{cacerts,crl}} + + insinto /etc/pam_pkcs11 + newins etc/pam_pkcs11.conf.example pam_pkcs11.conf + newins etc/pkcs11_eventmgr.conf.example pkcs11_eventmgr.conf +} + +pkg_config() { + local dir + for dir in "${EROOT}"etc/${PN}/{cacerts,crl}; do + pushd "${dir}" > /dev/null + ebegin "Creating hash links in '${dir}'" + "${EROOT}usr/bin/pkcs11_make_hash_link" || die + eend $? + popd > /dev/null + done +} + +pkg_postinst() { + elog "For ${PN} to work you need a PKCS#11 provider, such as one of:" + elog " - dev-libs/opensc" + elog " - dev-libs/opencryptoki" + elog "" + elog "You probably want to configure the '${EROOT}etc/${PN}/${PN}.conf' file with" + elog "the settings for your pkcs11 provider." + elog "" + elog "You might also want to set up '${EROOT}etc/${PN}/pkcs11_eventmgr.conf' with" + elog "the settings for the event manager, and start it up at user login." +} + +# TODO list! +# +# - we need to find a way allow the user to choose whether to start the +# event manager at _all_ the logins, and if that's the case, lock all +# kind of sessions (terminal _and_ X); +# - upstream should probably migrate the configuration of the event +# manager on a per-user basis, since it makes little sense to be _all_ +# system-level configuration; +# - we should probably provide some better config support that ensures +# the configuration to be valid, as well as creating the symlinks; +# - we should probably add support for nss; +# - we should move the configuration in /etc/security as for the rest +# of PAM-related configuration. diff --git a/sys-auth/pam_radius/Manifest b/sys-auth/pam_radius/Manifest new file mode 100644 index 000000000000..a9b6965a56de --- /dev/null +++ b/sys-auth/pam_radius/Manifest @@ -0,0 +1 @@ +DIST pam_radius-1.3.17.tar.gz 31341 SHA256 60ee863cbea797be46eff8b9d568af057c6e54335bdb19a6bd2cadde389d7dca SHA512 82fc1431e8fc18c389880da4f93490363af8acd605283a5923c531fede77f449324f1ac4850783355cc7d610b3ee73bd172c94d8b73800c3deaa649af4c41060 WHIRLPOOL 4f0ad918c4bbe7a74fb1b3b3a292842fd8610ae12b3f9d21895c02efade27833c9c85ff42efce03e7500b4389198bb198bc0ecc87555e745ef0f4841a25a7262 diff --git a/sys-auth/pam_radius/files/pam_radius-1.3.17-gentoo.patch b/sys-auth/pam_radius/files/pam_radius-1.3.17-gentoo.patch new file mode 100644 index 000000000000..3e0b02f7020d --- /dev/null +++ b/sys-auth/pam_radius/files/pam_radius-1.3.17-gentoo.patch @@ -0,0 +1,27 @@ +diff -Nru pam_radius-1.3.17.orig/pam_radius_auth.c pam_radius-1.3.17/pam_radius_auth.c +--- pam_radius-1.3.17.orig/pam_radius_auth.c 2007-03-26 11:36:13.000000000 +0200 ++++ pam_radius-1.3.17/pam_radius_auth.c 2008-06-28 08:43:24.000000000 +0200 +@@ -1062,7 +1062,7 @@ + pam_sm_authenticate(pam_handle_t *pamh,int flags,int argc,CONST char **argv) + { + CONST char *user; +- CONST char **userinfo; ++ CONST char *userinfo; + char *password = NULL; + CONST char *rhost; + char *resp2challenge = NULL; +diff -Nru pam_radius-1.3.17.orig/USAGE pam_radius-1.3.17/USAGE +--- pam_radius-1.3.17.orig/USAGE 2008-06-28 08:43:43.000000000 +0200 ++++ pam_radius-1.3.17/USAGE 2008-06-28 08:42:57.000000000 +0200 +@@ -3,9 +3,9 @@ + + The pam configuration can be: + ... +-auth sufficient /lib/security/pam_radius_auth.so [options] ++auth sufficient pam_radius_auth.so [options] + ... +-account sufficient /lib/security/pam_radius_auth.so ++account sufficient pam_radius_auth.so + + --------------------------------------------------------------------------- + diff --git a/sys-auth/pam_radius/files/server b/sys-auth/pam_radius/files/server new file mode 100644 index 000000000000..4c31e60ae856 --- /dev/null +++ b/sys-auth/pam_radius/files/server @@ -0,0 +1,23 @@ +# This is pam_radius_auth configuration file. +# +# There are 3 fields per line in this file. There may be multiple +# lines. Blank lines or lines beginning with '#' are treated as +# comments, and are ignored. The fields are: +# +# server[:port] secret [timeout] +# +# the port name or number is optional. The default port name is +# "radius", and is looked up from /etc/services The timeout field is +# optional. The default timeout is 3 seconds. +# +# If multiple RADIUS server lines exist, they are tried in order. The +# first server to return success or failure causes the module to return +# success or failure. Only if a server fails to response is it skipped, +# and the next server in turn is used. +# +# The timeout field controls how many seconds the module waits before +# deciding that the server has failed to respond. +# +# server[:port] shared_secret timeout (s) +# 127.0.0.1 secret 1 +# other-server other-secret 3 diff --git a/sys-auth/pam_radius/metadata.xml b/sys-auth/pam_radius/metadata.xml new file mode 100644 index 000000000000..d8930ed10bc9 --- /dev/null +++ b/sys-auth/pam_radius/metadata.xml @@ -0,0 +1,10 @@ +<?xml version = '1.0' encoding = 'UTF-8'?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <herd>pam</herd> + <longdescription> + This is the PAM to RADIUS authentication module. It allows any + PAM-capable machine to become a RADIUS client for authentication + and accounting requests. + </longdescription> +</pkgmetadata> diff --git a/sys-auth/pam_radius/pam_radius-1.3.17-r1.ebuild b/sys-auth/pam_radius/pam_radius-1.3.17-r1.ebuild new file mode 100644 index 000000000000..60cce2eb5c6c --- /dev/null +++ b/sys-auth/pam_radius/pam_radius-1.3.17-r1.ebuild @@ -0,0 +1,51 @@ +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +inherit eutils pam toolchain-funcs + +DESCRIPTION="PAM RADIUS authentication module" +HOMEPAGE="http://www.freeradius.org/pam_radius_auth/" +SRC_URI="ftp://ftp.freeradius.org/pub/radius/${P}.tar.gz" + +LICENSE="GPL-2+" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="" + +DEPEND="virtual/pam" +RDEPEND="${DEPEND}" + +src_prepare() { + epatch "${FILESDIR}"/${P}-gentoo.patch +} + +doecho() { + echo "$@" + "$@" || die +} + +src_compile() { + # using the Makefile would require patching it to work properly, so + # rather simply re-create it here. + + pammod_hide_symbols + doecho $(tc-getCC) ${CFLAGS} -shared -fPIC ${LDFLAGS} *.c -lpam -o pam_radius_auth.so +} + +src_install() { + dopammod pam_radius_auth.so + + insopts -m600 + insinto /etc/raddb + doins "${FILESDIR}"/server + + dodoc README Changelog USAGE +} + +pkg_postinst() { + elog "Before you can use this you'll have to add RADIUS servers to /etc/raddb/server." + elog "The usage of pam_radius_auth module is explained in /usr/share/doc/${PF}/USAGE." +} diff --git a/sys-auth/pam_require/Manifest b/sys-auth/pam_require/Manifest new file mode 100644 index 000000000000..7a095766023d --- /dev/null +++ b/sys-auth/pam_require/Manifest @@ -0,0 +1 @@ +DIST pam_require-0.7.tgz 84299 SHA256 91176b7587808862374ff6a8b7b30dd049cdb41d496e3528e02e3505e8037e96 diff --git a/sys-auth/pam_require/metadata.xml b/sys-auth/pam_require/metadata.xml new file mode 100644 index 000000000000..fc75c070a287 --- /dev/null +++ b/sys-auth/pam_require/metadata.xml @@ -0,0 +1,7 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer> + <email>maintainer-needed@gentoo.org</email> + </maintainer> +</pkgmetadata> diff --git a/sys-auth/pam_require/pam_require-0.7.ebuild b/sys-auth/pam_require/pam_require-0.7.ebuild new file mode 100644 index 000000000000..880c202f9618 --- /dev/null +++ b/sys-auth/pam_require/pam_require-0.7.ebuild @@ -0,0 +1,28 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +inherit eutils pam + +DESCRIPTION="Allows you to require a special group or user to access a service" +HOMEPAGE="http://www.splitbrain.org/projects/pam_require" +SRC_URI="http://www.splitbrain.org/_media/projects/pamrequire/${P}.tgz" +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~ia64 ~ppc ~x86" +IUSE="" + +DEPEND="virtual/pam" + +S=${WORKDIR}/${P/_/-} + +src_compile() { + ./configure --prefix=/ || die "econf failed" + emake || die "emake failed" +} + +src_install() { + dopammod "${S}/pam_require.so" + + dodoc AUTHORS ChangeLog NEWS README +} diff --git a/sys-auth/pam_skey/Manifest b/sys-auth/pam_skey/Manifest new file mode 100644 index 000000000000..c08d83cf4b4b --- /dev/null +++ b/sys-auth/pam_skey/Manifest @@ -0,0 +1,2 @@ +DIST pam_skey-1.1.5-patches-6.tar.xz 9264 SHA256 a1e3f43a36cb570e0690394647912c7d51bb335326e1a74ea4f97cdf8c62854d SHA512 c777ed094efe9cbfb275cfb30d036e3a1bd9477b08297815f07156b432a2724f8c08e9e841ef6bf7ba62ccf7df361f541e59024b42164bd35d7eef16da1f75ec WHIRLPOOL 651509487e6a86fd5f96a3ab55d31ecb13cf5d95d0079679665feb0c828e49186325f0670094fda439a73b0e3fbfad4899e32b66220bd3a55e85120ed85b5101 +DIST pam_skey-1.1.5.tar.gz 76963 SHA256 31f56a85780aa59326c7da891687af3820e997a80805dc47171175481f3762f7 SHA512 12817cedf15a3b2287982e4beab5d3b388239cc0a1e141e66e41759ddb2da7fb9dd0df12202dcc8140db0868c8df1a8d19d5859224179e2419ffefd691cb9834 WHIRLPOOL 835da66136cde2a19580c3e75a59cb9eadbbcb76dc542d1c96825438dff5c835d392c2232cae785c2999bc3e65772f06c91dea5fb03b945312a1a3a641647f1e diff --git a/sys-auth/pam_skey/metadata.xml b/sys-auth/pam_skey/metadata.xml new file mode 100644 index 000000000000..f6bcd7962899 --- /dev/null +++ b/sys-auth/pam_skey/metadata.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <herd>pam</herd> + <maintainer> + <email>ulm@gentoo.org</email> + </maintainer> + <upstream> + <remote-id type="freshmeat">pam_skey</remote-id> + </upstream> +</pkgmetadata> diff --git a/sys-auth/pam_skey/pam_skey-1.1.5-r5.ebuild b/sys-auth/pam_skey/pam_skey-1.1.5-r5.ebuild new file mode 100644 index 000000000000..ee9b5510da86 --- /dev/null +++ b/sys-auth/pam_skey/pam_skey-1.1.5-r5.ebuild @@ -0,0 +1,56 @@ +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +inherit eutils pam autotools multilib readme.gentoo + +DESCRIPTION="PAM interface for the S/Key authentication system" +HOMEPAGE="http://freshmeat.net/projects/pam_skey/" +SRC_URI="http://dkorunic.net/tarballs/${P}.tar.gz + mirror://gentoo/${P}-patches-6.tar.xz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="amd64 x86" + +RDEPEND=">=sys-libs/pam-0.78-r3 + >=sys-auth/skey-1.1.5-r4" +DEPEND="${RDEPEND} + app-arch/xz-utils" + +DOCS="README INSTALL" +DOC_CONTENTS="To use the pam_skey module, you need to configure PAM + by adding a line like: + \n\nauth [success=done ignore=ignore auth_err=die default=bad] pam_skey.so\n + \nto an appropriate place in the /etc/pam.d/system-auth file. + Consult the README and INSTALL files in /usr/share/doc/${PF} + for detailed instructions. + \n\nPlease note that calling this module from unprivileged + applications, e.g. screensavers, is not supported. + \n\nError checking has become stricter in pam_skey-1.1.5-r4; + errors returned from the underlying skey library when accessing + the S/Key data base will no longer be ignored. + Make sure that your PAM configuration is correct." + +src_prepare() { + EPATCH_SUFFIX=patch epatch + epatch_user + + cd autoconf + eautoconf + eautoheader + mv configure defs.h.in .. || die "mv failed" +} + +src_configure() { + econf --libdir="/$(get_libdir)" CFLAGS="${CFLAGS} -fPIC" +} + +pkg_postinst() { + case ${REPLACING_VERSIONS} in + 1.1.[45]|1.1.5-r[123]) FORCE_PRINT_ELOG=1 ;; + esac + readme.gentoo_print_elog +} diff --git a/sys-auth/pam_smb/Manifest b/sys-auth/pam_smb/Manifest new file mode 100644 index 000000000000..a80499b42d39 --- /dev/null +++ b/sys-auth/pam_smb/Manifest @@ -0,0 +1 @@ +DIST pam_smb-2.0.0-rc6.tar.gz 115069 SHA256 b787b11dade66b1078553fc0662843f3aa9f69629542ff5fd6802d62555295c5 diff --git a/sys-auth/pam_smb/files/10-pam_smb-bash-3.1.patch b/sys-auth/pam_smb/files/10-pam_smb-bash-3.1.patch new file mode 100644 index 000000000000..570655d82462 --- /dev/null +++ b/sys-auth/pam_smb/files/10-pam_smb-bash-3.1.patch @@ -0,0 +1,12 @@ +diff -Nurp pam_smb-2.0.0_rc6.orig/configure pam_smb-2.0.0_rc6/configure +--- configure 2006-03-17 15:02:01.000000000 +0000 ++++ configure 2006-03-17 15:02:01.000000000 +0000 +@@ -1486,7 +1486,7 @@ else + # results, and the version is kept in special file). + + if test -r /etc/.relid -a "X`uname -n`" = "X`uname -s`" ; then +- system=MP-RAS-`awk '{print $3}' /etc/.relid'` ++ system=MP-RAS-`awk '{print $3}' /etc/.relid` + fi + if test "`uname -s`" = "AIX" ; then + system=AIX-`uname -v`.`uname -r` diff --git a/sys-auth/pam_smb/files/pamsmbd-init b/sys-auth/pam_smb/files/pamsmbd-init new file mode 100644 index 000000000000..e65387ffa533 --- /dev/null +++ b/sys-auth/pam_smb/files/pamsmbd-init @@ -0,0 +1,20 @@ +#!/sbin/runscript +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +depend() { + need net +} + +start() { + ebegin "Starting pamsmbd" + start-stop-daemon --start --quiet --exec /usr/sbin/pamsmbd + eend $? +} + +stop() { + ebegin "Stopping pamsmbd" + start-stop-daemon --stop --quiet --name pamsmbd + eend $? +} diff --git a/sys-auth/pam_smb/metadata.xml b/sys-auth/pam_smb/metadata.xml new file mode 100644 index 000000000000..8bab991023fc --- /dev/null +++ b/sys-auth/pam_smb/metadata.xml @@ -0,0 +1,14 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<maintainer> + <email>samba@gentoo.org</email> + <name>Samba Team</name> +</maintainer> +<longdescription> +The PAM SMB module, which allows authentication against a SMB (such as the Win_x families) server. +</longdescription> +<longdescription lang="ja"> + PAM の SMB モジュールは SMB サーバ( Win_x ファミリの類)の認証を許します。 +</longdescription> +</pkgmetadata> diff --git a/sys-auth/pam_smb/pam_smb-2.0.0_rc6-r1.ebuild b/sys-auth/pam_smb/pam_smb-2.0.0_rc6-r1.ebuild new file mode 100644 index 000000000000..e3810cd5a181 --- /dev/null +++ b/sys-auth/pam_smb/pam_smb-2.0.0_rc6-r1.ebuild @@ -0,0 +1,52 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +inherit eutils pam + +MY_P=${P/_rc/-rc} + +DESCRIPTION="The PAM SMB module, allows authentication against a SMB (such as the Win_x families) server" +HOMEPAGE="http://www.csn.ul.ie/~airlied/pam_smb/" +SRC_URI=" + mirror://samba/pam_smb/v2/${MY_P}.tar.gz + http://www.csn.ul.ie/~airlied/pam_smb/v2/${MY_P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~ppc x86" +IUSE="" + +DEPEND=">=sys-libs/pam-0.75" +RDEPEND="${DEPEND}" + +S=${WORKDIR}/${MY_P} + +src_unpack() { + unpack ${A} + cd "${S}" + epatch "${FILESDIR}/10-pam_smb-bash-3.1.patch" +} + +src_compile() { + econf --disable-root-only + emake || die "emake failed" +} + +src_install() { + dopammod pamsmbm/pam_smb_auth.so + dosbin pamsmbd/pamsmbd + + dodoc BUGS CHANGES README TODO faq/{pam_smb_faq.sgml,additions.txt} + docinto pam.d + dodoc pam_smb.conf* + + newinitd "${FILESDIR}/pamsmbd-init pamsmbd" +} + +pkg_postinst() { + echo + elog "You must create /etc/pam_smb.conf yourself, containing" + elog "your domainname, PDC and BDC. See example files in docdir." + echo +} diff --git a/sys-auth/pam_smb/pam_smb-2.0.0_rc6-r2.ebuild b/sys-auth/pam_smb/pam_smb-2.0.0_rc6-r2.ebuild new file mode 100644 index 000000000000..691f55d1505e --- /dev/null +++ b/sys-auth/pam_smb/pam_smb-2.0.0_rc6-r2.ebuild @@ -0,0 +1,51 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +inherit eutils pam + +MY_P=${P/_rc/-rc} + +DESCRIPTION="The PAM SMB module, allows authentication against a SMB (such as the Win_x families) server" +HOMEPAGE="http://www.csn.ul.ie/~airlied/pam_smb/" +SRC_URI=" + mirror://samba/pam_smb/v2/${MY_P}.tar.gz + http://www.csn.ul.ie/~airlied/pam_smb/v2/${MY_P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~ppc ~x86" +IUSE="" + +DEPEND=">=sys-libs/pam-0.75" +RDEPEND="${DEPEND}" + +S=${WORKDIR}/${MY_P} + +src_prepare() { + epatch "${FILESDIR}/10-pam_smb-bash-3.1.patch" +} + +src_configure() { + econf --disable-root-only +} + +src_install() { + dopammod pamsmbm/pam_smb_auth.so + dosbin pamsmbd/pamsmbd + + dodoc BUGS CHANGES README TODO faq/{pam_smb_faq.sgml,additions.txt} + docinto pam.d + dodoc pam_smb.conf* + + newinitd "${FILESDIR}/pamsmbd-init pamsmbd" +} + +pkg_postinst() { + echo + elog "You must create /etc/pam_smb.conf yourself, containing" + elog "your domainname, PDC and BDC. See example files in docdir." + echo +} diff --git a/sys-auth/pam_ssh/Manifest b/sys-auth/pam_ssh/Manifest new file mode 100644 index 000000000000..09d71b452c4b --- /dev/null +++ b/sys-auth/pam_ssh/Manifest @@ -0,0 +1,3 @@ +DIST pam_ssh-1.97.tar.bz2 200184 SHA256 10233b0d3e480fdc977d4e3a1ea5a994cf1f257c3b948650a86e4d753796789d SHA512 78632ef5baf8c7ac6d28d16a4c7e452978ad09a969c562cfcc708b835dbba3da12317569a618768ef6f9d59db1d5d31f2a0c7b2ab1244ed9caa37eb89413494e WHIRLPOOL efe23d1d86f92298682edeb960e046d0c5def65961e3e51dc82bb244b98f76ac7b7a456fd80d31740e851602e8d8cd27d17d0b66ca6e0e44d1356982c4496887 +DIST pam_ssh-1.98.tar.bz2 292989 SHA256 30312f242c00551b120cc39defd3745b8cb50408ea845e8688d18d2a28b51180 SHA512 bf6da4ced0619549d56516c6b24e899664e0948da7a0cc04ff1b536d06cc8c26242c83eb36ed835668c824b777e270aa293162ac77e3c479311386e6e5da39ff WHIRLPOOL a62dccfec3a0208e8e94c0635aa1d8813ff3bbfeba5eebbff854c44638c51a547251a22460f78d08d34cc60b0318bcec622649b6a0dac030d159378451df09ae +DIST pam_ssh-2.1.tar.xz 361000 SHA256 55fbe8488d59cff05a77523b4afc2e2a8d1ba35d93546f1828ec48e20e2600cb SHA512 8252b15efffa5687f740963f7a3c3479b73f99eca26a17155f915a10b9a71362a2778449adf10f01c174cc8545961ce3ea64459338a7c995c242b209529fd640 WHIRLPOOL e46d22325b06d9801d99d36b1045a4b8da0b8e874d83c6309353c54827189e47bbadb5789f498037829b6b9b9e618fec3ea5a441ac349643d93667fcf1dc2759 diff --git a/sys-auth/pam_ssh/files/pam_ssh-1.97-EOF.patch b/sys-auth/pam_ssh/files/pam_ssh-1.97-EOF.patch new file mode 100644 index 000000000000..80214a1df70c --- /dev/null +++ b/sys-auth/pam_ssh/files/pam_ssh-1.97-EOF.patch @@ -0,0 +1,11 @@ +--- pam_ssh-1.92.orig/pam_get_pass.c 2004-02-19 19:59:05.000000000 +0100 ++++ pam_ssh-1.92/pam_get_pass.c 2009-04-18 13:51:10.000000000 +0200 +@@ -63,6 +63,8 @@ + retval = conv->conv(1, msgs, &resp, conv->appdata_ptr); + if (retval != PAM_SUCCESS) + return retval; ++ if (resp[0].resp == NULL) ++ return PAM_AUTHTOK_RECOVERY_ERR; + retval = pam_set_item(pamh, PAM_AUTHTOK, resp[0].resp); + if (retval != PAM_SUCCESS) + return retval; diff --git a/sys-auth/pam_ssh/files/pam_ssh-1.97-doublefree.patch b/sys-auth/pam_ssh/files/pam_ssh-1.97-doublefree.patch new file mode 100644 index 000000000000..2f63ff8bdcb0 --- /dev/null +++ b/sys-auth/pam_ssh/files/pam_ssh-1.97-doublefree.patch @@ -0,0 +1,20 @@ +--- pam_ssh-1.97/pam_ssh.c.orig 2009-08-01 20:11:00.000000000 +0200 ++++ pam_ssh-1.97/pam_ssh.c 2009-08-01 20:11:16.000000000 +0200 +@@ -627,7 +627,7 @@ + * than the file creation time */ + if (retval = stat(per_agent, &stat_buf)) { + pam_ssh_log(LOG_ERR, "stat() failed on %s", per_agent); +- free(per_agent); ++ pam_set_data(pamh, "ssh_agent_env_agent", NULL, NULL); + fclose(env_read); + return retval; + } +@@ -646,7 +646,7 @@ + if (start_agent) { + if ((env_write = open(per_agent, O_CREAT | O_WRONLY, S_IRUSR | S_IWUSR)) < 0) { + pam_ssh_log(LOG_ERR, "can't write to %s", per_agent); +- free(per_agent); ++ pam_set_data(pamh, "ssh_agent_env_agent", NULL, NULL); + openpam_restore_cred(pamh); + return PAM_SERVICE_ERR; + } diff --git a/sys-auth/pam_ssh/files/pam_ssh-2.1-dot-ssh-check.patch b/sys-auth/pam_ssh/files/pam_ssh-2.1-dot-ssh-check.patch new file mode 100644 index 000000000000..b5baa71e8f4a --- /dev/null +++ b/sys-auth/pam_ssh/files/pam_ssh-2.1-dot-ssh-check.patch @@ -0,0 +1,22 @@ +https://bugs.gentoo.org/503424#c5 +http://sourceforge.net/p/pam-ssh/bugs/16/ + +--- a/pam_ssh.c ++++ b/pam_ssh.c +@@ -867,6 +867,7 @@ + int attempt; /* No. of attempt to contact agent */ + const char *user; /* username */ + struct options options; /* PAM options */ ++ struct stat sb; /* to check for existing .ssh */ + + #if HAVE_PAM_STRUCT_OPTIONS || !HAVE_PAM_STD_OPTION + memset(&options, 0, sizeof options); +@@ -916,7 +917,7 @@ + openpam_restore_cred(pamh); + return PAM_SERVICE_ERR; + } +- if ((access(dotdir,F_OK)) == -1) { ++ if (stat(dotdir, &sb) == -1) { + pam_ssh_log(LOG_DEBUG, "inexistent configuration directory"); + free(dotdir); + openpam_restore_cred(pamh); diff --git a/sys-auth/pam_ssh/files/pam_symbols.ver b/sys-auth/pam_ssh/files/pam_symbols.ver new file mode 100644 index 000000000000..dbc677b77a2d --- /dev/null +++ b/sys-auth/pam_ssh/files/pam_symbols.ver @@ -0,0 +1,4 @@ +{ + global: pam_sm_*; + local: *; +}; diff --git a/sys-auth/pam_ssh/metadata.xml b/sys-auth/pam_ssh/metadata.xml new file mode 100644 index 000000000000..66fb0a248b3b --- /dev/null +++ b/sys-auth/pam_ssh/metadata.