pam/pam.spec

514 lines
18 KiB
RPMSpec

%define group_audio 11
%define group_cdrecording 12
%define group_cdrom 19
%define group_video 24
%define group_camera 22
%define group_scanner 23
%define pwcheck_ver 3.12.1
%define unix2_ver 2.6
Name: pam
Version: 1.6.0
Release: 1mamba
Summary: Utilities for monitoring your system and processes on your system
Group: System/Libraries
Vendor: openmamba
Distribution: openmamba
Packager: Silvan Calarco <silvan.calarco@mambasoft.it>
URL: https://github.com/linux-pam/linux-pam
Source: https://github.com/linux-pam/linux-pam.git/v%{version}/linux-pam-%{version}.tar.bz2
#Source1: pam.conf
Source2: pam_other
Source3: pam-system-auth
Source4: pam-module-stack.tar.bz2
Source5: pam-module-cracklib.tar.bz2
Source6: pam-modules-redhat.tar.bz2
Source7: pam-module-console.tar.bz2
Source8: pam-system-auth-noshell
Source9: ftp://ftp.suse.com/pub/people/kukuk/pam/pam_pwcheck/pam_pwcheck-%{pwcheck_ver}.tar.bz2
Source10: ftp://ftp.suse.com/pub/people/kukuk/pam/pam_unix2/pam_unix2-%{unix2_ver}.tar.bz2
Source11: pam-group.conf
Source12: macros.pam
Patch0: %{name}-0.77-pam_unix2.conf
Patch1: %{name}-0.99.7.1-cracklib_module.patch
Patch2: %{name}-1.1.3-limits.patch
Patch3: pam-1.1.6-glibc-2.16.patch
Patch4: pam-1.2.1-limits-disable-cores.patch
License: GPL, BSD
## AUTOBUILDREQ-BEGIN
BuildRequires: glibc-devel
BuildRequires: ldconfig
BuildRequires: libaudit-devel
BuildRequires: libcap-ng-devel
BuildRequires: libe2fs-devel
BuildRequires: libkrb5-devel
BuildRequires: libnsl-devel
%if "%{?bootstrap}" != "1"
BuildRequires: libselinux-devel
%endif
BuildRequires: libtirpc-devel
## AUTOBUILDREQ-END
BuildRequires: libcrack-devel
BuildRequires: libtirpc-devel
BuildRequires: libz-devel
%if "%{?bootstrap}" != "1"
BuildRequires: linuxdoc-tools >= 0.9.21
%endif
BuildRequires: flex
BuildRequires: libfl-devel
BuildRequires: gettext-devel
BuildRequires: elinks
#BuildRequires: libprelude-devel >= 0.9.14
BuildRequires: libtirpc-devel >= 0.2.2-2mamba
Requires: libtirpc >= 0.2.2-2mamba
Requires: systemd-core
# For pam_pwquality replacing pam_cracklib
Requires: libpwquality
Requires(post): pwdutils
Requires(post): setup
Requires(post): lib%{name} = %{?epoch:%epoch:}%{version}-%{release}
%description
PAM (Pluggable Authentication Modules) is a system security tool which allows system administrators to set authentication policy without having to recompile programs which do authentication.
%package -n lib%{name}
Group: System/Libraries
Summary: Shared libraries for %{name}
%description -n lib%{name}
PAM (Pluggable Authentication Modules) is a system security tool which allows system administrators to set authentication policy without having to recompile programs which do authentication.
This package contains shared libraries for %{name}.
%package -n libpam-devel
Summary: Development headers and libraries for pam
Group: Development/Libraries
Requires: lib%{name} = %{?epoch:%epoch:}%{version}-%{release}
Provides: pam-devel
Obsoletes: pam-devel < 1.5.2-2mamba
%description -n libpam-devel
PAM (Pluggable Authentication Modules) is a system security tool which allows system administrators to set authentication policy without having to recompile programs which do authentication.
