/[gentoo-x86]/eclass/pam.eclass
Gentoo

Diff of /eclass/pam.eclass

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

Revision 1.4 Revision 1.15
1# Copyright 2004 Gentoo Foundation 1# Copyright 2004 Gentoo Foundation
2# Distributed under the terms of the GNU General Public License, v2 or later 2# Distributed under the terms of the GNU General Public License, v2 or later
3# Author Diego Pettenò <flameeyes@gentoo.org> 3# Author Diego Pettenò <flameeyes@gentoo.org>
4# $Header: /var/cvsroot/gentoo-x86/eclass/pam.eclass,v 1.4 2005/06/04 19:01:11 flameeyes Exp $ 4# $Header: /var/cvsroot/gentoo-x86/eclass/pam.eclass,v 1.15 2008/02/20 00:00:01 flameeyes Exp $
5# 5#
6# This eclass contains functions to install pamd configuration files and 6# This eclass contains functions to install pamd configuration files and
7# pam modules. 7# pam modules.
8 8
9inherit multilib 9inherit multilib
10ECLASS="pam"
11INHERITED="$INHERITED $ECLASS"
12 10
13# dopamd <file> [more files] 11# dopamd <file> [more files]
14# 12#
15# Install pam auth config file in /etc/pam.d 13# Install pam auth config file in /etc/pam.d
16dopamd() { 14dopamd() {
18 16
19 if hasq pam ${IUSE} && ! use pam; then 17 if hasq pam ${IUSE} && ! use pam; then
20 return 0; 18 return 0;
21 fi 19 fi
22 20
23 INSDESTTREE=/etc/pam.d \ 21 ( # dont want to pollute calling env
22 insinto /etc/pam.d
23 insopts -m 0644
24 doins "$@"
24 doins "$@" || die "failed to install $@" 25 ) || die "failed to install $@"
26 cleanpamd "$@"
25} 27}
26 28
27# newpamd <old name> <new name> 29# newpamd <old name> <new name>
28# 30#
29# Install pam file <old name> as <new name> in /etc/pam.d 31# Install pam file <old name> as <new name> in /etc/pam.d
32 34
33 if hasq pam ${IUSE} && ! use pam; then 35 if hasq pam ${IUSE} && ! use pam; then
34 return 0; 36 return 0;
35 fi 37 fi
36 38
37 INSDESTTREE=/etc/pam.d \ 39 ( # dont want to pollute calling env
40 insinto /etc/pam.d
41 insopts -m 0644
42 newins "$1" "$2"
38 newins "$1" "$2" || die "failed to install $1 as $2" 43 ) || die "failed to install $1 as $2"
44 cleanpamd $2
39} 45}
40 46
41# dopamsecurity <section> <file> [more files] 47# dopamsecurity <section> <file> [more files]
42# 48#
43# Installs the config files in /etc/security/<section>/ 49# Installs the config files in /etc/security/<section>/
44dopamsecurity() { 50dopamsecurity() {
45 [[ $# -lt 2 ]] && die "dopamsecurity requires at least two arguments" 51 [[ $# -lt 2 ]] && die "dopamsecurity requires at least two arguments"
46 52
47 if hasq pam ${IUSE} && ! use pam; then 53 if hasq pam ${IUSE} && ! use pam; then
48 return 0; 54 return 0
49 fi 55 fi
50 56
51 INSDESTTREE=/etc/security/$1 \ 57 ( # dont want to pollute calling env
52 shift 58 insinto /etc/security/$1
59 insopts -m 0644
60 doins "${@:2}"
53 doins "$@" || die "failed to install $@" 61 ) || die "failed to install ${@:2}"
54} 62}
55 63
56# newpamsecurity <section> <old name> <new name> 64# newpamsecurity <section> <old name> <new name>
57# 65#
58# Installs the config file <old name> as <new name> in /etc/security/<section>/ 66# Installs the config file <old name> as <new name> in /etc/security/<section>/
61 69
62 if hasq pam ${IUSE} && ! use pam; then 70 if hasq pam ${IUSE} && ! use pam; then
63 return 0; 71 return 0;
64 fi 72 fi
65 73
66 INSDESTTREE=/etc/security/$1 \ 74 ( # dont want to pollute calling env
75 insinto /etc/security/$1
76 insopts -m 0644
77 newins "$2" "$3"
67 newins "$2" "$3" || die "failed to install $2 as $3" 78 ) || die "failed to install $2 as $3"
68} 79}
69 80
70# getpam_mod_dir 81# getpam_mod_dir
