pam: Update to version 1.7.0
Commit Message
- Update from version 1.6.1 to 1.7.0
- Update of rootfile
- pam is now only built via meson. Therefore meson and ninja had to be moved to before
pam. This required python3 and python3-setuptools, expta, libffi, gdbm & sqlite to
also be moved before meson to ensure build was successful and that the python3
rootfile had all the required python files included.
- Changelog
1.7.0
* build: changed build system from autotools to meson.
* libpam_misc: use ECHOCTL in the terminal input
* pam_access: support UID and GID in access.conf
* pam_env: install environment file in vendordir if vendordir is enabled
* pam_issue: only count class user if logind support is enabled
* pam_limits: use systemd-logind instead of utmp if logind support is enabled
* pam_unix: compare password hashes in constant time
* Multiple minor bug fixes, build fixes, portability fixes,
documentation improvements, and translation updates.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
---
config/rootfiles/common/pam | 300 ++++++++++++++++++------------------
lfs/pam | 26 ++--
make.sh | 16 +-
3 files changed, 172 insertions(+), 170 deletions(-)
@@ -15,92 +15,52 @@ etc/security
#lib/security
#lib/security/faillock
#lib/security/mkhomedir_helper
-#lib/security/pam_access.la
lib/security/pam_access.so
-#lib/security/pam_canonicalize_user.la
#lib/security/pam_canonicalize_user.so
-#lib/security/pam_debug.la
#lib/security/pam_debug.so
-#lib/security/pam_deny.la
lib/security/pam_deny.so
-#lib/security/pam_echo.la
#lib/security/pam_echo.so
-#lib/security/pam_env.la
lib/security/pam_env.so
-#lib/security/pam_exec.la
lib/security/pam_exec.so
-#lib/security/pam_faildelay.la
lib/security/pam_faildelay.so
-#lib/security/pam_faillock.la
#lib/security/pam_faillock.so
#lib/security/pam_filter
-#lib/security/pam_filter.la
#lib/security/pam_filter.so
#lib/security/pam_filter/upperLOWER
-#lib/security/pam_ftp.la
#lib/security/pam_ftp.so
-#lib/security/pam_group.la
lib/security/pam_group.so
-#lib/security/pam_issue.la
lib/security/pam_issue.so
-#lib/security/pam_keyinit.la
lib/security/pam_keyinit.so
-#lib/security/pam_limits.la
lib/security/pam_limits.so
-#lib/security/pam_listfile.la
#lib/security/pam_listfile.so
-#lib/security/pam_localuser.la
#lib/security/pam_localuser.so
-#lib/security/pam_loginuid.la
lib/security/pam_loginuid.so
-#lib/security/pam_mail.la
lib/security/pam_mail.so
-#lib/security/pam_mkhomedir.la
#lib/security/pam_mkhomedir.so
-#lib/security/pam_motd.la
#lib/security/pam_motd.so
-#lib/security/pam_namespace.la
#lib/security/pam_namespace.so
#lib/security/pam_namespace_helper
-#lib/security/pam_nologin.la
lib/security/pam_nologin.so
-#lib/security/pam_permit.la
lib/security/pam_permit.so
-#lib/security/pam_pwhistory.la
lib/security/pam_pwhistory.so
-#lib/security/pam_rhosts.la
lib/security/pam_rhosts.so
-#lib/security/pam_rootok.la
#lib/security/pam_rootok.so
-#lib/security/pam_securetty.la
#lib/security/pam_securetty.so
-#lib/security/pam_setquota.la
#lib/security/pam_setquota.so
-#lib/security/pam_shells.la
lib/security/pam_shells.so
-#lib/security/pam_stress.la
#lib/security/pam_stress.so
-#lib/security/pam_succeed_if.la
#lib/security/pam_succeed_if.so
-#lib/security/pam_time.la
#lib/security/pam_time.so
-#lib/security/pam_timestamp.la
#lib/security/pam_timestamp.so
#lib/security/pam_timestamp_check
-#lib/security/pam_umask.la
#lib/security/pam_umask.so
-#lib/security/pam_unix.la
lib/security/pam_unix.so
-#lib/security/pam_userdb.la
#lib/security/pam_userdb.so
-#lib/security/pam_usertype.la
#lib/security/pam_usertype.so
-#lib/security/pam_warn.la
#lib/security/pam_warn.so
-#lib/security/pam_wheel.la
#lib/security/pam_wheel.so
-#lib/security/pam_xauth.la
#lib/security/pam_xauth.so
+#lib/security/pwhistory_helper
lib/security/unix_chkpwd
#usr/include/security
#usr/include/security/_pam_compat.h