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <herd>pam</herd> + <maintainer> + <email>pam-bugs@gentoo.org</email> + </maintainer> + <upstream> + <remote-id type="sourceforge">pam-ssh</remote-id> + </upstream> +</pkgmetadata> diff --git a/sys-auth/pam_ssh/pam_ssh-1.97-r1.ebuild b/sys-auth/pam_ssh/pam_ssh-1.97-r1.ebuild new file mode 100644 index 000000000000..c4924d59e350 --- /dev/null +++ b/sys-auth/pam_ssh/pam_ssh-1.97-r1.ebuild @@ -0,0 +1,46 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=2 + +inherit pam autotools eutils + +DESCRIPTION="Uses ssh-agent to provide single sign-on" +HOMEPAGE="http://pam-ssh.sourceforge.net/" +SRC_URI="mirror://sourceforge/pam-ssh/${P}.tar.bz2" + +LICENSE="BSD-2 BSD ISC" +SLOT="0" +KEYWORDS="alpha amd64 arm hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-linux ~ia64-linux ~x86-linux" +IUSE="" + +# Doesn't work on OpenPAM. +DEPEND="sys-libs/pam + sys-devel/libtool" + +RDEPEND="sys-libs/pam + virtual/ssh" + +src_prepare() { + epatch "${FILESDIR}/${P}-doublefree.patch" + eautoreconf +} + +src_configure() { + econf \ + "--with-pam-dir=$(getpam_mod_dir)" \ + || die "econf failed" +} + +src_install() { + emake DESTDIR="${D}" install || die "install failed" + dodoc AUTHORS ChangeLog NEWS README TODO || die + + find "${D}" -name '*.la' -delete || die "Unable to remove libtool archives." +} + +pkg_postinst() { + elog "You can enable pam_ssh for system authentication by enabling" + elog "the ssh USE flag on sys-auth/pambase." +} diff --git a/sys-auth/pam_ssh/pam_ssh-1.97-r2.ebuild b/sys-auth/pam_ssh/pam_ssh-1.97-r2.ebuild new file mode 100644 index 000000000000..0dce47d6e51e --- /dev/null +++ b/sys-auth/pam_ssh/pam_ssh-1.97-r2.ebuild @@ -0,0 +1,52 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=2 + +inherit pam autotools eutils flag-o-matic + +DESCRIPTION="Uses ssh-agent to provide single sign-on" +HOMEPAGE="http://pam-ssh.sourceforge.net/" +SRC_URI="mirror://sourceforge/pam-ssh/${P}.tar.bz2" + +LICENSE="BSD-2 BSD ISC" +SLOT="0" +KEYWORDS="alpha amd64 arm hppa ia64 m68k ~mips ppc ~ppc64 s390 sh sparc x86 ~amd64-linux ~ia64-linux ~x86-linux" +IUSE="" + +# Doesn't work on OpenPAM; looks for OpenSSH at build time (bug +# #282993) and won't work with other implementations either +RDEPEND="sys-libs/pam + net-misc/openssh" + +DEPEND="${RDEPEND} + sys-devel/libtool" + +src_prepare() { + epatch "${FILESDIR}/${P}-doublefree.patch" + eautoreconf +} + +src_configure() { + # hide all the otherwise-exported symbols that may clash with + # other software loading the PAM modules (see bug #274924 as an + # example). + append-ldflags -Wl,--version-script="${FILESDIR}"/pam_symbols.ver + + econf \ + "--with-pam-dir=$(getpam_mod_dir)" \ + || die "econf failed" +} + +src_install() { + emake DESTDIR="${D}" install || die "install failed" + dodoc AUTHORS ChangeLog NEWS README TODO || die + + find "${D}" -name '*.la' -delete || die "Unable to remove libtool archives." +} + +pkg_postinst() { + elog "You can enable pam_ssh for system authentication by enabling" + elog "the ssh USE flag on sys-auth/pambase." +} diff --git a/sys-auth/pam_ssh/pam_ssh-1.97-r3.ebuild b/sys-auth/pam_ssh/pam_ssh-1.97-r3.ebuild new file mode 100644 index 000000000000..017a0314b27e --- /dev/null +++ b/sys-auth/pam_ssh/pam_ssh-1.97-r3.ebuild @@ -0,0 +1,53 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=2 + +inherit pam autotools eutils flag-o-matic + +DESCRIPTION="Uses ssh-agent to provide single sign-on" +HOMEPAGE="http://pam-ssh.sourceforge.net/" +SRC_URI="mirror://sourceforge/pam-ssh/${P}.tar.bz2" + +LICENSE="BSD-2 BSD ISC" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-linux ~ia64-linux ~x86-linux" +IUSE="" + +# Doesn't work on OpenPAM; looks for OpenSSH at build time (bug +# #282993) and won't work with other implementations either +RDEPEND="sys-libs/pam + net-misc/openssh" + +DEPEND="${RDEPEND} + sys-devel/libtool" + +src_prepare() { + epatch "${FILESDIR}/${P}-doublefree.patch" + epatch "${FILESDIR}/${P}-EOF.patch" + eautoreconf +} + +src_configure() { + # hide all the otherwise-exported symbols that may clash with + # other software loading the PAM modules (see bug #274924 as an + # example). + append-ldflags -Wl,--version-script="${FILESDIR}"/pam_symbols.ver + + econf \ + "--with-pam-dir=$(getpam_mod_dir)" \ + || die "econf failed" +} + +src_install() { + emake DESTDIR="${D}" install || die "install failed" + dodoc AUTHORS ChangeLog NEWS README TODO || die + + find "${D}" -name '*.la' -delete || die "Unable to remove libtool archives." +} + +pkg_postinst() { + elog "You can enable pam_ssh for system authentication by enabling" + elog "the ssh USE flag on sys-auth/pambase." +} diff --git a/sys-auth/pam_ssh/pam_ssh-1.98.ebuild b/sys-auth/pam_ssh/pam_ssh-1.98.ebuild new file mode 100644 index 000000000000..d9c53f79ac5c --- /dev/null +++ b/sys-auth/pam_ssh/pam_ssh-1.98.ebuild @@ -0,0 +1,46 @@ +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 +inherit pam eutils flag-o-matic readme.gentoo + +DESCRIPTION="Uses ssh-agent to provide single sign-on" +HOMEPAGE="http://pam-ssh.sourceforge.net/" +SRC_URI="mirror://sourceforge/pam-ssh/${P}.tar.bz2" + +LICENSE="BSD-2 BSD ISC" +SLOT="0" +KEYWORDS="alpha amd64 arm hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~amd64-linux ~ia64-linux ~x86-linux" +IUSE="" + +# Doesn't work on OpenPAM; looks for OpenSSH at build time (bug +# #282993) and won't work with other implementations either +RDEPEND=" + sys-libs/pam + net-misc/openssh +" +DEPEND="${RDEPEND} + sys-devel/libtool +" + +DOC_CONTENTS=" + You can enable pam_ssh for system authentication by enabling + the pam_ssh USE flag on sys-auth/pambase. +" + +src_configure() { + # hide all the otherwise-exported symbols that may clash with + # other software loading the PAM modules (see bug #274924 as an + # example). + append-ldflags -Wl,--version-script="${FILESDIR}"/pam_symbols.ver + + econf \ + "--with-pam-dir=$(getpam_mod_dir)" +} + +src_install() { + default + prune_libtool_files --modules + readme.gentoo_create_doc +} diff --git a/sys-auth/pam_ssh/pam_ssh-2.1.ebuild b/sys-auth/pam_ssh/pam_ssh-2.1.ebuild new file mode 100644 index 000000000000..40670e4df8a6 --- /dev/null +++ b/sys-auth/pam_ssh/pam_ssh-2.1.ebuild @@ -0,0 +1,61 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="5" + +inherit pam eutils flag-o-matic readme.gentoo + +DESCRIPTION="Uses ssh-agent to provide single sign-on" +HOMEPAGE="http://pam-ssh.sourceforge.net/" +SRC_URI="mirror://sourceforge/pam-ssh/${P}.tar.xz" + +LICENSE="BSD-2 BSD ISC" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-linux ~ia64-linux ~x86-linux" +IUSE="" + +# Only supports OpenSSH via `ssh-agent` #282993 +DEPEND="virtual/pam + dev-libs/openssl:0=" +RDEPEND="${DEPEND} + net-misc/openssh" + +DOC_CONTENTS=" + You can enable pam_ssh for system authentication by enabling + the pam_ssh USE flag on sys-auth/pambase. +" + +src_prepare() { + epatch "${FILESDIR}"/${P}-dot-ssh-check.patch #503424#c5 +} + +src_configure() { + # hide all the otherwise-exported symbols that may clash with + # other software loading the PAM modules (see bug #274924 as an + # example). + append-ldflags -Wl,--version-script="${FILESDIR}"/pam_symbols.ver + + # Set the cache var so the configure script doesn't go probing hardcoded + # file system paths and picking up the wrong thing. + export ac_cv_openssldir='' + + # Avoid cross-compiling funkiness and requiring openssh at build time. + export PATH_SSH_AGENT="${EPREFIX}/usr/bin/ssh-agent" + + econf \ + "--with-pam-dir=$(getpam_mod_dir)" +} + +src_install() { + default + prune_libtool_files --modules + readme.gentoo_create_doc +} + +pkg_preinst() { + if has_version "<${CATEGORY}/${PN}-2.0" ; then #554150 + ewarn "Upstream pam_ssh has changed where ssh keys live. Only keys in your" + ewarn "~/.ssh/login-keys.d/ will be accepted for authentication." + fi +} diff --git a/sys-auth/pam_ssh_agent_auth/Manifest b/sys-auth/pam_ssh_agent_auth/Manifest new file mode 100644 index 000000000000..eeb05822964f --- /dev/null +++ b/sys-auth/pam_ssh_agent_auth/Manifest @@ -0,0 +1,4 @@ +DIST pam_ssh_agent_auth-0.10.2.tar.bz2 246412 SHA256 99bbbae3494032e17b62ff3b9ff71e2d78e3c6809463649afe7bae79e4f81fcd SHA512 b4b9bc4486d873f236f7c54874c996e24f344f889dfda3beadb12b97cbb89078028a103a4a7175cd919fb0a12fd5bcefef50420510ae5eff9252e494e0124b38 WHIRLPOOL e5c5390b31ff131a24ed299df556847ef65ca69c2d1dc438a3b5fc43d7e9b3ff8045504ae7d5cca6906a4f96078bcdfaaa3e10109b3cad14be6dce0f80c2a6c4 +DIST pam_ssh_agent_auth-0.9.2.tar.bz2 237156 SHA256 76c80b6482ea5d03e1f33514f30ac77cd56e2fc8cb233a470562686df7426f4b SHA512 e710a4dff315c8d79c5d5edc4ebe1629a8fc6d09651813fd4792a2021e7c2d5768d6b7e8539801e31b947cc30817f32375d751fc396707fc4f257df4f33cd408 WHIRLPOOL 073e47de9c9205a1eac8e116c5b22b2b6c4dd42be261abe18bcac4c25dc98ce0023f44a17558afb9823ba457dcc7e1f16e4e195c7aa09483b9ed32e7ae1a7eed +DIST pam_ssh_agent_auth-0.9.3.tar.bz2 239596 SHA256 10017968f5a8a41e1fcfaac6cdec479b70998bbbd19a70e94e2f654befafe5a6 SHA512 c2304dcf623858339b5fd77bcf64e9c980a3ee241384b9125d64ba6ab9539a65eacbd3576b31a94bb390e4c089e702f9df2963119250b773bd8be872ae63a050 WHIRLPOOL 41205f5f501b0ef90b71f4f72993da3514bffbdf779565eaee1e4e7b442103b4fb7f3ea278279cb99cffa2f42c700e2e9f6c74b79c0f3a25ae964a8a1df9c858 +DIST pam_ssh_agent_auth-0.9.4.tar.bz2 239250 SHA256 496de600771d6296c7a7d01636399fd603e5a79930416ffbdc150c3784d80ca9 SHA512 3d469e85bf7c49dcf9345c63678ebe050db4d15447592bc337bfc762f2337f92cebd7e840fc12d7be94acf1aa47b0272efe2c1688888ecd8f9daf63549520792 WHIRLPOOL 20960e24fb548fd9e6722def1cb2a07cd2f7abb1ddb235339c61e7b544bf6470f74b2d890d9aa834908d04e35fdd842e8b4f64a4b55e6d5ff892fd56d5b1e1a6 diff --git a/sys-auth/pam_ssh_agent_auth/files/pam_ssh_agent_auth-0.9.2-libs.patch b/sys-auth/pam_ssh_agent_auth/files/pam_ssh_agent_auth-0.9.2-libs.patch new file mode 100644 index 000000000000..3e259761a2e2 --- /dev/null +++ b/sys-auth/pam_ssh_agent_auth/files/pam_ssh_agent_auth-0.9.2-libs.patch @@ -0,0 +1,24 @@ +diff --git a/Makefile.in b/Makefile.in +index 3428c51..4b5ea8a 100644 +--- a/Makefile.in ++++ b/Makefile.in +@@ -48,7 +48,7 @@ PAM_MODULES=pam_ssh_agent_auth.so + + SSHOBJS=xmalloc.o atomicio.o authfd.o bufaux.o bufbn.o buffer.o cleanup.o entropy.o fatal.o key.o log.o misc.o secure_filename.o ssh-dss.o ssh-rsa.o uuencode.o compat.o + +-PAM_SSH_AGENT_AUTH_OBJS=pam_user_key_allowed2.o iterate_ssh_agent_keys.o userauth_pubkey_from_id.o pam_user_authorized_keys.o ++PAM_SSH_AGENT_AUTH_OBJS=pam_user_key_allowed2.o iterate_ssh_agent_keys.o userauth_pubkey_from_id.o pam_user_authorized_keys.o pam_ssh_agent_auth.o + + + MANPAGES_IN = pam_ssh_agent_auth.pod +@@ -72,8 +72,8 @@ $(LIBCOMPAT): always + (cd openbsd-compat && $(MAKE)) + always: + +-pam_ssh_agent_auth.so: $(LIBCOMPAT) $(SSHOBJS) $(PAM_SSH_AGENT_AUTH_OBJS) pam_ssh_agent_auth.o +- $(LD) $(LDFLAGS_SHARED) -o $@ $(SSHOBJS) $(PAM_SSH_AGENT_AUTH_OBJS) $(LDFLAGS) -lopenbsd-compat $(LIBS) -lpam pam_ssh_agent_auth.o ++pam_ssh_agent_auth.so: $(LIBCOMPAT) $(SSHOBJS) $(PAM_SSH_AGENT_AUTH_OBJS) ++ $(LD) $(LDFLAGS_SHARED) -o $@ $(SSHOBJS) $(PAM_SSH_AGENT_AUTH_OBJS) $(LDFLAGS) -lopenbsd-compat $(LIBS) -lpam + + $(MANPAGES): $(MANPAGES_IN) + pod2man --section=8 --release=v0.8 --name=pam_ssh_agent_auth --official --center "PAM" pam_ssh_agent_auth.pod > pam_ssh_agent_auth.8 diff --git a/sys-auth/pam_ssh_agent_auth/metadata.xml b/sys-auth/pam_ssh_agent_auth/metadata.xml new file mode 100644 index 000000000000..aba6c2cb4c1b --- /dev/null +++ b/sys-auth/pam_ssh_agent_auth/metadata.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <herd>pam</herd> + <maintainer> + <email>pam-bugs@gentoo.org</email> + </maintainer> + <upstream> + <remote-id type="sourceforge">pamsshagentauth</remote-id> + </upstream> +</pkgmetadata> diff --git a/sys-auth/pam_ssh_agent_auth/pam_ssh_agent_auth-0.10.2.ebuild b/sys-auth/pam_ssh_agent_auth/pam_ssh_agent_auth-0.10.2.ebuild new file mode 100644 index 000000000000..565bac670869 --- /dev/null +++ b/sys-auth/pam_ssh_agent_auth/pam_ssh_agent_auth-0.10.2.ebuild @@ -0,0 +1,42 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +inherit pam + +DESCRIPTION="Simple module to authenticate users against their ssh-agent keys" +HOMEPAGE="http://pamsshagentauth.sourceforge.net" +SRC_URI="mirror://sourceforge/pamsshagentauth/${PN}/v${PV}/${P}.tar.bz2" + +LICENSE="MIT" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="" + +DEPEND="virtual/pam + dev-libs/openssl" + +RDEPEND="${DEPEND} + virtual/ssh" + +# needed for pod2man +DEPEND="${DEPEND} + dev-lang/perl" + +src_configure() { + pammod_hide_symbols + + econf \ + --libexecdir="$(getpam_mod_dir)" +} + +src_install() { + # Don't use emake install as it makes it harder to have proper + # install paths. + dopammod pam_ssh_agent_auth.so + doman pam_ssh_agent_auth.8 + + dodoc CONTRIBUTORS +} diff --git a/sys-auth/pam_ssh_agent_auth/pam_ssh_agent_auth-0.9.2.ebuild b/sys-auth/pam_ssh_agent_auth/pam_ssh_agent_auth-0.9.2.ebuild new file mode 100644 index 000000000000..9824d01fd2bb --- /dev/null +++ b/sys-auth/pam_ssh_agent_auth/pam_ssh_agent_auth-0.9.2.ebuild @@ -0,0 +1,47 @@ +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=4 + +inherit eutils pam + +DESCRIPTION="Simple module to authenticate users against their ssh-agent keys" +HOMEPAGE="http://pamsshagentauth.sourceforge.net" +SRC_URI="mirror://sourceforge/pamsshagentauth/${PN}/v${PV}/${P}.tar.bz2" + +LICENSE="MIT" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="" + +DEPEND="virtual/pam + dev-libs/openssl" + +RDEPEND="${DEPEND} + virtual/ssh" + +# needed for pod2man +DEPEND="${DEPEND} + dev-lang/perl" + +src_prepare() { + epatch "${FILESDIR}"/${P}-libs.patch +} + +src_configure() { + pammod_hide_symbols + + econf \ + --libexecdir=$(getpam_mod_dir) +} + +src_test() { :; } + +src_install() { + # Don't use emake install as it makes it harder to have proper + # install paths. + dopammod pam_ssh_agent_auth.so + + doman pam_ssh_agent_auth.8 || die +} diff --git a/sys-auth/pam_ssh_agent_auth/pam_ssh_agent_auth-0.9.3.ebuild b/sys-auth/pam_ssh_agent_auth/pam_ssh_agent_auth-0.9.3.ebuild new file mode 100644 index 000000000000..44ee42e76553 --- /dev/null +++ b/sys-auth/pam_ssh_agent_auth/pam_ssh_agent_auth-0.9.3.ebuild @@ -0,0 +1,48 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=4 + +inherit eutils pam + +DESCRIPTION="Simple module to authenticate users against their ssh-agent keys" +HOMEPAGE="http://pamsshagentauth.sourceforge.net" +SRC_URI="mirror://sourceforge/pamsshagentauth/${PN}/v${PV}/${P}.tar.bz2" + +LICENSE="MIT" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="" + +DEPEND="virtual/pam + dev-libs/openssl" + +RDEPEND="${DEPEND} + virtual/ssh" + +# needed for pod2man +DEPEND="${DEPEND} + dev-lang/perl" + +src_prepare() { + epatch "${FILESDIR}"/${PN}-0.9.2-libs.patch +} + +src_configure() { + pammod_hide_symbols + + econf \ + --libexecdir=$(getpam_mod_dir) +} + +src_test() { :; } + +src_install() { + # Don't use emake install as it makes it harder to have proper + # install paths. + dopammod pam_ssh_agent_auth.so + doman pam_ssh_agent_auth.8 + + dodoc CONTRIBUTORS +} diff --git a/sys-auth/pam_ssh_agent_auth/pam_ssh_agent_auth-0.9.4.ebuild b/sys-auth/pam_ssh_agent_auth/pam_ssh_agent_auth-0.9.4.ebuild new file mode 100644 index 000000000000..73fad8d2d61f --- /dev/null +++ b/sys-auth/pam_ssh_agent_auth/pam_ssh_agent_auth-0.9.4.ebuild @@ -0,0 +1,44 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +inherit pam + +DESCRIPTION="Simple module to authenticate users against their ssh-agent keys" +HOMEPAGE="http://pamsshagentauth.sourceforge.net" +SRC_URI="mirror://sourceforge/pamsshagentauth/${PN}/v${PV}/${P}.tar.bz2" + +LICENSE="MIT" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="" + +DEPEND="virtual/pam + dev-libs/openssl" + +RDEPEND="${DEPEND} + virtual/ssh" + +# needed for pod2man +DEPEND="${DEPEND} + dev-lang/perl" + +src_configure() { + pammod_hide_symbols + + econf \ + --libexecdir=$(getpam_mod_dir) +} + +src_test() { :; } + +src_install() { + # Don't use emake install as it makes it harder to have proper + # install paths. + dopammod pam_ssh_agent_auth.so + doman pam_ssh_agent_auth.8 + + dodoc CONTRIBUTORS +} diff --git a/sys-auth/pam_usb/Manifest b/sys-auth/pam_usb/Manifest new file mode 100644 index 000000000000..fc5f1ec484bd --- /dev/null +++ b/sys-auth/pam_usb/Manifest @@ -0,0 +1 @@ +DIST pam_usb-0.5.0.tar.gz 35233 SHA256 011f9970730a9b9fad7a1a8205f4eb63e757282d80d8bc146ad455d492063cbc SHA512 25c78f94793b4119c37e03f2d7d189ab6d1e4b82dfbadc3d83f5579fa70d8938ebfa4269155e04055a94c4562d618249fe046a67e7ea401cc571f482a3ed7bce WHIRLPOOL 4d1641587ed28c635ac012d60bc11c50f1b730c0a4ff882db92788c4cedac2a919e6efd337df291291be5995657bfab1b65476bfd9547d8d283e5e00ab44120f diff --git a/sys-auth/pam_usb/files/pam_usb-0.5.0-openpam.patch b/sys-auth/pam_usb/files/pam_usb-0.5.0-openpam.patch new file mode 100644 index 000000000000..d5493d67a130 --- /dev/null +++ b/sys-auth/pam_usb/files/pam_usb-0.5.0-openpam.patch @@ -0,0 +1,16 @@ +--- src/pam.c ++++ src/pam.c +@@ -16,8 +16,12 @@ + */ + + #define PAM_SM_AUTH ++ ++#include <stdlib.h> ++#include <string.h> ++ + #include <security/pam_modules.h> +-#include <security/_pam_macros.h> ++#include <security/pam_appl.h> + + #include "version.h" + #include "conf.h" diff --git a/sys-auth/pam_usb/metadata.xml b/sys-auth/pam_usb/metadata.xml new file mode 100644 index 000000000000..9ea5fa40735f --- /dev/null +++ b/sys-auth/pam_usb/metadata.xml @@ -0,0 +1,14 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <herd>pam</herd> + <longdescription> +A PAM module that enables authentication using a USB-Storage device (such as a USB Pen) through DSA private/public keys. +</longdescription> + <longdescription lang="ja"> +DSA 秘密/公開鍵による USB ストレージ・デバイス( USB ペン等)を使った認証を可能にする PAM モジュールです。 +</longdescription> + <upstream> + <remote-id type="sourceforge">pamusb</remote-id> + </upstream> +</pkgmetadata> diff --git a/sys-auth/pam_usb/pam_usb-0.5.0.ebuild b/sys-auth/pam_usb/pam_usb-0.5.0.ebuild new file mode 100644 index 000000000000..d65dc54e9775 --- /dev/null +++ b/sys-auth/pam_usb/pam_usb-0.5.0.ebuild @@ -0,0 +1,53 @@ +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +PYTHON_COMPAT=( python2_7 ) + +inherit eutils pam python-single-r1 toolchain-funcs + +DESCRIPTION="A pam module to provide authentication using USB device" +HOMEPAGE="http://pamusb.org/" +SRC_URI="mirror://sourceforge/pamusb/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="amd64 x86" +IUSE="" + +COMMON_DEPEND="dev-libs/libxml2 + sys-apps/dbus + virtual/pam" +RDEPEND="${COMMON_DEPEND} + ${PYTHON_DEPS} + dev-python/dbus-python + dev-python/pygobject:2 + sys-apps/pmount + sys-fs/udisks:0" +DEPEND="${COMMON_DEPEND} + virtual/pkgconfig" + +pkg_setup() { + python-single-r1_pkg_setup +} + +src_prepare() { + epatch "${FILESDIR}"/${P}-openpam.patch + python_fix_shebang tools/pamusb-{conf,agent} #413025 +} + +src_compile() { + emake CC="$(tc-getCC)" +} + +src_install() { + emake \ + DESTDIR="${D}" \ + DOCS_DEST="${D}/usr/share/doc/${PF}" \ + PAM_USB_DEST="${D}/$(getpam_mod_dir)" \ + install + + dodoc ChangeLog README.md +} diff --git a/sys-auth/pam_yubico/Manifest b/sys-auth/pam_yubico/Manifest new file mode 100644 index 000000000000..535cc4c7194e --- /dev/null +++ b/sys-auth/pam_yubico/Manifest @@ -0,0 +1,2 @@ +DIST pam_yubico-2.17.tar.gz 391559 SHA256 974a827ad960c1e7ce7b90338c319587aa878cf44d43c954e4af7cd843bbf571 SHA512 ee2a1527c2f2b29ca601588700cc76edc688e58d305ef44d311db3c5f184513a5bdc3d9052cefd85b11de96c6999daeca3d22986e93f588c9d64e5c301c37ee8 WHIRLPOOL 61b6974350869b38b3cd56ce3ff9d3d85600126dc1dd82111a6b605720b27e4dee35d53c7d9dc9436fc94b8440858ae7ce5a26ece0e076ef8381e55424999859 +DIST pam_yubico-2.19.tar.gz 410136 SHA256 ed6e5841bb5104528a2155cb4b35bea18ebf3ddd8a4faf59eca3b1e2ac9c50ef SHA512 26e5246d99b5d8d5afbed4ba459f431635327512a29f6c29b547a1a0553f8d2ee79740f167c18266cf925df25df9ab962ee0180ca3a30bc553a7f9f7801a1ed7 WHIRLPOOL f6ca4678487c965d1a9c10e8e9c679b162e5ad690c1fec46a6498c2354300dc31f1c2e88faa6574f267798feb171ecb3a19801e9c1c0b866d2b57154036bc001 diff --git a/sys-auth/pam_yubico/files/2.11-drop_privs.patch b/sys-auth/pam_yubico/files/2.11-drop_privs.patch new file mode 100644 index 000000000000..f4b29bac83b1 --- /dev/null +++ b/sys-auth/pam_yubico/files/2.11-drop_privs.patch @@ -0,0 +1,14 @@ +--- drop_privs.c 2012-03-09 12:36:04.792191180 -0500 ++++ drop_privs.c.new 2012-03-09 12:36:00.827333242 -0500 +@@ -47,9 +47,9 @@ + #endif + + #ifdef HAVE_PAM_MODUTIL_DROP_PRIV +-#ifdef HAVE_SECURITY_PAM_MODUTIL_H ++//#ifdef HAVE_SECURITY_PAM_MODUTIL_H + #include <security/pam_modutil.h> +-#endif /* HAVE_SECURITY_PAM_MODUTIL_H */ ++//#endif /* HAVE_SECURITY_PAM_MODUTIL_H */ + #else + static uid_t saved_euid; + static gid_t saved_egid; diff --git a/sys-auth/pam_yubico/metadata.xml b/sys-auth/pam_yubico/metadata.xml new file mode 100644 index 000000000000..65df64f7f467 --- /dev/null +++ b/sys-auth/pam_yubico/metadata.xml @@ -0,0 +1,13 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer> + <email>zerochaos@gentoo.org</email> + <name>Rick Farina</name> + </maintainer> + <longdescription lang="en"> +</longdescription> + <upstream> + <remote-id type="github">Yubico/yubico-pam</remote-id> + </upstream> +</pkgmetadata> diff --git a/sys-auth/pam_yubico/pam_yubico-2.17-r1.ebuild b/sys-auth/pam_yubico/pam_yubico-2.17-r1.ebuild new file mode 100644 index 000000000000..53178deff1de --- /dev/null +++ b/sys-auth/pam_yubico/pam_yubico-2.17-r1.ebuild @@ -0,0 +1,45 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +inherit multilib + +DESCRIPTION="Library for authenticating against PAM with a Yubikey" +HOMEPAGE="https://github.com/Yubico/yubico-pam" +SRC_URI="http://opensource.yubico.com/yubico-pam/releases/${P}.tar.gz" + +LICENSE="BSD" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="ldap" + +RDEPEND=" + virtual/pam + sys-auth/libyubikey + >=sys-auth/ykclient-2.12 + >=sys-auth/ykpers-1.6 + ldap? ( net-nds/openldap )" +DEPEND="${RDEPEND} + app-text/asciidoc" + +#src_prepare() { +# epatch "${FILESDIR}/2.11-drop_privs.patch" +# eautoreconf +#} + +src_configure() { + #challenge response could be optional but that seems horribly dangerous to me + econf \ + --with-cr \ + $(use_with ldap) \ + --with-pam-dir=/$(get_libdir)/security +} + +src_install() { + default + dodoc doc/* + #prune_libtool_files #why doesn't this work? + find "${D}" -name '*.la' -delete || die +} diff --git a/sys-auth/pam_yubico/pam_yubico-2.19-r1.ebuild b/sys-auth/pam_yubico/pam_yubico-2.19-r1.ebuild new file mode 100644 index 000000000000..497b4da392d4 --- /dev/null +++ b/sys-auth/pam_yubico/pam_yubico-2.19-r1.ebuild @@ -0,0 +1,41 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +inherit multilib + +DESCRIPTION="Library for authenticating against PAM with a Yubikey" +HOMEPAGE="https://github.com/Yubico/yubico-pam" +SRC_URI="http://opensource.yubico.com/yubico-pam/releases/${P}.tar.gz" + +LICENSE="BSD" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="ldap test" + +RDEPEND=" + virtual/pam + sys-auth/libyubikey + >=sys-auth/ykclient-2.12 + >=sys-auth/ykpers-1.6 + ldap? ( net-nds/openldap )" +DEPEND="${RDEPEND} + app-text/asciidoc + test? ( dev-perl/Net-LDAP-Server )" + +src_configure() { + #challenge response could be optional but that seems horribly dangerous to me + econf \ + --with-cr \ + $(use_with ldap) \ + --with-pam-dir=/$(get_libdir)/security +} + +src_install() { + default + dodoc doc/* + #prune_libtool_files #why doesn't this work? + find "${D}" -name '*.la' -delete || die +} diff --git a/sys-auth/pambase/Manifest b/sys-auth/pambase/Manifest new file mode 100644 index 000000000000..0f3c5faeee60 --- /dev/null +++ b/sys-auth/pambase/Manifest @@ -0,0 +1,4 @@ +DIST pambase-20101024.tar.bz2 3201 SHA256 89d60dd598d3da0ce1d1bcd7dc325f6c55002a1d4a7d27f9bb024f6732e9fba4 SHA512 8d2a89b38d94d2e423a033ea6922c0a0039a0fb64d60c05991d877b4fa893954723fe1c1763f3f67ed6fbc3639282a4ee1d76824f7f29025b6050632a6984b6f WHIRLPOOL 644965507d1f537c357a7020c13282d9de4131a6cf72e589b1e750e3b86a2185b9a882d0b3f865145a86e1ef613e4b92998be53734aefb6d6d8a69f65de806a4 +DIST pambase-20120417.tar.bz2 3361 SHA256 3fde3ff7714b3722b45545da36fdde6ca95a55d1b0a8cfb23666ec0de3ec5871 SHA512 7a666eb67f6484e536ecb070402036bcfdd137aced27df3f08b136d06eee5c13a6dc14aa93ea09e94c7f31e5a98db97dbaccd0c46af24b57028247de3a7cd9fe WHIRLPOOL 323edb9ef488a0ba562ef279d4acfb682540bf87838be9a3319ad2029ba1465d015fdf94c3192e24517ae9f0ed264e38d17aba65934211bd7b39bf309ee12540 +DIST pambase-20140313.tar.bz2 3417 SHA256 70f11281975eb1d7b14f36a16d2b9eff78099a246aeda96e4f8c667b2574b2a4 SHA512 76dd2a70947dac9573d47b81764ebe4f829bfd38d59c007e698a52c70757fa88525f510c14a1f474c58e3d33cb421ff61aa4ed1aae54497456004eff7494bfc8 WHIRLPOOL e9aac79b37c76af4389d193cb4eb79ad4372e25520a3f6bba6b473948999f1ac2ade00930180a4b9f47cdd7a458d1a174bd15ccf0a94130d216118d7d76485a9 +DIST pambase-20150213.tar.xz 3480 SHA256 cf1ea75e29c33bfddbc6f8519b860a6f0710345e936966014f59fe3e93ab7f44 SHA512 3b49dd3f06a0942fcced95527f62cbc4ff723c48dc896a0b57ecd19736d2892db974c782be3fe24e8e6e17294869a772ae9ee6118af96dfdc7a3a6561dc3f3e5 WHIRLPOOL 493084f04032b93d8021e84bdbcf6c339ec6c928b468aa59556f3d3d10403e4557316d516ea303d66422df13150c7c19761d9979aba32e5e4c9fe7e198c733a2 diff --git a/sys-auth/pambase/files/pambase-20120417-lastlog-silent.patch b/sys-auth/pambase/files/pambase-20120417-lastlog-silent.patch new file mode 100644 index 000000000000..79266a740b61 --- /dev/null +++ b/sys-auth/pambase/files/pambase-20120417-lastlog-silent.patch @@ -0,0 +1,20 @@ +--- pambase-20120417/login.in.orig 2012-11-21 14:31:49.031948988 +0100 ++++ pambase-20120417/login.in 2012-11-21 14:32:41.172330601 +0100 +@@ -3,4 +3,6 @@ + + account include system-local-login + password include system-local-login ++ ++session optional pam_lastlog.so DEBUG + session include system-local-login +--- pambase-20120417/system-login.in.orig 2012-11-21 14:31:42.232160039 +0100 ++++ pambase-20120417/system-login.in 2012-11-21 14:35:20.738025880 +0100 +@@ -41,7 +41,7 @@ + session required pam_env.so DEBUG + #endif + #if HAVE_LASTLOG +-session optional pam_lastlog.so DEBUG ++session optional pam_lastlog.so silent DEBUG + #endif + session include system-auth + #if HAVE_CONSOLEKIT diff --git a/sys-auth/pambase/files/pambase-20120417-systemd-auth.patch b/sys-auth/pambase/files/pambase-20120417-systemd-auth.patch new file mode 100644 index 000000000000..99c38e784771 --- /dev/null +++ b/sys-auth/pambase/files/pambase-20120417-systemd-auth.patch @@ -0,0 +1,26 @@ +diff -u pambase-20120417.old/system-auth.in pambase-20120417/system-auth.in +--- pambase-20120417.old/system-auth.in 2013-10-27 15:58:21.766193297 +0100 ++++ pambase-20120417/system-auth.in 2013-10-27 16:01:10.614555766 +0100 +@@ -35,3 +35,7 @@ + session optional pam_ssh.so + #endif + #include "system-session.inc" ++ ++#if HAVE_SYSTEMD ++-session optional pam_systemd.so ++#endif +Sólo en pambase-20120417: system-auth.in~ +diff -u pambase-20120417.old/system-login.in pambase-20120417/system-login.in +--- pambase-20120417.old/system-login.in 2013-10-27 15:58:21.766193297 +0100 ++++ pambase-20120417/system-login.in 2013-10-27 15:59:42.032316285 +0100 +@@ -47,9 +47,6 @@ + #if HAVE_CONSOLEKIT + -session optional pam_ck_connector.so nox11 + #endif +-#if HAVE_SYSTEMD +--session optional pam_systemd.so +-#endif + #if HAVE_GNOME_KEYRING + session optional pam_gnome_keyring.so auto_start + #endif +Sólo en pambase-20120417: system-login.in~ diff --git a/sys-auth/pambase/files/pambase-20120417-systemd.patch b/sys-auth/pambase/files/pambase-20120417-systemd.patch new file mode 100644 index 000000000000..047fb41c8592 --- /dev/null +++ b/sys-auth/pambase/files/pambase-20120417-systemd.patch @@ -0,0 +1,29 @@ +http://bugs.gentoo.org/372229 + +--- Makefile ++++ Makefile +@@ -28,6 +28,10 @@ + PAMFLAGS += -DHAVE_CONSOLEKIT=1 + endif + ++ifeq "$(SYSTEMD)" "yes" ++PAMFLAGS += -DHAVE_SYSTEMD=1 ++endif ++ + ifeq "$(GNOME_KEYRING)" "yes" + PAMFLAGS += -DHAVE_GNOME_KEYRING=1 + endif +--- system-login.in ++++ system-login.in +@@ -45,7 +45,10 @@ + #endif + session include system-auth + #if HAVE_CONSOLEKIT +-session optional pam_ck_connector.so nox11 ++-session optional pam_ck_connector.so nox11 ++#endif ++#if HAVE_SYSTEMD ++-session optional pam_systemd.so + #endif + #if HAVE_GNOME_KEYRING + session optional pam_gnome_keyring.so auto_start diff --git a/sys-auth/pambase/files/pambase-20150213-selinux-note.patch b/sys-auth/pambase/files/pambase-20150213-selinux-note.patch new file mode 100644 index 000000000000..1cb018f34508 --- /dev/null +++ b/sys-auth/pambase/files/pambase-20150213-selinux-note.patch @@ -0,0 +1,11 @@ +--- system-login.in.orig 2015-04-17 16:58:02.247000000 +0200 ++++ system-login.in 2015-04-17 16:58:07.684000000 +0200 +@@ -48,7 +48,7 @@ + session optional pam_ck_connector.so nox11 + #endif + #if HAVE_SELINUX +-# Note: modules that run in the user's context must come after this line. ++ # Note: modules that run in the user's context must come after this line. + session required pam_selinux.so multiple open + #endif + #if HAVE_GNOME_KEYRING diff --git a/sys-auth/pambase/metadata.xml b/sys-auth/pambase/metadata.xml new file mode 100644 index 000000000000..97d83d57b2d5 --- /dev/null +++ b/sys-auth/pambase/metadata.xml @@ -0,0 +1,93 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <herd>pam</herd> + <maintainer> + <email>pam-bugs@gentoo.org</email> + </maintainer> + <use> + <flag name="cracklib"> + Enable pam_cracklib module on system authentication stack. This + produces warnings when changing password to something easily + crackable. It requires the same USE flag to be enabled on + <pkg>sys-libs/pam</pkg> or system login might be impossible. + </flag> + <flag name="consolekit"> + Enable pam_ck_connector module on local system logins. This + allows for console logins to make use of ConsoleKit + authorization. + </flag> + <flag name="systemd"> + Use pam_systemd module to register user sessions in the systemd + control group hierarchy. + </flag> + <flag name="gnome-keyring"> + Enable pam_gnome_keyring module on system login stack. This + enables proper Gnome Keyring access to logins, whether they are + done with the login shell, a Desktop Manager or a remote login + systems such as SSH. + </flag> + <flag name="debug"> + Enable debug information logging on syslog(3) for all the + modules supporting this in the system authentication and system + login stacks. + </flag> + <flag name="passwdqc"> + Enable pam_passwdqc module on system auth stack for password + quality validation. This is an alternative to pam_cracklib + producing warnings, rejecting or providing example passwords + when changing your system password. It is used by default by + OpenWall GNU/*/Linux and by FreeBSD. + </flag> + <flag name="mktemp"> + Enable pam_mktemp module on system auth stack for session + handling. This module creates a private temporary directory for + the user, and sets TMP and TMPDIR accordingly. + </flag> + <flag name="pam_ssh"> + Enable pam_ssh module on system auth stack for authentication + and session handling. This module will accept as password the + passphrase of a private SSH key (one of ~/.ssh/id_rsa, + ~/.ssh/id_dsa or ~/.ssh/identity), and will spawn an ssh-agent + instance to cache the open key. + </flag> + <flag name="sha512"> + Switch Linux-PAM's pam_unix module to use sha512 for passwords + hashes rather than MD5. This option requires + <pkg>>=sys-libs/pam-1.0.1</pkg> built against + <pkg>>=sys-libs/glibc-2.7</pkg>, if it's built against an + earlier version, it will silently be ignored, and MD5 hashes + will be used. All the passwords changed after this USE flag is + enabled will be saved to the shadow file hashed using SHA512 + function. The password previously saved will be left + untouched. Please note that while SHA512-hashed passwords will + still be recognised if the USE flag is removed, the shadow file + will not be compatible with systems using an earlier glibc + version. + </flag> + <flag name="pam_krb5"> + Enable pam_krb5 module on system auth stack, as an alternative + to pam_unix. If Kerberos authentication succeed, only pam_unix + will be ignore, and all the other modules will proceed as usual, + including Gnome Keyring and other session modules. It requires + <pkg>sys-libs/pam</pkg> as PAM implementation. + </flag> + <flag name="minimal"> + Disables the standard PAM modules that provide extra information + to users on login; this includes pam_tally (and pam_tally2 for + Linux PAM 1.1 and later), pam_lastlog, pam_motd and other + similar modules. This might not be a good idea on a multi-user + system but could reduce slightly the overhead on single-user + non-networked systems. + </flag> + <flag name="nullok"> + Enable the nullok option with the pam_unix module. This allows + people to login with blank passwords. + </flag> + <flag name="securetty"> + Enable pam_securetty module in the login stack. Not generally + relevant anymore as the login stack only refers to local logins + and local terminals imply secure access in the first place. + </flag> + </use> +</pkgmetadata> diff --git a/sys-auth/pambase/pambase-20101024-r2.ebuild b/sys-auth/pambase/pambase-20101024-r2.ebuild new file mode 100644 index 000000000000..def54e6de49d --- /dev/null +++ b/sys-auth/pambase/pambase-20101024-r2.ebuild @@ -0,0 +1,97 @@ +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=4 + +inherit eutils + +DESCRIPTION="PAM base configuration files" +HOMEPAGE="http://www.gentoo.org/proj/en/base/pam/" +SRC_URI="http://dev.gentoo.org/~flameeyes/${PN}/${P}.tar.bz2" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="alpha amd64 arm hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~x86-freebsd ~amd64-linux ~ia64-linux ~x86-linux" +IUSE="debug cracklib passwdqc consolekit gnome-keyring selinux mktemp pam_ssh +sha512 pam_krb5 minimal" +RESTRICT="binchecks" + +RDEPEND=" + || ( + >=sys-libs/pam-0.99.9.0-r1 + ( sys-auth/openpam + || ( sys-freebsd/freebsd-pam-modules sys-netbsd/netbsd-pam-modules ) + ) + ) + cracklib? ( >=sys-libs/pam-0.99[cracklib] ) + consolekit? ( >=sys-auth/consolekit-0.3[pam] ) + gnome-keyring? ( >=gnome-base/gnome-keyring-2.20[pam] ) + selinux? ( >=sys-libs/pam-0.99[selinux] ) + passwdqc? ( >=sys-auth/pam_passwdqc-1.0.4 ) + mktemp? ( sys-auth/pam_mktemp ) + pam_ssh? ( sys-auth/pam_ssh ) + sha512? ( >=sys-libs/pam-1.0.1 ) + pam_krb5? ( + || ( >=sys-libs/pam-1.1.0 sys-auth/openpam ) + >=sys-auth/pam_krb5-4.3 + ) + !<sys-freebsd/freebsd-pam-modules-6.2-r1 + !<sys-libs/pam-0.99.9.0-r1" +DEPEND="app-portage/portage-utils" + +src_compile() { + local implementation= + local linux_pam_version= + if has_version sys-libs/pam; then + implementation="linux-pam" + local ver_str=$(qatom `best_version sys-libs/pam` | cut -d ' ' -f 3) + linux_pam_version=$(printf "0x%02x%02x%02x" ${ver_str//\./ }) + elif has_version sys-auth/openpam; then + implementation="openpam" + else + die "PAM implementation not identified" + fi + + use_var() { + local varname=$(echo $1 | tr [a-z] [A-Z]) + local usename=${2-$(echo $1 | tr [A-Z] [a-z])} + local varvalue=$(use $usename && echo yes || echo no) + echo "${varname}=${varvalue}" + } + + emake \ + GIT=true \ + $(use_var debug) \ + $(use_var cracklib) \ + $(use_var passwdqc) \ + $(use_var consolekit) \ + $(use_var GNOME_KEYRING gnome-keyring) \ + $(use_var selinux) \ + $(use_var mktemp) \ + $(use_var PAM_SSH pam_ssh) \ + $(use_var sha512) \ + $(use_var KRB5 pam_krb5) \ + $(use_var minimal) \ + IMPLEMENTATION=${implementation} \ + LINUX_PAM_VERSION=${linux_pam_version} +} + +src_test() { :; } + +src_install() { + emake GIT=true DESTDIR="${ED}" install +} + +pkg_postinst() { + if use sha512; then + elog "Starting from version 20080801, pambase optionally enables" + elog "SHA512-hashed passwords. For this to work, you need sys-libs/pam-1.0.1" + elog "built against sys-libs/glibc-2.7 or later." + elog "If you don't have support for this, it will automatically fallback" + elog "to MD5-hashed passwords, just like before." + elog + elog "Please note that the change only affects the newly-changed passwords" + elog "and that SHA512-hashed passwords will not work on earlier versions" + elog "of glibc or Linux-PAM." + fi +} diff --git a/sys-auth/pambase/pambase-20120417-r3.ebuild b/sys-auth/pambase/pambase-20120417-r3.ebuild new file mode 100644 index 000000000000..b45a5ab8d22f --- /dev/null +++ b/sys-auth/pambase/pambase-20120417-r3.ebuild @@ -0,0 +1,113 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 +inherit eutils + +DESCRIPTION="PAM base configuration files" +HOMEPAGE="http://www.gentoo.org/proj/en/base/pam/" +SRC_URI="http://dev.gentoo.org/~flameeyes/${PN}/${P}.tar.bz2 + http://dev.gentoo.org/~phajdan.jr/${PN}/${P}.tar.bz2" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 -sparc-fbsd -x86-fbsd ~x86-freebsd ~amd64-linux ~ia64-linux ~x86-linux" +IUSE="consolekit cracklib debug gnome-keyring minimal mktemp pam_krb5 pam_ssh passwdqc selinux +sha512 systemd" + +RESTRICT=binchecks + +MIN_PAM_REQ=1.1.3 + +RDEPEND=" + || ( + >=sys-libs/pam-${MIN_PAM_REQ} + ( sys-auth/openpam || ( sys-freebsd/freebsd-pam-modules sys-netbsd/netbsd-pam-modules ) ) + ) + consolekit? ( >=sys-auth/consolekit-0.4.5_p2012[pam] ) + cracklib? ( >=sys-libs/pam-${MIN_PAM_REQ}[cracklib] ) + gnome-keyring? ( >=gnome-base/gnome-keyring-2.32[pam] ) + mktemp? ( sys-auth/pam_mktemp ) + pam_krb5? ( + || ( >=sys-libs/pam-${MIN_PAM_REQ} sys-auth/openpam ) + >=sys-auth/pam_krb5-4.3 + ) + pam_ssh? ( sys-auth/pam_ssh ) + passwdqc? ( >=sys-auth/pam_passwdqc-1.0.4 ) + selinux? ( >=sys-libs/pam-${MIN_PAM_REQ}[selinux] ) + sha512? ( >=sys-libs/pam-${MIN_PAM_REQ} ) + systemd? ( >=sys-apps/systemd-44-r1[pam] ) + !<sys-apps/shadow-4.1.5-r1 + !<sys-freebsd/freebsd-pam-modules-6.2-r1 + !<sys-libs/pam-0.99.9.0-r1" +DEPEND="app-portage/portage-utils" + +src_prepare() { + epatch "${FILESDIR}"/${P}-systemd.patch + epatch "${FILESDIR}"/${P}-lastlog-silent.patch + epatch "${FILESDIR}"/${P}-systemd-auth.patch # 485470 +} + +src_compile() { + local implementation= + local linux_pam_version= + if has_version sys-libs/pam; then + implementation=linux-pam + local ver_str=$(qatom `best_version sys-libs/pam` | cut -d ' ' -f 3) + linux_pam_version=$(printf "0x%02x%02x%02x" ${ver_str//\./ }) + elif has_version sys-auth/openpam; then + implementation=openpam + else + die "PAM implementation not identified" + fi + + use_var() { + local varname=$(echo $1 | tr [a-z] [A-Z]) + local usename=${2-$(echo $1 | tr [A-Z] [a-z])} + local varvalue=$(usex $usename) + echo "${varname}=${varvalue}" + } + + emake \ + GIT=true \ + $(use_var debug) \ + $(use_var cracklib) \ + $(use_var passwdqc) \ + $(use_var consolekit) \ + $(use_var systemd) \ + $(use_var GNOME_KEYRING gnome-keyring) \ + $(use_var selinux) \ + $(use_var mktemp) \ + $(use_var PAM_SSH pam_ssh) \ + $(use_var sha512) \ + $(use_var KRB5 pam_krb5) \ + $(use_var minimal) \ + IMPLEMENTATION=${implementation} \ + LINUX_PAM_VERSION=${linux_pam_version} +} + +src_test() { :; } + +src_install() { + emake GIT=true DESTDIR="${ED}" install +} + +pkg_postinst() { + if use sha512; then + elog "Starting from version 20080801, pambase optionally enables" + elog "SHA512-hashed passwords. For this to work, you need sys-libs/pam-1.0.1" + elog "built against sys-libs/glibc-2.7 or later." + elog "If you don't have support for this, it will automatically fallback" + elog "to MD5-hashed passwords, just like before." + elog + elog "Please note that the change only affects the newly-changed passwords" + elog "and that SHA512-hashed passwords will not work on earlier versions" + elog "of glibc or Linux-PAM." + fi + + if use systemd && use consolekit; then + ewarn "You are enabling 2 session trackers, ConsoleKit and systemd-logind" + ewarn "at the same time. This is not recommended setup to have, please" + ewarn "consider disabling either USE=\"consolekit\" or USE=\"systemd\." + fi +} diff --git a/sys-auth/pambase/pambase-20140313.ebuild b/sys-auth/pambase/pambase-20140313.ebuild new file mode 100644 index 000000000000..c667f3ef5959 --- /dev/null +++ b/sys-auth/pambase/pambase-20140313.ebuild @@ -0,0 +1,94 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 +inherit eutils + +DESCRIPTION="PAM base configuration files" +HOMEPAGE="http://www.gentoo.org/proj/en/base/pam/" +SRC_URI="http://dev.gentoo.org/~ssuominen/${P}.tar.bz2" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 -sparc-fbsd -x86-fbsd ~x86-freebsd ~amd64-linux ~ia64-linux ~x86-linux" +IUSE="consolekit cracklib debug gnome-keyring minimal mktemp pam_krb5 pam_ssh passwdqc selinux +sha512 systemd" + +RESTRICT=binchecks + +MIN_PAM_REQ=1.1.3 + +RDEPEND=" + || ( + >=sys-libs/pam-${MIN_PAM_REQ} + ( sys-auth/openpam || ( sys-freebsd/freebsd-pam-modules sys-netbsd/netbsd-pam-modules ) ) + ) + consolekit? ( >=sys-auth/consolekit-0.4.6[pam] ) + cracklib? ( >=sys-libs/pam-${MIN_PAM_REQ}[cracklib] ) + gnome-keyring? ( >=gnome-base/gnome-keyring-2.32[pam] ) + mktemp? ( sys-auth/pam_mktemp ) + pam_krb5? ( + || ( >=sys-libs/pam-${MIN_PAM_REQ} sys-auth/openpam ) + >=sys-auth/pam_krb5-4.3 + ) + pam_ssh? ( sys-auth/pam_ssh ) + passwdqc? ( >=sys-auth/pam_passwdqc-1.0.4 ) + selinux? ( >=sys-libs/pam-${MIN_PAM_REQ}[selinux] ) + sha512? ( >=sys-libs/pam-${MIN_PAM_REQ} ) + systemd? ( >=sys-apps/systemd-204[pam] ) + !<sys-apps/shadow-4.1.5-r1 + !<sys-freebsd/freebsd-pam-modules-6.2-r1 + !<sys-libs/pam-0.99.9.0-r1" +DEPEND="app-portage/portage-utils" + +src_compile() { + local implementation= + local linux_pam_version= + if has_version sys-libs/pam; then + implementation=linux-pam + local ver_str=$(qatom `best_version sys-libs/pam` | cut -d ' ' -f 3) + linux_pam_version=$(printf "0x%02x%02x%02x" ${ver_str//\./ }) + elif has_version sys-auth/openpam; then + implementation=openpam + else + die "PAM implementation not identified" + fi + + use_var() { + local varname=$(echo $1 | tr [a-z] [A-Z]) + local usename=${2-$(echo $1 | tr [A-Z] [a-z])} + local varvalue=$(usex $usename) + echo "${varname}=${varvalue}" + } + + emake \ + GIT=true \ + $(use_var debug) \ + $(use_var cracklib) \ + $(use_var passwdqc) \ + $(use_var consolekit) \ + $(use_var systemd) \ + $(use_var GNOME_KEYRING gnome-keyring) \ + $(use_var selinux) \ + $(use_var mktemp) \ + $(use_var PAM_SSH pam_ssh) \ + $(use_var sha512) \ + $(use_var KRB5 pam_krb5) \ + $(use_var minimal) \ + IMPLEMENTATION=${implementation} \ + LINUX_PAM_VERSION=${linux_pam_version} +} + +src_test() { :; } + +src_install() { + emake GIT=true DESTDIR="${ED}" install +} + +pkg_postinst() { + if use systemd && use consolekit; then + ewarn "You are enabling 2 session trackers, ConsoleKit and systemd-logind" + ewarn "at the same time. This is not recommended setup to have, please" + ewarn "consider disabling either USE=\"consolekit\" or USE=\"systemd\." + fi +} diff --git a/sys-auth/pambase/pambase-20150213.ebuild b/sys-auth/pambase/pambase-20150213.ebuild new file mode 100644 index 000000000000..7d8bd8b150ab --- /dev/null +++ b/sys-auth/pambase/pambase-20150213.ebuild @@ -0,0 +1,100 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 +inherit eutils + +DESCRIPTION="PAM base configuration files" +HOMEPAGE="http://www.gentoo.org/proj/en/base/pam/" +SRC_URI="http://dev.gentoo.org/~vapier/dist/${P}.tar.xz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 -sparc-fbsd -x86-fbsd ~x86-freebsd ~amd64-linux ~ia64-linux ~x86-linux" +IUSE="consolekit cracklib debug gnome-keyring minimal mktemp +nullok pam_krb5 pam_ssh passwdqc securetty selinux +sha512 systemd" + +RESTRICT=binchecks + +MIN_PAM_REQ=1.1.3 + +RDEPEND=" + || ( + >=sys-libs/pam-${MIN_PAM_REQ} + ( sys-auth/openpam || ( sys-freebsd/freebsd-pam-modules sys-netbsd/netbsd-pam-modules ) ) + ) + consolekit? ( >=sys-auth/consolekit-0.4.6[pam] ) + cracklib? ( sys-libs/pam[cracklib] ) + gnome-keyring? ( >=gnome-base/gnome-keyring-2.32[pam] ) + mktemp? ( sys-auth/pam_mktemp ) + pam_krb5? ( + || ( >=sys-libs/pam-${MIN_PAM_REQ} sys-auth/openpam ) + >=sys-auth/pam_krb5-4.3 + ) + pam_ssh? ( sys-auth/pam_ssh ) + passwdqc? ( >=sys-auth/pam_passwdqc-1.0.4 ) + selinux? ( sys-libs/pam[selinux] ) + sha512? ( >=sys-libs/pam-${MIN_PAM_REQ} ) + systemd? ( >=sys-apps/systemd-204[pam] ) + !<sys-apps/shadow-4.1.5-r1 + !<sys-freebsd/freebsd-pam-modules-6.2-r1 + !