/[gentoo-x86]/eclass/pam.eclass
Gentoo

Contents of /eclass/pam.eclass

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.23 - (hide annotations) (download)
Sun Aug 5 15:34:20 2012 UTC (2 years, 2 months ago) by jlec
Branch: MAIN
Changes since 1.22: +46 -26 lines
Add magic needed for app-portage/eclass-manpages to pam.eclass, changes approved by author

1 jlec 1.23 # Copyright 1999-2012 Gentoo Foundation
2 flameeyes 1.1 # Distributed under the terms of the GNU General Public License, v2 or later
3 jlec 1.23 # $Header: /var/cvsroot/gentoo-x86/eclass/pam.eclass,v 1.22 2011/12/27 17:55:12 fauli Exp $
4 flameeyes 1.1 #
5 jlec 1.23
6     # @ECLASS: pam.eclass
7     # @MAINTAINER:
8     # pam-bugs@gentoo.org
9     # @AUTHOR:
10     # Diego Pettenò <flameeyes@gentoo.org>
11     # @BLURB: Handles pam related tasks
12     # @DESCRIPTION:
13 flameeyes 1.1 # This eclass contains functions to install pamd configuration files and
14     # pam modules.
15    
16 vapier 1.21 if [[ ${___ECLASS_ONCE_PAM} != "recur -_+^+_- spank" ]] ; then
17     ___ECLASS_ONCE_PAM="recur -_+^+_- spank"
18    
19 jlec 1.23 inherit flag-o-matic multilib
20 flameeyes 1.1
21 jlec 1.23 # @FUNCTION: dopamd
22     # @USAGE: <file> [more files]
23     # @DESCRIPTION:
24 flameeyes 1.1 # Install pam auth config file in /etc/pam.d
25     dopamd() {
26     [[ -z $1 ]] && die "dopamd requires at least one argument"
27    
28 ssuominen 1.20 if has pam ${IUSE} && ! use pam; then
29 flameeyes 1.1 return 0;
30     fi
31    
32 vapier 1.11 ( # dont want to pollute calling env
33     insinto /etc/pam.d
34     insopts -m 0644
35     doins "$@"
36     ) || die "failed to install $@"
37 flameeyes 1.9 cleanpamd "$@"
38 flameeyes 1.1 }
39    
40 jlec 1.23 # @FUNCTION: newpamd
41     # @USAGE: <old name> <new name>
42     # @DESCRIPTION:
43 flameeyes 1.1 # Install pam file <old name> as <new name> in /etc/pam.d
44     newpamd() {
45     [[ $# -ne 2 ]] && die "newpamd requires two arguments"
46    
47 ssuominen 1.20 if has pam ${IUSE} && ! use pam; then
48 flameeyes 1.1 return 0;
49     fi
50    
51 vapier 1.11 ( # dont want to pollute calling env
52     insinto /etc/pam.d
53     insopts -m 0644
54     newins "$1" "$2"
55     ) || die "failed to install $1 as $2"
56 flameeyes 1.9 cleanpamd $2
57 flameeyes 1.1 }
58    
59 jlec 1.23 # @FUNCTION: dopamsecurity
60     # @USAGE: <section> <file> [more files]
61     # @DESCRIPTION:
62 flameeyes 1.1 # Installs the config files in /etc/security/<section>/
63     dopamsecurity() {
64     [[ $# -lt 2 ]] && die "dopamsecurity requires at least two arguments"
65    
66 ssuominen 1.20 if has pam ${IUSE} && ! use pam; then
67 vapier 1.11 return 0
68 flameeyes 1.1 fi
69    
70 vapier 1.11 ( # dont want to pollute calling env
71     insinto /etc/security/$1
72     insopts -m 0644
73     doins "${@:2}"
74     ) || die "failed to install ${@:2}"
75 flameeyes 1.1 }
76    
77 jlec 1.23 # @FUNCTION: newpamsecurity
78     # @USAGE: <section> <old name> <new name>
79     # @DESCRIPTION:
80 flameeyes 1.1 # Installs the config file <old name> as <new name> in /etc/security/<section>/
81     newpamsecurity() {
82     [[ $# -ne 3 ]] && die "newpamsecurity requires three arguments"
