/[gentoo-x86]/eclass/pam.eclass
Gentoo

Contents of /eclass/pam.eclass

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.22 - (hide annotations) (download)
Tue Dec 27 17:55:12 2011 UTC (2 years, 3 months ago) by fauli
Branch: MAIN
Changes since 1.21: +2 -2 lines
Update copyright years in headers

1 fauli 1.22 # Copyright 1999-2011 Gentoo Foundation
2 flameeyes 1.1 # Distributed under the terms of the GNU General Public License, v2 or later
3     # Author Diego Pettenò <flameeyes@gentoo.org>
4 fauli 1.22 # $Header: /var/cvsroot/gentoo-x86/eclass/pam.eclass,v 1.21 2011/12/17 04:20:52 vapier Exp $
5 flameeyes 1.1 #
6     # This eclass contains functions to install pamd configuration files and
7     # pam modules.
8    
9 vapier 1.21 if [[ ${___ECLASS_ONCE_PAM} != "recur -_+^+_- spank" ]] ; then
10     ___ECLASS_ONCE_PAM="recur -_+^+_- spank"
11    
12 flameeyes 1.19 inherit multilib flag-o-matic
13 flameeyes 1.1
14     # dopamd <file> [more files]
15     #
16     # Install pam auth config file in /etc/pam.d
17     dopamd() {
18     [[ -z $1 ]] && die "dopamd requires at least one argument"
19    
20 ssuominen 1.20 if has pam ${IUSE} && ! use pam; then
21 flameeyes 1.1 return 0;
22     fi
23    
24 vapier 1.11 ( # dont want to pollute calling env
25     insinto /etc/pam.d
26     insopts -m 0644
27     doins "$@"
28     ) || die "failed to install $@"
29 flameeyes 1.9 cleanpamd "$@"
30 flameeyes 1.1 }
31    
32     # newpamd <old name> <new name>
33     #
34     # Install pam file <old name> as <new name> in /etc/pam.d
35     newpamd() {
36     [[ $# -ne 2 ]] && die "newpamd requires two arguments"
37    
38 ssuominen 1.20 if has pam ${IUSE} && ! use pam; then
39 flameeyes 1.1 return 0;
40     fi
41    
42 vapier 1.11 ( # dont want to pollute calling env
43     insinto /etc/pam.d
44     insopts -m 0644
45     newins "$1" "$2"
46     ) || die "failed to install $1 as $2"
47 flameeyes 1.9 cleanpamd $2
48 flameeyes 1.1 }
49    
50     # dopamsecurity <section> <file> [more files]
51     #
52     # Installs the config files in /etc/security/<section>/
53     dopamsecurity() {
54     [[ $# -lt 2 ]] && die "dopamsecurity requires at least two arguments"
55    
56 ssuominen 1.20 if has pam ${IUSE} && ! use pam; then
57 vapier 1.11 return 0
58 flameeyes 1.1 fi
59    
60 vapier 1.11 ( # dont want to pollute calling env
61     insinto /etc/security/$1
62     insopts -m 0644
63     doins "${@:2}"
64     ) || die "failed to install ${@:2}"
65 flameeyes 1.1 }
66    
67     # newpamsecurity <section> <old name> <new name>
68     #
69     # Installs the config file <old name> as <new name> in /etc/security/<section>/
70     newpamsecurity() {
71     [[ $# -ne 3 ]] && die "newpamsecurity requires three arguments"
72    
73 ssuominen 1.20 if has pam ${IUSE} && ! use pam; then
74 flameeyes 1.1 return 0;
75     fi
76    
77 vapier 1.11 ( # dont want to pollute calling env
78     insinto /etc/security/$1
79     insopts -m 0644
80     newins "$2" "$3"
81     ) || die "failed to install $2 as $3"
82 flameeyes 1.1 }
83    
84     # getpam_mod_dir
85     #
86     # Returns the pam modules' directory for current implementation
87     getpam_mod_dir() {
88 flameeyes 1.4 if has_version sys-libs/pam || has_version sys-libs/openpam; then
89 flameeyes 1.1 PAM_MOD_DIR=/$(get_libdir)/security
90     else
91     # Unable to find PAM implementation... defaulting
92     PAM_MOD_DIR=/$(get_libdir)/security
93     fi
94    
95     echo ${PAM_MOD_DIR}
96     }
97    
98 flameeyes 1.19 # pammod_hide_symbols
99     #
100     # Hide all non-PAM-used symbols from the module; this function creates a
101     # simple ld version script that hides all the symbols that are not
102     # necessary for PAM to load the module, then uses append-flags to make
103     # sure that it gets used.
104     pammod_hide_symbols() {
105     cat - > "${T}"/pam-eclass-pam_symbols.ver <<EOF
106     {
107     global: pam_sm_*;
108     local: *;
109     };
110     EOF
111    
112     append-ldflags -Wl,--version-script="${T}"/pam-eclass-pam_symbols.ver
113     }
114    
115 flameeyes 1.1 # dopammod <file> [more files]
116     #
117     # Install pam module file in the pam modules' dir for current implementation
118     dopammod() {
119     [[ -z $1 ]] && die "dopammod requires at least one argument"
