/[gentoo-x86]/eclass/pam.eclass
Gentoo

Diff of /eclass/pam.eclass

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

Revision 1.1.1.1 Revision 1.18
1# Copyright 2004 Gentoo Foundation 1# Copyright 2004 Gentoo Foundation
2# Distributed under the terms of the GNU General Public License, v2 or later 2# Distributed under the terms of the GNU General Public License, v2 or later
3# Author Diego Pettenò <flameeyes@gentoo.org> 3# Author Diego Pettenò <flameeyes@gentoo.org>
4# $Header: /var/cvsroot/gentoo-x86/eclass/pam.eclass,v 1.1.1.1 2005/11/30 09:59:31 chriswhite Exp $ 4# $Header: /var/cvsroot/gentoo-x86/eclass/pam.eclass,v 1.18 2009/12/11 20:33:11 vapier Exp $
5# 5#
6# This eclass contains functions to install pamd configuration files and 6# This eclass contains functions to install pamd configuration files and
7# pam modules. 7# pam modules.
8 8
9inherit multilib 9inherit multilib
16 16
17 if hasq pam ${IUSE} && ! use pam; then 17 if hasq pam ${IUSE} && ! use pam; then
18 return 0; 18 return 0;
19 fi 19 fi
20 20
21 INSDESTTREE=/etc/pam.d \ 21 ( # dont want to pollute calling env
22 INSOPTIONS="-m 0644" \ 22 insinto /etc/pam.d
23 insopts -m 0644
24 doins "$@"
23 doins "$@" || die "failed to install $@" 25 ) || die "failed to install $@"
24 cleanpamd "$@" 26 cleanpamd "$@"
25} 27}
26 28
27# newpamd <old name> <new name> 29# newpamd <old name> <new name>
28# 30#
32 34
33 if hasq pam ${IUSE} && ! use pam; then 35 if hasq pam ${IUSE} && ! use pam; then
34 return 0; 36 return 0;
35 fi 37 fi
36 38
37 INSDESTTREE=/etc/pam.d \ 39 ( # dont want to pollute calling env
38 INSOPTIONS="-m 0644" \ 40 insinto /etc/pam.d
41 insopts -m 0644
42 newins "$1" "$2"
39 newins "$1" "$2" || die "failed to install $1 as $2" 43 ) || die "failed to install $1 as $2"
40 cleanpamd $2 44 cleanpamd $2
41} 45}
42 46
43# dopamsecurity <section> <file> [more files] 47# dopamsecurity <section> <file> [more files]
44# 48#
45# Installs the config files in /etc/security/<section>/ 49# Installs the config files in /etc/security/<section>/
46dopamsecurity() { 50dopamsecurity() {
47 [[ $# -lt 2 ]] && die "dopamsecurity requires at least two arguments" 51 [[ $# -lt 2 ]] && die "dopamsecurity requires at least two arguments"
48 52
49 if hasq pam ${IUSE} && ! use pam; then 53 if hasq pam ${IUSE} && ! use pam; then
50 return 0; 54 return 0
51 fi 55 fi
52 56
53 INSDESTTREE=/etc/security/$1 \ 57 ( # dont want to pollute calling env
54 INSOPTIONS="-m 0644" \ 58 insinto /etc/security/$1
55 doins "${@:2}" || die "failed to install ${@:2}" 59 insopts -m 0644
60 doins "${@:2}"
61 ) || die "failed to install ${@:2}"
56} 62}
57 63
58# newpamsecurity <section> <old name> <new name> 64# newpamsecurity <section> <old name> <new name>
59# 65#
60# Installs the config file <old name> as <new name> in /etc/security/<section>/ 66# Installs the config file <old name> as <new name> in /etc/security/<section>/
63 69
64 if hasq pam ${IUSE} && ! use pam; then 70 if hasq pam ${IUSE} && ! use pam; then
65 return 0; 71 return 0;
66 fi 72 fi
67 73
68 INSDESTTREE=/etc/security/$1 \ 74 ( # dont want to pollute calling env
69 INSOPTIONS="-m 0644" \ 75 insinto /etc/security/$1
76 insopts -m 0644
77 newins "$2" "$3"
70 newins "$2" "$3" || die "failed to install $2 as $3" 78 ) || die "failed to install $2 as $3"
71} 79}
72 80
73# getpam_mod_dir 81# getpam_mod_dir
74# 82#
75# Returns the pam modules' directory for current implementation 83# Returns the pam modules' directory for current implementation
76getpam_mod_dir() { 84getpam_mod_dir() {
77 if has_version sys-libs/pam || has_version sys-libs/openpam; then 85 if has_version sys-libs/pam || has_version sys-libs/openpam; then
78 PAM_MOD_DIR=/$(get_libdir)/security 86 PAM_MOD_DIR=/$(get_libdir)/security
79 elif use ppc-macos; then
80 # OSX looks there for pam modules
81 PAM_MOD_DIR=/usr/lib/pam
82 else 87 else