83    
84 ssuominen 1.20 if has pam ${IUSE} && ! use pam; then
85 flameeyes 1.1 return 0;
86     fi
87    
88 vapier 1.11 ( # dont want to pollute calling env
89     insinto /etc/security/$1
90     insopts -m 0644
91     newins "$2" "$3"
92     ) || die "failed to install $2 as $3"
93 flameeyes 1.1 }
94    
95 jlec 1.23 # @FUNCTION: getpam_mod_dir
96     # @DESCRIPTION:
97 flameeyes 1.1 # Returns the pam modules' directory for current implementation
98     getpam_mod_dir() {
99 flameeyes 1.4 if has_version sys-libs/pam || has_version sys-libs/openpam; then
100 flameeyes 1.1 PAM_MOD_DIR=/$(get_libdir)/security
101     else
102     # Unable to find PAM implementation... defaulting
103     PAM_MOD_DIR=/$(get_libdir)/security
104     fi
105    
106     echo ${PAM_MOD_DIR}
107     }
108    
109 jlec 1.23 # @FUNCTION: pammod_hide_symbols
110     # @DESCRIPTION:
111 flameeyes 1.19 # Hide all non-PAM-used symbols from the module; this function creates a
112     # simple ld version script that hides all the symbols that are not
113     # necessary for PAM to load the module, then uses append-flags to make
114     # sure that it gets used.
115     pammod_hide_symbols() {
116     cat - > "${T}"/pam-eclass-pam_symbols.ver <<EOF
117     {
118     global: pam_sm_*;
119     local: *;
120     };
121     EOF
122    
123     append-ldflags -Wl,--version-script="${T}"/pam-eclass-pam_symbols.ver
124     }
125    
126 jlec 1.23 # @FUNCTION: dopammod
127     # @USAGE: <file> [more files]
128     # @DESCRIPTION:
129 flameeyes 1.1 # Install pam module file in the pam modules' dir for current implementation
130     dopammod() {
131     [[ -z $1 ]] && die "dopammod requires at least one argument"
132    
133 ssuominen 1.20 if has pam ${IUSE} && ! use pam; then
134 flameeyes 1.1 return 0;
135     fi
136    
137     exeinto $(getpam_mod_dir)
138     doexe "$@" || die "failed to install $@"
139     }
140    
141 jlec 1.23 # @FUNCTION: newpammod
142     # @USAGE: <old name> <new name>
143     # @DESCRIPTION:
144 flameeyes 1.1 # Install pam module file <old name> as <new name> in the pam
145     # modules' dir for current implementation
146     newpammod() {
147     [[ $# -ne 2 ]] && die "newpammod requires two arguements"
148    
149 ssuominen 1.20 if has pam ${IUSE} && ! use pam; then
150 flameeyes 1.1 return 0;
151     fi
152    
153     exeinto $(getpam_mod_dir)
154     newexe "$1" "$2" || die "failed to install $1 as $2"
155     }
156    
157 jlec 1.23 # @FUNCTION: pamd_mimic_system
158     # @USAGE: <pamd file> [auth levels]
159     # @DESCRIPTION:
160 flameeyes 1.1 # This function creates a pamd file which mimics system-auth file
161     # for the given levels in the /etc/pam.d directory.
162     pamd_mimic_system() {
163     [[ $# -lt 2 ]] && die "pamd_mimic_system requires at least two argments"
164 flameeyes 1.15 pamd_mimic system-auth "$@"
165     }
166    
167 jlec 1.23 # @FUNCTION: pamd_mimic
168     # @USAGE: <stack> <pamd file> [auth levels]
169     # @DESCRIPTION:
170 flameeyes 1.15 # This function creates a pamd file which mimics the given stack
171     # for the given levels in the /etc/pam.d directory.
