/[gentoo-x86]/eclass/pam.eclass
Gentoo

Diff of /eclass/pam.eclass

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

Revision 1.12 Revision 1.18
1# Copyright 2004 Gentoo Foundation 1# Copyright 2004 Gentoo Foundation
2# Distributed under the terms of the GNU General Public License, v2 or later 2# Distributed under the terms of the GNU General Public License, v2 or later
3# Author Diego Pettenò <flameeyes@gentoo.org> 3# Author Diego Pettenò <flameeyes@gentoo.org>
4# $Header: /var/cvsroot/gentoo-x86/eclass/pam.eclass,v 1.12 2007/07/10 12:54:32 flameeyes Exp $ 4# $Header: /var/cvsroot/gentoo-x86/eclass/pam.eclass,v 1.18 2009/12/11 20:33:11 vapier Exp $
5# 5#
6# This eclass contains functions to install pamd configuration files and 6# This eclass contains functions to install pamd configuration files and
7# pam modules. 7# pam modules.
8 8
9inherit multilib 9inherit multilib
82# 82#
83# Returns the pam modules' directory for current implementation 83# Returns the pam modules' directory for current implementation
84getpam_mod_dir() { 84getpam_mod_dir() {
85 if has_version sys-libs/pam || has_version sys-libs/openpam; then 85 if has_version sys-libs/pam || has_version sys-libs/openpam; then
86 PAM_MOD_DIR=/$(get_libdir)/security 86 PAM_MOD_DIR=/$(get_libdir)/security
87 elif use ppc-macos; then
88 # OSX looks there for pam modules
89 PAM_MOD_DIR=/usr/lib/pam
90 else 87 else
91 # Unable to find PAM implementation... defaulting 88 # Unable to find PAM implementation... defaulting
92 PAM_MOD_DIR=/$(get_libdir)/security 89 PAM_MOD_DIR=/$(get_libdir)/security
93 fi 90 fi
94 91
128# 125#
129# This function creates a pamd file which mimics system-auth file 126# This function creates a pamd file which mimics system-auth file
130# for the given levels in the /etc/pam.d directory. 127# for the given levels in the /etc/pam.d directory.
131pamd_mimic_system() { 128pamd_mimic_system() {
132 [[ $# -lt 2 ]] && die "pamd_mimic_system requires at least two argments" 129 [[ $# -lt 2 ]] && die "pamd_mimic_system requires at least two argments"
130 pamd_mimic system-auth "$@"
131}
132
133# pamd_mimic <stack> <pamd file> [auth levels]
134#
135# This function creates a pamd file which mimics the given stack
136# for the given levels in the /etc/pam.d directory.
137pamd_mimic() {
138 [[ $# -lt 3 ]] && die "pamd_mimic requires at least three argments"
133 139
134 if hasq pam ${IUSE} && ! use pam; then 140 if hasq pam ${IUSE} && ! use pam; then
135 return 0; 141 return 0;
136 fi 142 fi
137 143
138 dodir /etc/pam.d 144 dodir /etc/pam.d
139 pamdfile=${D}/etc/pam.d/$1 145 pamdfile=${D}/etc/pam.d/$2
140 echo -e "# File autogenerated by pamd_mimic_system in pam eclass\n\n" >> \ 146 echo -e "# File autogenerated by pamd_mimic in pam eclass\n\n" >> \
141 $pamdfile 147 $pamdfile
142 148
149 originalstack=$1
143 authlevels="auth account password session" 150 authlevels="auth account password session"
144 151
145 if has_version '<sys-libs/pam-0.78'; then 152 if has_version '<sys-libs/pam-0.78'; then
146 mimic="\trequired\t\tpam_stack.so service=system-auth" 153 mimic="\trequired\t\tpam_stack.so service=${originalstack}"
147 else 154 else