@@ -113,15 +73,12 @@ lib/security/unix_chkpwd
#usr/include/security/pam_misc.h
#usr/include/security/pam_modules.h
#usr/include/security/pam_modutil.h
-#usr/lib/libpam.la
#usr/lib/libpam.so
usr/lib/libpam.so.0
usr/lib/libpam.so.0.85.1
-#usr/lib/libpam_misc.la
#usr/lib/libpam_misc.so
usr/lib/libpam_misc.so.0
usr/lib/libpam_misc.so.0.82.1
-#usr/lib/libpamc.la
#usr/lib/libpamc.so
usr/lib/libpamc.so.0
usr/lib/libpamc.so.0.82.1
@@ -131,108 +88,153 @@ usr/lib/libpamc.so.0.82.1
#usr/lib/systemd
#usr/lib/systemd/system
#usr/lib/systemd/system/pam_namespace.service
-#usr/share/doc/Linux-PAM
-#usr/share/doc/Linux-PAM/draft-morgan-pam-current.txt
-#usr/share/doc/Linux-PAM/index.html
-#usr/share/doc/Linux-PAM/rfc86.0.txt
-#usr/share/man/man3/misc_conv.3
-#usr/share/man/man3/pam.3
-#usr/share/man/man3/pam_acct_mgmt.3
-#usr/share/man/man3/pam_authenticate.3
-#usr/share/man/man3/pam_chauthtok.3
-#usr/share/man/man3/pam_close_session.3
-#usr/share/man/man3/pam_conv.3
-#usr/share/man/man3/pam_end.3
-#usr/share/man/man3/pam_error.3
-#usr/share/man/man3/pam_fail_delay.3
-#usr/share/man/man3/pam_get_authtok.3
-#usr/share/man/man3/pam_get_authtok_noverify.3
-#usr/share/man/man3/pam_get_authtok_verify.3
-#usr/share/man/man3/pam_get_data.3
-#usr/share/man/man3/pam_get_item.3
-#usr/share/man/man3/pam_get_user.3
-#usr/share/man/man3/pam_getenv.3
-#usr/share/man/man3/pam_getenvlist.3
-#usr/share/man/man3/pam_info.3
-#usr/share/man/man3/pam_misc_drop_env.3
-#usr/share/man/man3/pam_misc_paste_env.3
-#usr/share/man/man3/pam_misc_setenv.3
-#usr/share/man/man3/pam_open_session.3
-#usr/share/man/man3/pam_prompt.3
-#usr/share/man/man3/pam_putenv.3
-#usr/share/man/man3/pam_set_data.3
-#usr/share/man/man3/pam_set_item.3
-#usr/share/man/man3/pam_setcred.3
-#usr/share/man/man3/pam_sm_acct_mgmt.3
-#usr/share/man/man3/pam_sm_authenticate.3
-#usr/share/man/man3/pam_sm_chauthtok.3
-#usr/share/man/man3/pam_sm_close_session.3
-#usr/share/man/man3/pam_sm_open_session.3
-#usr/share/man/man3/pam_sm_setcred.3
-#usr/share/man/man3/pam_start.3
-#usr/share/man/man3/pam_strerror.3
-#usr/share/man/man3/pam_syslog.3
-#usr/share/man/man3/pam_verror.3
-#usr/share/man/man3/pam_vinfo.3
-#usr/share/man/man3/pam_vprompt.3
-#usr/share/man/man3/pam_vsyslog.3
-#usr/share/man/man3/pam_xauth_data.3
-#usr/share/man/man5/access.conf.5
-#usr/share/man/man5/environment.5
-#usr/share/man/man5/faillock.conf.5
-#usr/share/man/man5/group.conf.5
-#usr/share/man/man5/limits.conf.5
-#usr/share/man/man5/namespace.conf.5
-#usr/share/man/man5/pam.conf.5
-#usr/share/man/man5/pam.d.5
-#usr/share/man/man5/pam_env.conf.5
-#usr/share/man/man5/pwhistory.conf.5
-#usr/share/man/man5/time.conf.5
-#usr/share/man/man8/PAM.8
-#usr/share/man/man8/faillock.8
-#usr/share/man/man8/mkhomedir_helper.8
-#usr/share/man/man8/pam.8
-#usr/share/man/man8/pam_access.8
-#usr/share/man/man8/pam_canonicalize_user.8
-#usr/share/man/man8/pam_debug.8
-#usr/share/man/man8/pam_deny.8
-#usr/share/man/man8/pam_echo.8
-#usr/share/man/man8/pam_env.8
-#usr/share/man/man8/pam_exec.8
-#usr/share/man/man8/pam_faildelay.8
-#usr/share/man/man8/pam_faillock.8
-#usr/share/man/man8/pam_filter.8
-#usr/share/man/man8/pam_ftp.8
-#usr/share/man/man8/pam_group.8
-#usr/share/man/man8/pam_issue.8
-#usr/share/man/man8/pam_keyinit.8
-#usr/share/man/man8/pam_limits.8
-#usr/share/man/man8/pam_listfile.8
-#usr/share/man/man8/pam_localuser.8
-#usr/share/man/man8/pam_loginuid.8
-#usr/share/man/man8/pam_mail.8
-#usr/share/man/man8/pam_mkhomedir.8
-#usr/share/man/man8/pam_motd.8
-#usr/share/man/man8/pam_namespace.8
-#usr/share/man/man8/pam_namespace_helper.8
-#usr/share/man/man8/pam_nologin.8
-#usr/share/man/man8/pam_permit.8
-#usr/share/man/man8/pam_pwhistory.8
-#usr/share/man/man8/pam_rhosts.8
-#usr/share/man/man8/pam_rootok.8
-#usr/share/man/man8/pam_securetty.8
-#usr/share/man/man8/pam_setquota.8
-#usr/share/man/man8/pam_shells.8
-#usr/share/man/man8/pam_stress.8