<sys-libs/pam-0.99.9.0-r1" +DEPEND="app-portage/portage-utils + app-arch/xz-utils" + +src_prepare() { + epatch "${FILESDIR}"/${P}-selinux-note.patch #540096 +} + +src_compile() { + local implementation linux_pam_version + if has_version sys-libs/pam; then + implementation=linux-pam + local ver_str=$(qatom $(best_version sys-libs/pam) | cut -d ' ' -f 3) + linux_pam_version=$(printf "0x%02x%02x%02x" ${ver_str//\./ }) + elif has_version sys-auth/openpam; then + implementation=openpam + else + die "PAM implementation not identified" + fi + + use_var() { + local varname=$(echo "$1" | tr '[:lower:]' '[:upper:]') + local usename=${2-$(echo "$1" | tr '[:upper:]' '[:lower:]')} + local varvalue=$(usex ${usename}) + echo "${varname}=${varvalue}" + } + + emake \ + GIT=true \ + $(use_var debug) \ + $(use_var cracklib) \ + $(use_var passwdqc) \ + $(use_var consolekit) \ + $(use_var systemd) \ + $(use_var GNOME_KEYRING gnome-keyring) \ + $(use_var selinux) \ + $(use_var nullok) \ + $(use_var mktemp) \ + $(use_var pam_ssh) \ + $(use_var securetty) \ + $(use_var sha512) \ + $(use_var KRB5 pam_krb5) \ + $(use_var minimal) \ + IMPLEMENTATION=${implementation} \ + LINUX_PAM_VERSION=${linux_pam_version} +} + +src_test() { :; } + +src_install() { + emake GIT=true DESTDIR="${ED}" install +} + +pkg_postinst() { + if use systemd && use consolekit; then + ewarn "You are enabling 2 session trackers, ConsoleKit and systemd-logind" + ewarn "at the same time. This is not recommended setup to have, please" + ewarn "consider disabling either USE=\"consolekit\" or USE=\"systemd\." + fi +} diff --git a/sys-auth/passwdqc/Manifest b/sys-auth/passwdqc/Manifest new file mode 100644 index 000000000000..224b4b3dacda --- /dev/null +++ b/sys-auth/passwdqc/Manifest @@ -0,0 +1 @@ +DIST passwdqc-1.3.0.tar.gz 48833 SHA256 23290ac21a055d9039b510bbc0d830a6dbf4295688d4317e0350ed4b6e5e7f50 SHA512 d9c2fd075ed4ff1f1dfa63fe40010d446abf8db306cacc77fd1e429fbd2dd1a6d2e4e91df46beb4c30bc30ff0cdd183ba85cefd362455ead9629d3a1c4eefece WHIRLPOOL c746394a2655b198597b70c29c0f66f6c1186a782da8c1a925fc9b7e838876d991c52469e9d526ecb99d2f1f36c6c5c83289b4ce3c92c269517dd1f507ddd7b3 diff --git a/sys-auth/passwdqc/files/passwdqc-1.3.0-build.patch b/sys-auth/passwdqc/files/passwdqc-1.3.0-build.patch new file mode 100644 index 000000000000..c8adeb89b4ab --- /dev/null +++ b/sys-auth/passwdqc/files/passwdqc-1.3.0-build.patch @@ -0,0 +1,58 @@ +--- a/Makefile ++++ b/Makefile +@@ -20,10 +20,11 @@ + BINMODE = 755 + CONFDIR = /etc + CONFMODE = 644 +-SHARED_LIBDIR = /lib ++LIBDIR = lib ++SHARED_LIBDIR = /$(LIBDIR) + SHARED_LIBDIR_SUN = /usr/lib + SHARED_LIBDIR_REL = ../..$(SHARED_LIBDIR) +-DEVEL_LIBDIR = /usr/lib ++DEVEL_LIBDIR = /usr/$(LIBDIR) +-SECUREDIR = /lib/security ++SECUREDIR = /$(LIBDIR)/security + SECUREDIR_SUN = /usr/lib/security + SECUREDIR_DARWIN = /usr/lib/pam +@@ -48,7 +49,7 @@ + INSTALL_SUN = /usr/ucb/install -c + CFLAGS = -Wall -W -O2 + CFLAGS_lib = $(CFLAGS) -fPIC +-CFLAGS_bin = $(CFLAGS) -fomit-frame-pointer ++CFLAGS_bin = $(CFLAGS) + + LDFLAGS = + LDFLAGS_shared = --shared +@@ -93,7 +94,7 @@ + + default: all + +-all pam utils install install_lib install_pam install_utils uninstall remove remove_lib remove_pam remove_utils: ++all lib pam utils install install_lib install_pam install_utils uninstall remove remove_lib remove_pam remove_utils: + case "`uname -s`" in \ + Linux) $(MAKE) CFLAGS_lib="$(CFLAGS_lib) -DHAVE_SHADOW" \ + LDFLAGS_lib="$(LDFLAGS_lib_LINUX)" \ +@@ -126,18 +127,20 @@ + + all_wrapped: pam_wrapped utils_wrapped + ++lib_wrapped: $(SHARED_LIB) $(DEVEL_LIB) ++ + pam_wrapped: $(SHARED_PAM) + + utils_wrapped: $(BINS) + + $(SHARED_LIB): $(OBJS_LIB) $(MAP_LIB) +- $(LD_lib) $(LDFLAGS_lib) $(OBJS_LIB) $(LDLIBS_lib) -o $(SHARED_LIB) ++ $(LD_lib) $(LDFLAGS) $(LDFLAGS_lib) $(OBJS_LIB) $(LDLIBS_lib) -o $(SHARED_LIB) + + $(DEVEL_LIB): $(SHARED_LIB) + $(LN_s) $(SHARED_LIB) $(DEVEL_LIB) + + $(SHARED_PAM): $(OBJS_PAM) $(MAP_PAM) $(DEVEL_LIB) +- $(LD_lib) $(LDFLAGS_pam) $(OBJS_PAM) $(LDLIBS_pam) -L. -lpasswdqc -o $(SHARED_PAM) ++ $(LD_lib) $(LDFLAGS) $(LDFLAGS_pam) $(OBJS_PAM) $(LDLIBS_pam) -L. -lpasswdqc -o $(SHARED_PAM) + + pwqgen: $(OBJS_GEN) $(DEVEL_LIB) + $(LD) $(LDFLAGS) $(OBJS_GEN) -L. -lpasswdqc -o $@ diff --git a/sys-auth/passwdqc/metadata.xml b/sys-auth/passwdqc/metadata.xml new file mode 100644 index 000000000000..501cdc08ac75 --- /dev/null +++ b/sys-auth/passwdqc/metadata.xml @@ -0,0 +1,17 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<herd>pam</herd> +<maintainer> + <email>pam-bugs@gentoo.org</email> +</maintainer> +<use> + <flag name='utils'>Install pwqcheck and pwqgen helper utilities</flag> +</use> +<longdescription> + Password strength checking for PAM aware password changing programs. This is an alternative to the default cracklib. +</longdescription> +<longdescription lang="ja"> + パスワード変更プログラムに反応する PAM のパスワード強度検査機能です。これはデフォルトの cracklib の代替です。 +</longdescription> +</pkgmetadata> diff --git a/sys-auth/passwdqc/passwdqc-1.3.0.ebuild b/sys-auth/passwdqc/passwdqc-1.3.0.ebuild new file mode 100644 index 000000000000..c7c1daee1bca --- /dev/null +++ b/sys-auth/passwdqc/passwdqc-1.3.0.ebuild @@ -0,0 +1,65 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="5" + +inherit pam eutils toolchain-funcs multilib + +DESCRIPTION="Password strength checking library (and PAM module)" +HOMEPAGE="http://www.openwall.com/passwdqc/" +SRC_URI="http://www.openwall.com/${PN}/${P}.tar.gz" + +LICENSE="Openwall BSD public-domain" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~x86-freebsd ~amd64-linux ~ia64-linux ~x86-linux" +IUSE="pam utils" + +RDEPEND=" + pam? ( + virtual/pam + !<sys-auth/pam_passwdqc-1.3.0 + )" +DEPEND="${RDEPEND}" + +src_prepare() { + epatch "${FILESDIR}"/${PN}-1.3.0-build.patch + sed -i \ + -e 's:`uname -s`:Linux:' \ + Makefile || die +} + +_emake() { + emake \ + LIBDIR="$(get_libdir)" \ + CFLAGS="${CFLAGS} ${CPPFLAGS}" \ + LDFLAGS="${LDFLAGS}" \ + CC="$(tc-getCC)" \ + LD="$(tc-getCC)" \ + "$@" +} + +src_compile() { + # The use of wrapped targets defeats the Makefile dep tracking. + # Build all the targets explicitly after the library. + _emake lib + if use pam || use utils ; then + _emake $(usev pam) $(usev utils) + fi +} + +src_install() { + _emake \ + DESTDIR="${ED}" \ + install_lib $(usex pam install_pam '') $(usex utils install_utils '') + dodoc README PLATFORMS INTERNALS +} + +pkg_postinst() { + if use pam ; then + elog "To activate pam_passwdqc use pam_passwdqc.so instead" + elog "of pam_cracklib.so in /etc/pam.d/system-auth." + elog "Also, if you want to change the parameters, read up" + elog "on the pam_passwdqc(8) man page." + fi +} diff --git a/sys-auth/polkit-kde-agent/Manifest b/sys-auth/polkit-kde-agent/Manifest new file mode 100644 index 000000000000..0b4fe480a745 --- /dev/null +++ b/sys-auth/polkit-kde-agent/Manifest @@ -0,0 +1 @@ +DIST polkit-kde-1_0.99.1.orig.tar.xz 38060 SHA256 336fffb8b9b8c1490537dc557c6ea8d66499739f69d479150f1a2961a4be46ff SHA512 14beb0c3bb00a62fd601ea94da158946c91f443b14ff286d9475e1883e5f102afbda81d8f214417a957bd7ba449b7c41f596d1ac05d97e8ffc836e76bb680d4f WHIRLPOOL e83d6f1a95729e8838788ed21651498713b8d1513ae5878a89064c1af62bd4b6fa741711ec66f004b96547f60f150fa4ec4b6ca27d2265bc10c6fbaca955f57a diff --git a/sys-auth/polkit-kde-agent/metadata.xml b/sys-auth/polkit-kde-agent/metadata.xml new file mode 100644 index 000000000000..ab3442450edb --- /dev/null +++ b/sys-auth/polkit-kde-agent/metadata.xml @@ -0,0 +1,8 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <herd>kde</herd> + <upstream> + <remote-id type="launchpad">ubuntu</remote-id> + </upstream> +</pkgmetadata> diff --git a/sys-auth/polkit-kde-agent/polkit-kde-agent-0.99.1-r1.ebuild b/sys-auth/polkit-kde-agent/polkit-kde-agent-0.99.1-r1.ebuild new file mode 100644 index 000000000000..6f05189e8baa --- /dev/null +++ b/sys-auth/polkit-kde-agent/polkit-kde-agent-0.99.1-r1.ebuild @@ -0,0 +1,44 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +MY_PN="${PN}-1" +MY_P="${MY_PN}-${PV}" +EGIT_REPONAME="${MY_PN}" +KDE_LINGUAS="ar bs ca ca@valencia cs da de el en_GB eo es et fi fr + ga gl hr hu is it ja kk km lt mai mr ms nb nds nl pa pl pt pt_BR + ro ru sk sl sr sr@ijekavian sr@ijekavianlatin sr@latin sv th tr + ug uk vi zh_CN zh_TW" +inherit kde4-base + +DESCRIPTION="PolKit agent module for KDE" +HOMEPAGE="http://www.kde.org" +if [[ ${KDE_BUILD_TYPE} != live ]] ; then + SRC_URI="https://launchpad.net/ubuntu/+archive/primary/+files/${MY_PN/-agent/}_${PV}.orig.tar.xz" +fi + +LICENSE="GPL-2" +KEYWORDS="amd64 ~arm ppc ppc64 x86" +SLOT="4" +IUSE="debug minimal" + +RDEPEND=" + >=sys-auth/polkit-qt-0.103.0[qt4(+)] + !sys-auth/polkit-kde +" +DEPEND="${RDEPEND} + sys-devel/gettext +" + +if [[ ${KDE_BUILD_TYPE} != live ]] ; then + S=${WORKDIR}/${MY_P} +fi + +src_prepare() { + kde4-base_src_prepare + + # Coinstallability with kde-plasma/polkit-kde-agent + use minimal && rm -rf po +} diff --git a/sys-auth/polkit-pkla-compat/Manifest b/sys-auth/polkit-pkla-compat/Manifest new file mode 100644 index 000000000000..066d2b45c909 --- /dev/null +++ b/sys-auth/polkit-pkla-compat/Manifest @@ -0,0 +1 @@ +DIST polkit-pkla-compat-0.1.tar.xz 291148 SHA256 cbf804dfc235b40f2f7ea694c37d577f1cb5d3042d53063de1753016a46c39af SHA512 968cf547db977731a6c6bb292fa86ef46a2ce8f74d008da62f219c20da8cdde94f6309dccba3be33d0111bfa34609799bdeee4d2464395c8837370d022d425c5 WHIRLPOOL f45db2c04c6dc470bdb15365e00a2483310c7bbf305683128162693c93b05aa49f4e9e33d9db06d784de6db28647b884e7fc9752944b5d14a139c4a01cb7ddcf diff --git a/sys-auth/polkit-pkla-compat/metadata.xml b/sys-auth/polkit-pkla-compat/metadata.xml new file mode 100644 index 000000000000..c03b663ea9ff --- /dev/null +++ b/sys-auth/polkit-pkla-compat/metadata.xml @@ -0,0 +1,8 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <herd>freedesktop</herd> + <maintainer> + <email>freedesktop-bugs@gentoo.org</email> + </maintainer> +</pkgmetadata> diff --git a/sys-auth/polkit-pkla-compat/polkit-pkla-compat-0.1.ebuild b/sys-auth/polkit-pkla-compat/polkit-pkla-compat-0.1.ebuild new file mode 100644 index 000000000000..ba14e2a8168d --- /dev/null +++ b/sys-auth/polkit-pkla-compat/polkit-pkla-compat-0.1.ebuild @@ -0,0 +1,32 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +DESCRIPTION="Rules for polkit to add compatibility with pklocalauthority" +HOMEPAGE="http://fedorahosted.org/polkit-pkla-compat/" +SRC_URI="http://fedorahosted.org/releases/${PN:0:1}/${PN:1:1}/${PN}/${P}.tar.xz" + +LICENSE="LGPL-2" +SLOT="0" +KEYWORDS="amd64 x86" +IUSE="" + +RDEPEND=">=dev-libs/glib-2.30 + >=sys-auth/polkit-0.110" +DEPEND="${RDEPEND} + app-text/docbook-xsl-stylesheets + dev-libs/libxslt + virtual/pkgconfig" + +DOCS="AUTHORS NEWS README" + +src_install() { + default + fowners -R root:polkitd /etc/polkit-1/localauthority +} + +pkg_postinst() { + chown -R root:polkitd "${EROOT}"/etc/polkit-1/localauthority +} diff --git a/sys-auth/polkit-qt/Manifest b/sys-auth/polkit-qt/Manifest new file mode 100644 index 000000000000..739c8b562c8a --- /dev/null +++ b/sys-auth/polkit-qt/Manifest @@ -0,0 +1 @@ +DIST polkit-qt-1-0.112.0.tar.bz2 67725 SHA256 67fb03bf6ca3e0bdbd98d374dfb5b1651a07d17ae6c23e11a81b4b084447e7c6 SHA512 4cb17389b54a09c53052f6d72aa5cbfe09ccb19f7fd4edf8b43ccd4751f5e88609c5f89777f4af92167d32eb2ce1e78537cea7bcfb60a90072d1fe02d6a59b50 WHIRLPOOL cf77234386646a145c807888ba361dad45f50e8857d8bea7d507b966fd52172b870ffa16c8c5df15296419ee04778614161fff9466d31af44661730916435f73 diff --git a/sys-auth/polkit-qt/metadata.xml b/sys-auth/polkit-qt/metadata.xml new file mode 100644 index 000000000000..a23f444b67d6 --- /dev/null +++ b/sys-auth/polkit-qt/metadata.xml @@ -0,0 +1,5 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <herd>kde</herd> +</pkgmetadata> diff --git a/sys-auth/polkit-qt/polkit-qt-0.112.0-r1.ebuild b/sys-auth/polkit-qt/polkit-qt-0.112.0-r1.ebuild new file mode 100644 index 000000000000..4cb68644104e --- /dev/null +++ b/sys-auth/polkit-qt/polkit-qt-0.112.0-r1.ebuild @@ -0,0 +1,79 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +MY_P="${P/qt/qt-1}" + +inherit cmake-utils multibuild + +DESCRIPTION="PolicyKit Qt4 API wrapper library" +HOMEPAGE="http://www.kde.org/" +SRC_URI="mirror://kde/stable/apps/KDE4.x/admin/${MY_P}.tar.bz2" + +LICENSE="LGPL-2" +SLOT="0" +KEYWORDS="amd64 ~arm ~arm64 ppc ppc64 x86 ~x86-fbsd" +IUSE="debug examples +qt4 qt5" + +REQUIRED_USE="|| ( qt4 qt5 )" + +RDEPEND=" + dev-libs/glib:2 + >=sys-auth/polkit-0.103 + qt4? ( + dev-qt/qtcore:4[glib] + dev-qt/qtdbus:4 + dev-qt/qtgui:4[glib] + ) + qt5? ( + dev-qt/qtcore:5 + dev-qt/qtdbus:5 + dev-qt/qtgui:5 + dev-qt/qtwidgets:5 + examples? ( dev-qt/qtxml:5 ) + ) +" +DEPEND="${RDEPEND}" + +DOCS=( AUTHORS README README.porting TODO ) + +S=${WORKDIR}/${MY_P} + +# bug #529686 +RESTRICT="test" + +pkg_setup() { + MULTIBUILD_VARIANTS=() + use qt4 && MULTIBUILD_VARIANTS+=( qt4 ) + use qt5 && MULTIBUILD_VARIANTS+=( qt5 ) +} + +src_configure() { + myconfigure() { + local mycmakeargs=( + -DSYSCONF_INSTALL_DIR="${EPREFIX}"/etc + $(cmake-utils_use_build examples) + ) + + if [[ ${MULTIBUILD_VARIANT} = qt4 ]] ; then + mycmakeargs+=( -DUSE_QT4=ON ) + fi + if [[ ${MULTIBUILD_VARIANT} = qt5 ]] ; then + mycmakeargs+=( -DUSE_QT5=ON ) + fi + + cmake-utils_src_configure + } + + multibuild_foreach_variant myconfigure +} + +src_compile() { + multibuild_foreach_variant cmake-utils_src_compile +} + +src_install() { + multibuild_foreach_variant cmake-utils_src_install +} diff --git a/sys-auth/polkit/Manifest b/sys-auth/polkit/Manifest new file mode 100644 index 000000000000..2add7c33efe9 --- /dev/null +++ b/sys-auth/polkit/Manifest @@ -0,0 +1,2 @@ +DIST polkit-0.112.tar.gz 1429240 SHA256 d695f43cba4748a822fbe864dd32c4887c5da1c71694a47693ace5e88fcf6af6 SHA512 e4ad1bd287b38e5650cb94b1897a959b2ceaa6c19b4478ba872eacb13b58758fd42f6ab1718976162d823d850cd5c99b3ccadf1b57d75dea7790101422029d5f WHIRLPOOL af5dd0a17b7356302b0319e80565d6ac916128dfc85b6e2711147f3de86651f11fe8d08f3d6067d7abd24e263be92403f9d8f46935ba93db571e386a603a038a +DIST polkit-0.113.tar.gz 1448865 SHA256 e1c095093c654951f78f8618d427faf91cf62abdefed98de40ff65eca6413c81 SHA512 ab177c89a20eeb2978ddbe28afb205d3619f9c5defe833eb68a85e71a0f2c905367f1295cbbfb85da5eafdd661bce474d5d84aca9195cd425a18c9b4170eb5f9 WHIRLPOOL 106db7e6085a4ce49da44929138671eff2fd6007c80533518abe2d91ede9242b1e3cd0a1801190eeac5d4d5c1e978a30a18e47a6b604497b38853fa60c935a81 diff --git a/sys-auth/polkit/files/polkit-0.112-0001-backend-Handle-invalid-object-paths-in-RegisterAuthe.patch b/sys-auth/polkit/files/polkit-0.112-0001-backend-Handle-invalid-object-paths-in-RegisterAuthe.patch new file mode 100644 index 000000000000..5ceb2de5f9ed --- /dev/null +++ b/sys-auth/polkit/files/polkit-0.112-0001-backend-Handle-invalid-object-paths-in-RegisterAuthe.patch @@ -0,0 +1,106 @@ +From 9e074421d5623b6962dc66994d519012b40334b9 Mon Sep 17 00:00:00 2001 +From: Colin Walters <walters@verbum.org> +Date: Sat, 30 May 2015 09:06:23 -0400 +Subject: [PATCH] backend: Handle invalid object paths in + RegisterAuthenticationAgent + +Properly propagate the error, otherwise we dereference a `NULL` +pointer. This is a local, authenticated DoS. + +Reported-by: Tavis Ormandy <taviso@google.com> +Signed-off-by: Colin Walters <walters@verbum.org> +--- + .../polkitbackendinteractiveauthority.c | 53 ++++++++++++---------- + 1 file changed, 30 insertions(+), 23 deletions(-) + +diff --git a/src/polkitbackend/polkitbackendinteractiveauthority.c b/src/polkitbackend/polkitbackendinteractiveauthority.c +index 59028d5..f45fdf1 100644 +--- a/src/polkitbackend/polkitbackendinteractiveauthority.c ++++ b/src/polkitbackend/polkitbackendinteractiveauthority.c +@@ -1551,36 +1551,42 @@ authentication_agent_new (PolkitSubject *scope, + const gchar *unique_system_bus_name, + const gchar *locale, + const gchar *object_path, +- GVariant *registration_options) ++ GVariant *registration_options, ++ GError **error) + { + AuthenticationAgent *agent; +- GError *error; ++ GDBusProxy *proxy; + +- agent = g_new0 (AuthenticationAgent, 1); ++ if (!g_variant_is_object_path (object_path)) ++ { ++ g_set_error (error, POLKIT_ERROR, POLKIT_ERROR_FAILED, ++ "Invalid object path '%s'", object_path); ++ return NULL; ++ } ++ ++ proxy = g_dbus_proxy_new_for_bus_sync (G_BUS_TYPE_SYSTEM, ++ G_DBUS_PROXY_FLAGS_DO_NOT_LOAD_PROPERTIES | ++ G_DBUS_PROXY_FLAGS_DO_NOT_CONNECT_SIGNALS, ++ NULL, /* GDBusInterfaceInfo* */ ++ unique_system_bus_name, ++ object_path, ++ "org.freedesktop.PolicyKit1.AuthenticationAgent", ++ NULL, /* GCancellable* */ ++ error); ++ if (proxy == NULL) ++ { ++ g_prefix_error (error, "Failed to construct proxy for agent: " ); ++ return NULL; ++ } + ++ agent = g_new0 (AuthenticationAgent, 1); + agent->ref_count = 1; + agent->scope = g_object_ref (scope); + agent->object_path = g_strdup (object_path); + agent->unique_system_bus_name = g_strdup (unique_system_bus_name); + agent->locale = g_strdup (locale); + agent->registration_options = registration_options != NULL ? g_variant_ref (registration_options) : NULL; +- +- error = NULL; +- agent->proxy = g_dbus_proxy_new_for_bus_sync (G_BUS_TYPE_SYSTEM, +- G_DBUS_PROXY_FLAGS_DO_NOT_LOAD_PROPERTIES | +- G_DBUS_PROXY_FLAGS_DO_NOT_CONNECT_SIGNALS, +- NULL, /* GDBusInterfaceInfo* */ +- agent->unique_system_bus_name, +- agent->object_path, +- "org.freedesktop.PolicyKit1.AuthenticationAgent", +- NULL, /* GCancellable* */ +- &error); +- if (agent->proxy == NULL) +- { +- g_warning ("Error constructing proxy for agent: %s", error->message); +- g_error_free (error); +- /* TODO: Make authentication_agent_new() return NULL and set a GError */ +- } ++ agent->proxy = proxy; + + return agent; + } +@@ -2383,8 +2389,6 @@ polkit_backend_interactive_authority_register_authentication_agent (PolkitBacken + caller_cmdline = NULL; + agent = NULL; + +- /* TODO: validate that object path is well-formed */ +- + interactive_authority = POLKIT_BACKEND_INTERACTIVE_AUTHORITY (authority); + priv = POLKIT_BACKEND_INTERACTIVE_AUTHORITY_GET_PRIVATE (interactive_authority); + +@@ -2471,7 +2475,10 @@ polkit_backend_interactive_authority_register_authentication_agent (PolkitBacken + polkit_system_bus_name_get_name (POLKIT_SYSTEM_BUS_NAME (caller)), + locale, + object_path, +- options); ++ options, ++ error); ++ if (!agent) ++ goto out; + + g_hash_table_insert (priv->hash_scope_to_authentication_agent, + g_object_ref (subject), +-- +1.8.3.1 + diff --git a/sys-auth/polkit/metadata.xml b/sys-auth/polkit/metadata.xml new file mode 100644 index 000000000000..d553f2f472c3 --- /dev/null +++ b/sys-auth/polkit/metadata.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <herd>freedesktop</herd> + <maintainer> + <email>freedesktop-bugs@gentoo.org</email> + </maintainer> + <use> + <flag name='systemd'>Use <pkg>sys-apps/systemd</pkg> instead of <pkg>sys-auth/consolekit</pkg> for session tracking</flag> + </use> +</pkgmetadata> diff --git a/sys-auth/polkit/polkit-0.112-r2.ebuild b/sys-auth/polkit/polkit-0.112-r2.ebuild new file mode 100644 index 000000000000..246898ea6106 --- /dev/null +++ b/sys-auth/polkit/polkit-0.112-r2.ebuild @@ -0,0 +1,121 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 +inherit eutils multilib pam pax-utils systemd user + +DESCRIPTION="Policy framework for controlling privileges for system-wide services" +HOMEPAGE="http://www.freedesktop.org/wiki/Software/polkit" +SRC_URI="http://www.freedesktop.org/software/${PN}/releases/${P}.tar.gz" + +LICENSE="LGPL-2" +SLOT="0" +KEYWORDS="alpha amd64 arm hppa ia64 ~mips ppc ppc64 ~s390 ~sh sparc x86" +IUSE="examples gtk +introspection jit kde nls pam selinux systemd" + +CDEPEND=" + ia64? ( =dev-lang/spidermonkey-1.8.5*[-debug] ) + hppa? ( =dev-lang/spidermonkey-1.8.5*[-debug] ) + mips? ( =dev-lang/spidermonkey-1.8.5*[-debug] ) + !hppa? ( !ia64? ( !mips? ( dev-lang/spidermonkey:17[-debug,jit=] ) ) ) + >=dev-libs/glib-2.32 + >=dev-libs/expat-2:= + introspection? ( >=dev-libs/gobject-introspection-1 ) + pam? ( + sys-auth/pambase + virtual/pam + ) + systemd? ( sys-apps/systemd:0= )" +DEPEND="${CDEPEND} + app-text/docbook-xml-dtd:4.1.2 + app-text/docbook-xsl-stylesheets + dev-libs/libxslt + dev-util/intltool + virtual/pkgconfig" +RDEPEND="${CDEPEND} + selinux? ( sec-policy/selinux-policykit ) +" +PDEPEND=" + gtk? ( || ( + >=gnome-extra/polkit-gnome-0.105 + lxde-base/lxpolkit + ) ) + kde? ( || ( + kde-plasma/polkit-kde-agent + sys-auth/polkit-kde-agent + ) ) + !systemd? ( sys-auth/consolekit[policykit] )" + +QA_MULTILIB_PATHS=" + usr/lib/polkit-1/polkit-agent-helper-1 + usr/lib/polkit-1/polkitd" + +pkg_setup() { + local u=polkitd + local g=polkitd + local h=/var/lib/polkit-1 + + enewgroup ${g} + enewuser ${u} -1 -1 ${h} ${g} + esethome ${u} ${h} +} + +src_prepare() { + sed -i -e 's|unix-group:wheel|unix-user:0|' src/polkitbackend/*-default.rules || die #401513 +} + +src_configure() { + econf \ + --localstatedir="${EPREFIX}"/var \ + --disable-static \ + --enable-man-pages \ + --disable-gtk-doc \ + $(use_enable systemd libsystemd-login) \ + $(use_enable introspection) \ + --disable-examples \ + $(use_enable nls) \ + $(if use hppa || use ia64 || use mips; then echo --with-mozjs=mozjs185; else echo --with-mozjs=mozjs-17.0; fi) \ + "$(systemd_with_unitdir)" \ + --with-authfw=$(usex pam pam shadow) \ + $(use pam && echo --with-pam-module-dir="$(getpam_mod_dir)") \ + --with-os-type=gentoo +} + +src_compile() { + default + + # Required for polkitd on hardened/PaX due to spidermonkey's JIT + local f='src/polkitbackend/.libs/polkitd test/polkitbackend/.libs/polkitbackendjsauthoritytest' + local m='' + # Only used when USE="jit" is enabled for 'dev-lang/spidermonkey:17' wrt #485910 + has_version 'dev-lang/spidermonkey:17[jit]' && m='m' + # hppa, ia64 and mips uses spidermonkey-1.8.5 which requires different pax-mark flags + use hppa && m='mr' + use ia64 && m='mr' + use mips && m='mr' + [ -n "$m" ] && pax-mark ${m} ${f} +} + +src_install() { + emake DESTDIR="${D}" install + + dodoc docs/TODO HACKING NEWS README + + fowners -R polkitd:root /{etc,usr/share}/polkit-1/rules.d + + diropts -m0700 -o polkitd -g polkitd + keepdir /var/lib/polkit-1 + + if use examples; then + insinto /usr/share/doc/${PF}/examples + doins src/examples/{*.c,*.policy*} + fi + + prune_libtool_files +} + +pkg_postinst() { + chown -R polkitd:root "${EROOT}"/{etc,usr/share}/polkit-1/rules.d + chown -R polkitd:polkitd "${EROOT}"/var/lib/polkit-1 +} diff --git a/sys-auth/polkit/polkit-0.112-r3.ebuild