/[gentoo-x86]/eclass/pam.eclass
Gentoo

Diff of /eclass/pam.eclass

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

Revision 1.19 Revision 1.23
1# Copyright 2004 Gentoo Foundation 1# Copyright 1999-2012 Gentoo Foundation
2# Distributed under the terms of the GNU General Public License, v2 or later 2# Distributed under the terms of the GNU General Public License, v2 or later
3# Author Diego Pettenò <flameeyes@gentoo.org>
4# $Header: /var/cvsroot/gentoo-x86/eclass/pam.eclass,v 1.19 2011/02/05 22:29:40 flameeyes Exp $ 3# $Header: /var/cvsroot/gentoo-x86/eclass/pam.eclass,v 1.23 2012/08/05 15:34:20 jlec Exp $
5# 4#
5
6# @ECLASS: pam.eclass
7# @MAINTAINER:
8# pam-bugs@gentoo.org
9# @AUTHOR:
10# Diego Pettenò <flameeyes@gentoo.org>
11# @BLURB: Handles pam related tasks
12# @DESCRIPTION:
6# This eclass contains functions to install pamd configuration files and 13# This eclass contains functions to install pamd configuration files and
7# pam modules. 14# pam modules.
8 15
9inherit multilib flag-o-matic 16if [[ ${___ECLASS_ONCE_PAM} != "recur -_+^+_- spank" ]] ; then
17___ECLASS_ONCE_PAM="recur -_+^+_- spank"
10 18
19inherit flag-o-matic multilib
20
21# @FUNCTION: dopamd
11# dopamd <file> [more files] 22# @USAGE: <file> [more files]
12# 23# @DESCRIPTION:
13# Install pam auth config file in /etc/pam.d 24# Install pam auth config file in /etc/pam.d
14dopamd() { 25dopamd() {
15 [[ -z $1 ]] && die "dopamd requires at least one argument" 26 [[ -z $1 ]] && die "dopamd requires at least one argument"
16 27
17 if hasq pam ${IUSE} && ! use pam; then 28 if has pam ${IUSE} && ! use pam; then
18 return 0; 29 return 0;
19 fi 30 fi
20 31
21 ( # dont want to pollute calling env 32 ( # dont want to pollute calling env
22 insinto /etc/pam.d 33 insinto /etc/pam.d
24 doins "$@" 35 doins "$@"
25 ) || die "failed to install $@" 36 ) || die "failed to install $@"
26 cleanpamd "$@" 37 cleanpamd "$@"
27} 38}
28 39
40# @FUNCTION: newpamd
29# newpamd <old name> <new name> 41# @USAGE: <old name> <new name>
30# 42# @DESCRIPTION:
31# Install pam file <old name> as <new name> in /etc/pam.d 43# Install pam file <old name> as <new name> in /etc/pam.d
32newpamd() { 44newpamd() {
33 [[ $# -ne 2 ]] && die "newpamd requires two arguments" 45 [[ $# -ne 2 ]] && die "newpamd requires two arguments"
34 46
35 if hasq pam ${IUSE} && ! use pam; then 47 if has pam ${IUSE} && ! use pam; then
36 return 0; 48 return 0;
37 fi 49 fi
38 50
39 ( # dont want to pollute calling env 51 ( # dont want to pollute calling env
40 insinto /etc/pam.d 52 insinto /etc/pam.d
42 newins "$1" "$2" 54 newins "$1" "$2"
43 ) || die "failed to install $1 as $2" 55 ) || die "failed to install $1 as $2"
44 cleanpamd $2 56 cleanpamd $2
45} 57}
46 58
59# @FUNCTION: dopamsecurity
47# dopamsecurity <section> <file> [more files] 60# @USAGE: <section> <file> [more files]
48# 61# @DESCRIPTION:
49# Installs the config files in /etc/security/<section>/ 62# Installs the config files in /etc/security/<section>/
50dopamsecurity() { 63dopamsecurity() {
51 [[ $# -lt 2 ]] && die "dopamsecurity requires at least two arguments" 64 [[ $# -lt 2 ]] && die "dopamsecurity requires at least two arguments"
52 65
53 if hasq pam ${IUSE} && ! use pam; then 66 if has pam ${IUSE} && ! use pam; then
54 return 0 67 return 0
55 fi 68 fi
56 69
57 ( # dont want to pollute calling env 70 ( # dont want to pollute calling env
58 insinto /etc/security/$1 71 insinto /etc/security/$1
59 insopts -m 0644 72 insopts -m 0644
60 doins "${@:2}" 73 doins "${@:2}"
61 ) || die "failed to install ${@:2}" 74 ) || die "failed to install ${@:2}"