71# 82#
72# Returns the pam modules' directory for current implementation 83# Returns the pam modules' directory for current implementation
117# 128#
118# This function creates a pamd file which mimics system-auth file 129# This function creates a pamd file which mimics system-auth file
119# for the given levels in the /etc/pam.d directory. 130# for the given levels in the /etc/pam.d directory.
120pamd_mimic_system() { 131pamd_mimic_system() {
121 [[ $# -lt 2 ]] && die "pamd_mimic_system requires at least two argments" 132 [[ $# -lt 2 ]] && die "pamd_mimic_system requires at least two argments"
133 pamd_mimic system-auth "$@"
134}
135
136# pamd_mimic <stack> <pamd file> [auth levels]
137#
138# This function creates a pamd file which mimics the given stack
139# for the given levels in the /etc/pam.d directory.
140pamd_mimic() {
141 [[ $# -lt 3 ]] && die "pamd_mimic requires at least three argments"
122 142
123 if hasq pam ${IUSE} && ! use pam; then 143 if hasq pam ${IUSE} && ! use pam; then
124 return 0; 144 return 0;
125 fi 145 fi
126 146
127 dodir /etc/pam.d 147 dodir /etc/pam.d
128 pamdfile=${D}/etc/pam.d/$1 148 pamdfile=${D}/etc/pam.d/$2
129 echo -e "# File autogenerated by pamd_mimic_system in pam eclass\n\n" >> \ 149 echo -e "# File autogenerated by pamd_mimic in pam eclass\n\n" >> \
130 $pamdfile 150 $pamdfile
131 151
152 originalstack=$1
132 authlevels="auth account password session" 153 authlevels="auth account password session"
133 154
134 shift 155 if has_version '<sys-libs/pam-0.78'; then
156 mimic="\trequired\t\tpam_stack.so service=${originalstack}"
157 else
158 mimic="\tinclude\t\t${originalstack}"
159 fi
160
161 shift; shift
135 162
136 while [[ -n $1 ]]; do 163 while [[ -n $1 ]]; do
137 hasq $1 ${authlevels} || die "unknown level type" 164 hasq $1 ${authlevels} || die "unknown level type"
138 165
139 echo -e "$1\tinclude\t\tsystem-auth" >> ${pamdfile} 166 echo -e "$1${mimic}" >> ${pamdfile}
140 167
141 shift 168 shift
142 done 169 done
143} 170}
171
172# cleanpamd <pamd file>
173#
174# Cleans a pam.d file from modules that might not be present on the system
175# where it's going to be installed
176cleanpamd() {
177 while [[ -n $1 ]]; do
178 if ! has_version sys-libs/pam; then
179 sed -i -e '/pam_shells\|pam_console/s:^:#:' ${D}/etc/pam.d/$1
180 fi
181
182 shift
183 done
184}
185
186pam_epam_expand() {
187 sed -n -e 's|#%EPAM-\([[:alpha:]-]\+\):\([-+<>=/.![:alnum:]]\+\)%#.*|\1 \2|p' \
188 "$@" | sort -u | while read condition parameter; do
189
190 disable="yes"
191
192 case "$condition" in
193 If-Has)
194 message="This can be used only if you have ${parameter} installed"
195 has_version "$parameter" && disable="no"
196 ;;
197 Use-Flag)
198 message="This can be used only if you enabled the ${parameter} USE flag"
199 use "$parameter" && disable="no"
200 ;;
201 *)
202 eerror "Unknown EPAM condition '${condition}' ('${parameter}')"
203 die "Unknown EPAM condition '${condition}' ('${parameter}')"
204 ;;
205 esac
206
207 if [ "${disable}" = "yes" ]; then
208 sed -i -e "/#%EPAM-${condition}:${parameter/\//\\/}%#/d" "$@"
209 else
210 sed -i -e "s|#%EPAM-${condition}:${parameter}%#||" "$@"
211 fi
212
213 done
214}
215
216# Think about it before uncommenting this one, for now run it by hand
217# pam_pkg_preinst() {
218# local shopts=$-
219# set -o noglob # so that bash doen't expand "*"
220#
221# pam_epam_expand "${D}"/etc/pam.d/*
222#
223# set +o noglob; set -$shopts # reset old shell opts
224# }

Legend:
Removed from v.1.4  
changed lines
  Added in v.1.15

  ViewVC Help
Powered by ViewVC 1.1.20