172     pamd_mimic() {
173     [[ $# -lt 3 ]] && die "pamd_mimic requires at least three argments"
174 flameeyes 1.1
175 ssuominen 1.20 if has pam ${IUSE} && ! use pam; then
176 flameeyes 1.1 return 0;
177     fi
178    
179     dodir /etc/pam.d
180 flameeyes 1.15 pamdfile=${D}/etc/pam.d/$2
181     echo -e "# File autogenerated by pamd_mimic in pam eclass\n\n" >> \
182 flameeyes 1.1 $pamdfile
183 flameeyes 1.4
184 flameeyes 1.15 originalstack=$1
185 flameeyes 1.1 authlevels="auth account password session"
186    
187 flameeyes 1.6 if has_version '<sys-libs/pam-0.78'; then
188 flameeyes 1.15 mimic="\trequired\t\tpam_stack.so service=${originalstack}"
189 flameeyes 1.6 else
190 flameeyes 1.15 mimic="\tinclude\t\t${originalstack}"
191 flameeyes 1.6 fi
192    
193 flameeyes 1.15 shift; shift
194 flameeyes 1.1
195     while [[ -n $1 ]]; do
196 ssuominen 1.20 has $1 ${authlevels} || die "unknown level type"
197 flameeyes 1.1
198 flameeyes 1.6 echo -e "$1${mimic}" >> ${pamdfile}
199 flameeyes 1.1
200     shift
201     done
202     }
203 flameeyes 1.9
204 jlec 1.23 # @FUNCTION: cleanpamd
205     # @USAGE: <pamd file>
206     # @DESCRIPTION:
207 flameeyes 1.9 # Cleans a pam.d file from modules that might not be present on the system
208     # where it's going to be installed
209     cleanpamd() {
210     while [[ -n $1 ]]; do
211     if ! has_version sys-libs/pam; then
212 eva 1.16 sed -i -e '/pam_shells\|pam_console/s:^:#:' "${D}/etc/pam.d/$1"
213 flameeyes 1.9 fi
214    
215     shift
216     done
217     }
218 flameeyes 1.12
219 jlec 1.23 # @FUNCTION: pam_epam_expand
220     # @USAGE: <pamd file>
221     # @DESCRIPTION:
222     # Steer clear, deprecated, don't use, bad experiment
223 flameeyes 1.12 pam_epam_expand() {
224 flameeyes 1.13 sed -n -e 's|#%EPAM-\([[:alpha:]-]\+\):\([-+<>=/.![:alnum:]]\+\)%#.*|\1 \2|p' \
225 flameeyes 1.12 "$@" | sort -u | while read condition parameter; do
226    
227 flameeyes 1.14 disable="yes"
228 flameeyes 1.12
229     case "$condition" in
230     If-Has)
231     message="This can be used only if you have ${parameter} installed"
232 flameeyes 1.14 has_version "$parameter" && disable="no"
233 flameeyes 1.12 ;;
234     Use-Flag)
235     message="This can be used only if you enabled the ${parameter} USE flag"
236 flameeyes 1.14 use "$parameter" && disable="no"
237 flameeyes 1.12 ;;
238     *)
239     eerror "Unknown EPAM condition '${condition}' ('${parameter}')"
240     die "Unknown EPAM condition '${condition}' ('${parameter}')"
241     ;;
242     esac
243    
244 flameeyes 1.14 if [ "${disable}" = "yes" ]; then
245     sed -i -e "/#%EPAM-${condition}:${parameter/\//\\/}%#/d" "$@"
246     else
247     sed -i -e "s|#%EPAM-${condition}:${parameter}%#||" "$@"
248     fi
249    
250 flameeyes 1.12 done
251     }
252    
253 flameeyes 1.14 # Think about it before uncommenting this one, for now run it by hand
254 flameeyes 1.12 # pam_pkg_preinst() {
255 vapier 1.18 # eshopts_push -o noglob # so that bash doen't expand "*"
256 flameeyes 1.12 #
257     # pam_epam_expand "${D}"/etc/pam.d/*
258     #
259 vapier 1.18 # eshopts_pop # reset old shell opts
260 flameeyes 1.12 # }
261 vapier 1.21
262     fi

  ViewVC Help
Powered by ViewVC 1.1.20