b/sys-auth/polkit/polkit-0.112-r3.ebuild new file mode 100644 index 000000000000..873670c90a8d --- /dev/null +++ b/sys-auth/polkit/polkit-0.112-r3.ebuild @@ -0,0 +1,122 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 +inherit eutils multilib pam pax-utils systemd user + +DESCRIPTION="Policy framework for controlling privileges for system-wide services" +HOMEPAGE="http://www.freedesktop.org/wiki/Software/polkit" +SRC_URI="http://www.freedesktop.org/software/${PN}/releases/${P}.tar.gz" + +LICENSE="LGPL-2" +SLOT="0" +KEYWORDS="~alpha amd64 arm hppa ia64 ~mips ppc ppc64 ~s390 ~sh sparc x86" +IUSE="examples gtk +introspection jit kde nls pam selinux systemd" + +CDEPEND=" + ia64? ( =dev-lang/spidermonkey-1.8.5*[-debug] ) + hppa? ( =dev-lang/spidermonkey-1.8.5*[-debug] ) + mips? ( =dev-lang/spidermonkey-1.8.5*[-debug] ) + !hppa? ( !ia64? ( !mips? ( dev-lang/spidermonkey:17[-debug,jit=] ) ) ) + >=dev-libs/glib-2.32 + >=dev-libs/expat-2:= + introspection? ( >=dev-libs/gobject-introspection-1 ) + pam? ( + sys-auth/pambase + virtual/pam + ) + systemd? ( sys-apps/systemd:0= )" +DEPEND="${CDEPEND} + app-text/docbook-xml-dtd:4.1.2 + app-text/docbook-xsl-stylesheets + dev-libs/libxslt + dev-util/intltool + virtual/pkgconfig" +RDEPEND="${CDEPEND} + selinux? ( sec-policy/selinux-policykit ) +" +PDEPEND=" + gtk? ( || ( + >=gnome-extra/polkit-gnome-0.105 + lxde-base/lxpolkit + ) ) + kde? ( || ( + kde-plasma/polkit-kde-agent + sys-auth/polkit-kde-agent + ) ) + !systemd? ( sys-auth/consolekit[policykit] )" + +QA_MULTILIB_PATHS=" + usr/lib/polkit-1/polkit-agent-helper-1 + usr/lib/polkit-1/polkitd" + +pkg_setup() { + local u=polkitd + local g=polkitd + local h=/var/lib/polkit-1 + + enewgroup ${g} + enewuser ${u} -1 -1 ${h} ${g} + esethome ${u} ${h} +} + +src_prepare() { + epatch "${FILESDIR}/${PN}-0.112-0001-backend-Handle-invalid-object-paths-in-RegisterAuthe.patch" # bug 551316 + sed -i -e 's|unix-group:wheel|unix-user:0|' src/polkitbackend/*-default.rules || die #401513 +} + +src_configure() { + econf \ + --localstatedir="${EPREFIX}"/var \ + --disable-static \ + --enable-man-pages \ + --disable-gtk-doc \ + $(use_enable systemd libsystemd-login) \ + $(use_enable introspection) \ + --disable-examples \ + $(use_enable nls) \ + $(if use hppa || use ia64 || use mips; then echo --with-mozjs=mozjs185; else echo --with-mozjs=mozjs-17.0; fi) \ + "$(systemd_with_unitdir)" \ + --with-authfw=$(usex pam pam shadow) \ + $(use pam && echo --with-pam-module-dir="$(getpam_mod_dir)") \ + --with-os-type=gentoo +} + +src_compile() { + default + + # Required for polkitd on hardened/PaX due to spidermonkey's JIT + local f='src/polkitbackend/.libs/polkitd test/polkitbackend/.libs/polkitbackendjsauthoritytest' + local m='' + # Only used when USE="jit" is enabled for 'dev-lang/spidermonkey:17' wrt #485910 + has_version 'dev-lang/spidermonkey:17[jit]' && m='m' + # hppa, ia64 and mips uses spidermonkey-1.8.5 which requires different pax-mark flags + use hppa && m='mr' + use ia64 && m='mr' + use mips && m='mr' + [ -n "$m" ] && pax-mark ${m} ${f} +} + +src_install() { + emake DESTDIR="${D}" install + + dodoc docs/TODO HACKING NEWS README + + fowners -R polkitd:root /{etc,usr/share}/polkit-1/rules.d + + diropts -m0700 -o polkitd -g polkitd + keepdir /var/lib/polkit-1 + + if use examples; then + insinto /usr/share/doc/${PF}/examples + doins src/examples/{*.c,*.policy*} + fi + + prune_libtool_files +} + +pkg_postinst() { + chown -R polkitd:root "${EROOT}"/{etc,usr/share}/polkit-1/rules.d + chown -R polkitd:polkitd "${EROOT}"/var/lib/polkit-1 +} diff --git a/sys-auth/polkit/polkit-0.113.ebuild b/sys-auth/polkit/polkit-0.113.ebuild new file mode 100644 index 000000000000..5cce334f84b3 --- /dev/null +++ b/sys-auth/polkit/polkit-0.113.ebuild @@ -0,0 +1,115 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 +inherit eutils multilib pam pax-utils systemd user + +DESCRIPTION="Policy framework for controlling privileges for system-wide services" +HOMEPAGE="http://www.freedesktop.org/wiki/Software/polkit" +SRC_URI="http://www.freedesktop.org/software/${PN}/releases/${P}.tar.gz" + +LICENSE="LGPL-2" +SLOT="0" +KEYWORDS="alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" +IUSE="examples gtk +introspection jit kde nls pam selinux systemd test" + +CDEPEND=" + dev-lang/spidermonkey:0/mozjs185[-debug] + >=dev-libs/glib-2.32:2 + >=dev-libs/expat-2:= + introspection? ( >=dev-libs/gobject-introspection-1:= ) + pam? ( + sys-auth/pambase + virtual/pam + ) + systemd? ( sys-apps/systemd:0= ) +" +DEPEND="${CDEPEND} + app-text/docbook-xml-dtd:4.1.2 + app-text/docbook-xsl-stylesheets + dev-libs/libxslt + dev-util/gtk-doc-am + dev-util/intltool + virtual/pkgconfig +" +RDEPEND="${CDEPEND} + selinux? ( sec-policy/selinux-policykit ) +" +PDEPEND=" + gtk? ( || ( + >=gnome-extra/polkit-gnome-0.105 + lxde-base/lxpolkit + ) ) + kde? ( || ( + kde-plasma/polkit-kde-agent + sys-auth/polkit-kde-agent + ) ) + !systemd? ( sys-auth/consolekit[policykit] ) +" + +QA_MULTILIB_PATHS=" + usr/lib/polkit-1/polkit-agent-helper-1 + usr/lib/polkit-1/polkitd" + +pkg_setup() { + local u=polkitd + local g=polkitd + local h=/var/lib/polkit-1 + + enewgroup ${g} + enewuser ${u} -1 -1 ${h} ${g} + esethome ${u} ${h} +} + +src_prepare() { + sed -i -e 's|unix-group:wheel|unix-user:0|' src/polkitbackend/*-default.rules || die #401513 +} + +src_configure() { + econf \ + --localstatedir="${EPREFIX}"/var \ + --disable-static \ + --enable-man-pages \ + --disable-gtk-doc \ + $(use_enable systemd libsystemd-login) \ + $(use_enable introspection) \ + --disable-examples \ + $(use_enable nls) \ + --with-mozjs=mozjs185 \ + "$(systemd_with_unitdir)" \ + --with-authfw=$(usex pam pam shadow) \ + $(use pam && echo --with-pam-module-dir="$(getpam_mod_dir)") \ + $(use_enable test) \ + --with-os-type=gentoo +} + +src_compile() { + default + + # Required for polkitd on hardened/PaX due to spidermonkey's JIT + pax-mark mr src/polkitbackend/.libs/polkitd test/polkitbackend/.libs/polkitbackendjsauthoritytest +} + +src_install() { + emake DESTDIR="${D}" install + + dodoc docs/TODO HACKING NEWS README + + fowners -R polkitd:root /{etc,usr/share}/polkit-1/rules.d + + diropts -m0700 -o polkitd -g polkitd + keepdir /var/lib/polkit-1 + + if use examples; then + insinto /usr/share/doc/${PF}/examples + doins src/examples/{*.c,*.policy*} + fi + + prune_libtool_files +} + +pkg_postinst() { + chown -R polkitd:root "${EROOT}"/{etc,usr/share}/polkit-1/rules.d + chown -R polkitd:polkitd "${EROOT}"/var/lib/polkit-1 +} diff --git a/sys-auth/realtime-base/metadata.xml b/sys-auth/realtime-base/metadata.xml new file mode 100644 index 000000000000..af0275e2998a --- /dev/null +++ b/sys-auth/realtime-base/metadata.xml @@ -0,0 +1,5 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <herd>proaudio</herd> +</pkgmetadata> diff --git a/sys-auth/realtime-base/realtime-base-0.1.ebuild b/sys-auth/realtime-base/realtime-base-0.1.ebuild new file mode 100644 index 000000000000..bf2defe7147e --- /dev/null +++ b/sys-auth/realtime-base/realtime-base-0.1.ebuild @@ -0,0 +1,50 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=3 + +inherit user + +DESCRIPTION="Sets up realtime scheduling" +HOMEPAGE="http://www.jackaudio.org/linux_rt_config" +SRC_URI="" + +LICENSE="public-domain" +SLOT="0" +KEYWORDS="alpha amd64 arm hppa ia64 ppc ppc64 sh sparc x86 ~amd64-fbsd" +IUSE="" + +DEPEND="" +RDEPEND="virtual/pam" + +limitsdfile=40-${PN}.conf +rtgroup=realtime + +S=${WORKDIR} + +pkg_setup() { + enewgroup ${rtgroup} +} + +print_limitsdfile() { + printf "# Start of ${limitsdfile} from ${P}\n\n" + printf "@${rtgroup}\t-\trtprio\t99\n" + printf "@${rtgroup}\t-\tmemlock\tunlimited\n" + printf "\n# End of ${limitsdfile} from ${P}\n" +} + +src_compile() { + einfo "Generating ${limitsdfile}" + print_limitsdfile > "${S}/${limitsdfile}" +} + +src_install() { + insinto /etc/security/limits.d/ + doins "${S}/${limitsdfile}" || die +} + +pkg_postinst() { + elog "We have added realtime scheduling privileges for users in the ${rtgroup} group." + elog "Please make sure users needing such privileges are in that group." +} diff --git a/sys-auth/rtkit/Manifest b/sys-auth/rtkit/Manifest new file mode 100644 index 000000000000..fa3e050092d3 --- /dev/null +++ b/sys-auth/rtkit/Manifest @@ -0,0 +1 @@ +DIST rtkit-0.11.tar.xz 126748 SHA256 68859108cff6410901502b58365eb7607da37110a06b837762f771735f58acd0 SHA512 4641af965dc64c0f498ae469fbee1ceb337204fa7d778fbbb41f2b5c5e88947e633c7e9ad037274fdd778c3c097a4a1dbb0b2add287d74eccbcd2d357cb2da22 WHIRLPOOL 7036f2811aeef28dd7680f24fcf16e2cf8708937d86a0dfcd1411fcae469be3fe673b12dc640f9cda9be951ab2879f2b7ec2374577e7a0b532c59d8abde176b5 diff --git a/sys-auth/rtkit/files/rtkit-0.11-controlgroup.patch b/sys-auth/rtkit/files/rtkit-0.11-controlgroup.patch new file mode 100644 index 000000000000..7a36deeeae7b --- /dev/null +++ b/sys-auth/rtkit/files/rtkit-0.11-controlgroup.patch @@ -0,0 +1,14 @@ +diff --git rtkit-0.11/rtkit-daemon.service.in~ rtkit-0.11/rtkit-daemon.service.in +index 3dfefa6..d0dc786 100644 +--- rtkit-0.11/rtkit-daemon.service.in~ ++++ rtkit-0.11/rtkit-daemon.service.in +@@ -27,9 +27,5 @@ CapabilityBoundingSet=CAP_SYS_NICE CAP_DAC_READ_SEARCH CAP_SYS_PTRACE CAP_SYS_CH + PrivateTmp=yes + PrivateNetwork=yes + +-# Work around the fact that the Linux currently doesn't assign any RT +-# budget to CPU control groups that have none configured explicitly +-ControlGroup=cpu:/ +- + [Install] + WantedBy=graphical.target diff --git a/sys-auth/rtkit/files/rtkit-0.11-gettime.patch b/sys-auth/rtkit/files/rtkit-0.11-gettime.patch new file mode 100644 index 000000000000..43732081386e --- /dev/null +++ b/sys-auth/rtkit/files/rtkit-0.11-gettime.patch @@ -0,0 +1,21 @@ +From: Lennart Poettering <lennart@poettering.net> +Date: Thu, 26 Sep 2013 19:52:58 +0000 (+0200) +Subject: build-sys: since clock_gettime() moved to libc use mq_open to check for librt +X-Git-Url: http://git.0pointer.de/?p=rtkit.git;a=commitdiff_plain;h=d550837387e4185ebcde1023702580e35eb441e7 + +build-sys: since clock_gettime() moved to libc use mq_open to check for librt +--- + +diff --git a/configure.ac b/configure.ac +index 5a77363..62c17f5 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -111,7 +111,7 @@ CFLAGS="$CFLAGS $PTHREAD_CFLAGS" + CC="$PTHREAD_CC" + + AC_SEARCH_LIBS([sched_setscheduler], [rt]) +-AC_SEARCH_LIBS([clock_gettime], [rt]) ++AC_SEARCH_LIBS([mq_open], [rt]) + AC_SEARCH_LIBS([cap_init], [cap]) + + PKG_CHECK_MODULES(DBUS, dbus-1) diff --git a/sys-auth/rtkit/files/rtkit-0.11-polkit.patch b/sys-auth/rtkit/files/rtkit-0.11-polkit.patch new file mode 100644 index 000000000000..ad489c466184 --- /dev/null +++ b/sys-auth/rtkit/files/rtkit-0.11-polkit.patch @@ -0,0 +1,36 @@ +X-Git-Url: http://git.0pointer.de/?p=rtkit.git;a=blobdiff_plain;f=rtkit-daemon.c;h=3ecc1f7840a0d9bdd3af7f08933c4a62546094eb;hp=2ebe673309315f16bc2bc2e0c51a556fb215bc51;hb=88d4082ef6caf6b071d749dca1c50e7edde914cc;hpb=e86e04865ebc1a92c8fa3007843ebcf9c8fa4c05 + +diff --git a/rtkit-daemon.c b/rtkit-daemon.c +index 2ebe673..3ecc1f7 100644 +--- a/rtkit-daemon.c ++++ b/rtkit-daemon.c +@@ -1170,12 +1170,14 @@ static int verify_polkit(DBusConnection *c, struct rtkit_user *u, struct process + DBusMessage *m = NULL, *r = NULL; + const char *unix_process = "unix-process"; + const char *pid = "pid"; ++ const char *uid = "uid"; + const char *start_time = "start-time"; + const char *cancel_id = ""; + uint32_t flags = 0; + uint32_t pid_u32 = p->pid; +- uint64_t start_time_u64 = p->starttime; ++ uint32_t uid_u32 = (uint32_t)u->uid; + DBusMessageIter iter_msg, iter_struct, iter_array, iter_dict, iter_variant; ++ uint64_t start_time_u64 = p->starttime; + int ret; + dbus_bool_t authorized = FALSE; + +@@ -1206,6 +1208,13 @@ static int verify_polkit(DBusConnection *c, struct rtkit_user *u, struct process + assert_se(dbus_message_iter_close_container(&iter_dict, &iter_variant)); + assert_se(dbus_message_iter_close_container(&iter_array, &iter_dict)); + ++ assert_se(dbus_message_iter_open_container(&iter_array, DBUS_TYPE_DICT_ENTRY, NULL, &iter_dict)); ++ assert_se(dbus_message_iter_append_basic(&iter_dict, DBUS_TYPE_STRING, &uid)); ++ assert_se(dbus_message_iter_open_container(&iter_dict, DBUS_TYPE_VARIANT, "u", &iter_variant)); ++ assert_se(dbus_message_iter_append_basic(&iter_variant, DBUS_TYPE_UINT32, &uid_u32)); ++ assert_se(dbus_message_iter_close_container(&iter_dict, &iter_variant)); ++ assert_se(dbus_message_iter_close_container(&iter_array, &iter_dict)); ++ + assert_se(dbus_message_iter_close_container(&iter_struct, &iter_array)); + assert_se(dbus_message_iter_close_container(&iter_msg, &iter_struct)); + diff --git a/sys-auth/rtkit/metadata.xml b/sys-auth/rtkit/metadata.xml new file mode 100644 index 000000000000..ec4b7a19ff7d --- /dev/null +++ b/sys-auth/rtkit/metadata.xml @@ -0,0 +1,12 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer> + <email>maintainer-needed@gentoo.org</email> + </maintainer> + <longdescription lang="en"> + RealtimeKit is a DBus service that provides applications with an interface + to escalate their priority to realtime, without any special setup in + rlimits, etc. + </longdescription> +</pkgmetadata> diff --git a/sys-auth/rtkit/rtkit-0.11-r1.ebuild b/sys-auth/rtkit/rtkit-0.11-r1.ebuild new file mode 100644 index 000000000000..b75139a48e9a --- /dev/null +++ b/sys-auth/rtkit/rtkit-0.11-r1.ebuild @@ -0,0 +1,49 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 +inherit eutils systemd user autotools + +DESCRIPTION="Realtime Policy and Watchdog Daemon" +HOMEPAGE="http://0pointer.de/blog/projects/rtkit" +SRC_URI="http://0pointer.de/public/${P}.tar.xz" + +LICENSE="GPL-3 BSD" +SLOT="0" +KEYWORDS="alpha amd64 arm hppa ia64 ppc ppc64 ~sh sparc x86" +IUSE="" + +RDEPEND=" + sys-apps/dbus + sys-auth/polkit + sys-libs/libcap +" +DEPEND="${DEPEND} + app-arch/xz-utils +" + +pkg_setup() { + enewgroup rtkit + enewuser rtkit -1 -1 -1 "rtkit" +} + +src_prepare() { + # Fedora patches + epatch "${FILESDIR}"/${P}-polkit.patch + epatch "${FILESDIR}"/${P}-gettime.patch + epatch "${FILESDIR}"/${P}-controlgroup.patch + eautoreconf +} + +src_configure() { + econf $(systemd_with_unitdir) +} + +src_install() { + default + + ./rtkit-daemon --introspect > org.freedesktop.RealtimeKit1.xml + insinto /usr/share/dbus-1/interfaces + doins org.freedesktop.RealtimeKit1.xml +} diff --git a/sys-auth/skey/Manifest b/sys-auth/skey/Manifest new file mode 100644 index 000000000000..8b2acee3a75d --- /dev/null +++ b/sys-auth/skey/Manifest @@ -0,0 +1,3 @@ +DIST skey-1.1.5-patches-2.tar.xz 32836 SHA256 e55ea1250b2608b8f145f6de5bc62aee7ad1d98634a9a72ef8614e286d9f802c SHA512 666e44206864a195d78870365c1ce1854326b47bddbcfdb9cafc776d283a3d40cd5cb60a353f90ffb06466e473c36a4aadfbcc8fc250d8e4a2ec36daef72ee21 WHIRLPOOL 3d938ef3144316ffb793265d51ce3e1af12616c7e81536745318207d43bcef83f36c69ede37a30274cf1fb04abfcf31f0e6098fd761c84bf5ee032f5b5512540 +DIST skey-1.1.5-patches-3.tar.xz 33604 SHA256 adabe7b286f586d2cbe1a4b15f71310b7d8e25fc3187f8a89071359d7975badf SHA512 dcef6837e563ce3f68fe4eed35f16db1636e1798219dba95c86db505b5f67034b44bc6d02e0125faa95db8a5c39e9615bfed2dc3105905e576d96cf32016bc2f WHIRLPOOL bff241ecf0f59dae810db300bd858f76e18153f1958f2154c538f42040cc1040f049442d697767cfa7346996931d81370c2551d752c52810c9b18fe9e351c212 +DIST skey-1.1.5.tar.bz2 61911 SHA256 e21bcb7c618c0bc87a72d8f0f097d7517fffa4e881a0f295ee1ce2a7dccf4aef SHA512 4cbddc7e31134d5e23801a9b07de0d05c8357aaa8dddfb8426fceead3f54e539f77204f78a08b2a93890ef2f4f807a2208080f58f80818afa1b8cd4884b1fb37 WHIRLPOOL abf141fd679deeaee3f3883cd3076620c84e8775ecacc8f87d561c1812beae55299989f37ec331633bac29e25b4b8d145dc590ef119c73a137d8790815bb13f2 diff --git a/sys-auth/skey/metadata.xml b/sys-auth/skey/metadata.xml new file mode 100644 index 000000000000..31fc6f43a7dd --- /dev/null +++ b/sys-auth/skey/metadata.xml @@ -0,0 +1,29 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<maintainer> + <email>ulm@gentoo.org</email> +</maintainer> +<longdescription lang="en"> + From RFC2289: + One form of attack on networked computing systems is eavesdropping on + network connections to obtain authentication information such as the + login IDs and passwords of legitimate users. Once this information is + captured, it can be used at a later time to gain access to the system. + One-time password systems are designed to counter this type of attack, + called a "replay attack." + + The authentication system described in this document uses a secret + pass-phrase to generate a sequence of one-time (single use) passwords. + With this system, the user's secret pass-phrase never needs to cross the + network at any time such as during authentication or during pass-phrase + changes. Thus, it is not vulnerable to replay attacks. Added security + is provided by the property that no secret information need be stored on + any system, including the server being protected. + + The OTP system protects against external passive attacks against the + authentication subsystem. It does not prevent a network eavesdropper from + gaining access to private information and does not provide protection + against either "social engineering" or active attacks. +</longdescription> +</pkgmetadata> diff --git a/sys-auth/skey/skey-1.1.5-r8.ebuild b/sys-auth/skey/skey-1.1.5-r8.ebuild new file mode 100644 index 000000000000..67dfe6b79b51 --- /dev/null +++ b/sys-auth/skey/skey-1.1.5-r8.ebuild @@ -0,0 +1,81 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=4 + +inherit flag-o-matic eutils toolchain-funcs + +DESCRIPTION="Linux Port of OpenBSD Single-key Password System" +HOMEPAGE="http://www.openbsd.org/faq/faq8.html#SKey" +SRC_URI="mirror://gentoo/${P}.tar.bz2 + mirror://gentoo/${P}-patches-2.tar.xz" + +LICENSE="BSD MIT RSA BEER-WARE" +SLOT="0" +KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86" +IUSE="static-libs" + +DEPEND="dev-lang/perl + app-arch/xz-utils" +RDEPEND="dev-lang/perl + sys-libs/cracklib" + +src_prepare() { + EPATCH_SUFFIX=patch epatch +} + +src_configure() { + tc-export CC + econf --sysconfdir=/etc/skey +} + +src_install() { + into / + dolib.so libskey.so{.${PV},.${PV%.*},.${PV%%.*},} + + into /usr + dobin skey skeyinit skeyinfo + newbin skeyaudit.sh skeyaudit + newsbin skeyprune.pl skeyprune + + dosym skey /usr/bin/otp-md4 + dosym skey /usr/bin/otp-md5 + dosym skey /usr/bin/otp-sha1 + + if use static-libs; then + dolib.a libskey.a + gen_usr_ldscript libskey.so + fi + + doman skey.1 skeyaudit.1 skeyinfo.1 skeyinit.1 skey.3 skeyprune.8 + + insinto /usr/include + doins skey.h + + keepdir /etc/skey + + # only root needs to have access to these files. + fperms go-rx /etc/skey + + # skeyinit and skeyinfo must be suid root so users + # can generate their passwords. + fperms u+s,go-r /usr/bin/skeyinit /usr/bin/skeyinfo + + dodoc README CHANGES +} + +pkg_postinst() { + # do not include /etc/skey/skeykeys in the package, as quickpkg + # may package sensitive information. + # This also fixes the etc-update issue with #64974. + + # skeyinit will not function if this file is not present. + touch /etc/skey/skeykeys + + # these permissions are applied by the skey system if missing. + chmod 0600 /etc/skey/skeykeys + + elog "For an introduction into using s/key authentication, take" + elog "a look at the EXAMPLES section from the skey(1) manpage." +} diff --git a/sys-auth/skey/skey-1.1.5-r9.ebuild b/sys-auth/skey/skey-1.1.5-r9.ebuild new file mode 100644 index 000000000000..d04023f3ec24 --- /dev/null +++ b/sys-auth/skey/skey-1.1.5-r9.ebuild @@ -0,0 +1,82 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +inherit flag-o-matic eutils toolchain-funcs + +DESCRIPTION="Linux Port of OpenBSD Single-key Password System" +HOMEPAGE="http://www.openbsd.org/faq/faq8.html#SKey" +SRC_URI="mirror://gentoo/${P}.tar.bz2 + http://dev.gentoo.org/~ulm/distfiles/${P}-patches-3.tar.xz" + +LICENSE="BSD MIT RSA BEER-WARE" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" +IUSE="static-libs" + +DEPEND="dev-lang/perl + app-arch/xz-utils" +RDEPEND="dev-lang/perl + virtual/perl-Time-Local + sys-libs/cracklib" + +src_prepare() { + EPATCH_SUFFIX=patch epatch +} + +src_configure() { + tc-export CC + econf --sysconfdir=/etc/skey +} + +src_install() { + into / + dolib.so libskey.so{.${PV},.${PV%.*},.${PV%%.