| 1 | # Copyright 2004 Gentoo Foundation |
1 | # Copyright 2004 Gentoo Foundation |
| 2 | # Distributed under the terms of the GNU General Public License, v2 or later |
2 | # Distributed under the terms of the GNU General Public License, v2 or later |
| 3 | # Author Diego Pettenò <flameeyes@gentoo.org> |
3 | # Author Diego Pettenò <flameeyes@gentoo.org> |
| 4 | # $Header: /var/cvsroot/gentoo-x86/eclass/pam.eclass,v 1.12 2007/07/10 12:54:32 flameeyes Exp $ |
4 | # $Header: /var/cvsroot/gentoo-x86/eclass/pam.eclass,v 1.18 2009/12/11 20:33:11 vapier Exp $ |
| 5 | # |
5 | # |
| 6 | # This eclass contains functions to install pamd configuration files and |
6 | # This eclass contains functions to install pamd configuration files and |
| 7 | # pam modules. |
7 | # pam modules. |
| 8 | |
8 | |
| 9 | inherit multilib |
9 | inherit multilib |
| … | |
… | |
| 82 | # |
82 | # |
| 83 | # Returns the pam modules' directory for current implementation |
83 | # Returns the pam modules' directory for current implementation |
| 84 | getpam_mod_dir() { |
84 | getpam_mod_dir() { |
| 85 | if has_version sys-libs/pam || has_version sys-libs/openpam; then |
85 | if has_version sys-libs/pam || has_version sys-libs/openpam; then |
| 86 | PAM_MOD_DIR=/$(get_libdir)/security |
86 | PAM_MOD_DIR=/$(get_libdir)/security |
| 87 | elif use ppc-macos; then |
|
|
| 88 | # OSX looks there for pam modules |
|
|
| 89 | PAM_MOD_DIR=/usr/lib/pam |
|
|
| 90 | else |
87 | else |
| 91 | # Unable to find PAM implementation... defaulting |
88 | # Unable to find PAM implementation... defaulting |
| 92 | PAM_MOD_DIR=/$(get_libdir)/security |
89 | PAM_MOD_DIR=/$(get_libdir)/security |
| 93 | fi |
90 | fi |
| 94 | |
91 | |
| … | |
… | |
| 128 | # |
125 | # |
| 129 | # This function creates a pamd file which mimics system-auth file |
126 | # This function creates a pamd file which mimics system-auth file |
| 130 | # for the given levels in the /etc/pam.d directory. |
127 | # for the given levels in the /etc/pam.d directory. |
| 131 | pamd_mimic_system() { |
128 | pamd_mimic_system() { |
| 132 | [[ $# -lt 2 ]] && die "pamd_mimic_system requires at least two argments" |
129 | [[ $# -lt 2 ]] && die "pamd_mimic_system requires at least two argments" |
|
|
130 | pamd_mimic system-auth "$@" |
|
|
131 | } |
|
|
132 | |
|
|
133 | # pamd_mimic <stack> <pamd file> [auth levels] |
|
|
134 | # |
|
|
135 | # This function creates a pamd file which mimics the given stack |
|
|
136 | # for the given levels in the /etc/pam.d directory. |
|
|
137 | pamd_mimic() { |
|
|
138 | [[ $# -lt 3 ]] && die "pamd_mimic requires at least three argments" |
| 133 | |
139 | |
| 134 | if hasq pam ${IUSE} && ! use pam; then |
140 | if hasq pam ${IUSE} && ! use pam; then |
| 135 | return 0; |
141 | return 0; |
| 136 | fi |
142 | fi |
| 137 | |
143 | |
| 138 | dodir /etc/pam.d |
144 | dodir /etc/pam.d |
| 139 | pamdfile=${D}/etc/pam.d/$1 |
145 | pamdfile=${D}/etc/pam.d/$2 |
| 140 | echo -e "# File autogenerated by pamd_mimic_system in pam eclass\n\n" >> \ |
146 | echo -e "# File autogenerated by pamd_mimic in pam eclass\n\n" >> \ |
| 141 | $pamdfile |
147 | $pamdfile |
| 142 | |
148 | |
|
|
149 | originalstack=$1 |
| 143 | authlevels="auth account password session" |
150 | authlevels="auth account password session" |
| 144 | |
151 | |
| 145 | if has_version '<sys-libs/pam-0.78'; then |
152 | if has_version '<sys-libs/pam-0.78'; then |
| 146 | mimic="\trequired\t\tpam_stack.so service=system-auth" |
153 | mimic="\trequired\t\tpam_stack.so service=${originalstack}" |
| 147 | else |
154 | else |
| 148 | mimic="\tinclude\t\tsystem-auth" |
155 | mimic="\tinclude\t\t${originalstack}" |
| 149 | fi |
156 | fi |