This package containts the development headers and libraries for pam.
%package -n pam-doc
Summary: Documentation files for pam
Group: Documentation
Requires: %{name} = %{version}-%{release}
%description -n pam-doc
PAM (Pluggable Authentication Modules) is a system security tool which allows system administrators to set authentication policy without having to recompile programs which do authentication.
This package contains the documentation files in html, pdf and postscript formats.
%debug_package
%prep
%setup -q -a4 -a5 -a9 -a10 -n linux-pam-%{version}
%patch 1 -p1
%patch 2 -p1
%patch 3 -p1
%patch 4 -p1
# FIXME: disable pdf generation until fop is fixed (since 1.5.2-2mamba)
sed -i "s|\[fop\]|[fop_does_not_work]|" configure.ac
./autogen.sh
%build
%configure \
--includedir=%{_includedir}/security \
--disable-prelude \
--enable-cracklib \
--with-mailspool=/var/mail \
--disable-db
# --with-db-uniquename=db53 \
# --enable-both-confs
%if "%{_host}" != "%{_build}"
%make || %make
%else
%make BROWSER="/usr/bin/elinks -no-numbering -no-references -dump"
%endif
%install
[ "%{buildroot}" != / ] && rm -rf %{buildroot}
%makeinstall \
includedir=%{_includedir}/security \
namespaceddir=%{buildroot}%{_sysconfdir}/security \
servicedir=%{_unitdir} \
sepermitlockdir=%{buildroot}%{_localstatedir}/run/sepermit
install -D -m 644 %{S:2} %{buildroot}%{_sysconfdir}/pam.d/other
install -D -m 644 %{S:3} %{buildroot}%{_sysconfdir}/pam.d/system-auth
install -D -m 644 %{S:8} %{buildroot}%{_sysconfdir}/pam.d/system-auth-noshell
install -D -m 644 %{S:11} %{buildroot}%{_sysconfdir}/security/group.conf
for d in `find modules/pam_* -maxdepth 0 -type d -printf "%f "`; do
[ -e modules/$d/README ] && \
install -m 644 modules/$d/README README.$d
done
ln -s system-auth %{buildroot}%{_sysconfdir}/pam.d/password-auth
install -D -m0644 %{SOURCE12} %{buildroot}%{_rpmmacrodir}/macros.pam
#install -d -m0755 %{buildroot}%{_prefix}/lib/pam.d
#install -m 644 conf/pam.conf pam.conf-example
#install -m 644 modules/pam_env/pam_env.conf-example pam_env.conf-example
#% makeinstall -C pam_pwcheck-%{pwcheck_ver}
#% makeinstall -C pam_unix2-%{unix2_ver}
#sed -i "s|CRYPT=.*|CRYPT=md5|" %{buildroot}/etc/default/passwd
#%find_lang pam_unix2
#cat pam_unix2.lang > %{name}.lang
#%find_lang pam_pwcheck
#cat pam_pwcheck.lang >> %{name}.lang
%find_lang Linux-PAM
%clean
[ "%{buildroot}" != / ] && rm -rf %{buildroot}
%preun
%systemd_preun pam_namespace
:
%post
if [ $1 -ge 1 ]; then
groupadd audio -g %{group_audio} 2>/dev/null
groupadd cdrecording -g %{group_cdrecording} 2>/dev/null
groupadd cdrom -g %{group_cdrom} 2>/dev/null
groupadd video -g %{group_video} 2>/dev/null
groupadd camera -g %{group_camera} 2>/dev/null
groupadd scanner -g %{group_scanner} 2>/dev/null
sed -i --follow-symlinks "s|required[ \t]*pam_stack.so service=system-auth|include system-auth|" %{_sysconfdir}/pam.d/*
fi
if [ $1 -gt 1 ]; then
