summaryrefslogtreecommitdiffstats
path: root/main/linux-pam
diff options
context:
space:
mode:
Diffstat (limited to 'main/linux-pam')
-rw-r--r--main/linux-pam/APKBUILD77
-rw-r--r--main/linux-pam/base-account.pamd3
-rw-r--r--main/linux-pam/base-auth.pamd5
-rw-r--r--main/linux-pam/base-password.pamd3
-rw-r--r--main/linux-pam/base-session-noninteractive.pamd4
-rw-r--r--main/linux-pam/base-session.pamd4
-rw-r--r--main/linux-pam/linux-pam-innetgr.patch54
-rw-r--r--main/linux-pam/other.pamd6
8 files changed, 156 insertions, 0 deletions
diff --git a/main/linux-pam/APKBUILD b/main/linux-pam/APKBUILD
new file mode 100644
index 000000000..dbfb97f19
--- /dev/null
+++ b/main/linux-pam/APKBUILD
@@ -0,0 +1,77 @@
+# Contributor: William Pitcock <nenolod@dereferenced.org>
+# Maintainer: William Pitcock <nenolod@dereferenced.org>
+pkgname=linux-pam
+pkgver=1.1.3
+pkgrel=4
+pkgdesc="pluggable authentication modules for linux"
+url="http://www.kernel.org/pub/linux/libs/pam"
+arch="all"
+license="BSD"
+depends=
+depends_dev="gettext-dev"
+makedepends="$depends_dev bison flex"
+install=""
+subpackages="$pkgname-dev $pkgname-doc"
+source="http://www.kernel.org/pub/linux/libs/pam/library/Linux-PAM-$pkgver.tar.bz2
+ linux-pam-innetgr.patch
+ base-auth.pamd
+ base-account.pamd
+ base-password.pamd
+ base-session.pamd
+ base-session-noninteractive.pamd
+ other.pamd"
+
+_builddir="$srcdir"/Linux-PAM-$pkgver
+prepare() {
+ local i
+ cd "$_builddir"
+ for i in $source; do
+ case $i in
+ *.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;;
+ esac
+ done
+}
+
+build() {
+ cd "$_builddir"
+ ./configure --prefix=/usr \
+ --libdir=/lib \
+ --sysconfdir=/etc \
+ --mandir=/usr/share/man \
+ --infodir=/usr/share/info \
+ --localstatedir=/var \
+ --disable-nls \
+ || return 1
+ make || return 1
+}
+
+package() {
+ cd "$_builddir"
+ make DESTDIR="$pkgdir" install || return 1
+
+ # do not install pam.d files bundled with the source, they could be broken
+ rm -rf "$pkgdir"/etc/pam.d
+
+ # install our pam.d files
+ mkdir "$pkgdir"/etc/pam.d
+ for i in $source; do
+ case $i in
+ *.pamd)
+ basename=$(echo $i | cut -d. -f1)
+ cp "$srcdir"/$i "$pkgdir"/etc/pam.d/"$basename"
+ ;;
+ esac
+ done
+
+ # delete pointless libtool archives.
+ find "$pkgdir" -name *.la -print | xargs rm
+}
+
+md5sums="6db7fcb5db6253350e3a4648ceac40e7 Linux-PAM-1.1.3.tar.bz2
+c309401e103cc86e8b25557ff3eb0b53 linux-pam-innetgr.patch
+aa5bb7c9d8e4687aea1ae69b7447254a base-auth.pamd
+fafcf29cb9bab788cb4933106be31883 base-account.pamd
+117535e4938f478efced1398b408cf96 base-password.pamd
+baec6808544bf6cebc59e07467f8c213 base-session.pamd
+afbdd8eb4db5c31dfd8e8da35c698b90 base-session-noninteractive.pamd
+b8e839ece64df173f16d28520eb8d66c other.pamd"
diff --git a/main/linux-pam/base-account.pamd b/main/linux-pam/base-account.pamd
new file mode 100644
index 000000000..591092944
--- /dev/null
+++ b/main/linux-pam/base-account.pamd
@@ -0,0 +1,3 @@
+# basic PAM configuration for Alpine.
+
+account required pam_unix.so
diff --git a/main/linux-pam/base-auth.pamd b/main/linux-pam/base-auth.pamd
new file mode 100644
index 000000000..012445aa3
--- /dev/null
+++ b/main/linux-pam/base-auth.pamd
@@ -0,0 +1,5 @@
+# basic PAM configuration for Alpine.
