/[gentoo-x86]/eclass/pam.eclass
Gentoo

Diff of /eclass/pam.eclass

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

Revision 1.1 Revision 1.14
1# Copyright 2004 Gentoo Foundation 1# Copyright 2004 Gentoo Foundation
2# Distributed under the terms of the GNU General Public License, v2 or later 2# Distributed under the terms of the GNU General Public License, v2 or later
3# Author Diego Pettenò <flameeyes@gentoo.org> 3# Author Diego Pettenò <flameeyes@gentoo.org>
4# $Header: /var/cvsroot/gentoo-x86/eclass/pam.eclass,v 1.1 2005/05/20 11:58:32 flameeyes Exp $ 4# $Header: /var/cvsroot/gentoo-x86/eclass/pam.eclass,v 1.14 2007/11/04 15:00:27 flameeyes Exp $
5# 5#
6# This eclass contains functions to install pamd configuration files and 6# This eclass contains functions to install pamd configuration files and
7# pam modules. 7# pam modules.
8 8
9inherit multilib 9inherit multilib
10ECLASS="pam"
11INHERITED="$INHERITED $ECLASS"
12 10
13# dopamd <file> [more files] 11# dopamd <file> [more files]
14# 12#
15# Install pam auth config file in /etc/pam.d 13# Install pam auth config file in /etc/pam.d
16dopamd() { 14dopamd() {
18 16
19 if hasq pam ${IUSE} && ! use pam; then 17 if hasq pam ${IUSE} && ! use pam; then
20 return 0; 18 return 0;
21 fi 19 fi
22 20
21 ( # dont want to pollute calling env
23 insinto /etc/pam.d 22 insinto /etc/pam.d
23 insopts -m 0644
24 doins "$@"
24 doins "$@" || die "failed to install $@" 25 ) || die "failed to install $@"
26 cleanpamd "$@"
25} 27}
26 28
27# newpamd <old name> <new name> 29# newpamd <old name> <new name>
28# 30#
29# Install pam file <old name> as <new name> in /etc/pam.d 31# Install pam file <old name> as <new name> in /etc/pam.d
32 34
33 if hasq pam ${IUSE} && ! use pam; then 35 if hasq pam ${IUSE} && ! use pam; then
34 return 0; 36 return 0;
35 fi 37 fi
36 38
39 ( # dont want to pollute calling env
37 insinto /etc/pam.d 40 insinto /etc/pam.d
41 insopts -m 0644
42 newins "$1" "$2"
38 newins "$1" "$2" || die "failed to install $1 as $2" 43 ) || die "failed to install $1 as $2"
44 cleanpamd $2
39} 45}
40 46
41# dopamsecurity <section> <file> [more files] 47# dopamsecurity <section> <file> [more files]
42# 48#
43# Installs the config files in /etc/security/<section>/ 49# Installs the config files in /etc/security/<section>/
44dopamsecurity() { 50dopamsecurity() {
45 [[ $# -lt 2 ]] && die "dopamsecurity requires at least two arguments" 51 [[ $# -lt 2 ]] && die "dopamsecurity requires at least two arguments"
46 52
47 if hasq pam ${IUSE} && ! use pam; then 53 if hasq pam ${IUSE} && ! use pam; then
48 return 0; 54 return 0
49 fi 55 fi
50 56
57 ( # dont want to pollute calling env
51 insinto /etc/security/$1 58 insinto /etc/security/$1
52 shift 59 insopts -m 0644
60 doins "${@:2}"
53 doins "$@" || die "failed to install $@" 61 ) || die "failed to install ${@:2}"
54} 62}
55 63
56# newpamsecurity <section> <old name> <new name> 64# newpamsecurity <section> <old name> <new name>
57# 65#
58# Installs the config file <old name> as <new name> in /etc/security/<section>/ 66# Installs the config file <old name> as <new name> in /etc/security/<section>/
61 69
62 if hasq pam ${IUSE} && ! use pam; then 70 if hasq pam ${IUSE} && ! use pam; then
63 return 0; 71 return 0;
64 fi 72 fi
65 73
74 ( # dont want to pollute calling env
66 insinto /etc/security/$1 75 insinto /etc/security/$1
76 insopts -m 0644
77 newins "$2" "$3"
