/[gentoo-x86]/eclass/pam.eclass
Gentoo

Contents of /eclass/pam.eclass

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.23 - (show annotations) (download)
Sun Aug 5 15:34:20 2012 UTC (23 months ago) by jlec
Branch: MAIN
CVS Tags: HEAD
Changes since 1.22: +46 -26 lines
Add magic needed for app-portage/eclass-manpages to pam.eclass, changes approved by author

1 # Copyright 1999-2012 Gentoo Foundation
2 # Distributed under the terms of the GNU General Public License, v2 or later
3 # $Header: /var/cvsroot/gentoo-x86/eclass/pam.eclass,v 1.22 2011/12/27 17:55:12 fauli Exp $
4 #
5
6 # @ECLASS: pam.eclass
7 # @MAINTAINER:
8 # pam-bugs@gentoo.org
9 # @AUTHOR:
10 # Diego Pettenò <flameeyes@gentoo.org>
11 # @BLURB: Handles pam related tasks
12 # @DESCRIPTION:
13 # This eclass contains functions to install pamd configuration files and
14 # pam modules.
15
16 if [[ ${___ECLASS_ONCE_PAM} != "recur -_+^+_- spank" ]] ; then
17 ___ECLASS_ONCE_PAM="recur -_+^+_- spank"
18
19 inherit flag-o-matic multilib
20
21 # @FUNCTION: dopamd
22 # @USAGE: <file> [more files]
23 # @DESCRIPTION:
24 # Install pam auth config file in /etc/pam.d
25 dopamd() {
26 [[ -z $1 ]] && die "dopamd requires at least one argument"
27
28 if has pam ${IUSE} && ! use pam; then
29 return 0;
30 fi
31
32 ( # dont want to pollute calling env
33 insinto /etc/pam.d
34 insopts -m 0644
35 doins "$@"
36 ) || die "failed to install $@"
37 cleanpamd "$@"
38 }
39
40 # @FUNCTION: newpamd
41 # @USAGE: <old name> <new name>
42 # @DESCRIPTION:
43 # Install pam file <old name> as <new name> in /etc/pam.d
44 newpamd() {
45 [[ $# -ne 2 ]] && die "newpamd requires two arguments"
46
47 if has pam ${IUSE} && ! use pam; then
48 return 0;
49 fi
50
51 ( # dont want to pollute calling env
52 insinto /etc/pam.d
53 insopts -m 0644
54 newins "$1" "$2"
55 ) || die "failed to install $1 as $2"
56 cleanpamd $2
57 }
58
59 # @FUNCTION: dopamsecurity
60 # @USAGE: <section> <file> [more files]
61 # @DESCRIPTION:
62 # Installs the config files in /etc/security/<section>/
63 dopamsecurity() {
64 [[ $# -lt 2 ]] && die "dopamsecurity requires at least two arguments"
65
66 if has pam ${IUSE} && ! use pam; then
67 return 0
68 fi
69
70 ( # dont want to pollute calling env
71 insinto /etc/security/$1
72 insopts -m 0644
73 doins "${@:2}"
74 ) || die "failed to install ${@:2}"
75 }
76
77 # @FUNCTION: newpamsecurity
78 # @USAGE: <section> <old name> <new name>
79 # @DESCRIPTION:
80 # Installs the config file <old name> as <new name> in /etc/security/<section>/
81 newpamsecurity() {
82 [[ $# -ne 3 ]] && die "newpamsecurity requires three arguments"
83
84 if has pam ${IUSE} && ! use pam; then
85 return 0;
86 fi
87
88 ( # dont want to pollute calling env
89 insinto /etc/security/$1
90 insopts -m 0644
91 newins "$2" "$3"
92 ) || die "failed to install $2 as $3"
93 }
94
95 # @FUNCTION: getpam_mod_dir
96 # @DESCRIPTION:
97 # Returns the pam modules' directory for current implementation
98 getpam_mod_dir() {
99 if has_version sys-libs/pam || has_version sys-libs/openpam; then
100 PAM_MOD_DIR=/$(get_libdir)/security
101 else
102 # Unable to find PAM implementation... defaulting
103 PAM_MOD_DIR=/$(get_libdir)/security
104 fi
105
106 echo ${PAM_MOD_DIR}
107 }
108
109 # @FUNCTION: pammod_hide_symbols
110 # @DESCRIPTION:
111 # Hide all non-PAM-used symbols from the module; this function creates a
112 # simple ld version script that hides all the symbols that are not
113 # necessary for PAM to load the module, then uses append-flags to make
114 # sure that it gets used.
115 pammod_hide_symbols() {
116 cat - > "${T}"/pam-eclass-pam_symbols.ver <<EOF
117 {
118 global: pam_sm_*;
119 local: *;
120 };
121 EOF
122
123 append-ldflags -Wl,--version-script="${T}"/pam-eclass-pam_symbols.ver
124 }
125
126 # @FUNCTION: dopammod