*},} + + into /usr + dobin skey skeyinit skeyinfo + newbin skeyaudit.sh skeyaudit + newsbin skeyprune.pl skeyprune + + dosym skey /usr/bin/otp-md4 + dosym skey /usr/bin/otp-md5 + dosym skey /usr/bin/otp-sha1 + + if use static-libs; then + dolib.a libskey.a + gen_usr_ldscript libskey.so + fi + + doman skey.1 skeyaudit.1 skeyinfo.1 skeyinit.1 skey.3 skeyprune.8 + + insinto /usr/include + doins skey.h + + keepdir /etc/skey + + # only root needs to have access to these files. + fperms go-rx /etc/skey + + # skeyinit and skeyinfo must be suid root so users + # can generate their passwords. + fperms u+s,go-r /usr/bin/skeyinit /usr/bin/skeyinfo + + dodoc README CHANGES +} + +pkg_postinst() { + # do not include /etc/skey/skeykeys in the package, as quickpkg + # may package sensitive information. + # This also fixes the etc-update issue with #64974. + + # skeyinit will not function if this file is not present. + touch /etc/skey/skeykeys + + # these permissions are applied by the skey system if missing. + chmod 0600 /etc/skey/skeykeys + + elog "For an introduction into using s/key authentication, take" + elog "a look at the EXAMPLES section from the skey(1) manpage." +} diff --git a/sys-auth/sssd/Manifest b/sys-auth/sssd/Manifest new file mode 100644 index 000000000000..758c1b1ed431 --- /dev/null +++ b/sys-auth/sssd/Manifest @@ -0,0 +1,6 @@ +DIST sssd-1.12.1.tar.gz 4088341 SHA256 18b2d7e93e77435708feaf3ff65656f89e5a531ae6d48c4bff98168f171ba8ff SHA512 9514586eb51ac7e8d9639f2aba52cfd5cf71c442ee0a6c652e7838a96cf0fcb62ce4ffa9f9b956d984cd5ecfb3d13b8c21a66677e1e3e9e76f13202792ee2a7e WHIRLPOOL 73b34d373b3b557dc1a075eef94c69ff12051ffef04cd607e81bd84366ca233b67a1b815b02f6aa80d14fbc0453cbe301cdee75e4cc1e218aef8160b2a875e8e +DIST sssd-1.12.4.tar.gz 4226841 SHA256 ea3be3a40b20284bd3126481dd0747cd07e39d5ef7ef7026d4902d96fc3e9edf SHA512 817141378d4c535ee1018c4246c77a61b963ab10c026e6983e1be90860fa68698dd60cd27ab7ac77da096057f8c71cba90387cf3329e9d43e98a23163f8bb233 WHIRLPOOL 7ee273fcb2e2311f9239face618be1d2eb88c4b6df177ce61854e3465fe6e484753b55a7e864f3b6e4beb2ebea43ae348a06d3ea29eb2560a2ebe3c8a8d0ffed +DIST sssd-1.12.5.tar.gz 4300869 SHA256 243d8db7c72ecb21aa9db8a09fe9f9b10049dbdb35a1cc2f55e214f21e3ce256 SHA512 573947c58dc53b92b6b60390375a70f3842e0bfd22c696e60dd84b8dd671bc508f30f3a0952135b0c6a1e555d43493f59ce60f780a5130696cada06cc467fa6c WHIRLPOOL 6614d32f0808b97e55b33f996e12207b4960b6f694a7321235e26b7760aa84acad7dd68c2019857ce08d32585f9157e28d2a4be6f944f1eeaaf2f6b84c807638 +DIST sssd-1.13.0.tar.gz 4417697 SHA256 bd1dd95165bca02a08fbd0ea8ac6aa296bc339798d6c6566aee823c536718a5a SHA512 c11303557180d6491933f5732ed831d1725d33e7444d92d5a20ba24a35d77845711d8427d869fe526fbdea482944269469f5bbbb779e3006998fbe09403ebf7f WHIRLPOOL 0ef934e4e22d1c5a8d1e5f649de29e162717e421a341839cecc9ac089d022a30f843463966dc572619b959fd4e850d651bf372e2d511dba24994f790f1006a55 +DIST sssd-1.9.6.tar.gz 3180066 SHA256 ca96e8d98eb4113396b13d9601dbdd20f4b2f2613d0f29a0157ffd05e3748601 SHA512 32d6056db1a17fe348f0b932d4242ce3b3dc615d4d93ebf580f5f9a3e16985324d9955e092803cf9a2bf35724feab0450737f516e9ce003f6812a0debf54ba15 WHIRLPOOL e496d63a042b39dd5d269a7d24b9a535c73a47741a4429e78e2a9d1282515747a83251338d6c94d75b2de06a415bfed18f7223864b1b4e9a824a25d41afa6a59 +DIST sssd-1.9.7.tar.gz 3485351 SHA256 ed2b7e9835143404cbc0e3e105607b7c554f568e4af024b5db0f10ca4f809c7e SHA512 1c73078f2127c1359c13601900e39dcb7527c5ca1346dfbb2fdcf07d98d3542f7b79aed8acc9dd289ab1a679f0b5477e08a9f1d58da4847ada53bdb4f3f606e2 WHIRLPOOL 691164b8edbcdc5acba024a00ead18e1769175cf6f9c3e49f065d31c84b55b315e569fbf04a841c9cd67ce76531f26875a97e0c553b462aecee29aa9428493be diff --git a/sys-auth/sssd/files/0001_add_pthread_to_fix_as-needed.patch b/sys-auth/sssd/files/0001_add_pthread_to_fix_as-needed.patch new file mode 100644 index 000000000000..00769a00597d --- /dev/null +++ b/sys-auth/sssd/files/0001_add_pthread_to_fix_as-needed.patch @@ -0,0 +1,36 @@ +diff --git a/Makefile.am b/Makefile.am +--- a/Makefile.am ++++ b/Makefile.am +@@ -313,7 +313,8 @@ + $(DHASH_LIBS) \ + $(SSS_CRYPT_LIBS) \ + $(OPENLDAP_LIBS) \ +- $(TDB_LIBS) ++ $(TDB_LIBS) \ ++ -lpthread + + PYTHON_BINDINGS_LIBS = \ + $(TALLOC_LIBS) \ +@@ -338,7 +339,8 @@ + $(COLLECTION_LIBS) \ + $(DHASH_LIBS) \ + $(OPENLDAP_LIBS) \ +- $(TDB_LIBS) ++ $(TDB_LIBS) \ ++ -lpthread + + if BUILD_SELINUX + PYTHON_BINDINGS_LIBS += $(SELINUX_LIBS) +diff --git a/configure.ac b/configure.ac +--- a/configure.ac ++++ b/configure.ac +@@ -18,7 +18,8 @@ + AM_PROG_CC_C_O + AC_DISABLE_STATIC + AC_PROG_INSTALL +-AC_PROG_LIBTOOL ++LT_INIT ++AM_PROG_AR + AC_CONFIG_MACRO_DIR([m4]) + AM_GNU_GETTEXT([external]) + AM_GNU_GETTEXT_VERSION([0.14]) diff --git a/sys-auth/sssd/files/0002_allow_xdm_openrc.patch b/sys-auth/sssd/files/0002_allow_xdm_openrc.patch new file mode 100644 index 000000000000..40d64cbf41ff --- /dev/null +++ b/sys-auth/sssd/files/0002_allow_xdm_openrc.patch @@ -0,0 +1,19 @@ +--- src/sysv/gentoo/sssd.old 2011-08-02 23:14:48.000000000 +0300 ++++ src/sysv/gentoo/sssd 2011-08-24 12:15:18.413929409 +0300 +@@ -1,13 +1,13 @@ + #!/sbin/runscript + + depend(){ +- need localmount netmount clock +- use syslog ++ need localmount netmount clock nscd ++ use syslog xdm + } + + start(){ + ebegin "Starting sssd" +- start-stop-daemon --start --exec /usr/sbin/sssd -- -D ++ start-stop-daemon --start --exec /usr/sbin/sssd -- -Df + eend ${?} + } + diff --git a/sys-auth/sssd/files/0003_new_krb5.patch b/sys-auth/sssd/files/0003_new_krb5.patch new file mode 100644 index 000000000000..03a7c744f2ae --- /dev/null +++ b/sys-auth/sssd/files/0003_new_krb5.patch @@ -0,0 +1,46 @@ +From 4e78fab6a1b2e9653a7959cbdb7d54bb750041d0 Mon Sep 17 00:00:00 2001 +From: Jakub Hrozek <jhrozek@redhat.com> +Date: Mon, 04 Feb 2013 16:30:48 +0000 +Subject: krb5: include backwards compatible declaration of krb5_trace_info + +krb5-1.10 used to include "struct krb5_trace_info", now krb5-1.11 +includes a "krb5_trace_info" typedefed from "struct _krb5_trace_info". + +Do the same in the SSSD to allow compiling with both 1.10 and 1.11. +--- +diff --git a/src/external/krb5.m4 b/src/external/krb5.m4 +index 5bc8711..f1679a1 100644 +--- a/src/external/krb5.m4 ++++ b/src/external/krb5.m4 +@@ -37,7 +37,7 @@ SAVE_LIBS=$LIBS + CFLAGS="$CFLAGS $KRB5_CFLAGS" + LIBS="$LIBS $KRB5_LIBS" + AC_CHECK_HEADERS([krb5.h krb5/krb5.h]) +-AC_CHECK_TYPES([krb5_ticket_times, krb5_times], [], [], ++AC_CHECK_TYPES([krb5_ticket_times, krb5_times, krb5_trace_info], [], [], + [ #ifdef HAVE_KRB5_KRB5_H + #include <krb5/krb5.h> + #else +diff --git a/src/util/sss_krb5.c b/src/util/sss_krb5.c +index bb61d10..ab0344c 100644 +--- a/src/util/sss_krb5.c ++++ b/src/util/sss_krb5.c +@@ -1001,9 +1001,15 @@ sss_krb5_residual_check_type(const char *full_location, + } + + #ifdef HAVE_KRB5_SET_TRACE_CALLBACK ++ ++#ifndef HAVE_KRB5_TRACE_INFO ++/* krb5-1.10 had struct krb5_trace_info, 1.11 has type named krb5_trace_info */ ++typedef struct krb5_trace_info krb5_trace_info; ++#endif /* HAVE_KRB5_TRACE_INFO */ ++ + static void + sss_child_krb5_trace_cb(krb5_context context, +- const struct krb5_trace_info *info, void *data) ++ const krb5_trace_info *info, void *data) + { + if (info == NULL) { + /* Null info means destroy the callback data. */ +-- +cgit v0.9.1 diff --git a/sys-auth/sssd/files/allow_xdm.patch b/sys-auth/sssd/files/allow_xdm.patch new file mode 100644 index 000000000000..40d64cbf41ff --- /dev/null +++ b/sys-auth/sssd/files/allow_xdm.patch @@ -0,0 +1,19 @@ +--- src/sysv/gentoo/sssd.old 2011-08-02 23:14:48.000000000 +0300 ++++ src/sysv/gentoo/sssd 2011-08-24 12:15:18.413929409 +0300 +@@ -1,13 +1,13 @@ + #!/sbin/runscript + + depend(){ +- need localmount netmount clock +- use syslog ++ need localmount netmount clock nscd ++ use syslog xdm + } + + start(){ + ebegin "Starting sssd" +- start-stop-daemon --start --exec /usr/sbin/sssd -- -D ++ start-stop-daemon --start --exec /usr/sbin/sssd -- -Df + eend ${?} + } + diff --git a/sys-auth/sssd/files/sssd b/sys-auth/sssd/files/sssd new file mode 100644 index 000000000000..dbf7850227c4 --- /dev/null +++ b/sys-auth/sssd/files/sssd @@ -0,0 +1,21 @@ +#!/sbin/runscript +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + + +command="/usr/sbin/sssd" +command_args="${SSSD_OPTIONS} -D" +start_stop_daemon_args="--quiet" +description="System Security Services Daemon" + +depend(){ + need localmount clock + use syslog xdm +} + +if [ "${RC_VERSION:-0}" = "0" ]; then + start() { + eerror "This script cannot be used for baselayout-1." + return 1 + } +fi diff --git a/sys-auth/sssd/files/sssd-1.13.0-fix-init.patch b/sys-auth/sssd/files/sssd-1.13.0-fix-init.patch new file mode 100644 index 000000000000..d821a0740606 --- /dev/null +++ b/sys-auth/sssd/files/sssd-1.13.0-fix-init.patch @@ -0,0 +1,28 @@ +From 121061115d1902d8298fbe9ebc3f8d081a725934 Mon Sep 17 00:00:00 2001 +From: Tyler Gates <tgates81@gmail.com> +Date: Mon, 20 Jul 2015 17:14:12 -0400 +Subject: [PATCH] daemon startup options as declared in conf.d/sssd + +--- +Gentoo bugzilla: https://bugs.gentoo.org/show_bug.cgi?id=553678 +Upstrem bugzilla: https://fedorahosted.org/sssd/ticket/2722 +--- + src/sysv/gentoo/sssd.in | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/sysv/gentoo/sssd.in b/src/sysv/gentoo/sssd.in +index 30d7559..7ced44f 100644 +--- a/src/sysv/gentoo/sssd.in ++++ b/src/sysv/gentoo/sssd.in +@@ -7,7 +7,7 @@ depend(){ + + start(){ + ebegin "Starting sssd" +- start-stop-daemon --start --exec @sbindir@/sssd -- -Df ++ start-stop-daemon --start --exec @sbindir@/sssd -- -Df ${SSSD_OPTIONS} + eend ${?} + } + +-- +2.0.5 + diff --git a/sys-auth/sssd/files/sssd-1.9.6-fix-init.patch b/sys-auth/sssd/files/sssd-1.9.6-fix-init.patch new file mode 100644 index 000000000000..066a47efeb99 --- /dev/null +++ b/sys-auth/sssd/files/sssd-1.9.6-fix-init.patch @@ -0,0 +1,31 @@ +A couple of changes are necessary to make sssd work better on Gentoo Linux +systems. + +- login manager can use sssd for login. Therefore it's necessary to adjust +the dependencies of the script to use 'xdm' if it is available. +- We need to send the debug output to files instead of stderr. + +Upstream: +https://git.fedorahosted.org/cgit/sssd.git/commit/?id=c20dbd8f20e08676637ee7fc185ea7882a1f8651 +https://git.fedorahosted.org/cgit/sssd.git/commit/?id=9882475d3c59f4750a19953bb7d02edab198c900 +Signed-off-by: Markos Chandras <hwoarang@gentoo.org> + +Index: sssd-1.9.6/src/sysv/gentoo/sssd.in +=================================================================== +--- sssd-1.9.6.orig/src/sysv/gentoo/sssd.in ++++ sssd-1.9.6/src/sysv/gentoo/sssd.in +@@ -2,12 +2,12 @@ + + depend(){ + need localmount netmount clock +- use syslog ++ use syslog xdm + } + + start(){ + ebegin "Starting sssd" +- start-stop-daemon --start --exec @sbindir@/sssd -- -D ++ start-stop-daemon --start --exec @sbindir@/sssd -- -Df + eend ${?} + } + diff --git a/sys-auth/sssd/files/sssd.conf b/sys-auth/sssd/files/sssd.conf new file mode 100644 index 000000000000..33dab3ddcd5d --- /dev/null +++ b/sys-auth/sssd/files/sssd.conf @@ -0,0 +1,4 @@ +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +SSSD_OPTIONS="" diff --git a/sys-auth/sssd/files/sssd.service b/sys-auth/sssd/files/sssd.service new file mode 100644 index 000000000000..1821089a6094 --- /dev/null +++ b/sys-auth/sssd/files/sssd.service @@ -0,0 +1,15 @@ +[Unit] +Description=System Security Services Daemon +# SSSD will not be started until syslog is +After=syslog.target + +[Service] +ExecStart=/usr/sbin/sssd -D -f +# These two should be used with traditional UNIX forking daemons +# consult systemd.service(5) for more details +Type=forking +PIDFile=/run/sssd.pid + +[Install] +WantedBy=multi-user.target + diff --git a/sys-auth/sssd/metadata.xml b/sys-auth/sssd/metadata.xml new file mode 100644 index 000000000000..fb608a094a4b --- /dev/null +++ b/sys-auth/sssd/metadata.xml @@ -0,0 +1,19 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<maintainer> + <email>hwoarang@gentoo.org</email> + <name>Markos Chandras</name> +</maintainer> +<use> + <flag name="acl"> Build and use the cifsidmap plugin</flag> + <flag name="augeas">Build internal configuration library</flag> + <flag name="locator">Install sssd's Kerberos plugin</flag> + <flag name='netlink'>Add support for netlink protocol via <pkg>dev-libs/libnl</pkg></flag> + <flag name='nfsv4'>Add support for the nfsv4 idmapd plugin provided by <pkg>net-libs/libnfsidmap</pkg></flag> + <flag name='manpages'>Build man pages with <pkg>dev-libs/libxslt</pkg></flag> + <flag name='autofs'>Build helper to let <pkg>net-fs/autofs</pkg> use sssd provided information</flag> + <flag name='ssh'>Build helper to let <pkg>net-misc/openssh</pkg> use sssd provided information</flag> + <flag name='sudo'>Build helper to let <pkg>app-admin/sudo</pkg> use sssd provided information</flag> +</use> +</pkgmetadata> diff --git a/sys-auth/sssd/sssd-1.12.1.ebuild b/sys-auth/sssd/sssd-1.12.1.ebuild new file mode 100644 index 000000000000..a07caa3df416 --- /dev/null +++ b/sys-auth/sssd/sssd-1.12.1.ebuild @@ -0,0 +1,137 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +PYTHON_COMPAT=( python2_7 ) + +AUTOTOOLS_IN_SOURCE_BUILD=1 +AUTOTOOLS_AUTORECONF=1 +AUTOTOOLS_PRUNE_LIBTOOL_FILES=all + +inherit python-single-r1 multilib pam linux-info autotools-utils systemd + +DESCRIPTION="System Security Services Daemon provides access to identity and authentication" +HOMEPAGE="http://fedorahosted.org/sssd/" +SRC_URI="http://fedorahosted.org/released/${PN}/${P}.tar.gz" + +LICENSE="GPL-3" +SLOT="0" +KEYWORDS="amd64 ~ppc ~ppc64 x86" +IUSE="acl augeas autofs +locator netlink nfsv4 nls +manpages python selinux sudo ssh test" + +COMMON_DEP=" + virtual/pam + >=dev-libs/popt-1.16 + dev-libs/glib:2 + >=dev-libs/ding-libs-0.2 + >=sys-libs/talloc-2.0.7 + >=sys-libs/tdb-1.2.9 + >=sys-libs/tevent-0.9.16 + >=sys-libs/ldb-1.1.17-r1:= + >=net-nds/openldap-2.4.30[sasl] + >=dev-libs/libpcre-8.30 + >=app-crypt/mit-krb5-1.10.3 + >=sys-apps/keyutils-1.5 + >=net-dns/c-ares-1.7.4 + >=dev-libs/nss-3.12.9 + selinux? ( + >=sys-libs/libselinux-2.1.9 + >=sys-libs/libsemanage-2.1 + ) + >=net-dns/bind-tools-9.9[gssapi] + >=dev-libs/cyrus-sasl-2.1.25-r3[kerberos] + >=sys-apps/dbus-1.6 + acl? ( net-fs/cifs-utils[acl] ) + augeas? ( app-admin/augeas ) + nfsv4? ( net-libs/libnfsidmap ) + nls? ( >=sys-devel/gettext-0.18 ) + virtual/libintl + netlink? ( dev-libs/libnl:3 ) + " + +RDEPEND="${COMMON_DEP} + >=sys-libs/glibc-2.17[nscd] + selinux? ( >=sec-policy/selinux-sssd-2.20120725-r9 ) + " +DEPEND="${COMMON_DEP} + test? ( dev-libs/check ) + manpages? ( + >=dev-libs/libxslt-1.1.26 + app-text/docbook-xml-dtd:4.4 + )" + +CONFIG_CHECK="~KEYS" + +pkg_setup(){ + use python && python-single-r1_pkg_setup + linux-info_pkg_setup +} + +src_prepare() { + autotools-utils_src_prepare +} + +src_configure(){ + # no samba4 per 447022 + # set initscript to sysv because the systemd option needs systemd to + # be installed. We provide our own systemd file anyway. + local myeconfargs=( + --localstatedir="${EPREFIX}"/var + --enable-nsslibdir="${EPREFIX}"/$(get_libdir) + --with-plugin-path="${EPREFIX}"/usr/$(get_libdir)/sssd + --enable-pammoddir="${EPREFIX}"/$(getpam_mod_dir) + --with-ldb-lib-dir="${EPREFIX}"/usr/$(get_libdir)/samba/ldb + --without-nscd + --with-unicode-lib="glib2" + --disable-rpath + --enable-silent-rules + --sbindir=/usr/sbin + --without-samba + $(use_enable acl cifs-idmap-plugin) + $(use_enable augeas config-lib) + $(use_with selinux) + $(use_with selinux semanage) + $(use_with python python-bindings) + $(use_enable locator krb5-locator-plugin) + $(use_with nfsv4 nfsv4-idmapd-plugin) + $(use_enable nls ) + $(use_with netlink libnl) + $(use_with manpages) + $(use_with sudo) + $(use_with autofs) + $(use_with ssh) + --with-crypto="libcrypto" + --with-initscript="sysv" + ) + + autotools-utils_src_configure +} + +src_install(){ + autotools-utils_src_install + use python && python_optimize + + insinto /etc/sssd + insopts -m600 + doins "${S}"/src/examples/sssd-example.conf + + insinto /etc/logrotate.d + insopts -m644 + newins "${S}"/src/examples/logrotate sssd + + newconfd "${FILESDIR}"/sssd.conf sssd + + systemd_dounit "${FILESDIR}/${PN}.service" +} + +src_test() { + autotools-utils_src_test +} + +pkg_postinst(){ + elog "You must set up sssd.conf (default installed into /etc/sssd)" + elog "and (optionally) configuration in /etc/pam.d in order to use SSSD" + elog "features. Please see howto in http://fedorahosted.org/sssd/wiki/HOWTO_Configure_1_0_2" +} diff --git a/sys-auth/sssd/sssd-1.12.4.ebuild b/sys-auth/sssd/sssd-1.12.4.ebuild new file mode 100644 index 000000000000..bb77a6292fc4 --- /dev/null +++ b/sys-auth/sssd/sssd-1.12.4.ebuild @@ -0,0 +1,205 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +PYTHON_COMPAT=( python{2_7,3_3,3_4} ) + +inherit python-single-r1 multilib pam linux-info autotools multilib-minimal systemd toolchain-funcs + +DESCRIPTION="System Security Services Daemon provides access to identity and authentication" +HOMEPAGE="http://fedorahosted.org/sssd/" +SRC_URI="http://fedorahosted.org/released/${PN}/${P}.tar.gz" + +LICENSE="GPL-3" +SLOT="0" +KEYWORDS="~amd64 ~arm ~hppa ~ppc ~ppc64 ~x86" +IUSE="acl augeas autofs +locator netlink nfsv4 nls +manpages python samba selinux sudo ssh test" + +COMMON_DEP=" + >=virtual/pam-0-r1[${MULTILIB_USEDEP}] + >=dev-libs/popt-1.16 + dev-libs/glib:2 + >=dev-libs/ding-libs-0.2 + >=sys-libs/talloc-2.0.7 + >=sys-libs/tdb-1.2.9 + >=sys-libs/tevent-0.9.16 + >=sys-libs/ldb-1.1.17-r1:= + >=net-nds/openldap-2.4.30[sasl] + >=dev-libs/libpcre-8.30 + >=app-crypt/mit-krb5-1.10.3 + locator? ( + >=app-crypt/mit-krb5-1.12.2[${MULTILIB_USEDEP}] + >=net-dns/c-ares-1.10.0-r1[${MULTILIB_USEDEP}] + ) + >=sys-apps/keyutils-1.5 + >=net-dns/c-ares-1.7.4 + >=dev-libs/nss-3.12.9 + selinux? ( + >=sys-libs/libselinux-2.1.9 + >=sys-libs/libsemanage-2.1 + ) + >=net-dns/bind-tools-9.9[gssapi] + >=dev-libs/cyrus-sasl-2.1.25-r3[kerberos] + >=sys-apps/dbus-1.6 + acl? ( net-fs/cifs-utils[acl] ) + augeas? ( app-admin/augeas ) + nfsv4? ( net-libs/libnfsidmap ) + nls? ( >=sys-devel/gettext-0.18 ) + virtual/libintl + netlink? ( dev-libs/libnl:3 ) + samba? ( >=net-fs/samba-4.0 ) + " + +RDEPEND="${COMMON_DEP} + >=sys-libs/glibc-2.17[nscd] + selinux? ( >=sec-policy/selinux-sssd-2.20120725-r9 ) + " +DEPEND="${COMMON_DEP} + test? ( dev-libs/check ) + manpages? ( + >=dev-libs/libxslt-1.1.26 + app-text/docbook-xml-dtd:4.4 + )" + +CONFIG_CHECK="~KEYS" + +MULTILIB_WRAPPED_HEADERS=( + /usr/include/ipa_hbac.h + /usr/include/sss_idmap.h + /usr/include/sss_nss_idmap.h + /usr/include/wbclient_sssd.h + # --with-ifp + /usr/include/sss_sifp.h + /usr/include/sss_sifp_dbus.h +) + +pkg_setup(){ + use python && python-single-r1_pkg_setup + linux-info_pkg_setup +} + +src_prepare() { + eautoreconf + + multilib_copy_sources +} + +src_configure() { + local native_dbus_cflags=$($(tc-getPKG_CONFIG) --cflags dbus-1) + + multilib-minimal_src_configure +} + +multilib_src_configure() { + # set initscript to sysv because the systemd option needs systemd to + # be installed. We provide our own systemd file anyway. + local myconf=( + --localstatedir="${EPREFIX}"/var + --enable-nsslibdir="${EPREFIX}"/$(get_libdir) + --with-plugin-path="${EPREFIX}"/usr/$(get_libdir)/sssd + --enable-pammoddir="${EPREFIX}"/$(getpam_mod_dir) + --with-ldb-lib-dir="${EPREFIX}"/usr/$(get_libdir)/samba/ldb + --without-nscd + --with-unicode-lib="glib2" + --disable-rpath + --enable-silent-rules + --sbindir=/usr/sbin + $(multilib_native_use_with samba) + $(multilib_native_use_enable acl cifs-idmap-plugin) + $(multilib_native_use_enable augeas config-lib) + $(multilib_native_use_with selinux) + $(multilib_native_use_with selinux semanage) + $(multilib_native_use_with python python-bindings) + $(use_enable locator krb5-locator-plugin) + $(multilib_native_use_with nfsv4 nfsv4-idmapd-plugin) + $(use_enable nls ) + $(multilib_native_use_with netlink libnl) + $(multilib_native_use_with manpages) + $(multilib_native_use_with sudo) + $(multilib_native_use_with autofs) + $(multilib_native_use_with ssh) + --with-crypto="libcrypto" + --with-initscript="sysv" + + KRB5_CONFIG=/usr/bin/${CHOST}-krb5-config + ) + + if ! multilib_is_native_abi; then + # work-around all the libraries that are used for CLI and server + myconf+=( + {POPT,TALLOC,TDB,TEVENT,LDB}_{CFLAGS,LIBS}=' ' + # ldb headers are fine since native needs it + # ldb lib fails... but it does not seem to bother + {DHASH,COLLECTION,INI_CONFIG_V{0,1,1_1}}_{CFLAGS,LIBS}=' ' + {PCRE,CARES,SYSTEMD_LOGIN,SASL,GLIB2,DBUS,CRYPTO}_{CFLAGS,LIBS}=' ' + + # use native include path for dbus (needed for build) + DBUS_CFLAGS="${native_dbus_cflags}" + + # non-pkgconfig checks + ac_cv_lib_ldap_ldap_search=yes + ) + + use locator || myconf+=( + KRB5_CONFIG=/bin/true + ) + fi + + econf "${myconf[@]}" +} + +multilib_src_compile() { + if multilib_is_native_abi; then + default + else + emake libnss_sss.la pam_sss.la + use locator && emake sssd_krb5_locator_plugin.la + fi +} + +multilib_src_install() { + if multilib_is_native_abi; then + emake -j1 DESTDIR="${D}" "${_at_args[@]}" install + else + # easier than playing with automake... + dopammod .libs/pam_sss.so + + into / + dolib .libs/libnss_sss.so* + + if use locator; then + exeinto /usr/$(get_libdir)/krb5/plugins/libkrb5 + doexe .libs/sssd_krb5_locator_plugin.so + fi + fi +} + +multilib_src_install_all() { + einstalldocs + prune_libtool_files --all + use python && python_optimize + + insinto /etc/sssd + insopts -m600 + doins "${S}"/src/examples/sssd-example.conf + + insinto /etc/logrotate.d + insopts -m644 + newins "${S}"/src/examples/logrotate sssd + + newconfd "${FILESDIR}"/sssd.conf sssd + + systemd_dounit "${FILESDIR}/${PN}.service" +} + +multilib_src_test() { + default +} + +pkg_postinst(){ + elog "You must set up sssd.conf (default installed into /etc/sssd)" + elog "and (optionally) configuration in /etc/pam.d in order to use SSSD" + elog "features. Please see howto in http://fedorahosted.org/sssd/wiki/HOWTO_Configure_1_0_2" +} diff --git a/sys-auth/sssd/sssd-1.12.5.ebuild b/sys-auth/sssd/sssd-1.12.5.ebuild new file mode 100644 index 000000000000..bb77a6292fc4 --- /dev/null +++ b/sys-auth/sssd/sssd-1.12.5.ebuild @@ -0,0 +1,205 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +PYTHON_COMPAT=( python{2_7,3_3,3_4} ) + +inherit python-single-r1 multilib pam linux-info autotools multilib-minimal systemd toolchain-funcs + +DESCRIPTION="System Security Services Daemon provides access to identity and authentication" +HOMEPAGE="http://fedorahosted.org/sssd/" +SRC_URI="http://fedorahosted.org/released/${PN}/${P}.tar.gz" + +LICENSE="GPL-3" +SLOT="0" +KEYWORDS="~amd64 ~arm ~hppa ~ppc ~ppc64 ~x86" +IUSE="acl augeas autofs +locator netlink nfsv4 nls +manpages python samba selinux sudo ssh test" + +COMMON_DEP=" + >=virtual/pam-0-r1[${MULTILIB_USEDEP}] + >=dev-libs/popt-1.16 + dev-libs/glib:2 + >=dev-libs/ding-libs-0.2 + >=sys-libs/talloc-2.0.7 + >=sys-libs/tdb-1.2.9 + >=sys-libs/tevent-0.9.16 + >=sys-libs/ldb-1.1.17-r1:= + >=net-nds/openldap-2.4.30[sasl] + >=dev-libs/libpcre-8.30 + >=app-crypt/mit-krb5-1.10.3 + locator? ( + >=app-crypt/mit-krb5-1.12.2[${MULTILIB_USEDEP}] + >=net-dns/c-ares-1.10.0-r1[${MULTILIB_USEDEP}] + ) + >=sys-apps/keyutils-1.5 + >=net-dns/c-ares-1.7.4 + >=dev-libs/nss-3.12.9 + selinux? ( + >=sys-libs/libselinux-2.1.9 + >=sys-libs/libsemanage-2.1 + ) + >=net-dns/bind-tools-9.9[gssapi] + >=dev-libs/cyrus-sasl-2.1.25-r3[kerberos] + >=sys-apps/dbus-1.6 + acl? ( net-fs/cifs-utils[acl] ) + augeas? ( app-admin/augeas ) + nfsv4? ( net-libs/libnfsidmap ) + nls? ( >=sys-devel/gettext-0.18 ) + virtual/libintl + netlink? ( dev-libs/libnl:3 ) + samba? ( >=net-fs/samba-4.0 ) + " + +RDEPEND="${COMMON_DEP} + >=sys-libs/glibc-2.17[nscd] + selinux? ( >=sec-policy/selinux-sssd-2.20120725-r9 ) + " +DEPEND="${COMMON_DEP} + test? ( dev-libs/check ) + manpages? ( + >=dev-libs/libxslt-1.1.26 + app-text/docbook-xml-dtd:4.4 + )" + +CONFIG_CHECK="~KEYS" + +MULTILIB_WRAPPED_HEADERS=( + /usr/include/ipa_hbac.h + /usr/include/sss_idmap.h + /usr/include/sss_nss_idmap.h + /usr/include/wbclient_sssd.h + # --with-ifp + /usr/include/sss_sifp.h + /usr/include/sss_sifp_dbus.h +) + +pkg_setup(){ + use python && python-single-r1_pkg_setup + linux-info_pkg_setup +} + +src_prepare() { + eautoreconf + + multilib_copy_sources +} + +src_configure() { + local native_dbus_cflags=$($(tc-getPKG_CONFIG) --cflags dbus-1) + + multilib-minimal_src_configure +} + +multilib_src_configure() { + # set initscript to sysv because the systemd option needs systemd to + # be installed. We provide our own systemd file anyway. + local myconf=( + --localstatedir="${EPREFIX}"/var + --enable-nsslibdir="${EPREFIX}"/$(get_libdir) + --with-plugin-path="${EPREFIX}"/usr/$(get_libdir)/sssd + --enable-pammoddir="${EPREFIX}"/$(getpam_mod_dir) + --with-ldb-lib-dir="${EPREFIX}"/usr/$(get_libdir)/samba/ldb + --without-nscd + --with-unicode-lib="glib2" + --disable-rpath + --enable-silent-rules + --sbindir=/usr/sbin + $(multilib_native_use_with samba) + $(multilib_native_use_enable acl cifs-idmap-plugin) + $(multilib_native_use_enable augeas config-lib) + $(multilib_native_use_with selinux) + $(multilib_native_use_with selinux semanage) + $(multilib_native_use_with python python-bindings) + $(use_enable locator krb5-locator-plugin) + $(multilib_native_use_with nfsv4 nfsv4-idmapd-plugin) + $(use_enable nls ) + $(multilib_native_use_with netlink libnl) + $(multilib_native_use_with manpages) + $(multilib_native_use_with sudo) + $(multilib_native_use_with autofs) + $(multilib_native_use_with ssh) + --with-crypto="libcrypto" + --with-initscript="sysv" + + KRB5_CONFIG=/usr/bin/${CHOST}-krb5-config + ) + + if ! multilib_is_native_abi; then + # work-around all the libraries that are used for CLI and server + myconf+=( + {POPT,TALLOC,TDB,TEVENT,LDB}_{CFLAGS,LIBS}=' ' + # ldb headers are fine since native needs it + # ldb lib fails... but it does not seem to bother + {DHASH,COLLECTION,INI_CONFIG_V{0,1,1_1}}_{CFLAGS,LIBS}=' ' + {PCRE,CARES,SYSTEMD_LOGIN,SASL,GLIB2,DBUS,CRYPTO}_{CFLAGS,LIBS}=' ' + + # use native include path for dbus (needed for build) + DBUS_CFLAGS="${native_dbus_cflags}" + + # non-pkgconfig checks + ac_cv_lib_ldap_ldap_search=yes + ) + + use locator || myconf+=( + KRB5_CONFIG=/bin/true + ) + fi + + econf "${myconf[@]}" +} + +multilib_src_compile() { + if multilib_is_native_abi; then + default + else + emake libnss_sss.la pam_sss.la + use locator && emake sssd_krb5_locator_plugin.la + fi +} + +multilib_src_install() { + if multilib_is_native_abi; then + emake -j1 DESTDIR="${D}" "${_at_args[@]}" install + else + # easier than playing with automake... + dopammod .libs/pam_sss.so + + into / + dolib .libs/libnss_sss.so* + + if use locator; then + exeinto /usr/$(get_libdir)/krb5/plugins/libkrb5 + doexe .libs/sssd_krb5_locator_plugin.so + fi + fi +} + +multilib_src_install_all() { + einstalldocs + prune_libtool_files --all + use python && python_optimize + + insinto /etc/sssd + insopts -m600 + doins "${S}"/src/examples/sssd-example.conf + + insinto /etc/logrotate.d + insopts -m644 + newins "${S}"/src/examples/logrotate sssd + + newconfd "${FILESDIR}"/sssd.conf sssd + + systemd_dounit "${FILESDIR}/${PN}.service" +} + +multilib_src_test() { + default +} + +pkg_postinst(){ + elog "You must set up sssd.conf (default installed into /etc/sssd)" + elog "and (optionally) configuration in /etc/pam.d in order to use SSSD" + elog "features. Please see howto in http://fedorahosted.org/sssd/wiki/HOWTO_Configure_1_0_2" +} diff --git a/sys-auth/sssd/sssd-1.13.0.ebuild b/sys-auth/sssd/sssd-1.13.0.ebuild new file mode 100644 index 000000000000..74451c4fe2a7 --- /dev/null +++ b/sys-auth/sssd/sssd-1.13.0.ebuild @@ -0,0 +1,216 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +PYTHON_COMPAT=( python{2_7,3_3,3_4} ) + +inherit eutils multilib pam linux-info autotools multilib-minimal python-r1 systemd toolchain-funcs + +DESCRIPTION="System Security Services Daemon provides access to identity and authentication" +HOMEPAGE="http://fedorahosted.org/sssd/" +SRC_URI="http://fedorahosted.org/released/${PN}/${P}.tar.gz" + +LICENSE="GPL-3" +SLOT="0" +KEYWORDS="~amd64 ~arm ~hppa ~ppc ~ppc64 ~x86" +IUSE="acl augeas autofs +locator netlink nfsv4 nls +manpages python samba selinux sudo ssh test" + +COMMON_DEP=" + >=virtual/pam-0-r1[${MULTILIB_USEDEP}] + >=dev-libs/popt-1.16 + dev-libs/glib:2 + >=dev-libs/ding-libs-0.2 + >=sys-libs/talloc-2.0.7 + >=sys-libs/tdb-1.2.9 + >=sys-libs/tevent-0.9.16 + >=sys-libs/ldb-1.1.17-r1:= + >=net-nds/openldap-2.4.30[sasl] + >=dev-libs/libpcre-8.30 + >=app-crypt/mit-krb5-1.10.3 + locator? ( + >=app-crypt/mit-krb5-1.12.2[${MULTILIB_USEDEP}] + >=net-dns/c-ares-1.10.0-r1[${MULTILIB_USEDEP}] + ) + >=sys-apps/keyutils-1.5 + >=net-dns/c-ares-1.7.4 + >=dev-libs/nss-3.12.9 + selinux? ( + >=sys-libs/libselinux-2.1.9 + >=sys-libs/libsemanage-2.1 + ) + >=net-dns/bind-tools-9.9[gssapi] + >=dev-libs/cyrus-sasl-2.1.25-r3[kerberos] + >=sys-apps/dbus-1.6 + acl? ( net-fs/cifs-utils[acl] ) + augeas? ( app-admin/augeas ) + nfsv4? ( net-libs/libnfsidmap ) + nls? ( >=sys-devel/gettext-0.18 ) + virtual/libintl + netlink? ( dev-libs/libnl:3 ) + samba? ( >=net-fs/samba-4.0 ) + " + +RDEPEND="${COMMON_DEP} + >=sys-libs/glibc-2.17[nscd] + selinux? ( >=sec-policy/selinux-sssd-2.20120725-r9 ) + " +DEPEND="${COMMON_DEP} + test? ( dev-libs/check ) + manpages? ( + >=dev-libs/libxslt-1.1.26 + app-text/docbook-xml-dtd:4.4 + )" + +CONFIG_CHECK="~KEYS" + +MULTILIB_WRAPPED_HEADERS=( + /usr/include/ipa_hbac.h + /usr/include/sss_idmap.h + /usr/include/sss_nss_idmap.h + /usr/include/wbclient_sssd.h + # --with-ifp + /usr/include/sss_sifp.h + /usr/include/sss_sifp_dbus.h +) + +pkg_setup(){ + linux-info_pkg_setup +} + +src_prepare() { + # bug #553678 + epatch "${FILESDIR}"/${P}-fix-init.patch + + eautoreconf + + multilib_copy_sources + + # Maybe run it before eautoreconf? + epatch_user +} + +src_configure() { + local native_dbus_cflags=$($(tc-getPKG_CONFIG) --cflags dbus-1) + + multilib-minimal_src_configure +} + +multilib_src_configure() { + # set initscript to sysv because the systemd option needs systemd to + # be installed. We provide our own systemd file anyway. + local myconf=() + if [[ "${PYTHON_TARGETS}" == *python2* ]]; then + myconf+=($(multilib_native_use_with python python2-bindings)) + fi + if [[ "${PYTHON_TARGETS}" == *python3* ]]; then + myconf+=($(multilib_native_use_with python python3-bindings)) + fi + + myconf+=( + --localstatedir="${EPREFIX}"/var + --enable-nsslibdir="${EPREFIX}"/$(get_libdir) + --with-plugin-path="${EPREFIX}"/usr/$(get_libdir)/sssd + --enable-pammoddir="${EPREFIX}"/$(getpam_mod_dir) + --with-ldb-lib-dir="${EPREFIX}"/usr/$(get_libdir)/samba/ldb + --without-nscd + --with-unicode-lib="glib2" + --disable-rpath + --enable-silent-rules + --sbindir=/usr/sbin + $(multilib_native_use_with samba) + $(multilib_native_use_enable acl cifs-idmap-plugin) + $(multilib_native_use_enable augeas config-lib) + $(multilib_native_use_with selinux) + $(multilib_native_use_with selinux semanage) + $(use_enable locator krb5-locator-plugin) + $(multilib_native_use_with nfsv4 nfsv4-idmapd-plugin) + $(use_enable nls ) + $(multilib_native_use_with netlink libnl) + $(multilib_native_use_with manpages) + $(multilib_native_use_with sudo) + $(multilib_native_use_with autofs) + $(multilib_native_use_with ssh) + --with-crypto="libcrypto" + --with-initscript="sysv" + + KRB5_CONFIG=/usr/bin/${CHOST}-krb5-config + ) + + if ! multilib_is_native_abi; then + # work-around all the libraries that are used for CLI and server + myconf+=( + {POPT,TALLOC,TDB,TEVENT,LDB}_{CFLAGS,LIBS}=' ' + # ldb headers are fine since native needs it + # ldb lib fails... but it does not seem to bother + {DHASH,COLLECTION,INI_CONFIG_V{0,1,1_1}}_{CFLAGS,LIBS}=' ' + {PCRE,CARES,SYSTEMD_LOGIN,SASL,GLIB2,DBUS,CRYPTO}_{CFLAGS,LIBS}=' ' + + # use native include path for dbus (needed for build) + DBUS_CFLAGS="${native_dbus_cflags}" + + # non-pkgconfig checks + ac_cv_lib_ldap_ldap_search=yes + ) + + use locator || myconf+=( + KRB5_CONFIG=/bin/true + ) + fi + + econf "${myconf[@]}" +} + +multilib_src_compile() { + if multilib_is_native_abi; then + default + else + emake libnss_sss.la pam_sss.la + use locator && emake sssd_krb5_locator_plugin.la + fi +} + +multilib_src_install() { + if multilib_is_native_abi; then + emake -j1 DESTDIR="${D}" "${_at_args[@]}" install + else + # easier than playing with automake... + dopammod .libs/pam_sss.so + + into / + dolib .libs/libnss_sss.so* + + if use locator; then + exeinto /usr/$(get_libdir)/krb5/plugins/libkrb5 + doexe .libs/sssd_krb5_locator_plugin.so + fi + fi +} + +multilib_src_install_all() { + einstalldocs + prune_libtool_files --all + + insinto /etc/sssd + insopts -m600 + doins "${S}"/src/examples/sssd-example.conf + + insinto /etc/logrotate.d + insopts -m644 + newins "${S}"/src/examples/logrotate sssd + + newconfd "${FILESDIR}"/sssd.conf sssd + + systemd_dounit "${FILESDIR}/${PN}.service" +} + +multilib_src_test() { + default +} + +pkg_postinst(){ + elog "You must set up sssd.conf (default installed into /etc/sssd)" + elog "and (optionally) configuration in /etc/pam.d in order to use SSSD" + elog "features. Please see howto in http://fedorahosted.org/sssd/wiki/HOWTO_Configure_1_0_2" +} diff --git a/sys-auth/sssd/sssd-1.9.6-r3.ebuild b/sys-auth/sssd/sssd-1.9.6-r3.ebuild new file mode 100644 index 000000000000..d3f1b6b2f582 --- /dev/null +++ b/sys-auth/sssd/sssd-1.9.6-r3.ebuild @@ -0,0 +1,133 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +PYTHON_COMPAT=( python2_7 ) + +AUTOTOOLS_IN_SOURCE_BUILD=1 +AUTOTOOLS_AUTORECONF=1 +AUTOTOOLS_PRUNE_LIBTOOL_FILES=all + +inherit python-single-r1 multilib pam linux-info autotools-utils systemd + +DESCRIPTION="System Security Services Daemon provides access to identity and authentication" +HOMEPAGE="http://fedorahosted.org/sssd/" +SRC_URI="http://fedorahosted.org/released/${PN}/${P}.tar.gz" + +LICENSE="GPL-3" +SLOT="0" +KEYWORDS="~amd64 ~ppc ~ppc64 ~x86" +IUSE="autofs doc +locator netlink nls +manpages python selinux sudo ssh test" + +COMMON_DEP=" + virtual/pam + >=dev-libs/popt-1.16 + dev-libs/glib:2 + >=dev-libs/ding-libs-0.2 + >=sys-libs/talloc-2.0.7 + >=sys-libs/tdb-1.2.9 + >=sys-libs/tevent-0.9.16 + >=sys-libs/ldb-1.1.17-r1:= + >=net-nds/openldap-2.4.30[sasl] + >=dev-libs/libpcre-8.30 + >=app-crypt/mit-krb5-1.10.3 + >=sys-apps/keyutils-1.5 + >=net-dns/c-ares-1.7.4 + >=dev-libs/nss-3.12.9 + selinux? ( + >=sys-libs/libselinux-2.1.9 + >=sys-libs/libsemanage-2.1 + >=sec-policy/selinux-sssd-2.20120725-r9 + ) + >=net-dns/bind-tools-9.9[gssapi] + >=dev-libs/cyrus-sasl-2.1.25-r3[kerberos] + >=sys-apps/dbus-1.6 + nls? ( >=sys-devel/gettext-0.18 ) + virtual/libintl + netlink? ( dev-libs/libnl:3 ) + " + +RDEPEND="${COMMON_DEP} + || ( <=sys-libs/glibc-2.16.9999 >=sys-libs/glibc-2.17[nscd] ) + " +DEPEND="${COMMON_DEP} + test? ( dev-libs/check ) + manpages? ( + >=dev-libs/libxslt-1.1.26 + app-text/docbook-xml-dtd:4.4 + ) + doc? ( app-doc/doxygen )" + +CONFIG_CHECK="~KEYS" + +PATCHES=( + "${FILESDIR}"/${P}*.patch +) + +pkg_setup(){ + use python && python-single-r1_pkg_setup + linux-info_pkg_setup +} + +src_prepare() { + autotools-utils_src_prepare +} + +src_configure(){ + local myeconfargs=( + --localstatedir="${EPREFIX}"/var + --enable-nsslibdir="${EPREFIX}"/$(get_libdir) + --with-plugin-path="${EPREFIX}"/usr/$(get_libdir)/sssd + --enable-pammoddir="${EPREFIX}"/$(getpam_mod_dir) + --with-ldb-lib-dir="${EPREFIX}"/usr/$(get_libdir)/samba/ldb + --without-nscd + --with-unicode-lib="glib2" + --disable-rpath + --enable-silent-rules + --sbindir=/usr/sbin + $(use_with selinux) + $(use_with selinux semanage) + $(use_with python python-bindings) + $(use_enable locator krb5-locator-plugin) + $(use_enable nls ) + $(use_with netlink libnl) + $(use_with manpages) + $(use_with sudo) + $(use_with autofs) + $(use_with ssh) + --with-crypto="libcrypto" + --with-initscript="sysv" + ) + + autotools-utils_src_configure +} + +src_install(){ + autotools-utils_src_install + use python && python_optimize + + insinto /etc/sssd + insopts -m600 + doins "${S}"/src/examples/sssd-example.conf + + insinto /etc/logrotate.d + insopts -m644 + newins "${S}"/src/examples/logrotate sssd + + newconfd "${FILESDIR}"/sssd.conf sssd + + systemd_dounit "${FILESDIR}/${PN}.service" + +} + +src_test() { + autotools-utils_src_test +} + +pkg_postinst(){ + elog "You must set up sssd.conf (default installed into /etc/sssd)" + elog "and (optionally) configuration in /etc/pam.d in order to use SSSD" + elog "features. Please see howto in http://fedorahosted.org/sssd/wiki/HOWTO_Configure_1_0_2" +} diff --git a/sys-auth/sssd/sssd-1.9.7.ebuild b/sys-auth/sssd/sssd-1.9.7.ebuild new file mode 100644 index 000000000000..31680cb9d656 --- /dev/null +++ b/sys-auth/sssd/sssd-1.9.7.ebuild @@ -0,0 +1,133 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +PYTHON_COMPAT=( python2_7 ) + +AUTOTOOLS_IN_SOURCE_BUILD=1 +AUTOTOOLS_AUTORECONF=1 +AUTOTOOLS_PRUNE_LIBTOOL_FILES=all + +inherit python-single-r1 multilib pam linux-info autotools-utils systemd + +DESCRIPTION="System Security Services Daemon provides access to identity and authentication" +HOMEPAGE="http://fedorahosted.org/sssd/" +SRC_URI="http://fedorahosted.org/released/${PN}/${P}.tar.gz" + +LICENSE="GPL-3" +SLOT="0" +KEYWORDS="~amd64 ~ppc ~ppc64 ~x86" +IUSE="autofs doc +locator netlink nls +manpages python selinux sudo ssh test" + +COMMON_DEP=" + virtual/pam + >=dev-libs/popt-1.16 + dev-libs/glib:2 + >=dev-libs/ding-libs-0.2 + >=sys-libs/talloc-2.0.7 + >=sys-libs/tdb-1.2.9 + >=sys-libs/tevent-0.9.16 + >=sys-libs/ldb-1.1.17-r1:= + >=net-nds/openldap-2.4.30[sasl] + >=dev-libs/libpcre-8.30 + >=app-crypt/mit-krb5-1.10.3 + >=sys-apps/keyutils-1.5 + >=net-dns/c-ares-1.7.4 + >=dev-libs/nss-3.12.9 + selinux? ( + >=sys-libs/libselinux-2.1.9 + >=sys-libs/libsemanage-2.1 + >=sec-policy/selinux-sssd-2.20120725-r9 + ) + >=net-dns/bind-tools-9.9[gssapi] + >=dev-libs/cyrus-sasl-2.1.25-r3[kerberos] + >=sys-apps/dbus-1.6 + nls? ( >=sys-devel/gettext-0.18 ) + virtual/libintl + netlink? ( dev-libs/libnl:3 ) + " + +RDEPEND="${COMMON_DEP} + || ( <=sys-libs/glibc-2.16.9999 >=sys-libs/glibc-2.17[nscd] ) + " +DEPEND="${COMMON_DEP} + test? ( dev-libs/check ) + manpages? ( + >=dev-libs/libxslt-1.1.26 + app-text/docbook-xml-dtd:4.4 + ) + doc? ( app-doc/doxygen )" + +CONFIG_CHECK="~KEYS" + +PATCHES=( + "${FILESDIR}"/${PN}-1.9.6-fix-init.patch +) + +pkg_setup(){ + use python && python-single-r1_pkg_setup + linux-info_pkg_setup +} + +src_prepare() { + autotools-utils_src_prepare +} + +src_configure(){ + local myeconfargs=( + --localstatedir="${EPREFIX}"/var + --enable-nsslibdir="${EPREFIX}"/$(get_libdir) + --with-plugin-path="${EPREFIX}"/usr/$(get_libdir)/sssd + --enable-pammoddir="${EPREFIX}"/$(getpam_mod_dir) + --with-ldb-lib-dir="${EPREFIX}"/usr/$(get_libdir)/samba/ldb + --without-nscd + --with-unicode-lib="glib2" + --disable-rpath + --enable-silent-rules + --sbindir=/usr/sbin + $(use_with selinux) + $(use_with selinux semanage) + $(use_with python python-bindings) + $(use_enable locator krb5-locator-plugin) + $(use_enable nls ) + $(use_with netlink libnl) + $(use_with manpages) + $(use_with sudo) + $(use_with autofs) + $(use_with ssh) + --with-crypto="libcrypto" + --with-initscript="sysv" + ) + + autotools-utils_src_configure +} + +src_install(){ + autotools-utils_src_install + use python && python_optimize + + insinto /etc/sssd + insopts -m600 + doins "${S}"/src/examples/sssd-example.conf + + insinto /etc/logrotate.d + insopts -m644 + newins "${S}"/src/examples/logrotate sssd + + newconfd "${FILESDIR}"/sssd.conf sssd + + systemd_dounit "${FILESDIR}/${PN}.service" + +} + +src_test() { + autotools-utils_src_test +} + +pkg_postinst(){ + elog "You must set up sssd.conf (default installed into /etc/sssd)" + elog "and (optionally) configuration in /etc/pam.d in order to use SSSD" + elog "features. Please see howto in http://fedorahosted.org/sssd/wiki/HOWTO_Configure_1_0_2" +} diff --git a/sys-auth/tfm-fingerprint/Manifest b/sys-auth/tfm-fingerprint/Manifest new file mode 100644 index 000000000000..0ecfd5089f13 --- /dev/null +++ b/sys-auth/tfm-fingerprint/Manifest @@ -0,0 +1 @@ +DIST TFMESS_BSP_LIN_1.0.zip 922652 SHA256 9ca1dcb059e326d4c760c8f8ceb4df5970ab9897062487453a2ac5e9e7058368 SHA512 dd0a965eea21b6d04178b39847246187aaca32c297a7fc0a45dc8dfe663f4951627223760a322d0a8beb50c2bc8485db63c7e1e6dfa49612c15427fd0bace3ee WHIRLPOOL 014aef94ee6b59ed12d9ff8861dff408aa6a63bdad0da27c4e2ee84e0e613c352909816907065f9294deddf0349f0aed69d059b8ca8d24380b6600f5b9b807cb diff --git a/sys-auth/tfm-fingerprint/files/tfmessbsp.cfg b/sys-auth/tfm-fingerprint/files/tfmessbsp.cfg new file mode 100644 index 000000000000..f7d93eb20519 --- /dev/null +++ b/sys-auth/tfm-fingerprint/files/tfmessbsp.cfg @@ -0,0 +1,4 @@ +#hide-capture-success="0" +hide-capture-success="0" +#security-level="3" +security-level="3" diff --git a/sys-auth/tfm-fingerprint/metadata.xml b/sys-auth/tfm-fingerprint/metadata.xml new file mode 100644 index 000000000000..a2e51d46d661 --- /dev/null +++ b/sys-auth/tfm-fingerprint/metadata.xml @@ -0,0 +1,8 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<maintainer> + <email>vapier@gentoo.org</email> + <name>Mike Frysinger</name> +</maintainer> +</pkgmetadata> diff --git a/sys-auth/tfm-fingerprint/tfm-fingerprint-1.0.ebuild b/sys-auth/tfm-fingerprint/tfm-fingerprint-1.0.ebuild new file mode 100644 index 000000000000..3bdfb000e817 --- /dev/null +++ b/sys-auth/tfm-fingerprint/tfm-fingerprint-1.0.ebuild @@ -0,0 +1,47 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +inherit multilib + +DESCRIPTION="TouchChip TFM/ESS FingerPrint BSP" +HOMEPAGE="http://www.upek.com/support/dl_linux_bsp.asp" +SRC_URI="http://www.upek.com/support/download/TFMESS_BSP_LIN_${PV}.zip" + +LICENSE="UPEK-SDK-EULA" +SLOT="0" +KEYWORDS="-* x86" +IUSE="" + +RDEPEND="sys-auth/bioapi" +DEPEND="${RDEPEND} + app-arch/unzip" + +S=${WORKDIR} + +QA_TEXTRELS="usr/lib/libtfmessbsp.so" +QA_PRESTRIPPED="usr/lib/libtfmessbsp.so" + +src_install() { + # this is a binary blob, so it probably shouldnt live in /usr/lib + dolib.so libtfmessbsp.so || die + insinto /etc + doins "${FILESDIR}"/tfmessbsp.cfg || die +} + +doit_with_ewarn() { + "$@" || ewarn "FAILURE: $*" +} + +pkg_postinst() { + doit_with_ewarn mod_install -fi /usr/$(get_libdir)/libtfmessbsp.so + + elog "Note: You have to be in the group usb to access the fingerprint device." +} + +pkg_postrm() { + # only do this if uninstalling + if ! has_version ${CATEGORY}/${PN} ; then + doit_with_ewarn mod_install -fu libtfmessbsp.so + fi +} diff --git a/sys-auth/thinkfinger/Manifest b/sys-auth/thinkfinger/Manifest new file mode 100644 index 000000000000..98ea1b543343 --- /dev/null +++ b/sys-auth/thinkfinger/Manifest @@ -0,0 +1 @@ +DIST thinkfinger-0.3.tar.gz 372053 RMD160 7a83e7234bc6687f581df3b68b92cc06bf5b24cb SHA1 6d032ec7ad1166505b6773dff3c762c77bc72626 SHA256 9741ae205aadc9f576be73c382596266300e709371e72574a86e339ebf978f4b diff --git a/sys-auth/thinkfinger/files/0.3-carriagereturn.patch b/sys-auth/thinkfinger/files/0.3-carriagereturn.patch new file mode 100644 index 000000000000..731f1531947b --- /dev/null +++ b/sys-auth/thinkfinger/files/0.3-carriagereturn.patch @@ -0,0 +1,10 @@ +--- pam/pam_thinkfinger-uinput.c 2007-02-27 17:52:50.000000000 +0100 ++++ pam/pam_thinkfinger-uinput.c 2009-02-17 13:56:02.013033249 +0100 +@@ -95,6 +95,7 @@ + /* our single key keyboard */ + i = ioctl (*fd, UI_SET_EVBIT, EV_KEY) < 0; + i |= ioctl (*fd, UI_SET_KEYBIT, KEY_ENTER) < 0; ++ i |= ioctl (*fd, UI_SET_KEYBIT, KEY_A) < 0; + + if (write (*fd, &device, device_size) != device_size) { + retval = errno; diff --git a/sys-auth/thinkfinger/files/0.3-direct_set_config_usb_hello.patch b/sys-auth/thinkfinger/files/0.3-direct_set_config_usb_hello.patch new file mode 100644 index 000000000000..06723ad1306c --- /dev/null +++ b/sys-auth/thinkfinger/files/0.3-direct_set_config_usb_hello.patch @@ -0,0 +1,31 @@ +Index: libthinkfinger/libthinkfinger.c +=================================================================== +--- libthinkfinger/libthinkfinger.c (revision 118) ++++ libthinkfinger/libthinkfinger.c (working copy) +@@ -265,18 +265,7 @@ + int retval = -1; + char dummy[] = "\x10"; + +- /* SET_CONFIGURATION 1 -- should not be relevant */ + retval = usb_control_msg (handle, // usb_dev_handle *dev +- 0x00000000, // int requesttype +- 0x00000009, // int request +- 0x001, // int value +- 0x000, // int index +- dummy, // char *bytes +- 0x00000000, // int size +- USB_TIMEOUT); // int timeout +- if (retval < 0) +- goto out; +- retval = usb_control_msg (handle, // usb_dev_handle *dev + 0x00000040, // int requesttype + 0x0000000c, // int request + 0x100, // int value +@@ -285,7 +274,6 @@ + 0x00000001, // int size + USB_TIMEOUT); // int timeout + +-out: + return retval; + } + diff --git a/sys-auth/thinkfinger/files/0.3-send-sync-event.patch b/sys-auth/thinkfinger/files/0.3-send-sync-event.patch new file mode 