enable build of deprecated pam_cracklib but switch to configuring use of pam_pwquality [release 1.4.0-2mamba;Thu Oct 15 2020]

This commit is contained in:
Silvan Calarco 2024-01-06 08:23:27 +01:00
parent 4b4e54c228
commit 3ca9708a1c
3 changed files with 41 additions and 13 deletions

View File

@ -8,7 +8,7 @@ auth required pam_deny.so
#account sufficient pam_winbind.so #account sufficient pam_winbind.so
account required pam_unix.so account required pam_unix.so
password required pam_cracklib.so retry=3 minlen=4 dcredit=2 ucredit=2 password required pam_pwquality.so retry=3 minlen=4 dcredit=2 ucredit=2
password sufficient pam_unix.so shadow md5 use_authtok password sufficient pam_unix.so shadow md5 use_authtok
password required pam_deny.so password required pam_deny.so

View File

@ -5,7 +5,7 @@ auth required pam_deny.so
account required pam_unix.so account required pam_unix.so
password required pam_cracklib.so retry=3 minlen=4 dcredit=2 ucredit=2 password required pam_pwquality.so retry=3 minlen=4 dcredit=2 ucredit=2
password sufficient pam_unix.so shadow md5 use_authtok password sufficient pam_unix.so shadow md5 use_authtok
password required pam_deny.so password required pam_deny.so