+
+auth required pam_env.so
+auth required pam_unix.so nullok_secure
+auth required pam_nologin.so successok
diff --git a/main/linux-pam/base-password.pamd b/main/linux-pam/base-password.pamd
new file mode 100644
index 000000000..a146a93fe
--- /dev/null
+++ b/main/linux-pam/base-password.pamd
@@ -0,0 +1,3 @@
+# basic PAM configuration for Alpine.
+
+password required pam_unix.so nullok obscure md5 sha512
diff --git a/main/linux-pam/base-session-noninteractive.pamd b/main/linux-pam/base-session-noninteractive.pamd
new file mode 100644
index 000000000..85e07d594
--- /dev/null
+++ b/main/linux-pam/base-session-noninteractive.pamd
@@ -0,0 +1,4 @@
+# basic PAM configuration for Alpine.
+
+session required pam_limits.so
+session required pam_unix.so
diff --git a/main/linux-pam/base-session.pamd b/main/linux-pam/base-session.pamd
new file mode 100644
index 000000000..bf5bcb734
--- /dev/null
+++ b/main/linux-pam/base-session.pamd
@@ -0,0 +1,4 @@
+# basic PAM configuration for Alpine.
+
+session include base-session-noninteractive
+session required pam_motd.so
diff --git a/main/linux-pam/linux-pam-innetgr.patch b/main/linux-pam/linux-pam-innetgr.patch
new file mode 100644
index 000000000..a94fa3dae
--- /dev/null
+++ b/main/linux-pam/linux-pam-innetgr.patch
@@ -0,0 +1,54 @@
+--- Linux-PAM-1.1.3.orig/modules/pam_group/pam_group.c
++++ Linux-PAM-1.1.3/modules/pam_group/pam_group.c
+@@ -658,10 +658,13 @@
+ continue;
+ }
+ /* If buffer starts with @, we are using netgroups */
++#ifdef HAVE_INNETGR
+ if (buffer[0] == '@')
+ good &= innetgr (&buffer[1], NULL, user, NULL);
+ /* otherwise, if the buffer starts with %, it's a UNIX group */
+- else if (buffer[0] == '%')
++ else
++#endif
++ if (buffer[0] == '%')
+ good &= pam_modutil_user_in_group_nam_nam(pamh, user, &buffer[1]);
+ else
+ good &= logic_field(pamh,user, buffer, count, is_same);
+--- Linux-PAM-1.1.3.orig/modules/pam_succeed_if/pam_succeed_if.c
++++ Linux-PAM-1.1.3/modules/pam_succeed_if/pam_succeed_if.c
+@@ -233,16 +233,20 @@
+ static int
+ evaluate_innetgr(const char *host, const char *user, const char *group)
+ {
++#ifdef HAVE_INNETGR
+ if (innetgr(group, host, user, NULL) == 1)
+ return PAM_SUCCESS;
++#endif
+ return PAM_AUTH_ERR;
+ }
+ /* Return PAM_SUCCESS if the (host,user) is NOT in the netgroup. */
+ static int
+ evaluate_notinnetgr(const char *host, const char *user, const char *group)
+ {
++#ifdef HAVE_INNETGR
+ if (innetgr(group, host, user, NULL) == 0)
+ return PAM_SUCCESS;
++#endif
+ return PAM_AUTH_ERR;
+ }
+
+--- Linux-PAM-1.1.3.orig/modules/pam_time/pam_time.c
++++ Linux-PAM-1.1.3/modules/pam_time/pam_time.c
+@@ -554,9 +554,11 @@
+ continue;
+ }
+ /* If buffer starts with @, we are using netgroups */
++#ifdef HAVE_INNETGR
+ if (buffer[0] == '@')
+ good &= innetgr (&buffer[1], NULL, user, NULL);
+ else
++#endif
+ good &= logic_field(pamh, user, buffer, count, is_same);
+ D(("with user: %s", good ? "passes":"fails" ));
+
diff --git a/main/linux-pam/other.pamd b/main/linux-pam/other.pamd
new file mode 100644
index 000000000..8c9797e71
--- /dev/null
+++ b/main/linux-pam/other.pamd
@@ -0,0 +1,6 @@
+# basic PAM configuration for Alpine.
+
+auth include base-auth
+account include base-account
+password include base-password
+session include base-session-noninteractive