127 # @USAGE: <file> [more files]
128 # @DESCRIPTION:
129 # Install pam module file in the pam modules' dir for current implementation
130 dopammod() {
131 [[ -z $1 ]] && die "dopammod requires at least one argument"
132
133 if has pam ${IUSE} && ! use pam; then
134 return 0;
135 fi
136
137 exeinto $(getpam_mod_dir)
138 doexe "$@" || die "failed to install $@"
139 }
140
141 # @FUNCTION: newpammod
142 # @USAGE: <old name> <new name>
143 # @DESCRIPTION:
144 # Install pam module file <old name> as <new name> in the pam
145 # modules' dir for current implementation
146 newpammod() {
147 [[ $# -ne 2 ]] && die "newpammod requires two arguements"
148
149 if has pam ${IUSE} && ! use pam; then
150 return 0;
151 fi
152
153 exeinto $(getpam_mod_dir)
154 newexe "$1" "$2" || die "failed to install $1 as $2"
155 }
156
157 # @FUNCTION: pamd_mimic_system
158 # @USAGE: <pamd file> [auth levels]
159 # @DESCRIPTION:
160 # This function creates a pamd file which mimics system-auth file
161 # for the given levels in the /etc/pam.d directory.
162 pamd_mimic_system() {
163 [[ $# -lt 2 ]] && die "pamd_mimic_system requires at least two argments"
164 pamd_mimic system-auth "$@"
165 }
166
167 # @FUNCTION: pamd_mimic
168 # @USAGE: <stack> <pamd file> [auth levels]
169 # @DESCRIPTION:
170 # This function creates a pamd file which mimics the given stack
171 # for the given levels in the /etc/pam.d directory.
172 pamd_mimic() {
173 [[ $# -lt 3 ]] && die "pamd_mimic requires at least three argments"
174
175 if has pam ${IUSE} && ! use pam; then
176 return 0;
177 fi
178
179 dodir /etc/pam.d
180 pamdfile=${D}/etc/pam.d/$2
181 echo -e "# File autogenerated by pamd_mimic in pam eclass\n\n" >> \
182 $pamdfile
183
184 originalstack=$1
185 authlevels="auth account password session"
186
187 if has_version '<sys-libs/pam-0.78'; then
188 mimic="\trequired\t\tpam_stack.so service=${originalstack}"
189 else
190 mimic="\tinclude\t\t${originalstack}"
191 fi
192
193 shift; shift
194
195 while [[ -n $1 ]]; do
196 has $1 ${authlevels} || die "unknown level type"
197
198 echo -e "$1${mimic}" >> ${pamdfile}
199
200 shift
201 done
202 }
203
204 # @FUNCTION: cleanpamd
205 # @USAGE: <pamd file>
206 # @DESCRIPTION:
207 # Cleans a pam.d file from modules that might not be present on the system
208 # where it's going to be installed
209 cleanpamd() {
210 while [[ -n $1 ]]; do
211 if ! has_version sys-libs/pam; then
212 sed -i -e '/pam_shells\|pam_console/s:^:#:' "${D}/etc/pam.d/$1"
213 fi
214
215 shift
216 done
217 }
218
219 # @FUNCTION: pam_epam_expand
220 # @USAGE: <pamd file>
221 # @DESCRIPTION:
222 # Steer clear, deprecated, don't use, bad experiment
223 pam_epam_expand() {
224 sed -n -e 's|#%EPAM-\([[:alpha:]-]\+\):\([-+<>=/.![:alnum:]]\+\)%#.*|\1 \2|p' \
225 "$@" | sort -u | while read condition parameter; do
226
227 disable="yes"
228
229 case "$condition" in
230 If-Has)
231 message="This can be used only if you have ${parameter} installed"
232 has_version "$parameter" && disable="no"
233 ;;
234 Use-Flag)
235 message="This can be used only if you enabled the ${parameter} USE flag"
236 use "$parameter" && disable="no"
237 ;;
238 *)
239 eerror "Unknown EPAM condition '${condition}' ('${parameter}')"
240 die "Unknown EPAM condition '${condition}' ('${parameter}')"
241 ;;
242 esac
243
244 if [ "${disable}" = "yes" ]; then
245 sed -i -e "/#%EPAM-${condition}:${parameter/\//\\/}%#/d" "$@"
246 else
247 sed -i -e "s|#%EPAM-${condition}:${parameter}%#||" "$@"
248 fi
249
250 done
251 }
252
253 # Think about it before uncommenting this one, for now run it by hand
254 # pam_pkg_preinst() {
255 # eshopts_push -o noglob # so that bash doen't expand "*"
256 #
257 # pam_epam_expand "${D}"/etc/pam.d/*
258 #
259 # eshopts_pop # reset old shell opts
260 # }
261
262 fi

  ViewVC Help
Powered by ViewVC 1.1.20