View File

@ -9,8 +9,8 @@
%define unix2_ver 2.6 %define unix2_ver 2.6
Name: pam Name: pam
Version: 1.3.1 Version: 1.4.0
Release: 1mamba Release: 2mamba
Summary: Utilities for monitoring your system and processes on your system Summary: Utilities for monitoring your system and processes on your system
Group: System/Libraries Group: System/Libraries
Vendor: openmamba Vendor: openmamba
@ -54,10 +54,13 @@ BuildRequires: linuxdoc-tools >= 0.9.21
BuildRequires: flex BuildRequires: flex
BuildRequires: libfl-devel BuildRequires: libfl-devel
BuildRequires: gettext-devel BuildRequires: gettext-devel
BuildRequires: elinks
#BuildRequires: libprelude-devel >= 0.9.14 #BuildRequires: libprelude-devel >= 0.9.14
BuildRequires: libtirpc-devel >= 0.2.2-2mamba BuildRequires: libtirpc-devel >= 0.2.2-2mamba
Requires: libtirpc >= 0.2.2-2mamba Requires: libtirpc >= 0.2.2-2mamba
Requires: systemd-core Requires: systemd-core
# For pam_pwquality replacing pam_cracklib
Requires: libpwquality
Requires(post): pwdutils Requires(post): pwdutils
Requires(post): setup Requires(post): setup
Requires(post): lib%{name} = %{?epoch:%epoch:}%{version}-%{release} Requires(post): lib%{name} = %{?epoch:%epoch:}%{version}-%{release}
@ -95,17 +98,20 @@ Requires: %{name} = %{version}-%{release}
PAM (Pluggable Authentication Modules) is a system security tool which allows system administrators to set authentication policy without having to recompile programs which do authentication. PAM (Pluggable Authentication Modules) is a system security tool which allows system administrators to set authentication policy without having to recompile programs which do authentication.
This package contains the documentation files in html, pdf and postscript formats. This package contains the documentation files in html, pdf and postscript formats.
%debug_package
%prep %prep
%setup -q -a4 -a5 -a9 -a10 -n linux-pam-%{version} %setup -q -a4 -a5 -a9 -a10 -n linux-pam-%{version}
%patch1 -p1 %patch1 -p1
%patch2 -p1 %patch2 -p1
%patch3 -p1 %patch3 -p1
%patch4 -p1 %patch4 -p1
./autogen.sh
%build %build
./autogen.sh
%configure \ %configure \
--disable-prelude \ --disable-prelude \
--enable-cracklib \
--with-mailspool=/var/mail \ --with-mailspool=/var/mail \
--libdir=/%{_lib} \ --libdir=/%{_lib} \
--with-db-uniquename=db51 --with-db-uniquename=db51
@ -122,6 +128,7 @@ This package contains the documentation files in html, pdf and postscript format
%makeinstall \ %makeinstall \
includedir=%{_includedir}/security \ includedir=%{_includedir}/security \
namespaceddir=%{buildroot}%{_sysconfdir}/security \ namespaceddir=%{buildroot}%{_sysconfdir}/security \
servicedir=%{_unitdir} \
sepermitlockdir=%{buildroot}%{_localstatedir}/run/sepermit sepermitlockdir=%{buildroot}%{_localstatedir}/run/sepermit
install -D -m 644 %{S:2} %{buildroot}%{_sysconfdir}/pam.d/other install -D -m 644 %{S:2} %{buildroot}%{_sysconfdir}/pam.d/other
@ -155,6 +162,10 @@ ln -s system-auth %{buildroot}%{_sysconfdir}/pam.d/password-auth
%clean %clean
[ "%{buildroot}" != / ] && rm -rf %{buildroot} [ "%{buildroot}" != / ] && rm -rf %{buildroot}
%preun
%systemd_preun pam_namespace
:
%post %post
if [ $1 -ge 1 ]; then if [ $1 -ge 1 ]; then
groupadd audio -g %{group_audio} 2>/dev/null groupadd audio -g %{group_audio} 2>/dev/null
@ -179,7 +190,12 @@ session optional pam_systemd.so
_EOF _EOF
} }
fi fi
exit 0 %systemd_post pam_namespace
:
%postun
%systemd_postun pam_namespace
:
%post -n libpam %post -n libpam
/sbin/ldconfig /sbin/ldconfig
@ -189,6 +205,10 @@ exit 0
/sbin/ldconfig /sbin/ldconfig
: :
%posttrans
sed -i "s|pam_cracklib.so|pam_pwquality.so|" %{_sysconfdir}/pam.d/system-auth{,-noshell}
:
%files -f Linux-PAM.lang %files -f Linux-PAM.lang
%defattr(-,root,root) %defattr(-,root,root)
%dir %{_sysconfdir}/pam.d %dir %{_sysconfdir}/pam.d
@ -199,15 +219,17 @@ exit 0
%config %{_sysconfdir}/security/*.conf %config %{_sysconfdir}/security/*.conf
%{_sysconfdir}/environment %{_sysconfdir}/environment
%{_sysconfdir}/security/namespace.init %{_sysconfdir}/security/namespace.init
%{_unitdir}/pam_namespace.service
%attr(2755,root,shadow) %{_sbindir}/unix_chkpwd %attr(2755,root,shadow) %{_sbindir}/unix_chkpwd
%{_sbindir}/faillock
%{_sbindir}/unix_update %{_sbindir}/unix_update
%{_sbindir}/pam_tally %{_sbindir}/pam_namespace_helper
%{_sbindir}/pam_tally2 #%{_sbindir}/pam_tally
#%{_sbindir}/pam_tally2
%{_sbindir}/pam_timestamp_check %{_sbindir}/pam_timestamp_check
%{_sbindir}/mkhomedir_helper %{_sbindir}/mkhomedir_helper
%{_mandir}/*/* %{_mandir}/*/*
%{_docdir}/Linux-PAM/* %{_docdir}/Linux-PAM/*
#%doc pam.conf-example pam_env.conf-example
%files -n libpam %files -n libpam
%defattr(-,root,root) %defattr(-,root,root)
@ -240,6 +262,12 @@ exit 0
#%endif #%endif
%changelog %changelog
* Thu Oct 15 2020 Silvan Calarco <silvan.calarco@mambasoft.it> 1.4.0-2mamba
- enable build of deprecated pam_cracklib but switch to configuring use of pam_pwquality
* Wed Sep 09 2020 Automatic Build System <autodist@mambasoft.it> 1.4.0-1mamba
- automatic version update by autodist
* Sat Jul 28 2018 Silvan Calarco <silvan.calarco@mambasoft.it> 1.3.1-1mamba * Sat Jul 28 2018 Silvan Calarco <silvan.calarco@mambasoft.it> 1.3.1-1mamba
- update to 1.3.1 - update to 1.3.1
@ -375,10 +403,10 @@ exit 0
* Mon Jul 18 2005 Silvan Calarco <silvan.calarco@mambasoft.it> 0.78-11qilnx * Mon Jul 18 2005 Silvan Calarco <silvan.calarco@mambasoft.it> 0.78-11qilnx
- force update with new rpm version so that %%config works correctly - force update with new rpm version so that %%config works correctly
* Thu May 17 2005 Silvan Calarco <silvan.calarco@mambasoft.it> 0.78-10qilnx * Tue May 17 2005 Silvan Calarco <silvan.calarco@mambasoft.it> 0.78-10qilnx
- fix in the upgrade script - fix in the upgrade script
* Thu May 17 2005 Silvan Calarco <silvan.calarco@mambasoft.it> 0.78-9qilnx * Tue May 17 2005 Silvan Calarco <silvan.calarco@mambasoft.it> 0.78-9qilnx
- release for upgrade test only - release for upgrade test only
* Tue May 17 2005 Silvan Calarco <silvan.calarco@mambasoft.it> 0.78-8qilnx * Tue May 17 2005 Silvan Calarco <silvan.calarco@mambasoft.it> 0.78-8qilnx