120    
121 ssuominen 1.20 if has pam ${IUSE} && ! use pam; then
122 flameeyes 1.1 return 0;
123     fi
124    
125     exeinto $(getpam_mod_dir)
126     doexe "$@" || die "failed to install $@"
127     }
128    
129     # newpammod <old name> <new name>
130     #
131     # Install pam module file <old name> as <new name> in the pam
132     # modules' dir for current implementation
133     newpammod() {
134     [[ $# -ne 2 ]] && die "newpammod requires two arguements"
135    
136 ssuominen 1.20 if has pam ${IUSE} && ! use pam; then
137 flameeyes 1.1 return 0;
138     fi
139    
140     exeinto $(getpam_mod_dir)
141     newexe "$1" "$2" || die "failed to install $1 as $2"
142     }
143    
144     # pamd_mimic_system <pamd file> [auth levels]
145     #
146     # This function creates a pamd file which mimics system-auth file
147     # for the given levels in the /etc/pam.d directory.
148     pamd_mimic_system() {
149     [[ $# -lt 2 ]] && die "pamd_mimic_system requires at least two argments"
150 flameeyes 1.15 pamd_mimic system-auth "$@"
151     }
152    
153     # pamd_mimic <stack> <pamd file> [auth levels]
154     #
155     # This function creates a pamd file which mimics the given stack
156     # for the given levels in the /etc/pam.d directory.
157     pamd_mimic() {
158     [[ $# -lt 3 ]] && die "pamd_mimic requires at least three argments"
159 flameeyes 1.1
160 ssuominen 1.20 if has pam ${IUSE} && ! use pam; then
161 flameeyes 1.1 return 0;
162     fi
163    
164     dodir /etc/pam.d
165 flameeyes 1.15 pamdfile=${D}/etc/pam.d/$2
166     echo -e "# File autogenerated by pamd_mimic in pam eclass\n\n" >> \
167 flameeyes 1.1 $pamdfile
168 flameeyes 1.4
169 flameeyes 1.15 originalstack=$1
170 flameeyes 1.1 authlevels="auth account password session"
171    
172 flameeyes 1.6 if has_version '<sys-libs/pam-0.78'; then
173 flameeyes 1.15 mimic="\trequired\t\tpam_stack.so service=${originalstack}"
174 flameeyes 1.6 else
175 flameeyes 1.15 mimic="\tinclude\t\t${originalstack}"
176 flameeyes 1.6 fi
177    
178 flameeyes 1.15 shift; shift
179 flameeyes 1.1
180     while [[ -n $1 ]]; do
181 ssuominen 1.20 has $1 ${authlevels} || die "unknown level type"
182 flameeyes 1.1
183 flameeyes 1.6 echo -e "$1${mimic}" >> ${pamdfile}
184 flameeyes 1.1
185     shift
186     done
187     }
188 flameeyes 1.9
189     # cleanpamd <pamd file>
190     #
191     # Cleans a pam.d file from modules that might not be present on the system
192     # where it's going to be installed
193     cleanpamd() {
194     while [[ -n $1 ]]; do
195     if ! has_version sys-libs/pam; then
196 eva 1.16 sed -i -e '/pam_shells\|pam_console/s:^:#:' "${D}/etc/pam.d/$1"
197 flameeyes 1.9 fi
198    
199     shift
200     done
201     }
202 flameeyes 1.12
203     pam_epam_expand() {
204 flameeyes 1.13 sed -n -e 's|#%EPAM-\([[:alpha:]-]\+\):\([-+<>=/.![:alnum:]]\+\)%#.*|\1 \2|p' \
205 flameeyes 1.12 "$@" | sort -u | while read condition parameter; do
206    
207 flameeyes 1.14 disable="yes"
208 flameeyes 1.12
209     case "$condition" in
210     If-Has)
211     message="This can be used only if you have ${parameter} installed"
212 flameeyes 1.14 has_version "$parameter" && disable="no"
213 flameeyes 1.12 ;;
214     Use-Flag)
215     message="This can be used only if you enabled the ${parameter} USE flag"
216 flameeyes 1.14 use "$parameter" && disable="no"
217 flameeyes 1.12 ;;
218     *)
219     eerror "Unknown EPAM condition '${condition}' ('${parameter}')"
220     die "Unknown EPAM condition '${condition}' ('${parameter}')"
221     ;;
222     esac
223    
224 flameeyes 1.14 if [ "${disable}" = "yes" ]; then
225     sed -i -e "/#%EPAM-${condition}:${parameter/\//\\/}%#/d" "$@"
226     else
227     sed -i -e "s|#%EPAM-${condition}:${parameter}%#||" "$@"
228     fi
229    
230 flameeyes 1.12 done
231     }
232    
233 flameeyes 1.14 # Think about it before uncommenting this one, for now run it by hand
234 flameeyes 1.12 # pam_pkg_preinst() {
235 vapier 1.18 # eshopts_push -o noglob # so that bash doen't expand "*"
236 flameeyes 1.12 #
237     # pam_epam_expand "${D}"/etc/pam.d/*
238     #
239 vapier 1.18 # eshopts_pop # reset old shell opts
240 flameeyes 1.12 # }
241 vapier 1.21
242     fi

  ViewVC Help
Powered by ViewVC 1.1.20