62} 75}
63 76
77# @FUNCTION: newpamsecurity
64# newpamsecurity <section> <old name> <new name> 78# @USAGE: <section> <old name> <new name>
65# 79# @DESCRIPTION:
66# Installs the config file <old name> as <new name> in /etc/security/<section>/ 80# Installs the config file <old name> as <new name> in /etc/security/<section>/
67newpamsecurity() { 81newpamsecurity() {
68 [[ $# -ne 3 ]] && die "newpamsecurity requires three arguments" 82 [[ $# -ne 3 ]] && die "newpamsecurity requires three arguments"
69 83
70 if hasq pam ${IUSE} && ! use pam; then 84 if has pam ${IUSE} && ! use pam; then
71 return 0; 85 return 0;
72 fi 86 fi
73 87
74 ( # dont want to pollute calling env 88 ( # dont want to pollute calling env
75 insinto /etc/security/$1 89 insinto /etc/security/$1
76 insopts -m 0644 90 insopts -m 0644
77 newins "$2" "$3" 91 newins "$2" "$3"
78 ) || die "failed to install $2 as $3" 92 ) || die "failed to install $2 as $3"
79} 93}
80 94
81# getpam_mod_dir 95# @FUNCTION: getpam_mod_dir
82# 96# @DESCRIPTION:
83# Returns the pam modules' directory for current implementation 97# Returns the pam modules' directory for current implementation
84getpam_mod_dir() { 98getpam_mod_dir() {
85 if has_version sys-libs/pam || has_version sys-libs/openpam; then 99 if has_version sys-libs/pam || has_version sys-libs/openpam; then
86 PAM_MOD_DIR=/$(get_libdir)/security 100 PAM_MOD_DIR=/$(get_libdir)/security
87 else 101 else
90 fi 104 fi
91 105
92 echo ${PAM_MOD_DIR} 106 echo ${PAM_MOD_DIR}
93} 107}
94 108
95# pammod_hide_symbols 109# @FUNCTION: pammod_hide_symbols
96# 110# @DESCRIPTION:
97# Hide all non-PAM-used symbols from the module; this function creates a 111# Hide all non-PAM-used symbols from the module; this function creates a
98# simple ld version script that hides all the symbols that are not 112# simple ld version script that hides all the symbols that are not
99# necessary for PAM to load the module, then uses append-flags to make 113# necessary for PAM to load the module, then uses append-flags to make
100# sure that it gets used. 114# sure that it gets used.
101pammod_hide_symbols() { 115pammod_hide_symbols() {
107EOF 121EOF
108 122
109 append-ldflags -Wl,--version-script="${T}"/pam-eclass-pam_symbols.ver 123 append-ldflags -Wl,--version-script="${T}"/pam-eclass-pam_symbols.ver
110} 124}
111 125
112# dopammod <file> [more files] 126# @FUNCTION: dopammod
113# 127# @USAGE: <file> [more files]
128# @DESCRIPTION:
114# Install pam module file in the pam modules' dir for current implementation 129# Install pam module file in the pam modules' dir for current implementation
115dopammod() { 130dopammod() {
116 [[ -z $1 ]] && die "dopammod requires at least one argument" 131 [[ -z $1 ]] && die "dopammod requires at least one argument"
117 132
118 if hasq pam ${IUSE} && ! use pam; then 133 if has pam ${IUSE} && ! use pam; then
119 return 0; 134 return 0;
120 fi 135 fi
121 136
122 exeinto $(getpam_mod_dir) 137 exeinto $(getpam_mod_dir)
123 doexe "$@" || die "failed to install $@" 138 doexe "$@" || die "failed to install $@"
124} 139}
125 140
141# @FUNCTION: newpammod
126# newpammod <old name> <new name> 142# @USAGE: <old name> <new name>
127# 143# @DESCRIPTION:
128# Install pam module file <old name> as <new name> in the pam 144# Install pam module file <old name> as <new name> in the pam
129# modules' dir for current implementation 145# modules' dir for current implementation
130newpammod() { 146newpammod() {
131 [[ $# -ne 2 ]] && die "newpammod requires two arguements" 147 [[ $# -ne 2 ]] && die "newpammod requires two arguements"
