pam: update to 1.5.1, update homepage, adopt.

Also: - Cracklib is deprecated and disabled by default. - pam_tally and pam_tally2 have been removed. - Add checkdepends. - Add changelog. Due to the pam_tally removal, this package has to depend on the newest version of pam-base.
2020-10-11 00:43:04 -03:00 · 2020-10-11 00:43:04 -03:00 · 245d4a5ed7
parent ebae4a32ad
commit 245d4a5ed7
5 changed files with 25 additions and 108 deletions
--- a/srcpkgs/pam/INSTALL.msg
+++ b/srcpkgs/pam/INSTALL.msg
@ -0,0 +1,7 @@
 WARNING: PAM>=1.5.0 has removed the pam_tally and pam_tally2 modules,
 as well as the pam_lastlog module on musl. If you have a custom PAM
 config, you will need to fix it immediately for these changes.
 Otherwise, the pam-base-0.4 update will have handled these changes for
 you, unless your XBPS config uses "keepconf=true",
 "preserve=/etc/pam.d/system-login" or "preserve=/etc/pam.d/*".
--- a/srcpkgs/pam/patches/musl-fix-pam_exec.patch
+++ b/srcpkgs/pam/patches/musl-fix-pam_exec.patch
@ -1,31 +0,0 @@
 --- ./modules/pam_exec/pam_exec.c.orig
 +++ ./modules/pam_exec/pam_exec.c
@@ -103,11 +103,14 @@
   int optargc;
   const char *logfile = NULL;
   const char *authtok = NULL;
 +  char authtok_buf[PAM_MAX_RESP_SIZE+1];
 +
   pid_t pid;
   int fds[2];
   int stdout_fds[2];
   FILE *stdout_file = NULL;
 +  memset(authtok_buf, 0, sizeof(authtok_buf));
   if (argc < 1) {
     pam_syslog (pamh, LOG_ERR,
 		"This module needs at least one argument");
@@ -178,11 +181,11 @@
 		}
 	      pam_set_item (pamh, PAM_AUTHTOK, resp);
 -	      authtok = strndupa (resp, PAM_MAX_RESP_SIZE);
 +	      authtok = strncpy(authtok_buf, resp, sizeof(authtok_buf));
 	      _pam_drop (resp);
 	    }
 	  else
 -	    authtok = strndupa (void_pass, PAM_MAX_RESP_SIZE);
 +	    authtok = strncpy(authtok_buf, void_pass, sizeof(authtok_buf));
 	  if (pipe(fds) != 0)
 	    {
--- a/srcpkgs/pam/patches/pam_unix_sys_resource.patch
+++ b/srcpkgs/pam/patches/pam_unix_sys_resource.patch
@ -1,10 +0,0 @@
 --- modules/pam_unix/pam_unix_acct.c.orig	2012-07-09 15:01:11.592269364 +0200
 +++ modules/pam_unix/pam_unix_acct.c	2012-07-09 15:01:54.615228076 +0200
@@ -47,6 +47,7 @@
 #include <time.h>		/* for time() */
 #include <errno.h>
 #include <sys/wait.h>
 +#include <sys/resource.h>	/* for RLIMIT_NOFILE */
 #include <security/_pam_macros.h>
--- a/srcpkgs/pam/patches/portability-fixes.patch
+++ b/srcpkgs/pam/patches/portability-fixes.patch
@ -1,44 +0,0 @@
 --- modules/pam_lastlog/pam_lastlog.c.orig     2014-01-11 12:56:15.735248391 +0100
 +++ modules/pam_lastlog/pam_lastlog.c  2014-01-11 12:57:33.142756424 +0100
@@ -26,6 +26,7 @@
 #include <sys/types.h>
 #include <syslog.h>
 #include <unistd.h>
 +#include <paths.h>
 #if defined(hpux) || defined(sunos) || defined(solaris)
 # ifndef _PATH_LASTLOG
@@ -403,7 +404,9 @@ last_login_write(pam_handle_t *pamh, int
     if (announce & LASTLOG_WTMP) {
       /* write wtmp entry for user */
 +#ifdef HAVE_LOGWTMP
       logwtmp(last_login.ll_line, user, remote_host);
 +#endif
     }