grep pam_systemd %{_sysconfdir}/pam.d/system-auth >/dev/null || {
cat >> %{_sysconfdir}/pam.d/system-auth << _EOF
session optional pam_loginuid.so
session optional pam_systemd.so
_EOF
cat >> %{_sysconfdir}/pam.d/system-auth-noshell << _EOF
session optional pam_loginuid.so
session optional pam_systemd.so
_EOF
}
fi
%systemd_post pam_namespace
:
%postun
%systemd_postun pam_namespace
:
%post -n libpam
/sbin/ldconfig
:
%postun -n libpam
/sbin/ldconfig
:
%posttrans
sed -i "s|pam_cracklib.so|pam_pwquality.so|" %{_sysconfdir}/pam.d/system-auth{,-noshell}
:
%files -f Linux-PAM.lang
%defattr(-,root,root)
%dir %{_sysconfdir}/pam.d
%config %{_sysconfdir}/pam.d/other
%{_sysconfdir}/pam.d/password-auth
%config(noreplace) %{_sysconfdir}/pam.d/system-auth
%config(noreplace) %{_sysconfdir}/pam.d/system-auth-noshell
%config %{_sysconfdir}/security/*.conf
%{_sysconfdir}/environment
%{_sysconfdir}/security/namespace.init
%{_unitdir}/pam_namespace.service
%attr(2755,root,shadow) %{_sbindir}/unix_chkpwd
%{_sbindir}/faillock
%{_sbindir}/unix_update
%{_sbindir}/pam_namespace_helper
#%{_sbindir}/pam_tally
#%{_sbindir}/pam_tally2
%{_sbindir}/pam_timestamp_check
%{_sbindir}/pwhistory_helper
%{_sbindir}/mkhomedir_helper
%{_mandir}/man5/*.5*
%{_mandir}/man8/*.8*
%files -n libpam
%defattr(-,root,root)
%{_libdir}/libpam*.so.*
%dir %{_libdir}/security
%{_libdir}/security/pam*.so
%{_libdir}/security/pam_filter/upperLOWER
%doc Copyright
%files -n libpam-devel
%defattr(-,root,root)
%{_includedir}/security/*.h
%{_libdir}/libpam*.so
%{_libdir}/pkgconfig/pam*.pc
%{_rpmmacrodir}/macros.pam
%{_mandir}/man3/*.3*
%doc CHANGELOG README*
%files doc
%defattr(-,root,root)
%dir %{_docdir}/Linux-PAM
%{_docdir}/Linux-PAM/*
%changelog
* Thu Jan 18 2024 Automatic Build System <autodist@openmamba.org> 1.6.0-1mamba
- automatic version update by autodist
* Tue May 09 2023 Automatic Build System <autodist@mambasoft.it> 1.5.3-1mamba
- automatic version update by autodist
* Mon Nov 21 2022 Silvan Calarco <silvan.calarco@mambasoft.it> 1.5.2-3mamba
- install rpm macros file
* Wed Nov 16 2022 Silvan Calarco <silvan.calarco@mambasoft.it> 1.5.2-2mamba
- fix include dir in pkgconfig files
- restore pam-doc and move documentation files from main pam package
* Mon Sep 13 2021 Automatic Build System <autodist@mambasoft.it> 1.5.2-1mamba
- automatic version update by autodist
* Thu Jan 21 2021 Automatic Build System <autodist@mambasoft.it> 1.5.1-1mamba
- automatic version update by autodist
* Fri Dec 18 2020 Silvan Calarco <silvan.calarco@mambasoft.it> 1.5.0-3mamba
- rebuilt with --with-db-uniquename=db53
* Wed Dec 16 2020 Silvan Calarco <silvan.calarco@mambasoft.it> 1.5.0-2mamba
- add directory /usr/lib/pam.d
* Tue Nov 17 2020 Automatic Build System <autodist@mambasoft.it> 1.5.0-1mamba
- automatic version update by autodist
* Thu Oct 15 2020 Silvan Calarco <silvan.calarco@mambasoft.it> 1.4.0-2mamba
- enable build of deprecated pam_cracklib but switch to configuring use of pam_pwquality
