/[gentoo-x86]/eclass/pam.eclass
Gentoo

Contents of /eclass/pam.eclass

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.21 - (show annotations) (download)
Sat Dec 17 04:20:52 2011 UTC (2 years, 9 months ago) by vapier
Branch: MAIN
Changes since 1.20: +6 -1 lines
avoid multiple inclusions when possible to speed caching up

1 # Copyright 2004 Gentoo Foundation
2 # Distributed under the terms of the GNU General Public License, v2 or later
3 # Author Diego Pettenò <flameeyes@gentoo.org>
4 # $Header: /var/cvsroot/gentoo-x86/eclass/pam.eclass,v 1.20 2011/07/08 11:35:01 ssuominen Exp $
5 #
6 # This eclass contains functions to install pamd configuration files and
7 # pam modules.
8
9 if [[ ${___ECLASS_ONCE_PAM} != "recur -_+^+_- spank" ]] ; then
10 ___ECLASS_ONCE_PAM="recur -_+^+_- spank"
11
12 inherit multilib flag-o-matic
13
14 # dopamd <file> [more files]
15 #
16 # Install pam auth config file in /etc/pam.d
17 dopamd() {
18 [[ -z $1 ]] && die "dopamd requires at least one argument"
19
20 if has pam ${IUSE} && ! use pam; then
21 return 0;
22 fi
23
24 ( # dont want to pollute calling env
25 insinto /etc/pam.d
26 insopts -m 0644
27 doins "$@"
28 ) || die "failed to install $@"
29 cleanpamd "$@"
30 }
31
32 # newpamd <old name> <new name>
33 #
34 # Install pam file <old name> as <new name> in /etc/pam.d
35 newpamd() {
36 [[ $# -ne 2 ]] && die "newpamd requires two arguments"
37
38 if has pam ${IUSE} && ! use pam; then
39 return 0;
40 fi
41
42 ( # dont want to pollute calling env
43 insinto /etc/pam.d
44 insopts -m 0644
45 newins "$1" "$2"
46 ) || die "failed to install $1 as $2"
47 cleanpamd $2
48 }
49
50 # dopamsecurity <section> <file> [more files]
51 #
52 # Installs the config files in /etc/security/<section>/
53 dopamsecurity() {
54 [[ $# -lt 2 ]] && die "dopamsecurity requires at least two arguments"
55
56 if has pam ${IUSE} && ! use pam; then
57 return 0
58 fi
59
60 ( # dont want to pollute calling env
61 insinto /etc/security/$1
62 insopts -m 0644
63 doins "${@:2}"
64 ) || die "failed to install ${@:2}"
65 }
66
67 # newpamsecurity <section> <old name> <new name>
68 #
69 # Installs the config file <old name> as <new name> in /etc/security/<section>/
70 newpamsecurity() {
71 [[ $# -ne 3 ]] && die "newpamsecurity requires three arguments"
72
73 if has pam ${IUSE} && ! use pam; then
74 return 0;
75 fi
76
77 ( # dont want to pollute calling env
78 insinto /etc/security/$1
79 insopts -m 0644
80 newins "$2" "$3"
81 ) || die "failed to install $2 as $3"
82 }
83
84 # getpam_mod_dir
85 #
86 # Returns the pam modules' directory for current implementation
87 getpam_mod_dir() {
88 if has_version sys-libs/pam || has_version sys-libs/openpam; then
89 PAM_MOD_DIR=/$(get_libdir)/security
90 else
91 # Unable to find PAM implementation... defaulting
92 PAM_MOD_DIR=/$(get_libdir)/security
93 fi
94
95 echo ${PAM_MOD_DIR}
96 }
97
98 # pammod_hide_symbols
99 #
100 # Hide all non-PAM-used symbols from the module; this function creates a
101 # simple ld version script that hides all the symbols that are not
102 # necessary for PAM to load the module, then uses append-flags to make
103 # sure that it gets used.
104 pammod_hide_symbols() {
105 cat - > "${T}"/pam-eclass-pam_symbols.ver <<EOF
106 {
107 global: pam_sm_*;
108 local: *;
109 };
110 EOF
111
112 append-ldflags -Wl,--version-script="${T}"/pam-eclass-pam_symbols.ver
113 }
114
115 # dopammod <file> [more files]
116 #
