/[gentoo-x86]/eclass/pam.eclass
Gentoo

Contents of /eclass/pam.eclass

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.17 - (show annotations) (download)
Sat Jun 28 19:57:40 2008 UTC (6 years, 2 months ago) by grobian
Branch: MAIN
Changes since 1.16: +1 -4 lines
Not sure where pam would be on ppc-macos, at least for now we don't need
it.  To be reconsidered again when/if ppc-macos returns.

1 # Copyright 2004 Gentoo Foundation
2 # Distributed under the terms of the GNU General Public License, v2 or later
3 # Author Diego Pettenò <flameeyes@gentoo.org>
4 # $Header: /var/cvsroot/gentoo-x86/eclass/pam.eclass,v 1.16 2008/03/20 23:21:37 eva Exp $
5 #
6 # This eclass contains functions to install pamd configuration files and
7 # pam modules.
8
9 inherit multilib
10
11 # dopamd <file> [more files]
12 #
13 # Install pam auth config file in /etc/pam.d
14 dopamd() {
15 [[ -z $1 ]] && die "dopamd requires at least one argument"
16
17 if hasq pam ${IUSE} && ! use pam; then
18 return 0;
19 fi
20
21 ( # dont want to pollute calling env
22 insinto /etc/pam.d
23 insopts -m 0644
24 doins "$@"
25 ) || die "failed to install $@"
26 cleanpamd "$@"
27 }
28
29 # newpamd <old name> <new name>
30 #
31 # Install pam file <old name> as <new name> in /etc/pam.d
32 newpamd() {
33 [[ $# -ne 2 ]] && die "newpamd requires two arguments"
34
35 if hasq pam ${IUSE} && ! use pam; then
36 return 0;
37 fi
38
39 ( # dont want to pollute calling env
40 insinto /etc/pam.d
41 insopts -m 0644
42 newins "$1" "$2"
43 ) || die "failed to install $1 as $2"
44 cleanpamd $2
45 }
46
47 # dopamsecurity <section> <file> [more files]
48 #
49 # Installs the config files in /etc/security/<section>/
50 dopamsecurity() {
51 [[ $# -lt 2 ]] && die "dopamsecurity requires at least two arguments"
52
53 if hasq pam ${IUSE} && ! use pam; then
54 return 0
55 fi
56
57 ( # dont want to pollute calling env
58 insinto /etc/security/$1
59 insopts -m 0644
60 doins "${@:2}"
61 ) || die "failed to install ${@:2}"
62 }
63
64 # newpamsecurity <section> <old name> <new name>
65 #
66 # Installs the config file <old name> as <new name> in /etc/security/<section>/
67 newpamsecurity() {
68 [[ $# -ne 3 ]] && die "newpamsecurity requires three arguments"
69
70 if hasq pam ${IUSE} && ! use pam; then
71 return 0;
72 fi
73
74 ( # dont want to pollute calling env
75 insinto /etc/security/$1
76 insopts -m 0644
77 newins "$2" "$3"
78 ) || die "failed to install $2 as $3"
79 }
80
81 # getpam_mod_dir
82 #
83 # Returns the pam modules' directory for current implementation
84 getpam_mod_dir() {
85 if has_version sys-libs/pam || has_version sys-libs/openpam; then
86 PAM_MOD_DIR=/$(get_libdir)/security
87 else
88 # Unable to find PAM implementation... defaulting
89 PAM_MOD_DIR=/$(get_libdir)/security
90 fi
91
92 echo ${PAM_MOD_DIR}
93 }
94
95 # dopammod <file> [more files]
96 #
97 # Install pam module file in the pam modules' dir for current implementation
98 dopammod() {
99 [[ -z $1 ]] && die "dopammod requires at least one argument"
100
101 if hasq pam ${IUSE} && ! use pam; then
102 return 0;
103 fi
104
105 exeinto $(getpam_mod_dir)
106 doexe "$@" || die "failed to install $@"
107 }
108