* Wed Sep 09 2020 Automatic Build System <autodist@mambasoft.it> 1.4.0-1mamba
- automatic version update by autodist
* Sat Jul 28 2018 Silvan Calarco <silvan.calarco@mambasoft.it> 1.3.1-1mamba
- update to 1.3.1
* Sat Nov 04 2017 Silvan Calarco <silvan.calarco@mambasoft.it> 1.3.0-2mamba
- group.conf: add sddm and gdm support
* Fri Dec 16 2016 Automatic Build System <autodist@mambasoft.it> 1.3.0-1mamba
- automatic version update by autodist
* Fri Mar 25 2016 Silvan Calarco <silvan.calarco@mambasoft.it> 1.2.1-4mamba
- disable core dumps in limits.conf (though not sure what changed to make cores appear recently)
* Mon Oct 12 2015 Silvan Calarco <silvan.calarco@mambasoft.it> 1.2.1-3mamba
- add --follow-symlinks to %post sed or it will destroy password-auth symlink
* Sat Oct 10 2015 Silvan Calarco <silvan.calarco@mambasoft.it> 1.2.1-2mamba
- add symlink password-auth to /etc/pam.d/system-auth
* Sun Aug 16 2015 Automatic Build System <autodist@mambasoft.it> 1.2.1-1mamba
- automatic version update by autodist
* Mon May 18 2015 Automatic Build System <autodist@mambasoft.it> 1.2.0-1mamba
- automatic version update by autodist
* Thu Apr 16 2015 Silvan Calarco <silvan.calarco@mambasoft.it> 1.1.8-6mamba
- pam-group.conf: remove uucp
* Fri Jun 27 2014 Silvan Calarco <silvan.calarco@mambasoft.it> 1.1.8-5mamba
- remove unexisting option controllers= to pam_systemd.so
* Sun Jun 22 2014 Silvan Calarco <silvan.calarco@mambasoft.it> 1.1.8-4mamba
- pam-group.conf: remove removed plugdev group from list
* Fri Apr 11 2014 Silvan Calarco <silvan.calarco@mambasoft.it> 1.1.8-3mamba
- move libraries to libpam and rename pam-devel to libpam-devel
* Sun Feb 09 2014 Silvan Calarco <silvan.calarco@mambasoft.it> 1.1.8-2mamba
- x86_64: install in /%{_lib} not /lib
* Thu Sep 19 2013 Automatic Build System <autodist@mambasoft.it> 1.1.8-1mamba
- automatic update by autodist
* Fri Apr 26 2013 Silvan Calarco <silvan.calarco@mambasoft.it> 1.1.6-5mamba
- system-auth: remove winbind entries in default configuration
* Sat Apr 06 2013 Silvan Calarco <silvan.calarco@mambasoft.it> 1.1.6-4mamba
- require(post) setup before creating groups
* Thu Mar 21 2013 Silvan Calarco <silvan.calarco@mambasoft.it> 1.1.6-3mamba
- configure system-auth and system-auth-noshell in %post script as they are config(noreplace) files
* Thu Mar 21 2013 Silvan Calarco <silvan.calarco@mambasoft.it> 1.1.6-2mamba
- system-auth and system-auth-noshell updated with systemd support
- require systemd-core
* Sun Dec 02 2012 Automatic Build System <autodist@mambasoft.it> 1.1.6-1mamba
- update to 1.1.6
* Wed Sep 26 2012 Silvan Calarco <silvan.calarco@mambasoft.it> 1.1.4-2mamba
- don't replace /etc/pam.d/system-auth /etc/pam.d/system-auth-noshell /etc/pam.d/system-auth.rpmsave and /etc/pam.d/others configuration files on update
* Tue Aug 30 2011 Automatic Build System <autodist@mambasoft.it> 1.1.4-1mamba