     /* cleanup */
@@ -713,7 +716,9 @@ pam_sm_close_session (pam_handle_t *pamh
     terminal_line = get_tty(pamh);
     /* Wipe out utmp logout entry */
 +#ifdef HAVE_LOGWTMP
     logwtmp(terminal_line, "", "");
 +#endif
     return PAM_SUCCESS;
 }
 --- modules/pam_rhosts/pam_rhosts.c.orig       2014-01-11 12:58:40.263196779 +0100
 +++ modules/pam_rhosts/pam_rhosts.c    2014-01-11 12:59:25.182491398 +0100
@@ -113,8 +113,10 @@ int pam_sm_authenticate (pam_handle_t *p
 #ifdef HAVE_RUSEROK_AF
     retval = ruserok_af (rhost, as_root, ruser, luser, PF_UNSPEC);
 -#else
 +#elif HAVE_RUSEROK
     retval = ruserok (rhost, as_root, ruser, luser);
 +#else
 +    retval = 1;
 #endif
     if (retval != 0) {
       if (!opt_silent || opt_debug)
--- a/srcpkgs/pam/template
+++ b/srcpkgs/pam/template
@ -1,16 +1,18 @@
 # Template file for 'pam'
 pkgname=pam
-version=1.3.0
+version=1.5.1
-revision=2
+revision=1
 wrksrc="Linux-PAM-$version"
 build_style=gnu-configure
 configure_args="
 --libdir=/usr/lib --sbindir=/usr/bin --docdir=/usr/share/doc/pam
- --disable-nis --disable-cracklib --disable-audit --disable-selinux
+ --disable-nis --disable-audit --disable-selinux
 --disable-regenerate-docu BUILD_CFLAGS=-Os BUILD_LDFLAGS="
-hostmakedepends="automake gettext-devel flex libtool pkg-config"
+hostmakedepends="gettext-devel pkg-config"
 makedepends="libfl-devel db-devel"
-depends="pam-base"
+# version of pam-base that doesn't include removed modules
 depends="pam-base>=0.4_1"
 checkdepends="${depends}"
 conf_files="
 	/etc/environment
 	/etc/security/access.conf
@ -22,31 +24,24 @@ conf_files="
 make_dirs="
 	/etc/security/limits.d 0755 root root
 	/etc/security/namespace.d 0755 root root"
 lib32disabled=yes
 short_desc="Flexible mechanism for authenticating users"
-maintainer="Orphaned <orphan@voidlinux.org>"
+maintainer="Érico Nogueira <ericonr@disroot.org>"
 license="BSD-3-Clause"
-homepage="http://www.kernel.org/pub/linux/libs/pam/"
+homepage="https://github.com/linux-pam/linux-pam"
-distfiles="http://linux-pam.org/library/Linux-PAM-${version}.tar.bz2"
+changelog="https://raw.githubusercontent.com/linux-pam/linux-pam/master/NEWS"
-checksum=241aed1ef522f66ed672719ecf2205ec513fd0075ed80cda8e086a5b1a01d1bb
+distfiles="${homepage}/releases/download/v${version}/Linux-PAM-${version}.tar.xz"
 checksum=201d40730b1135b1b3cdea09f2c28ac634d73181ccd0172ceddee3649c5792fc
 lib32disabled=yes
-pre_configure() {
+if [ "$XBPS_CHECK_PKGS" = musl ]; then
-	case "$XBPS_TARGET_MACHINE" in
+	configure_args+=" ac_cv_search_crypt=no"
-		*-musl) configure_args+=" ac_cv_search_crypt=no";;
+fi
 	esac
 	autoreconf -fi
 }
 post_install() {
 	# Fix unix_chkpwd perms.
 	chmod 4755 ${DESTDIR}/usr/bin/unix_chkpwd
-	#
+	rm -r ${DESTDIR}/usr/lib/systemd
-	# Fix a syntax error in namespace.init, -p flag is unknown
+	vlicense COPYING LICENSE
 	# at least to dash and bash.
 	#
 	sed -i -e "s|^#!/bin/sh -p$|#!/bin/sh|" \
 		${DESTDIR}/etc/security/namespace.init
 	chmod 755 ${DESTDIR}/etc/security/namespace.init
 }
 pam-devel_package() {