117 # Install pam module file in the pam modules' dir for current implementation
118 dopammod() {
119 [[ -z $1 ]] && die "dopammod requires at least one argument"
120
121 if has pam ${IUSE} && ! use pam; then
122 return 0;
123 fi
124
125 exeinto $(getpam_mod_dir)
126 doexe "$@" || die "failed to install $@"
127 }
128
129 # newpammod <old name> <new name>
130 #
131 # Install pam module file <old name> as <new name> in the pam
132 # modules' dir for current implementation
133 newpammod() {
134 [[ $# -ne 2 ]] && die "newpammod requires two arguements"
135
136 if has pam ${IUSE} && ! use pam; then
137 return 0;
138 fi
139
140 exeinto $(getpam_mod_dir)
141 newexe "$1" "$2" || die "failed to install $1 as $2"
142 }
143
144 # pamd_mimic_system <pamd file> [auth levels]
145 #
146 # This function creates a pamd file which mimics system-auth file
147 # for the given levels in the /etc/pam.d directory.
148 pamd_mimic_system() {
149 [[ $# -lt 2 ]] && die "pamd_mimic_system requires at least two argments"
150 pamd_mimic system-auth "$@"
151 }
152
153 # pamd_mimic <stack> <pamd file> [auth levels]
154 #
155 # This function creates a pamd file which mimics the given stack
156 # for the given levels in the /etc/pam.d directory.
157 pamd_mimic() {
158 [[ $# -lt 3 ]] && die "pamd_mimic requires at least three argments"
159
160 if has pam ${IUSE} && ! use pam; then
161 return 0;
162 fi
163
164 dodir /etc/pam.d
165 pamdfile=${D}/etc/pam.d/$2
166 echo -e "# File autogenerated by pamd_mimic in pam eclass\n\n" >> \
167 $pamdfile
168
169 originalstack=$1
170 authlevels="auth account password session"
171
172 if has_version '<sys-libs/pam-0.78'; then
173 mimic="\trequired\t\tpam_stack.so service=${originalstack}"
174 else
175 mimic="\tinclude\t\t${originalstack}"
176 fi
177
178 shift; shift
179
180 while [[ -n $1 ]]; do
181 has $1 ${authlevels} || die "unknown level type"
182
183 echo -e "$1${mimic}" >> ${pamdfile}
184
185 shift
186 done
187 }
188
189 # cleanpamd <pamd file>
190 #
191 # Cleans a pam.d file from modules that might not be present on the system
192 # where it's going to be installed
193 cleanpamd() {
194 while [[ -n $1 ]]; do
195 if ! has_version sys-libs/pam; then
196 sed -i -e '/pam_shells\|pam_console/s:^:#:' "${D}/etc/pam.d/$1"
197 fi
198
199 shift
200 done
201 }
202
203 pam_epam_expand() {
204 sed -n -e 's|#%EPAM-\([[:alpha:]-]\+\):\([-+<>=/.![:alnum:]]\+\)%#.*|\1 \2|p' \
205 "$@" | sort -u | while read condition parameter; do
206
207 disable="yes"
208
209 case "$condition" in
210 If-Has)
211 message="This can be used only if you have ${parameter} installed"
212 has_version "$parameter" && disable="no"
213 ;;
214 Use-Flag)
215 message="This can be used only if you enabled the ${parameter} USE flag"
216 use "$parameter" && disable="no"
217 ;;
218 *)
219 eerror "Unknown EPAM condition '${condition}' ('${parameter}')"
220 die "Unknown EPAM condition '${condition}' ('${parameter}')"
221 ;;
222 esac
223
224 if [ "${disable}" = "yes" ]; then
225 sed -i -e "/#%EPAM-${condition}:${parameter/\//\\/}%#/d" "$@"
226 else
227 sed -i -e "s|#%EPAM-${condition}:${parameter}%#||" "$@"
228 fi
229
230 done
231 }
232
233 # Think about it before uncommenting this one, for now run it by hand
234 # pam_pkg_preinst() {
235 # eshopts_push -o noglob # so that bash doen't expand "*"
236 #
237 # pam_epam_expand "${D}"/etc/pam.d/*
238 #
239 # eshopts_pop # reset old shell opts
240 # }
241
242 fi

  ViewVC Help
Powered by ViewVC 1.1.20