| 150 | |
157 | |
| 151 | shift |
158 | shift; shift |
| 152 | |
159 | |
| 153 | while [[ -n $1 ]]; do |
160 | while [[ -n $1 ]]; do |
| 154 | hasq $1 ${authlevels} || die "unknown level type" |
161 | hasq $1 ${authlevels} || die "unknown level type" |
| 155 | |
162 | |
| 156 | echo -e "$1${mimic}" >> ${pamdfile} |
163 | echo -e "$1${mimic}" >> ${pamdfile} |
| … | |
… | |
| 164 | # Cleans a pam.d file from modules that might not be present on the system |
171 | # Cleans a pam.d file from modules that might not be present on the system |
| 165 | # where it's going to be installed |
172 | # where it's going to be installed |
| 166 | cleanpamd() { |
173 | cleanpamd() { |
| 167 | while [[ -n $1 ]]; do |
174 | while [[ -n $1 ]]; do |
| 168 | if ! has_version sys-libs/pam; then |
175 | if ! has_version sys-libs/pam; then |
| 169 | sed -i -e '/pam_shells\|pam_console/s:^:#:' ${D}/etc/pam.d/$1 |
176 | sed -i -e '/pam_shells\|pam_console/s:^:#:' "${D}/etc/pam.d/$1" |
| 170 | fi |
177 | fi |
| 171 | |
178 | |
| 172 | shift |
179 | shift |
| 173 | done |
180 | done |
| 174 | } |
181 | } |
| 175 | |
182 | |
| 176 | pam_epam_expand() { |
183 | pam_epam_expand() { |
| 177 | sed -n -e 's|#%EPAM-\([[:alpha:]-]\+\):\([-+<>=/.[:alnum:]]\+\)%#.*|\1 \2|p' \ |
184 | sed -n -e 's|#%EPAM-\([[:alpha:]-]\+\):\([-+<>=/.![:alnum:]]\+\)%#.*|\1 \2|p' \ |
| 178 | "$@" | sort -u | while read condition parameter; do |
185 | "$@" | sort -u | while read condition parameter; do |
| 179 | |
186 | |
| 180 | disable="# " |
187 | disable="yes" |
| 181 | |
188 | |
| 182 | case "$condition" in |
189 | case "$condition" in |
| 183 | If-Has) |
190 | If-Has) |
| 184 | message="This can be used only if you have ${parameter} installed" |
191 | message="This can be used only if you have ${parameter} installed" |
| 185 | has_version "$parameter" && disable="" |
192 | has_version "$parameter" && disable="no" |
| 186 | ;; |
193 | ;; |
| 187 | Use-Flag) |
194 | Use-Flag) |
| 188 | message="This can be used only if you enabled the ${parameter} USE flag" |
195 | message="This can be used only if you enabled the ${parameter} USE flag" |
| 189 | use "$parameter" && disable="" |
196 | use "$parameter" && disable="no" |
| 190 | ;; |
197 | ;; |
| 191 | *) |
198 | *) |
| 192 | eerror "Unknown EPAM condition '${condition}' ('${parameter}')" |
199 | eerror "Unknown EPAM condition '${condition}' ('${parameter}')" |
| 193 | die "Unknown EPAM condition '${condition}' ('${parameter}')" |
200 | die "Unknown EPAM condition '${condition}' ('${parameter}')" |
| 194 | ;; |
201 | ;; |
| 195 | esac |
202 | esac |
| 196 | |
203 | |
|
|
204 | if [ "${disable}" = "yes" ]; then |
|
|
205 | sed -i -e "/#%EPAM-${condition}:${parameter/\//\\/}%#/d" "$@" |
|
|
206 | else |
| 197 | sed -i -e "s|#%EPAM-${condition}:${parameter}%#|# ${message}\n${disable}|" "$@" |
207 | sed -i -e "s|#%EPAM-${condition}:${parameter}%#||" "$@" |
|
|
208 | fi |
|
|
209 | |
| 198 | done |
210 | done |
| 199 | } |
211 | } |
| 200 | |
212 | |
| 201 | # Think about it before uncommenting this one, for nwo run it by hand |
213 | # Think about it before uncommenting this one, for now run it by hand |
| 202 | # pam_pkg_preinst() { |
214 | # pam_pkg_preinst() { |
| 203 | # local shopts=$- |
|
|
| 204 | # set -o noglob # so that bash doen't expand "*" |
215 | # eshopts_push -o noglob # so that bash doen't expand "*" |
| 205 | # |
216 | # |
| 206 | # pam_epam_expand "${D}"/etc/pam.d/* |
217 | # pam_epam_expand "${D}"/etc/pam.d/* |
| 207 | # |
218 | # |
| 208 | # set +o noglob; set -$shopts # reset old shell opts |
219 | # eshopts_pop # reset old shell opts |
| 209 | # } |
220 | # } |
Parent Directory
| 
Revision Log
| 
Patch