83 # Unable to find PAM implementation... defaulting 88 # Unable to find PAM implementation... defaulting
84 PAM_MOD_DIR=/$(get_libdir)/security 89 PAM_MOD_DIR=/$(get_libdir)/security
85 fi 90 fi
86 91
120# 125#
121# This function creates a pamd file which mimics system-auth file 126# This function creates a pamd file which mimics system-auth file
122# for the given levels in the /etc/pam.d directory. 127# for the given levels in the /etc/pam.d directory.
123pamd_mimic_system() { 128pamd_mimic_system() {
124 [[ $# -lt 2 ]] && die "pamd_mimic_system requires at least two argments" 129 [[ $# -lt 2 ]] && die "pamd_mimic_system requires at least two argments"
130 pamd_mimic system-auth "$@"
131}
132
133# pamd_mimic <stack> <pamd file> [auth levels]
134#
135# This function creates a pamd file which mimics the given stack
136# for the given levels in the /etc/pam.d directory.
137pamd_mimic() {
138 [[ $# -lt 3 ]] && die "pamd_mimic requires at least three argments"
125 139
126 if hasq pam ${IUSE} && ! use pam; then 140 if hasq pam ${IUSE} && ! use pam; then
127 return 0; 141 return 0;
128 fi 142 fi
129 143
130 dodir /etc/pam.d 144 dodir /etc/pam.d
131 pamdfile=${D}/etc/pam.d/$1 145 pamdfile=${D}/etc/pam.d/$2
132 echo -e "# File autogenerated by pamd_mimic_system in pam eclass\n\n" >> \ 146 echo -e "# File autogenerated by pamd_mimic in pam eclass\n\n" >> \
133 $pamdfile 147 $pamdfile
134 148
149 originalstack=$1
135 authlevels="auth account password session" 150 authlevels="auth account password session"
136 151
137 if has_version '<sys-libs/pam-0.78'; then 152 if has_version '<sys-libs/pam-0.78'; then
138 mimic="\trequired\t\tpam_stack.so service=system-auth" 153 mimic="\trequired\t\tpam_stack.so service=${originalstack}"
139 else 154 else
140 mimic="\tinclude\t\tsystem-auth" 155 mimic="\tinclude\t\t${originalstack}"
141 fi 156 fi
142 157
143 shift 158 shift; shift
144 159
145 while [[ -n $1 ]]; do 160 while [[ -n $1 ]]; do
146 hasq $1 ${authlevels} || die "unknown level type" 161 hasq $1 ${authlevels} || die "unknown level type"
147 162
148 echo -e "$1${mimic}" >> ${pamdfile} 163 echo -e "$1${mimic}" >> ${pamdfile}
156# Cleans a pam.d file from modules that might not be present on the system 171# Cleans a pam.d file from modules that might not be present on the system
157# where it's going to be installed 172# where it's going to be installed
158cleanpamd() { 173cleanpamd() {
159 while [[ -n $1 ]]; do 174 while [[ -n $1 ]]; do
160 if ! has_version sys-libs/pam; then 175 if ! has_version sys-libs/pam; then
161 sed -i -e '/pam_shells\|pam_console/s:^:#:' ${D}/etc/pam.d/$1 176 sed -i -e '/pam_shells\|pam_console/s:^:#:' "${D}/etc/pam.d/$1"
162 fi 177 fi
163 178
164 shift 179 shift
165 done 180 done
166} 181}
182
183pam_epam_expand() {
184 sed -n -e 's|#%EPAM-\([[:alpha:]-]\+\):\([-+<>=/.![:alnum:]]\+\)%#.*|\1 \2|p' \
185 "$@" | sort -u | while read condition parameter; do
186
187 disable="yes"
188
189 case "$condition" in
190 If-Has)
191 message="This can be used only if you have ${parameter} installed"
192 has_version "$parameter" && disable="no"
193 ;;
194 Use-Flag)
195 message="This can be used only if you enabled the ${parameter} USE flag"
196 use "$parameter" && disable="no"
197 ;;
198 *)
199 eerror "Unknown EPAM condition '${condition}' ('${parameter}')"
200 die "Unknown EPAM condition '${condition}' ('${parameter}')"
201 ;;
202 esac
203
204 if [ "${disable}" = "yes" ]; then
205 sed -i -e "/#%EPAM-${condition}:${parameter/\//\\/}%#/d" "$@"
206 else
207 sed -i -e "s|#%EPAM-${condition}:${parameter}%#||" "$@"
208 fi
209
210 done
211}
212
213# Think about it before uncommenting this one, for now run it by hand
214# pam_pkg_preinst() {
215# eshopts_push -o noglob # so that bash doen't expand "*"
216#
217# pam_epam_expand "${D}"/etc/pam.d/*
218#
219# eshopts_pop # reset old shell opts
220# }

Legend:
Removed from v.1.1.1.1  
changed lines
  Added in v.1.18

  ViewVC Help
Powered by ViewVC 1.1.20