/[gentoo-x86]/eclass/pam.eclass
Gentoo

Contents of /eclass/pam.eclass

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.12 - (show annotations) (download)
Tue Jul 10 12:54:32 2007 UTC (7 years, 4 months ago) by flameeyes
Branch: MAIN
Changes since 1.11: +36 -1 lines
Add pam_epam_expand function to expand the EPAM "syntax" in the pam.d configuration files. sys-libs/pam will be the first user of this.

1 # Copyright 2004 Gentoo Foundation
2 # Distributed under the terms of the GNU General Public License, v2 or later
3 # Author Diego Pettenò <flameeyes@gentoo.org>
4 # $Header: /var/cvsroot/gentoo-x86/eclass/pam.eclass,v 1.11 2007/04/07 08:52:46 vapier Exp $
5 #
6 # This eclass contains functions to install pamd configuration files and
7 # pam modules.
8
9 inherit multilib
10
11 # dopamd <file> [more files]
12 #
13 # Install pam auth config file in /etc/pam.d
14 dopamd() {
15 [[ -z $1 ]] && die "dopamd requires at least one argument"
16
17 if hasq pam ${IUSE} && ! use pam; then
18 return 0;
19 fi
20
21 ( # dont want to pollute calling env
22 insinto /etc/pam.d
23 insopts -m 0644
24 doins "$@"
25 ) || die "failed to install $@"
26 cleanpamd "$@"
27 }
28
29 # newpamd <old name> <new name>
30 #
31 # Install pam file <old name> as <new name> in /etc/pam.d
32 newpamd() {
33 [[ $# -ne 2 ]] && die "newpamd requires two arguments"
34
35 if hasq pam ${IUSE} && ! use pam; then
36 return 0;
37 fi
38
39 ( # dont want to pollute calling env
40 insinto /etc/pam.d
41 insopts -m 0644
42 newins "$1" "$2"
43 ) || die "failed to install $1 as $2"
44 cleanpamd $2
45 }
46
47 # dopamsecurity <section> <file> [more files]
48 #
49 # Installs the config files in /etc/security/<section>/
50 dopamsecurity() {
51 [[ $# -lt 2 ]] && die "dopamsecurity requires at least two arguments"
52
53 if hasq pam ${IUSE} && ! use pam; then
54 return 0
55 fi
56
57 ( # dont want to pollute calling env
58 insinto /etc/security/$1
59 insopts -m 0644
60 doins "${@:2}"
61 ) || die "failed to install ${@:2}"
62 }
63
64 # newpamsecurity <section> <old name> <new name>
65 #
66 # Installs the config file <old name> as <new name> in /etc/security/<section>/
67 newpamsecurity() {
68 [[ $# -ne 3 ]] && die "newpamsecurity requires three arguments"
69
70 if hasq pam ${IUSE} && ! use pam; then
71 return 0;
72 fi
73
74 ( # dont want to pollute calling env
75 insinto /etc/security/$1
76 insopts -m 0644
77 newins "$2" "$3"
78 ) || die "failed to install $2 as $3"
79 }
80
81 # getpam_mod_dir
82 #
83 # Returns the pam modules' directory for current implementation
84 getpam_mod_dir() {
85 if has_version sys-libs/pam || has_version sys-libs/openpam; then
86 PAM_MOD_DIR=/$(get_libdir)/security
87 elif use ppc-macos; then
88 # OSX looks there for pam modules
89 PAM_MOD_DIR=/usr/lib/pam
90 else
91 # Unable to find PAM implementation... defaulting
92 PAM_MOD_DIR=/$(get_libdir)/security
93 fi
94
95 echo ${PAM_MOD_DIR}
96 }
97
98 # dopammod <file> [more files]
99 #
100 # Install pam module file in the pam modules' dir for current implementation
101 dopammod() {
102 [[ -z $1 ]] && die "dopammod requires at least one argument"
103
104 if hasq pam ${IUSE} && ! use pam; then
105 return 0;
106 fi
107
108 exeinto $(getpam_mod_dir)
109 doexe "$@" || die "failed to install $@"
110 }
111
112 # newpammod <old name> <new name>
113 #
114 # Install pam module file <old name> as <new name> in the pam
115 # modules' dir for current implementation
116 newpammod() {
117 [[ $# -ne 2 ]] && die "newpammod requires two arguements"
118
119 if hasq pam ${IUSE} && ! use pam; then
120 return 0;
121 fi
122
123 exeinto $(getpam_mod_dir)
124 newexe "$1" "$2" || die "failed to install $1 as $2"
125 }
126
127 # pamd_mimic_system <pamd file> [auth levels]
128 #
129 # This function creates a pamd file which mimics system-auth file
130 # for the given levels in the /etc/pam.d directory.
131 pamd_mimic_system() {
132 [[ $# -lt 2 ]] && die "pamd_mimic_system requires at least two argments"
133
134 if hasq pam ${IUSE} && ! use pam; then
135 return 0;
136 fi
137
138 dodir /etc/pam.d
139 pamdfile=${D}/etc/pam.d/$1
140 echo -e "# File autogenerated by pamd_mimic_system in pam eclass\n\n" >> \
141 $pamdfile
142
143 authlevels="auth account password session"
144
145 if has_version '<sys-libs/pam-0.78'; then
146 mimic="\trequired\t\tpam_stack.so service=system-auth"
147 else
148 mimic="\tinclude\t\tsystem-auth"
149 fi
150
151 shift
152
153 while [[ -n $1 ]]; do
154 hasq $1 ${authlevels} || die "unknown level type"
155
156 echo -e "$1${mimic}" >> ${pamdfile}
157
158 shift
159 done
160 }
161
162 # cleanpamd <pamd file>
163 #
164 # Cleans a pam.d file from modules that might not be present on the system
165 # where it's going to be installed
166 cleanpamd() {
167 while [[ -n $1 ]]; do
168 if ! has_version sys-libs/pam; then
169 sed -i -e '/pam_shells\|pam_console/s:^:#:' ${D}/etc/pam.d/$1
170 fi
171
172 shift
173 done
174 }
175
176 pam_epam_expand() {
177 sed -n -e 's|#%EPAM-\([[:alpha:]-]\+\):\([-+<>=/.[:alnum:]]\+\)%#.*|\1 \2|p' \
178 "$@" | sort -u | while read condition parameter; do
179
180 disable="# "
181
182 case "$condition" in
183 If-Has)
184 message="This can be used only if you have ${parameter} installed"
185 has_version "$parameter" && disable=""
186 ;;
187 Use-Flag)
188 message="This can be used only if you enabled the ${parameter} USE flag"
189 use "$parameter" && disable=""
190 ;;
191 *)
192 eerror "Unknown EPAM condition '${condition}' ('${parameter}')"
193 die "Unknown EPAM condition '${condition}' ('${parameter}')"
194 ;;
195 esac
196
197 sed -i -e "s|#%EPAM-${condition}:${parameter}%#|# ${message}\n${disable}|" "$@"
198 done
199 }
200
201 # Think about it before uncommenting this one, for nwo run it by hand
202 # pam_pkg_preinst() {
203 # local shopts=$-
204 # set -o noglob # so that bash doen't expand "*"
205 #
206 # pam_epam_expand "${D}"/etc/pam.d/*
207 #
208 # set +o noglob; set -$shopts # reset old shell opts
209 # }

  ViewVC Help
Powered by ViewVC 1.1.20