/[gentoo-x86]/eclass/pam.eclass
Gentoo

Contents of /eclass/pam.eclass

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.19 - (hide annotations) (download)
Sat Feb 5 22:29:40 2011 UTC (3 years, 5 months ago) by flameeyes
Branch: MAIN
Changes since 1.18: +19 -2 lines
Add a function to make it easier to hide non-pam symbols from modules.

Rather than reinventing the wheel and adding a stupid file to each of
the packages, use a single function to create a temporary file and use
that.

1 flameeyes 1.1 # Copyright 2004 Gentoo Foundation
2     # Distributed under the terms of the GNU General Public License, v2 or later
3     # Author Diego Pettenò <flameeyes@gentoo.org>
4 flameeyes 1.19 # $Header: /var/cvsroot/gentoo-x86/eclass/pam.eclass,v 1.18 2009/12/11 20:33:11 vapier Exp $
5 flameeyes 1.1 #
6     # This eclass contains functions to install pamd configuration files and
7     # pam modules.
8    
9 flameeyes 1.19 inherit multilib flag-o-matic
10 flameeyes 1.1
11     # dopamd <file> [more files]
12     #
13     # Install pam auth config file in /etc/pam.d
14     dopamd() {
15     [[ -z $1 ]] && die "dopamd requires at least one argument"
16    
17     if hasq pam ${IUSE} && ! use pam; then
18     return 0;
19     fi
20    
21 vapier 1.11 ( # dont want to pollute calling env
22     insinto /etc/pam.d
23     insopts -m 0644
24     doins "$@"
25     ) || die "failed to install $@"
26 flameeyes 1.9 cleanpamd "$@"
27 flameeyes 1.1 }
28    
29     # newpamd <old name> <new name>
30     #
31     # Install pam file <old name> as <new name> in /etc/pam.d
32     newpamd() {
33     [[ $# -ne 2 ]] && die "newpamd requires two arguments"
34    
35     if hasq pam ${IUSE} && ! use pam; then
36     return 0;
37     fi
38    
39 vapier 1.11 ( # dont want to pollute calling env
40     insinto /etc/pam.d
41     insopts -m 0644
42     newins "$1" "$2"
43     ) || die "failed to install $1 as $2"
44 flameeyes 1.9 cleanpamd $2
45 flameeyes 1.1 }
46    
47     # dopamsecurity <section> <file> [more files]
48     #
49     # Installs the config files in /etc/security/<section>/
50     dopamsecurity() {
51     [[ $# -lt 2 ]] && die "dopamsecurity requires at least two arguments"
52    
53     if hasq pam ${IUSE} && ! use pam; then
54 vapier 1.11 return 0
55 flameeyes 1.1 fi
56    
57 vapier 1.11 ( # dont want to pollute calling env
58     insinto /etc/security/$1
59     insopts -m 0644
60     doins "${@:2}"
61     ) || die "failed to install ${@:2}"
62 flameeyes 1.1 }
63    
64     # newpamsecurity <section> <old name> <new name>
65     #
66     # Installs the config file <old name> as <new name> in /etc/security/<section>/
67     newpamsecurity() {
68     [[ $# -ne 3 ]] && die "newpamsecurity requires three arguments"
69    
70     if hasq pam ${IUSE} && ! use pam; then
71     return 0;
72     fi
73    
74 vapier 1.11 ( # dont want to pollute calling env
75     insinto /etc/security/$1
76     insopts -m 0644
77     newins "$2" "$3"
78     ) || die "failed to install $2 as $3"
79 flameeyes 1.1 }
80    
81     # getpam_mod_dir
82     #
83     # Returns the pam modules' directory for current implementation
84     getpam_mod_dir() {
85 flameeyes 1.4 if has_version sys-libs/pam || has_version sys-libs/openpam; then
86 flameeyes 1.1 PAM_MOD_DIR=/$(get_libdir)/security
87     else
88     # Unable to find PAM implementation... defaulting
89     PAM_MOD_DIR=/$(get_libdir)/security
90     fi
91    
92     echo ${PAM_MOD_DIR}
93     }
94    
95 flameeyes 1.19 # pammod_hide_symbols
96     #
97     # Hide all non-PAM-used symbols from the module; this function creates a
98     # simple ld version script that hides all the symbols that are not
99     # necessary for PAM to load the module, then uses append-flags to make
100     # sure that it gets used.
101     pammod_hide_symbols() {
102     cat - > "${T}"/pam-eclass-pam_symbols.ver <<EOF
103     {
104     global: pam_sm_*;
105     local: *;
106     };
107     EOF
108    
109     append-ldflags -Wl,--version-script="${T}"/pam-eclass-pam_symbols.ver
110     }
111    
112 flameeyes 1.1 # dopammod <file> [more files]
113     #
114     # Install pam module file in the pam modules' dir for current implementation
115     dopammod() {