100644 index 000000000000..39e0edb27ba1 --- /dev/null +++ b/sys-auth/thinkfinger/files/0.3-send-sync-event.patch @@ -0,0 +1,50 @@ +--- pam/pam_thinkfinger-uinput.c 2009-12-27 18:42:26.000000000 +0100 ++++ pam/pam_thinkfinger-uinput.c 2009-12-27 18:41:55.000000000 +0100 +@@ -34,27 +34,40 @@ + int uinput_cr (int *fd) + { + int retval = 0, ev_size = 0; +- struct input_event ev = { ++ struct input_event key_ev = { + .type = EV_KEY, + .code = KEY_ENTER, + .time = {0, } + }; + +- ev_size = sizeof (ev); ++ ev_size = sizeof (key_ev); + + /* key press */ +- ev.value = 1; +- if (write (*fd, &ev, ev_size) != ev_size) { ++ key_ev.value = 1; ++ if (write (*fd, &key_ev, ev_size) != ev_size) { + retval = errno; + goto out; + } + /* key release */ +- ev.value = 0; +- if (write (*fd, &ev, ev_size) != ev_size) { ++ key_ev.value = 0; ++ if (write (*fd, &key_ev, ev_size) != ev_size) { + retval = errno; + goto out; + } +- ++ ++ /* syn event */ ++ struct input_event syn_ev = { ++ .time = {0, }, ++ .type = EV_SYN, ++ .code = SYN_REPORT, ++ .value = 0 ++ }; ++ ++ if (write (*fd, &syn_ev, ev_size) != ev_size) { ++ retval = errno; ++ goto out; ++ } ++ + out: + return retval; + } diff --git a/sys-auth/thinkfinger/files/0.3-strip-strip.patch b/sys-auth/thinkfinger/files/0.3-strip-strip.patch new file mode 100644 index 000000000000..1339baf63a00 --- /dev/null +++ b/sys-auth/thinkfinger/files/0.3-strip-strip.patch @@ -0,0 +1,24 @@ +Strip is handled by the package manager. + +--- a/pam/Makefile.am ++++ b/pam/Makefile.am +@@ -8,7 +8,7 @@ pam_thinkfinger_so_SOURCES = pam_thinkfinger-compat.c pam_thinkfinger-compat.h p + else + pam_thinkfinger_so_SOURCES = pam_thinkfinger-uinput.c pam_thinkfinger-uinput.h pam_thinkfinger.c + endif +-pam_thinkfinger_so_LDFLAGS = -shared --strip-all -Wl,-soname,pam_thinkfinger.so -Wl,--as-needed ++pam_thinkfinger_so_LDFLAGS = -shared -Wl,-soname,pam_thinkfinger.so -Wl,--as-needed + pam_thinkfinger_so_CFLAGS = $(CFLAGS) + pam_thinkfinger_so_LDADD = $(top_builddir)/libthinkfinger/libthinkfinger.la $(PAM_LIBS) $(PTHREAD_LIBS) + +--- a/pam/Makefile.in ++++ b/pam/Makefile.in +@@ -201,7 +201,7 @@ pamdir = $(SECUREDIR) + INCLUDES = -I$(top_srcdir)/libthinkfinger + @HAVE_OLD_PAM_FALSE@pam_thinkfinger_so_SOURCES = pam_thinkfinger-uinput.c pam_thinkfinger-uinput.h pam_thinkfinger.c + @HAVE_OLD_PAM_TRUE@pam_thinkfinger_so_SOURCES = pam_thinkfinger-compat.c pam_thinkfinger-compat.h pam_thinkfinger-uinput.c pam_thinkfinger-uinput.h pam_thinkfinger.c +-pam_thinkfinger_so_LDFLAGS = -shared --strip-all -Wl,-soname,pam_thinkfinger.so -Wl,--as-needed ++pam_thinkfinger_so_LDFLAGS = -shared -Wl,-soname,pam_thinkfinger.so -Wl,--as-needed + pam_thinkfinger_so_CFLAGS = $(CFLAGS) + pam_thinkfinger_so_LDADD = $(top_builddir)/libthinkfinger/libthinkfinger.la $(PAM_LIBS) $(PTHREAD_LIBS) + all: all-am diff --git a/sys-auth/thinkfinger/files/0.3-tftoolgroup.patch b/sys-auth/thinkfinger/files/0.3-tftoolgroup.patch new file mode 100644 index 000000000000..169b7cefe286 --- /dev/null +++ b/sys-auth/thinkfinger/files/0.3-tftoolgroup.patch @@ -0,0 +1,64 @@ +--- tf-tool/tf-tool.c 2007-03-30 11:00:45.000000000 +0200 ++++ tf-tool/tf-tool.c 2009-02-18 14:57:24.316197097 +0100 +@@ -26,6 +26,9 @@ + #include <errno.h> + #include <libgen.h> + #include <pwd.h> ++#include <grp.h> ++#include <sys/stat.h> ++#include <unistd.h> + + #include <config.h> + #include <libthinkfinger.h> +@@ -54,6 +57,21 @@ + int swipe_failed; + } s_tfdata; + ++int changegroup(const char *groupname,const char *filename) ++{ ++ struct group *g; ++ g = getgrnam(groupname); ++ if(g == NULL) { ++ perror("getgrnam:"); ++ return 1; ++ } ++ if( chown(filename,-1,g->gr_gid) == -1) { ++ perror("chown: "); ++ return 1; ++ } ++ return 0; ++} ++ + static void print_status (int swipe_success, int swiped_required, int swipe_failed) + { + printf ("\rPlease swipe your finger (successful swipes %i/%i, failed swipes: %i)...", +@@ -64,6 +82,8 @@ + static void callback (libthinkfinger_state state, void *data) + { + char *str; ++ int err; ++ gid_t gfp; + s_tfdata *tfdata = (s_tfdata *) data; + + if (tfdata->verbose == true) { +@@ -108,8 +128,18 @@ + case TF_STATE_ENROLL_SUCCESS: + print_status (tfdata->swipe_success, 3, tfdata->swipe_failed); + printf (" done.\nStoring data (%s)...", tfdata->bir); +- fflush (stdout); +- break; ++ /*small hack to change group and chmod 640 on created bir file*/ ++ err = chmod(tfdata->bir, S_IRUSR | S_IWUSR | S_IRGRP); ++ if(err == -1) { ++ printf("Couldn't change perms on file %s\n",tfdata->bir); ++ perror("chmod:"); ++ fflush(stdout); ++ break; ++ } ++ changegroup("fingerprint",tfdata->bir); ++ fflush(stdout); ++ break; ++ /*done*/ + case TF_STATE_SWIPE_FAILED: + print_status (tfdata->swipe_success, 3, ++tfdata->swipe_failed); + break; diff --git a/sys-auth/thinkfinger/files/60-thinkfinger.rules b/sys-auth/thinkfinger/files/60-thinkfinger.rules new file mode 100644 index 000000000000..1ccc394d49ff --- /dev/null +++ b/sys-auth/thinkfinger/files/60-thinkfinger.rules @@ -0,0 +1,5 @@ +# SGS Thomson Microelectronics Fingerprint Reader +ATTRS{idVendor}=="0483", ATTRS{idProduct}=="2016", SYMLINK+="input/thinkfinger-%k", MODE="0660", GROUP="fingerprint" + +# the also-needed uinput device +KERNEL=="uinput", MODE="0660", GROUP="fingerprint" diff --git a/sys-auth/thinkfinger/metadata.xml b/sys-auth/thinkfinger/metadata.xml new file mode 100644 index 000000000000..7bfe3649f4a4 --- /dev/null +++ b/sys-auth/thinkfinger/metadata.xml @@ -0,0 +1,18 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<herd>proxy-maintainers</herd> +<maintainer> + <email>victor.quicksilver@gmail.com</email> + <name>Víctor Enríquez Miguel</name> +</maintainer> +<maintainer> + <email>xmw@gentoo.org</email> + <name>Michael Weber</name> + <description>Proxy Maintainer</description> +</maintainer> +<upstream> + <remote-id type="sourceforge">ThinkFinger</remote-id> +</upstream> +<longdescription></longdescription> +</pkgmetadata> diff --git a/sys-auth/thinkfinger/thinkfinger-0.3-r3.ebuild b/sys-auth/thinkfinger/thinkfinger-0.3-r3.ebuild new file mode 100644 index 000000000000..01b2e922a353 --- /dev/null +++ b/sys-auth/thinkfinger/thinkfinger-0.3-r3.ebuild @@ -0,0 +1,80 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="4" + +inherit autotools-utils user linux-info pam + +DESCRIPTION="Support for the UPEK/SGS Thomson Microelectronics fingerprint reader, often seen in Thinkpads" +HOMEPAGE="http://thinkfinger.sourceforge.net/" +SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="debug pam static-libs" + +RDEPEND="virtual/libusb:0 + pam? ( virtual/pam )" +DEPEND="${RDEPEND} + sys-devel/libtool + virtual/pkgconfig" + +PATCHES=( + "${FILESDIR}"/${PV}-direct_set_config_usb_hello.patch + "${FILESDIR}"/${PV}-carriagereturn.patch + "${FILESDIR}"/${PV}-send-sync-event.patch + "${FILESDIR}"/${PV}-tftoolgroup.patch + "${FILESDIR}"/${PV}-strip-strip.patch +) + +pkg_setup() { + if use pam ; then + CONFIG_CHECK="~INPUT_UINPUT" + ERROR_CFG="Your kernel needs uinput for the pam module to work" + check_extra_config + fi +} + +src_configure() { + local myeconfargs=( + $(use_enable pam) \ + $(use_enable debug usb-debug) \ + "--with-securedir=$(getpam_mod_dir)" + ) + autotools-utils_src_configure +} + +src_install() { + DOCS=( AUTHORS ChangeLog NEWS README ) + autotools-utils_src_install + + keepdir /etc/pam_thinkfinger + insinto /lib/udev/rules.d + doins "${FILESDIR}"/60-thinkfinger.rules +} + +pkg_preinst() { + enewgroup fingerprint +} + +pkg_postinst() { + fowners root:fingerprint /etc/pam_thinkfinger + fperms 710 /etc/pam_thinkfinger + elog "Use tf-tool --acquire to take a finger print" + elog "tf-tool will write the finger print file to /tmp/test.bir" + elog "" + if use pam ; then + elog "To add a fingerprint to PAM, use tf-tool --add-user USERNAME" + elog "" + elog "Add the following to /etc/pam.d/system-auth after pam_env.so" + elog "auth sufficient pam_thinkfinger.so" + elog "" + elog "Your system-auth should look similar to:" + elog "auth required pam_env.so" + elog "auth sufficient pam_thinkfinger.so" + elog "auth sufficient pam_unix.so try_first_pass likeauth nullok" + elog "" + fi +} diff --git a/sys-auth/ykclient/Manifest b/sys-auth/ykclient/Manifest new file mode 100644 index 000000000000..e7e7e381bd4f --- /dev/null +++ b/sys-auth/ykclient/Manifest @@ -0,0 +1,2 @@ +DIST ykclient-2.13.tar.gz 385672 SHA256 92b0e8d3f9911392c5f10de045c4fbc604423f22a3a6bd37d2cf4a97839181d3 SHA512 1d684539c051ff6da7d3b99660ea6aa205bc9241233961bcbdd0f81414d69456c2137f51b46a7e06ac871106a3c704bd3d543b6d4aff2c5ae4dff76277e1083b WHIRLPOOL 8f34b2a76f2d7c1ada21cb9d7a35cfd66634937803c0261121b95418bb2065814e8a1b648c9fc708ec9c7b97a446b60f0c97c7805490d263e8099504d8f245ac +DIST ykclient-2.14.tar.gz 386915 SHA256 bd7ddaa1d88ec7be323738cabdf58ff99cb6d6cd3fe937c69b52fa9b3764d362 SHA512 743249f52eed1b07a5e582b644b4819e1defcd18a4c2d812b7738cb161e3152e2a49fba54fbf0fe3dfcda9f8477536660b9d2b0bb5c2eb84b106d435c91efe8d WHIRLPOOL 74ab719cfb0af413f7c226f3e0b1f6026f174213f86a9f8599e084d29fbe2ca237b7dd0f927a83c94efbcd1fdd0a687ac708c466e27adc1a61ecfefe7ba4e188 diff --git a/sys-auth/ykclient/metadata.xml b/sys-auth/ykclient/metadata.xml new file mode 100644 index 000000000000..7f3c0757e2ad --- /dev/null +++ b/sys-auth/ykclient/metadata.xml @@ -0,0 +1,19 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <herd>proxy-maintainers</herd> + <maintainer> + <email>brant@gurganus.name</email> + <name>Brant Gurganus</name> + <description>Proxied co-maintainer, assign bugs to him</description> + </maintainer> + <maintainer> + <email>flameeyes@gentoo.org</email> + <name>Diego Elio Pettenò</name> + <description>Proxy maintainer, CC him on bugs</description> + </maintainer> + <upstream> + <remote-id type="google-code">yubico-c-client</remote-id> + <remote-id type="github">Yubico/yubico-c-client</remote-id> + </upstream> +</pkgmetadata> diff --git a/sys-auth/ykclient/ykclient-2.13.ebuild b/sys-auth/ykclient/ykclient-2.13.ebuild new file mode 100644 index 000000000000..e4e379f7c000 --- /dev/null +++ b/sys-auth/ykclient/ykclient-2.13.ebuild @@ -0,0 +1,22 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +inherit autotools-utils + +DESCRIPTION="Yubico C client library" +SRC_URI="http://opensource.yubico.com/yubico-c-client/releases/${P}.tar.gz" +HOMEPAGE="https://github.com/Yubico/yubico-c-client" + +KEYWORDS="~amd64 ~x86" +SLOT="0" +LICENSE="BSD-2" +IUSE="static-libs" + +RDEPEND=">=net-misc/curl-7.21.1" +DEPEND="${RDEPEND}" + +# Tests require an active network connection, we don't want to run them +RESTRICT="test" diff --git a/sys-auth/ykclient/ykclient-2.14.ebuild b/sys-auth/ykclient/ykclient-2.14.ebuild new file mode 100644 index 000000000000..387b86dabb66 --- /dev/null +++ b/sys-auth/ykclient/ykclient-2.14.ebuild @@ -0,0 +1,22 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +inherit autotools-utils + +DESCRIPTION="Yubico C client library" +SRC_URI="http://opensource.yubico.com/yubico-c-client/releases/${P}.tar.gz" +HOMEPAGE="https://github.com/Yubico/yubico-c-client" + +KEYWORDS="~amd64 ~x86" +SLOT="0" +LICENSE="BSD-2" +IUSE="static-libs" + +RDEPEND=">=net-misc/curl-7.21.1" +DEPEND="${RDEPEND}" + +# Tests require an active network connection, we don't want to run them +RESTRICT="test" diff --git a/sys-auth/ykneo-ccid-tools/Manifest b/sys-auth/ykneo-ccid-tools/Manifest new file mode 100644 index 000000000000..26051c3bb60c --- /dev/null +++ b/sys-auth/ykneo-ccid-tools/Manifest @@ -0,0 +1 @@ +DIST ykneo-ccid-tools-0.0.0.tar.gz 298831 SHA256 8f2419471f3ef3acd88cacc387bf9ff68572a3604da1a29c46383fc027d066e3 SHA512 735fbdee9e307b8fa1304b5ebc1fc490807e3b4cd67b62c4faa100fe9ac2915b8c1c979820078e0035ddb9d304460c7bae601ad89f358101faae2f13d066d864 WHIRLPOOL ed59d69b518794261283532473d398dafc6b09e2a2803e2068c269168c8fd9ffd29e9c3188562fb2eb688e9a8bb4caf68f70ad84fdc64903689a92ae1f84001a diff --git a/sys-auth/ykneo-ccid-tools/files/ykneo-ccid-tools-0.0.0-string.patch b/sys-auth/ykneo-ccid-tools/files/ykneo-ccid-tools-0.0.0-string.patch new file mode 100644 index 000000000000..7a4b70b82f82 --- /dev/null +++ b/sys-auth/ykneo-ccid-tools/files/ykneo-ccid-tools-0.0.0-string.patch @@ -0,0 +1,11 @@ +diff -urN ykneo-ccid-tools-0.0.0.orig/NEO_Config.c ykneo-ccid-tools-0.0.0/NEO_Config.c +--- ykneo-ccid-tools-0.0.0.orig/NEO_Config.c 2012-12-20 21:30:44.000000000 +0100 ++++ ykneo-ccid-tools-0.0.0/NEO_Config.c 2013-08-12 16:40:18.109041000 +0200 +@@ -9,6 +9,7 @@ + + #include <stdio.h> + #include <stdlib.h> ++#include <string.h> + #include <neo_if.h> + + #pragma pack(push, 1) diff --git a/sys-auth/ykneo-ccid-tools/metadata.xml b/sys-auth/ykneo-ccid-tools/metadata.xml new file mode 100644 index 000000000000..4ca74431ad78 --- /dev/null +++ b/sys-auth/ykneo-ccid-tools/metadata.xml @@ -0,0 +1,12 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer> + <email>wschlich@gentoo.org</email> + <name>Wolfram Schlich</name> + <description>Primary mainainer</description> + </maintainer> + <upstream> + <remote-id type="github">Yubico/ykneo-ccid-tools</remote-id> + </upstream> +</pkgmetadata> diff --git a/sys-auth/ykneo-ccid-tools/ykneo-ccid-tools-0.0.0.ebuild b/sys-auth/ykneo-ccid-tools/ykneo-ccid-tools-0.0.0.ebuild new file mode 100644 index 000000000000..e287df4b9c4e --- /dev/null +++ b/sys-auth/ykneo-ccid-tools/ykneo-ccid-tools-0.0.0.ebuild @@ -0,0 +1,27 @@ +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +inherit eutils udev + +DESCRIPTION="Tools for Yubico's YubiKey NEO in CCID mode" +SRC_URI="http://yubico.github.io/ykneo-ccid-tools/releases/${P}.tar.gz" +HOMEPAGE="https://github.com/Yubico/ykneo-ccid-tools" + +KEYWORDS="~amd64 ~x86" +SLOT="0" +LICENSE="BSD-2" +IUSE="" + +RDEPEND="sys-apps/pcsc-lite" +DEPEND="${RDEPEND} + sys-apps/help2man + dev-util/gengetopt" + +DOCS=( AUTHORS NEWS README ) + +src_prepare() { + epatch "${FILESDIR}/${P}-string.patch" +} diff --git a/sys-auth/ykpers/Manifest b/sys-auth/ykpers/Manifest new file mode 100644 index 000000000000..0b72836f091c --- /dev/null +++ b/sys-auth/ykpers/Manifest @@ -0,0 +1,2 @@ +DIST ykpers-1.16.2.tar.gz 502198 SHA256 2b2da737d5353ff5c9002cad41c2f5d0af381f55a880ccf920cee8855b8b8120 SHA512 3fa1c18d306c4e5ca3f2b938cf4a1c9d1fbfcbaf9fdc1d5d601fb57ca11cd0caf680b0288bb37f27bb0e377a30bdc860f04d8c62254e9ccb4e78d60b60163799 WHIRLPOOL a2e045560cbeae600fc7c112105f3caa1f5e5cc26ce4ea12448cb451c1e6de3853f553c2a37a8b9138763e58795bf1896c1f3b3f0c4a3ebf8ddf95f758531694 +DIST ykpers-1.17.1.tar.gz 504827 SHA256 556baec2bbc94bae01293e64dc3873d68f880119ea5c3772737e4f3dc44f69c4 SHA512 9f8cabb1082babc3214dda85300c1b3413d4664b9b5d32b266e3a640e1644ccf1a09964107f14eef831fef413fa65125551c40954a4973997b3e3cadb185bf70 WHIRLPOOL 75d430b41aa6dfca32db854278fa3dabea1a7048738b7274f787b2c2c81cf69e678ac7515cdc59295a764c8bf44773c247f51d4ccbb657c8c035055e51dcf468 diff --git a/sys-auth/ykpers/metadata.xml b/sys-auth/ykpers/metadata.xml new file mode 100644 index 000000000000..3a896d143b24 --- /dev/null +++ b/sys-auth/ykpers/metadata.xml @@ -0,0 +1,25 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <herd>proxy-maintainers</herd> + <maintainer> + <email>brant@gurganus.name</email> + <name>Brant Gurganus</name> + <description>Proxied co-maintainer, assign bugs to him</description> + </maintainer> + <maintainer> + <email>flameeyes@gentoo.org</email> + <name>Diego Elio Pettenò</name> + <description>Proxy maintainer, CC him on bugs</description> + </maintainer> + <upstream> + <remote-id type="github">Yubico/yubikey-personalization</remote-id> + <bugs-to>https://github.com/Yubico/yubikey-personalization/issues</bugs-to> + </upstream> + <use> + <flag name="consolekit"> + Use <pkg>sys-auth/consolekit</pkg> and <pkg>virtual/udev</pkg> + to allow access to the YubiKey HID device to the console user. + </flag> + </use> +</pkgmetadata> diff --git a/sys-auth/ykpers/ykpers-1.16.2.ebuild b/sys-auth/ykpers/ykpers-1.16.2.ebuild new file mode 100644 index 000000000000..5f013c5faecf --- /dev/null +++ b/sys-auth/ykpers/ykpers-1.16.2.ebuild @@ -0,0 +1,31 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +inherit autotools-utils udev + +DESCRIPTION="Library and tool for personalization of Yubico's YubiKey" +SRC_URI="http://yubico.github.io/yubikey-personalization/releases/${P}.tar.gz" +HOMEPAGE="https://github.com/Yubico/yubikey-personalization" + +KEYWORDS="~amd64 ~x86" +SLOT="0" +LICENSE="BSD-2" +IUSE="static-libs consolekit" + +RDEPEND=" + >=sys-auth/libyubikey-1.6 + virtual/libusb:1" +DEPEND="${RDEPEND} + virtual/pkgconfig" +RDEPEND="${RDEPEND} + consolekit? ( sys-auth/consolekit[acl] )" + +src_install() { + DOCS=( doc/. AUTHORS ChangeLog NEWS README ) + autotools-utils_src_install + + use consolekit && udev_dorules *.rules +} diff --git a/sys-auth/ykpers/ykpers-1.17.1.ebuild b/sys-auth/ykpers/ykpers-1.17.1.ebuild new file mode 100644 index 000000000000..ef4e2a8a5a92 --- /dev/null +++ b/sys-auth/ykpers/ykpers-1.17.1.ebuild @@ -0,0 +1,31 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +inherit autotools-utils udev + +DESCRIPTION="Library and tool for personalization of Yubico's YubiKey" +SRC_URI="http://yubico.github.io/yubikey-personalization/releases/${P}.tar.gz" +HOMEPAGE="https://github.com/Yubico/yubikey-personalization" + +KEYWORDS="~amd64 ~x86" +SLOT="0" +LICENSE="BSD-2" +IUSE="static-libs consolekit" + +RDEPEND=" + >=sys-auth/libyubikey-1.6 + virtual/libusb:1" +DEPEND="${RDEPEND} + virtual/pkgconfig" +RDEPEND="${RDEPEND} + consolekit? ( sys-auth/consolekit[acl] )" + +src_install() { + DOCS=( doc/. AUTHORS ChangeLog NEWS README ) + autotools-utils_src_install + + use consolekit && udev_dorules *.rules +} diff --git a/sys-auth/yubikey-personalization-gui/Manifest b/sys-auth/yubikey-personalization-gui/Manifest new file mode 100644 index 000000000000..87ce76a22072 --- /dev/null +++ b/sys-auth/yubikey-personalization-gui/Manifest @@ -0,0 +1,2 @@ +DIST yubikey-personalization-gui-3.1.18.tar.gz 1450161 SHA256 83e375bff4844ebebf473dfa9f62526689cb5160f7a8dca56896c8f47e3cb1cb SHA512 039b27f6b475d63fb0bc5de8dfaa1f8b86652a483c2a2930d74fc7ae1105232146283071fe1e6b0225e85397fcae46a7724e7f0e5c8f20685c6b18d0dced95c8 WHIRLPOOL 83176c32fc6d252d675124a7b0a16e7be49bea758bae4dc512b2f7e14ad27bc59bdec521882863c0b77ccd6c19c36a5cce24fa9b07ffa7ad636d120fee9539b5 +DIST yubikey-personalization-gui-3.1.20.tar.gz 1458155 SHA256 70e31105900b571792de8ccd41ac4b080a10ecd8c7268c44b4676752d350f994 SHA512 d8b9165ade8f9a8be24d3aabd1b5096c01842e719bf7b70d46a54fd809d2fcbbf515ef95759f00601cf9fa6dcc01aa0e0de802da643c306eacdf7c1a1a576081 WHIRLPOOL 0c9589424a2fa51558d90bf7ee5410746683f57949836fd7c16f89f164c8eb4c60dc9386b5403f78187254d838e5eecaca8188b560a391e7da449e49e8377dfe diff --git a/sys-auth/yubikey-personalization-gui/metadata.xml b/sys-auth/yubikey-personalization-gui/metadata.xml new file mode 100644 index 000000000000..47ed1ce8d6ad --- /dev/null +++ b/sys-auth/yubikey-personalization-gui/metadata.xml @@ -0,0 +1,12 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer> + <email>wschlich@gentoo.org</email> + <name>Wolfram Schlich</name> + <description>Primary mainainer</description> + </maintainer> + <upstream> + <remote-id type="github">Yubico/yubikey-personalization</remote-id> + </upstream> +</pkgmetadata> diff --git a/sys-auth/yubikey-personalization-gui/yubikey-personalization-gui-3.1.18.ebuild b/sys-auth/yubikey-personalization-gui/yubikey-personalization-gui-3.1.18.ebuild new file mode 100644 index 000000000000..7f886d6d73ed --- /dev/null +++ b/sys-auth/yubikey-personalization-gui/yubikey-personalization-gui-3.1.18.ebuild @@ -0,0 +1,41 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +inherit eutils qt4-r2 + +DESCRIPTION="GUI for personalization of Yubico's YubiKey" +SRC_URI="http://yubico.github.io/yubikey-personalization-gui/releases/${P}.tar.gz" +HOMEPAGE="https://github.com/Yubico/yubikey-personalization-gui" + +KEYWORDS="~amd64" +SLOT="0" +LICENSE="BSD-2" +IUSE="debug" + +RDEPEND=" + >=sys-auth/ykpers-1.14.0 + >=sys-auth/libyubikey-1.6 + dev-qt/qtcore:4 + dev-qt/qtgui:4 + dev-qt/qttest:4 + dev-libs/glib:2 + virtual/libusb:1" +DEPEND="${RDEPEND} + virtual/pkgconfig" + +DOCS=( NEWS README ) + +src_configure() { + eqmake4 YKPersonalization.pro +} + +src_install() { + dobin build/release/yubikey-personalization-gui + doman resources/lin/yubikey-personalization-gui.1 + domenu resources/lin/yubikey-personalization-gui.desktop + doicon resources/lin/yubikey-personalization-gui.xpm + doicon -s 128 resources/lin/yubikey-personalization-gui.png +} diff --git a/sys-auth/yubikey-personalization-gui/yubikey-personalization-gui-3.1.20.ebuild b/sys-auth/yubikey-personalization-gui/yubikey-personalization-gui-3.1.20.ebuild new file mode 100644 index 000000000000..eb899abb4023 --- /dev/null +++ b/sys-auth/yubikey-personalization-gui/yubikey-personalization-gui-3.1.20.ebuild @@ -0,0 +1,41 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +inherit eutils qmake-utils + +DESCRIPTION="GUI for personalization of Yubico's YubiKey" +SRC_URI="http://yubico.github.io/yubikey-personalization-gui/releases/${P}.tar.gz" +HOMEPAGE="https://github.com/Yubico/yubikey-personalization-gui" + +KEYWORDS="~amd64" +SLOT="0" +LICENSE="BSD-2" +IUSE="debug" + +RDEPEND=" + >=sys-auth/ykpers-1.14.0 + >=sys-auth/libyubikey-1.6 + dev-qt/qtcore:4 + dev-qt/qtgui:4 + dev-qt/qttest:4 + dev-libs/glib:2 + virtual/libusb:1" +DEPEND="${RDEPEND} + virtual/pkgconfig" + +DOCS=( NEWS README ) + +src_configure() { + eqmake4 YKPersonalization.pro +} + +src_install() { + dobin build/release/yubikey-personalization-gui + doman resources/lin/yubikey-personalization-gui.1 + domenu resources/lin/yubikey-personalization-gui.desktop + doicon resources/lin/yubikey-personalization-gui.xpm + doicon -s 128 resources/lin/yubikey-personalization-gui.png +} |