67 newins "$2" "$3" || die "failed to install $2 as $3" 78 ) || die "failed to install $2 as $3"
68} 79}
69 80
70# getpam_mod_dir 81# getpam_mod_dir
71# 82#
72# Returns the pam modules' directory for current implementation 83# Returns the pam modules' directory for current implementation
73getpam_mod_dir() { 84getpam_mod_dir() {
74 if has_version sys-libs/pam; then 85 if has_version sys-libs/pam || has_version sys-libs/openpam; then
75 PAM_MOD_DIR=/$(get_libdir)/security 86 PAM_MOD_DIR=/$(get_libdir)/security
76 elif has_version sys-libs/openpam; then 87 elif use ppc-macos; then
88 # OSX looks there for pam modules
77 PAM_MOD_DIR=/usr/$(get_libdir) 89 PAM_MOD_DIR=/usr/lib/pam
78 else 90 else
79 # Unable to find PAM implementation... defaulting 91 # Unable to find PAM implementation... defaulting
80 PAM_MOD_DIR=/$(get_libdir)/security 92 PAM_MOD_DIR=/$(get_libdir)/security
81 fi 93 fi
82 94
125 137
126 dodir /etc/pam.d 138 dodir /etc/pam.d
127 pamdfile=${D}/etc/pam.d/$1 139 pamdfile=${D}/etc/pam.d/$1
128 echo -e "# File autogenerated by pamd_mimic_system in pam eclass\n\n" >> \ 140 echo -e "# File autogenerated by pamd_mimic_system in pam eclass\n\n" >> \
129 $pamdfile 141 $pamdfile
130 142
131 authlevels="auth account password session" 143 authlevels="auth account password session"
144
145 if has_version '<sys-libs/pam-0.78'; then
146 mimic="\trequired\t\tpam_stack.so service=system-auth"
147 else
148 mimic="\tinclude\t\tsystem-auth"
149 fi
132 150
133 shift 151 shift
134 152
135 while [[ -n $1 ]]; do 153 while [[ -n $1 ]]; do
136 hasq $1 ${authlevels} || die "unknown level type" 154 hasq $1 ${authlevels} || die "unknown level type"
137 155
138 echo -e "$1\tinclude\t\tsystem-auth" >> ${pamdfile} 156 echo -e "$1${mimic}" >> ${pamdfile}
139 157
140 shift 158 shift
141 done 159 done
142
143 return 1
144} 160}
161
162# cleanpamd <pamd file>
163#
164# Cleans a pam.d file from modules that might not be present on the system
165# where it's going to be installed
166cleanpamd() {
167 while [[ -n $1 ]]; do
168 if ! has_version sys-libs/pam; then
169 sed -i -e '/pam_shells\|pam_console/s:^:#:' ${D}/etc/pam.d/$1
170 fi
171
172 shift
173 done
174}
175
176pam_epam_expand() {
177 sed -n -e 's|#%EPAM-\([[:alpha:]-]\+\):\([-+<>=/.![:alnum:]]\+\)%#.*|\1 \2|p' \
178 "$@" | sort -u | while read condition parameter; do
179
180 disable="yes"
181
182 case "$condition" in
183 If-Has)
184 message="This can be used only if you have ${parameter} installed"
185 has_version "$parameter" && disable="no"
186 ;;
187 Use-Flag)
188 message="This can be used only if you enabled the ${parameter} USE flag"
189 use "$parameter" && disable="no"
190 ;;
191 *)
192 eerror "Unknown EPAM condition '${condition}' ('${parameter}')"
193 die "Unknown EPAM condition '${condition}' ('${parameter}')"
194 ;;
195 esac
196
197 if [ "${disable}" = "yes" ]; then
198 sed -i -e "/#%EPAM-${condition}:${parameter/\//\\/}%#/d" "$@"
199 else
200 sed -i -e "s|#%EPAM-${condition}:${parameter}%#||" "$@"
201 fi
202
203 done
204}
205
206# Think about it before uncommenting this one, for now run it by hand
207# pam_pkg_preinst() {
208# local shopts=$-
209# set -o noglob # so that bash doen't expand "*"
210#
211# pam_epam_expand "${D}"/etc/pam.d/*
212#
213# set +o noglob; set -$shopts # reset old shell opts
214# }
Legend:
Removed from v.1.1  
changed lines
  Added in v.1.14
  ViewVC Help
Powered by ViewVC 1.1.20