pam: update to 1.5.1, update homepage, adopt.

Also: - Cracklib is deprecated and disabled by default. - pam_tally and pam_tally2 have been removed. - Add checkdepends. - Add changelog. Due to the pam_tally removal, this package has to depend on the newest version of pam-base.
2020-10-11 00:43:04 -03:00 · 2020-10-11 00:43:04 -03:00 · 245d4a5ed7
parent ebae4a32ad
commit 245d4a5ed7
5 changed files with 25 additions and 108 deletions
--- a/srcpkgs/pam/INSTALL.msg
+++ b/srcpkgs/pam/INSTALL.msg
@ -0,0 +1,7 @@
+WARNING: PAM>=1.5.0 has removed the pam_tally and pam_tally2 modules,
+as well as the pam_lastlog module on musl. If you have a custom PAM
+config, you will need to fix it immediately for these changes.
+
+Otherwise, the pam-base-0.4 update will have handled these changes for
+you, unless your XBPS config uses "keepconf=true",
+"preserve=/etc/pam.d/system-login" or "preserve=/etc/pam.d/*".
--- a/srcpkgs/pam/patches/musl-fix-pam_exec.patch
+++ b/srcpkgs/pam/patches/musl-fix-pam_exec.patch
@ -1,31 +0,0 @@
--- ./modules/pam_exec/pam_exec.c.orig
-+++ ./modules/pam_exec/pam_exec.c
-@@ -103,11 +103,14 @@
-   int optargc;
-   const char *logfile = NULL;
-   const char *authtok = NULL;
-+  char authtok_buf[PAM_MAX_RESP_SIZE+1];
-+
-   pid_t pid;
-   int fds[2];
-   int stdout_fds[2];
-   FILE *stdout_file = NULL;
- 
-+  memset(authtok_buf, 0, sizeof(authtok_buf));
-   if (argc < 1) {
-     pam_syslog (pamh, LOG_ERR,
- 		"This module needs at least one argument");
-@@ -178,11 +181,11 @@
- 		}
- 
- 	      pam_set_item (pamh, PAM_AUTHTOK, resp);
-	      authtok = strndupa (resp, PAM_MAX_RESP_SIZE);
-+	      authtok = strncpy(authtok_buf, resp, sizeof(authtok_buf));
- 	      _pam_drop (resp);
- 	    }
- 	  else
-	    authtok = strndupa (void_pass, PAM_MAX_RESP_SIZE);
-+	    authtok = strncpy(authtok_buf, void_pass, sizeof(authtok_buf));
- 
- 	  if (pipe(fds) != 0)
- 	    {
--- a/srcpkgs/pam/patches/pam_unix_sys_resource.patch
+++ b/srcpkgs/pam/patches/pam_unix_sys_resource.patch
@ -1,10 +0,0 @@
--- modules/pam_unix/pam_unix_acct.c.orig	2012-07-09 15:01:11.592269364 +0200
-+++ modules/pam_unix/pam_unix_acct.c	2012-07-09 15:01:54.615228076 +0200
-@@ -47,6 +47,7 @@
- #include <time.h>		/* for time() */
- #include <errno.h>
- #include <sys/wait.h>
-+#include <sys/resource.h>	/* for RLIMIT_NOFILE */
- 
- #include <security/_pam_macros.h>
- 
--- a/srcpkgs/pam/patches/portability-fixes.patch
+++ b/srcpkgs/pam/patches/portability-fixes.patch
@ -1,44 +0,0 @@
--- modules/pam_lastlog/pam_lastlog.c.orig     2014-01-11 12:56:15.735248391 +0100
-+++ modules/pam_lastlog/pam_lastlog.c  2014-01-11 12:57:33.142756424 +0100
-@@ -26,6 +26,7 @@
- #include <sys/types.h>
- #include <syslog.h>
- #include <unistd.h>
-+#include <paths.h>
- 
- #if defined(hpux) || defined(sunos) || defined(solaris)
- # ifndef _PATH_LASTLOG
-@@ -403,7 +404,9 @@ last_login_write(pam_handle_t *pamh, int
- 
-     if (announce & LASTLOG_WTMP) {
-       /* write wtmp entry for user */
-+#ifdef HAVE_LOGWTMP
-       logwtmp(last_login.ll_line, user, remote_host);
-+#endif