-#usr/share/man/man8/pam_succeed_if.8
-#usr/share/man/man8/pam_time.8
-#usr/share/man/man8/pam_timestamp.8
-#usr/share/man/man8/pam_timestamp_check.8
-#usr/share/man/man8/pam_umask.8
-#usr/share/man/man8/pam_unix.8
-#usr/share/man/man8/pam_userdb.8
-#usr/share/man/man8/pam_usertype.8
-#usr/share/man/man8/pam_warn.8
-#usr/share/man/man8/pam_wheel.8
-#usr/share/man/man8/pam_xauth.8
-#usr/share/man/man8/unix_chkpwd.8
+#usr/share/locale/af/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/am
+#usr/share/locale/am/LC_MESSAGES
+#usr/share/locale/am/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/ar
+#usr/share/locale/ar/LC_MESSAGES
+#usr/share/locale/ar/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/as
+#usr/share/locale/as/LC_MESSAGES
+#usr/share/locale/as/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/az
+#usr/share/locale/az/LC_MESSAGES
+#usr/share/locale/az/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/be/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/bg/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/bn
+#usr/share/locale/bn/LC_MESSAGES
+#usr/share/locale/bn/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/bn_IN
+#usr/share/locale/bn_IN/LC_MESSAGES
+#usr/share/locale/bn_IN/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/bs
+#usr/share/locale/bs/LC_MESSAGES
+#usr/share/locale/bs/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/ca/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/cs/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/cy
+#usr/share/locale/cy/LC_MESSAGES
+#usr/share/locale/cy/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/da/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/de/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/de_CH
+#usr/share/locale/de_CH/LC_MESSAGES
+#usr/share/locale/de_CH/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/el/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/eo/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/es/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/et/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/eu/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/fa
+#usr/share/locale/fa/LC_MESSAGES
+#usr/share/locale/fa/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/fi/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/fr/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/ga/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/gl/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/gu
+#usr/share/locale/gu/LC_MESSAGES
+#usr/share/locale/gu/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/he
+#usr/share/locale/he/LC_MESSAGES
+#usr/share/locale/he/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/hi
+#usr/share/locale/hi/LC_MESSAGES
+#usr/share/locale/hi/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/hr/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/hu/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/ia/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/id/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/is
+#usr/share/locale/is/LC_MESSAGES
+#usr/share/locale/is/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/it/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/ja/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/ka/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/kk/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/km
+#usr/share/locale/km/LC_MESSAGES
+#usr/share/locale/km/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/kn
+#usr/share/locale/kn/LC_MESSAGES
+#usr/share/locale/kn/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/ko/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/kw_GB
+#usr/share/locale/kw_GB/LC_MESSAGES
+#usr/share/locale/kw_GB/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/ky/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/lt/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/lv/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/mk