116     [[ -z $1 ]] && die "dopammod requires at least one argument"
117    
118     if hasq pam ${IUSE} && ! use pam; then
119     return 0;
120     fi
121    
122     exeinto $(getpam_mod_dir)
123     doexe "$@" || die "failed to install $@"
124     }
125    
126     # newpammod <old name> <new name>
127     #
128     # Install pam module file <old name> as <new name> in the pam
129     # modules' dir for current implementation
130     newpammod() {
131     [[ $# -ne 2 ]] && die "newpammod requires two arguements"
132    
133     if hasq pam ${IUSE} && ! use pam; then
134     return 0;
135     fi
136    
137     exeinto $(getpam_mod_dir)
138     newexe "$1" "$2" || die "failed to install $1 as $2"
139     }
140    
141     # pamd_mimic_system <pamd file> [auth levels]
142     #
143     # This function creates a pamd file which mimics system-auth file
144     # for the given levels in the /etc/pam.d directory.
145     pamd_mimic_system() {
146     [[ $# -lt 2 ]] && die "pamd_mimic_system requires at least two argments"
147 flameeyes 1.15 pamd_mimic system-auth "$@"
148     }
149    
150     # pamd_mimic <stack> <pamd file> [auth levels]
151     #
152     # This function creates a pamd file which mimics the given stack
153     # for the given levels in the /etc/pam.d directory.
154     pamd_mimic() {
155     [[ $# -lt 3 ]] && die "pamd_mimic requires at least three argments"
156 flameeyes 1.1
157     if hasq pam ${IUSE} && ! use pam; then
158     return 0;
159     fi
160    
161     dodir /etc/pam.d
162 flameeyes 1.15 pamdfile=${D}/etc/pam.d/$2
163     echo -e "# File autogenerated by pamd_mimic in pam eclass\n\n" >> \
164 flameeyes 1.1 $pamdfile
165 flameeyes 1.4
166 flameeyes 1.15 originalstack=$1
167 flameeyes 1.1 authlevels="auth account password session"
168    
169 flameeyes 1.6 if has_version '<sys-libs/pam-0.78'; then
170 flameeyes 1.15 mimic="\trequired\t\tpam_stack.so service=${originalstack}"
171 flameeyes 1.6 else
172 flameeyes 1.15 mimic="\tinclude\t\t${originalstack}"
173 flameeyes 1.6 fi
174    
175 flameeyes 1.15 shift; shift
176 flameeyes 1.1
177     while [[ -n $1 ]]; do
178     hasq $1 ${authlevels} || die "unknown level type"
179    
180 flameeyes 1.6 echo -e "$1${mimic}" >> ${pamdfile}
181 flameeyes 1.1
182     shift
183     done
184     }
185 flameeyes 1.9
186     # cleanpamd <pamd file>
187     #
188     # Cleans a pam.d file from modules that might not be present on the system
189     # where it's going to be installed
190     cleanpamd() {
191     while [[ -n $1 ]]; do
192     if ! has_version sys-libs/pam; then
193 eva 1.16 sed -i -e '/pam_shells\|pam_console/s:^:#:' "${D}/etc/pam.d/$1"
194 flameeyes 1.9 fi
195    
196     shift
197     done
198     }
199 flameeyes 1.12
200     pam_epam_expand() {
201 flameeyes 1.13 sed -n -e 's|#%EPAM-\([[:alpha:]-]\+\):\([-+<>=/.![:alnum:]]\+\)%#.*|\1 \2|p' \
202 flameeyes 1.12 "$@" | sort -u | while read condition parameter; do
203    
204 flameeyes 1.14 disable="yes"
205 flameeyes 1.12
206     case "$condition" in
207     If-Has)
208     message="This can be used only if you have ${parameter} installed"
209 flameeyes 1.14 has_version "$parameter" && disable="no"
210 flameeyes 1.12 ;;
211     Use-Flag)
212     message="This can be used only if you enabled the ${parameter} USE flag"
213 flameeyes 1.14 use "$parameter" && disable="no"
214 flameeyes 1.12 ;;
215     *)
216     eerror "Unknown EPAM condition '${condition}' ('${parameter}')"
217     die "Unknown EPAM condition '${condition}' ('${parameter}')"
218     ;;
219     esac
220    
221 flameeyes 1.14 if [ "${disable}" = "yes" ]; then
222     sed -i -e "/#%EPAM-${condition}:${parameter/\//\\/}%#/d" "$@"
223     else
224     sed -i -e "s|#%EPAM-${condition}:${parameter}%#||" "$@"
225     fi
226    
227 flameeyes 1.12 done
228     }
229    
230 flameeyes 1.14 # Think about it before uncommenting this one, for now run it by hand
231 flameeyes 1.12 # pam_pkg_preinst() {
232 vapier 1.18 # eshopts_push -o noglob # so that bash doen't expand "*"
233 flameeyes 1.12 #
234     # pam_epam_expand "${D}"/etc/pam.d/*
235     #
236 vapier 1.18 # eshopts_pop # reset old shell opts
237 flameeyes 1.12 # }

  ViewVC Help
Powered by ViewVC 1.1.20