109 # newpammod <old name> <new name>
110 #
111 # Install pam module file <old name> as <new name> in the pam
112 # modules' dir for current implementation
113 newpammod() {
114 [[ $# -ne 2 ]] && die "newpammod requires two arguements"
115
116 if hasq pam ${IUSE} && ! use pam; then
117 return 0;
118 fi
119
120 exeinto $(getpam_mod_dir)
121 newexe "$1" "$2" || die "failed to install $1 as $2"
122 }
123
124 # pamd_mimic_system <pamd file> [auth levels]
125 #
126 # This function creates a pamd file which mimics system-auth file
127 # for the given levels in the /etc/pam.d directory.
128 pamd_mimic_system() {
129 [[ $# -lt 2 ]] && die "pamd_mimic_system requires at least two argments"
130 pamd_mimic system-auth "$@"
131 }
132
133 # pamd_mimic <stack> <pamd file> [auth levels]
134 #
135 # This function creates a pamd file which mimics the given stack
136 # for the given levels in the /etc/pam.d directory.
137 pamd_mimic() {
138 [[ $# -lt 3 ]] && die "pamd_mimic requires at least three argments"
139
140 if hasq pam ${IUSE} && ! use pam; then
141 return 0;
142 fi
143
144 dodir /etc/pam.d
145 pamdfile=${D}/etc/pam.d/$2
146 echo -e "# File autogenerated by pamd_mimic in pam eclass\n\n" >> \
147 $pamdfile
148
149 originalstack=$1
150 authlevels="auth account password session"
151
152 if has_version '<sys-libs/pam-0.78'; then
153 mimic="\trequired\t\tpam_stack.so service=${originalstack}"
154 else
155 mimic="\tinclude\t\t${originalstack}"
156 fi
157
158 shift; shift
159
160 while [[ -n $1 ]]; do
161 hasq $1 ${authlevels} || die "unknown level type"
162
163 echo -e "$1${mimic}" >> ${pamdfile}
164
165 shift
166 done
167 }
168
169 # cleanpamd <pamd file>
170 #
171 # Cleans a pam.d file from modules that might not be present on the system
172 # where it's going to be installed
173 cleanpamd() {
174 while [[ -n $1 ]]; do
175 if ! has_version sys-libs/pam; then
176 sed -i -e '/pam_shells\|pam_console/s:^:#:' "${D}/etc/pam.d/$1"
177 fi
178
179 shift
180 done
181 }
182
183 pam_epam_expand() {
184 sed -n -e 's|#%EPAM-\([[:alpha:]-]\+\):\([-+<>=/.![:alnum:]]\+\)%#.*|\1 \2|p' \
185 "$@" | sort -u | while read condition parameter; do
186
187 disable="yes"
188
189 case "$condition" in
190 If-Has)
191 message="This can be used only if you have ${parameter} installed"
192 has_version "$parameter" && disable="no"
193 ;;
194 Use-Flag)
195 message="This can be used only if you enabled the ${parameter} USE flag"
196 use "$parameter" && disable="no"
197 ;;
198 *)
199 eerror "Unknown EPAM condition '${condition}' ('${parameter}')"
200 die "Unknown EPAM condition '${condition}' ('${parameter}')"
201 ;;
202 esac
203
204 if [ "${disable}" = "yes" ]; then
205 sed -i -e "/#%EPAM-${condition}:${parameter/\//\\/}%#/d" "$@"
206 else
207 sed -i -e "s|#%EPAM-${condition}:${parameter}%#||" "$@"
208 fi
209
210 done
211 }
212
213 # Think about it before uncommenting this one, for now run it by hand
214 # pam_pkg_preinst() {
215 # local shopts=$-
216 # set -o noglob # so that bash doen't expand "*"
217 #
218 # pam_epam_expand "${D}"/etc/pam.d/*
219 #
220 # set +o noglob; set -$shopts # reset old shell opts
221 # }

  ViewVC Help
Powered by ViewVC 1.1.20