-     }
- 
-     /* cleanup */
-@@ -713,7 +716,9 @@ pam_sm_close_session (pam_handle_t *pamh
-     terminal_line = get_tty(pamh);
- 
-     /* Wipe out utmp logout entry */
-+#ifdef HAVE_LOGWTMP
-     logwtmp(terminal_line, "", "");
-+#endif
- 
-     return PAM_SUCCESS;
- }
--- modules/pam_rhosts/pam_rhosts.c.orig       2014-01-11 12:58:40.263196779 +0100
-+++ modules/pam_rhosts/pam_rhosts.c    2014-01-11 12:59:25.182491398 +0100
-@@ -113,8 +113,10 @@ int pam_sm_authenticate (pam_handle_t *p
- 
- #ifdef HAVE_RUSEROK_AF
-     retval = ruserok_af (rhost, as_root, ruser, luser, PF_UNSPEC);
-#else
-+#elif HAVE_RUSEROK
-     retval = ruserok (rhost, as_root, ruser, luser);
-+#else
-+    retval = 1;
- #endif
-     if (retval != 0) {
-       if (!opt_silent || opt_debug)
--- a/srcpkgs/pam/template
+++ b/srcpkgs/pam/template
@ -1,16 +1,18 @@
 # Template file for 'pam'
 pkgname=pam
-version=1.3.0
-revision=2
+version=1.5.1
+revision=1
 wrksrc="Linux-PAM-$version"
 build_style=gnu-configure
 configure_args="
 --libdir=/usr/lib --sbindir=/usr/bin --docdir=/usr/share/doc/pam
- --disable-nis --disable-cracklib --disable-audit --disable-selinux
+ --disable-nis --disable-audit --disable-selinux
 --disable-regenerate-docu BUILD_CFLAGS=-Os BUILD_LDFLAGS="
-hostmakedepends="automake gettext-devel flex libtool pkg-config"
+hostmakedepends="gettext-devel pkg-config"
 makedepends="libfl-devel db-devel"
-depends="pam-base"
+# version of pam-base that doesn't include removed modules
+depends="pam-base>=0.4_1"
+checkdepends="${depends}"
 conf_files="
 	/etc/environment
 	/etc/security/access.conf
@ -22,31 +24,24 @@ conf_files="
 make_dirs="
 	/etc/security/limits.d 0755 root root
 	/etc/security/namespace.d 0755 root root"
-lib32disabled=yes
 short_desc="Flexible mechanism for authenticating users"
-maintainer="Orphaned <orphan@voidlinux.org>"
+maintainer="Érico Nogueira <ericonr@disroot.org>"
 license="BSD-3-Clause"
-homepage="http://www.kernel.org/pub/linux/libs/pam/"
-distfiles="http://linux-pam.org/library/Linux-PAM-${version}.tar.bz2"
-checksum=241aed1ef522f66ed672719ecf2205ec513fd0075ed80cda8e086a5b1a01d1bb
+homepage="https://github.com/linux-pam/linux-pam"
+changelog="https://raw.githubusercontent.com/linux-pam/linux-pam/master/NEWS"
+distfiles="${homepage}/releases/download/v${version}/Linux-PAM-${version}.tar.xz"
+checksum=201d40730b1135b1b3cdea09f2c28ac634d73181ccd0172ceddee3649c5792fc
+lib32disabled=yes

-pre_configure() {
-	case "$XBPS_TARGET_MACHINE" in
-		*-musl) configure_args+=" ac_cv_search_crypt=no";;
-	esac
-	autoreconf -fi
-}
+if [ "$XBPS_CHECK_PKGS" = musl ]; then
+	configure_args+=" ac_cv_search_crypt=no"
+fi

 post_install() {
 	# Fix unix_chkpwd perms.
 	chmod 4755 ${DESTDIR}/usr/bin/unix_chkpwd
-	#
-	# Fix a syntax error in namespace.init, -p flag is unknown
-	# at least to dash and bash.
-	#
-	sed -i -e "s|^#!/bin/sh -p$|#!/bin/sh|" \
-		${DESTDIR}/etc/security/namespace.init
-	chmod 755 ${DESTDIR}/etc/security/namespace.init
+	rm -r ${DESTDIR}/usr/lib/systemd
+	vlicense COPYING LICENSE
 }

 pam-devel_package() {