- automatic version update by autodist
* Wed Mar 23 2011 Silvan Calarco <silvan.calarco@mambasoft.it> 1.1.3-2mamba
- limits patch updated to set nofile to 16384 as suggested by samba
* Thu Nov 11 2010 Automatic Build System <autodist@mambasoft.it> 1.1.3-1mamba
- automatic update by autodist
* Fri Oct 01 2010 Automatic Build System <autodist@mambasoft.it> 1.1.2-1mamba
- automatic update by autodist
* Thu Jul 22 2010 Silvan Calarco <silvan.calarco@mambasoft.it> 1.1.1-2mamba
- create cdrom group and add it to pam-group.conf
* Fri Jan 15 2010 Automatic Build System <autodist@mambasoft.it> 1.1.1-1mamba
- automatic update by autodist
* Sat Jul 18 2009 Silvan Calarco <silvan.calarco@mambasoft.it> 1.1.0-2mamba
- pam-group.conf: add lp group for kde and ssh users
* Fri Jun 26 2009 Automatic Build System <autodist@mambasoft.it> 1.1.0-1mamba
- automatic update by autodist
* Sat May 02 2009 Silvan Calarco <silvan.calarco@mambasoft.it> 1.0.4-2mamba
- set unix_chkpwd sgid shadow
* Fri Mar 27 2009 Silvan Calarco <silvan.calarco@mambasoft.it> 1.0.4-1mamba
- automatic update by autodist
* Wed Jan 21 2009 Silvan Calarco <silvan.calarco@mambasoft.it> 1.0.3-1mamba
- automatic update by autodist
* Thu Sep 18 2008 Silvan Calarco <silvan.calarco@mambasoft.it> 1.0.2-1mamba
- update to 1.0.2
- pam_pwcheck: 3.12.1
- pam_unix2: 2.6
* Wed Jun 25 2008 Silvan Calarco <silvan.calarco@mambasoft.it> 1.0.1-2mamba
- added group configuration for kde-np (autologin)
* Sun Jun 22 2008 Silvan Calarco <silvan.calarco@mambasoft.it> 1.0.1-1mamba
- update to 1.0.1
- add uucp group to logged in users
* Mon Jan 21 2008 Silvan Calarco <silvan.calarco@mambasoft.it> 0.99.8.1-3mamba
- use /lib as libdir
* Fri Sep 21 2007 Silvan Calarco <silvan.calarco@mambasoft.it> 0.99.8.1-2mamba
- /etc/security/limits.conf: set limits for audio group
* Sun Jul 22 2007 Silvan Calarco <silvan.calarco@mambasoft.it> 0.99.8.1-1mamba
- update to 0.99.8.1
* Sun Jun 24 2007 Silvan Calarco <silvan.calarco@mambasoft.it> 0.99.7.1-1mamba
- update to 0.99.7.1
- removed pw_check and unix2 modules
- removed obsolete pam_stack module
* Fri May 26 2006 Davide Madrisan <davide.madrisan@qilinux.it> 0.81-2qilnx
- updated pam_system-auth to fix qibug#174
* Mon Jan 30 2006 Silvan Calarco <silvan.calarco@mambasoft.it> 0.81-1qilnx
- update to version 0.81 by autospec
* Mon Dec 05 2005 Davide Madrisan <davide.madrisan@qilinux.it> 0.80-2qilnx
- fixed CAN-2005-2977 (qibug#59)
* Fri Jul 29 2005 Davide Madrisan <davide.madrisan@qilinux.it> 0.80-1qilnx
- update to version 0.80 by autospec
* Mon Jul 18 2005 Silvan Calarco <silvan.calarco@mambasoft.it> 0.78-11qilnx
- force update with new rpm version so that %%config works correctly
* Tue May 17 2005 Silvan Calarco <silvan.calarco@mambasoft.it> 0.78-10qilnx
- fix in the upgrade script
* Tue May 17 2005 Silvan Calarco <silvan.calarco@mambasoft.it> 0.78-9qilnx
- release for upgrade test only