132 148
133 if hasq pam ${IUSE} && ! use pam; then 149 if has pam ${IUSE} && ! use pam; then
134 return 0; 150 return 0;
135 fi 151 fi
136 152
137 exeinto $(getpam_mod_dir) 153 exeinto $(getpam_mod_dir)
138 newexe "$1" "$2" || die "failed to install $1 as $2" 154 newexe "$1" "$2" || die "failed to install $1 as $2"
139} 155}
140 156
141# pamd_mimic_system <pamd file> [auth levels] 157# @FUNCTION: pamd_mimic_system
142# 158# @USAGE: <pamd file> [auth levels]
159# @DESCRIPTION:
143# This function creates a pamd file which mimics system-auth file 160# This function creates a pamd file which mimics system-auth file
144# for the given levels in the /etc/pam.d directory. 161# for the given levels in the /etc/pam.d directory.
145pamd_mimic_system() { 162pamd_mimic_system() {
146 [[ $# -lt 2 ]] && die "pamd_mimic_system requires at least two argments" 163 [[ $# -lt 2 ]] && die "pamd_mimic_system requires at least two argments"
147 pamd_mimic system-auth "$@" 164 pamd_mimic system-auth "$@"
148} 165}
149 166
167# @FUNCTION: pamd_mimic
150# pamd_mimic <stack> <pamd file> [auth levels] 168# @USAGE: <stack> <pamd file> [auth levels]
151# 169# @DESCRIPTION:
152# This function creates a pamd file which mimics the given stack 170# This function creates a pamd file which mimics the given stack
153# for the given levels in the /etc/pam.d directory. 171# for the given levels in the /etc/pam.d directory.
154pamd_mimic() { 172pamd_mimic() {
155 [[ $# -lt 3 ]] && die "pamd_mimic requires at least three argments" 173 [[ $# -lt 3 ]] && die "pamd_mimic requires at least three argments"
156 174
157 if hasq pam ${IUSE} && ! use pam; then 175 if has pam ${IUSE} && ! use pam; then
158 return 0; 176 return 0;
159 fi 177 fi
160 178
161 dodir /etc/pam.d 179 dodir /etc/pam.d
162 pamdfile=${D}/etc/pam.d/$2 180 pamdfile=${D}/etc/pam.d/$2
173 fi 191 fi
174 192
175 shift; shift 193 shift; shift
176 194
177 while [[ -n $1 ]]; do 195 while [[ -n $1 ]]; do
178 hasq $1 ${authlevels} || die "unknown level type" 196 has $1 ${authlevels} || die "unknown level type"
179 197
180 echo -e "$1${mimic}" >> ${pamdfile} 198 echo -e "$1${mimic}" >> ${pamdfile}
181 199
182 shift 200 shift
183 done 201 done
184} 202}
185 203
186# cleanpamd <pamd file> 204# @FUNCTION: cleanpamd
187# 205# @USAGE: <pamd file>
206# @DESCRIPTION:
188# Cleans a pam.d file from modules that might not be present on the system 207# Cleans a pam.d file from modules that might not be present on the system
189# where it's going to be installed 208# where it's going to be installed
190cleanpamd() { 209cleanpamd() {
191 while [[ -n $1 ]]; do 210 while [[ -n $1 ]]; do
192 if ! has_version sys-libs/pam; then 211 if ! has_version sys-libs/pam; then
195 214
196 shift 215 shift
197 done 216 done
198} 217}
199 218
219# @FUNCTION: pam_epam_expand
220# @USAGE: <pamd file>
221# @DESCRIPTION:
222# Steer clear, deprecated, don't use, bad experiment
200pam_epam_expand() { 223pam_epam_expand() {
201 sed -n -e 's|#%EPAM-\([[:alpha:]-]\+\):\([-+<>=/.![:alnum:]]\+\)%#.*|\1 \2|p' \ 224 sed -n -e 's|#%EPAM-\([[:alpha:]-]\+\):\([-+<>=/.![:alnum:]]\+\)%#.*|\1 \2|p' \
202 "$@" | sort -u | while read condition parameter; do 225 "$@" | sort -u | while read condition parameter; do
203 226
204 disable="yes" 227 disable="yes"
233# 256#
234# pam_epam_expand "${D}"/etc/pam.d/* 257# pam_epam_expand "${D}"/etc/pam.d/*
235# 258#
236# eshopts_pop # reset old shell opts 259# eshopts_pop # reset old shell opts
237# } 260# }
261
262fi

Legend:
Removed from v.1.19  
changed lines
  Added in v.1.23

  ViewVC Help
Powered by ViewVC 1.1.20