148 mimic="\tinclude\t\tsystem-auth" 155 mimic="\tinclude\t\t${originalstack}"
149 fi 156 fi
150 157
151 shift 158 shift; shift
152 159
153 while [[ -n $1 ]]; do 160 while [[ -n $1 ]]; do
154 hasq $1 ${authlevels} || die "unknown level type" 161 hasq $1 ${authlevels} || die "unknown level type"
155 162
156 echo -e "$1${mimic}" >> ${pamdfile} 163 echo -e "$1${mimic}" >> ${pamdfile}
164# Cleans a pam.d file from modules that might not be present on the system 171# Cleans a pam.d file from modules that might not be present on the system
165# where it's going to be installed 172# where it's going to be installed
166cleanpamd() { 173cleanpamd() {
167 while [[ -n $1 ]]; do 174 while [[ -n $1 ]]; do
168 if ! has_version sys-libs/pam; then 175 if ! has_version sys-libs/pam; then
169 sed -i -e '/pam_shells\|pam_console/s:^:#:' ${D}/etc/pam.d/$1 176 sed -i -e '/pam_shells\|pam_console/s:^:#:' "${D}/etc/pam.d/$1"
170 fi 177 fi
171 178
172 shift 179 shift
173 done 180 done
174} 181}
175 182
176pam_epam_expand() { 183pam_epam_expand() {
177 sed -n -e 's|#%EPAM-\([[:alpha:]-]\+\):\([-+<>=/.[:alnum:]]\+\)%#.*|\1 \2|p' \ 184 sed -n -e 's|#%EPAM-\([[:alpha:]-]\+\):\([-+<>=/.![:alnum:]]\+\)%#.*|\1 \2|p' \
178 "$@" | sort -u | while read condition parameter; do 185 "$@" | sort -u | while read condition parameter; do
179 186
180 disable="# " 187 disable="yes"
181 188
182 case "$condition" in 189 case "$condition" in
183 If-Has) 190 If-Has)
184 message="This can be used only if you have ${parameter} installed" 191 message="This can be used only if you have ${parameter} installed"
185 has_version "$parameter" && disable="" 192 has_version "$parameter" && disable="no"
186 ;; 193 ;;
187 Use-Flag) 194 Use-Flag)
188 message="This can be used only if you enabled the ${parameter} USE flag" 195 message="This can be used only if you enabled the ${parameter} USE flag"
189 use "$parameter" && disable="" 196 use "$parameter" && disable="no"
190 ;; 197 ;;
191 *) 198 *)
192 eerror "Unknown EPAM condition '${condition}' ('${parameter}')" 199 eerror "Unknown EPAM condition '${condition}' ('${parameter}')"
193 die "Unknown EPAM condition '${condition}' ('${parameter}')" 200 die "Unknown EPAM condition '${condition}' ('${parameter}')"
194 ;; 201 ;;
195 esac 202 esac
196 203
204 if [ "${disable}" = "yes" ]; then
205 sed -i -e "/#%EPAM-${condition}:${parameter/\//\\/}%#/d" "$@"
206 else
197 sed -i -e "s|#%EPAM-${condition}:${parameter}%#|# ${message}\n${disable}|" "$@" 207 sed -i -e "s|#%EPAM-${condition}:${parameter}%#||" "$@"
208 fi
209
198 done 210 done
199} 211}
200 212
201# Think about it before uncommenting this one, for nwo run it by hand 213# Think about it before uncommenting this one, for now run it by hand
202# pam_pkg_preinst() { 214# pam_pkg_preinst() {
203# local shopts=$-
204# set -o noglob # so that bash doen't expand "*" 215# eshopts_push -o noglob # so that bash doen't expand "*"
205# 216#
206# pam_epam_expand "${D}"/etc/pam.d/* 217# pam_epam_expand "${D}"/etc/pam.d/*
207# 218#
208# set +o noglob; set -$shopts # reset old shell opts 219# eshopts_pop # reset old shell opts
209# } 220# }

Legend:
Removed from v.1.12  
changed lines
  Added in v.1.18

  ViewVC Help
Powered by ViewVC 1.1.20