* Tue May 17 2005 Silvan Calarco <silvan.calarco@mambasoft.it> 0.78-8qilnx
- plugins moved to /lib/security
- added creation of groups audio,cdrecording,video,camera,scanner
- added video in /etc/security/group.conf
* Tue Mar 29 2005 Silvan Calarco <silvan.calarco@mambasoft.it> 0.78-7qilnx
- added default group.conf security configuration file for kde and ssh
* Mon Mar 07 2005 Silvan Calarco <silvan.calarco@mambasoft.it> 0.78-6qilnx
- configured /etc/security/pam_unix2.conf with system defaults
* Fri Mar 04 2005 Silvan Calarco <silvan.calarco@mambasoft.it> 0.78-5qilnx
- set CRYPT=md5 in /etc/default/passwd
* Fri Mar 04 2005 Silvan Calarco <silvan.calarco@mambasoft.it> 0.78-4qilnx
- pam.d/system_auth: use pam_unix2.so for auth/acc/pass/session handling
* Thu Mar 03 2005 Silvan Calarco <silvan.calarco@mambasoft.it> 0.78-3qilnx
- pam_unix2 and pam_pwcheck modules updated
* Fri Feb 25 2005 Silvan Calarco <silvan.calarco@mambasoft.it> 0.78-2qilnx
- added missing *.so links
* Tue Feb 15 2005 Silvan Calarco <silvan.calarco@mambasoft.it> 0.78-1qilnx
- new version build
* Tue Oct 26 2004 Silvan Calarco <silvan.calarco@mambasoft.it> 0.77-13qilnx
- added pam_unix2 and pam_pwcheck for better LDAP integration (pwutils)
* Fri May 28 2004 Silvan Calarco <silvan.calarco@mambasoft.it> 0.77-12qilnx
- added pam_shells.so in system_auth authentication not to allow
authentication to non shell users
- added system_auth-noshell for authentication services without shell
requirement
* Wed Nov 19 2003 Davide Madrisan <davide.madrisan@qilinux.it> 0.77-11qilnx
- Added missing requirements in pam-devel, typos fixes, specfile updates
* Tue Sep 30 2003 Silvan Calarco <silvan.calarco@mambasoft.it> 0.77-10qilnx
- added support for pam_mkhomedir in system-auth
* Fri Jul 04 2003 Silvan Calarco <silvan.calarco@qinet.it> 0.77-9qilnx
- added patch for pam_group so it reads correctly its configuration file
* Thu Jun 26 2003 Silvan Calarco <silvan.calarco@qinet.it> 0.77-8qilnx
- added redhat modules (pam_console, xauth...) [ just inclusion because
they don't compile yet]
- added ldap accounting in /etc/pam.d/system_auth
* Wed May 07 2003 Silvan Calarco <silvan.calarco@qinet.it> 0.77-7qilnx
- Removed /etc/pam.conf file
- added default ldap support to system-auth file
* Wed May 07 2003 Alessandro Ramazzina <alessandro.ramazzina@qinet.it> 0.77-6qilnx
- Added cracklib and cracklib-devel requires
* Tue May 06 2003 Silvan Calarco <silvan.calarco@qinet> 0.77-5qilnx
- Added cracklib module
* Tue May 06 2003 Silvan Calarco <silvan.calarco@qinet> 0.77-4qilnx
- Fixed a static libaries creation error (enable-static-libpam)
* Mon May 05 2003 Silvan Calarco <silvan.calarco@qinet> 0.77-3qilnx
- Added pam_stack module
- Added inclusion of development libraries
* Mon May 05 2003 Silvan Calarco <silvan.calarco@qinet>
- Removed paths from pam.d/* files
* Thu Apr 17 2003 Mirko Cortillaro <mirko.cortillaro@qinet.it>
- write a spec file for Linux-PAM