+#usr/share/locale/mk/LC_MESSAGES
+#usr/share/locale/mk/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/ml
+#usr/share/locale/ml/LC_MESSAGES
+#usr/share/locale/ml/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/mn
+#usr/share/locale/mn/LC_MESSAGES
+#usr/share/locale/mn/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/mr
+#usr/share/locale/mr/LC_MESSAGES
+#usr/share/locale/mr/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/ms/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/my
+#usr/share/locale/my/LC_MESSAGES
+#usr/share/locale/my/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/nb/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/ne
+#usr/share/locale/ne/LC_MESSAGES
+#usr/share/locale/ne/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/nl/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/nn
+#usr/share/locale/nn/LC_MESSAGES
+#usr/share/locale/nn/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/or
+#usr/share/locale/or/LC_MESSAGES
+#usr/share/locale/or/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/pa
+#usr/share/locale/pa/LC_MESSAGES
+#usr/share/locale/pa/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/pl/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/pt/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/pt_BR/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/ro/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/ru/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/si
+#usr/share/locale/si/LC_MESSAGES
+#usr/share/locale/si/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/sk/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/sl/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/sq/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/sr/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/sr@latin
+#usr/share/locale/sr@latin/LC_MESSAGES
+#usr/share/locale/sr@latin/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/sv/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/ta/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/te
+#usr/share/locale/te/LC_MESSAGES
+#usr/share/locale/te/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/tg
+#usr/share/locale/tg/LC_MESSAGES
+#usr/share/locale/tg/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/th/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/tr/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/uk/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/ur
+#usr/share/locale/ur/LC_MESSAGES
+#usr/share/locale/ur/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/vi/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/yo
+#usr/share/locale/yo/LC_MESSAGES
+#usr/share/locale/yo/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/zh_CN/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/zh_HK
+#usr/share/locale/zh_HK/LC_MESSAGES
+#usr/share/locale/zh_HK/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/zh_TW/LC_MESSAGES/Linux-PAM.mo
+#usr/share/locale/zu
+#usr/share/locale/zu/LC_MESSAGES
+#usr/share/locale/zu/LC_MESSAGES/Linux-PAM.mo
@@ -24,7 +24,7 @@
include Config
-VER = 1.6.1
+VER = 1.7.0
THISAPP = Linux-PAM-$(VER)
DL_FILE = $(THISAPP).tar.xz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 649b4ff892fbd3eb90adcbd9ccc5b3f5df51bf1c79b9084c7a1613c432587b13b81761d1eb4f31ef12d58843d16af24a3c441d0b6f5d2f2a1db9c8da15a61e2f
+$(DL_FILE)_BLAKE2 = 39c8c2ccc6f7d125d12d49439ae44cb8fe115f0529549269246e54f4b4de0b3b24c1099e4d3fa39d4e477af8a92b66dd6dc2cb93f0643ab7b56bcaabdd3b8539
install : $(TARGET)
@@ -71,17 +71,17 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
$(UPDATE_AUTOMAKE)
- cd $(DIR_APP) && ./configure --libdir=/usr/lib \
- --sbindir=/lib/security \
- --enable-securedir=/lib/security \
- --enable-read-both-confs \
- --disable-nls
-
- cd $(DIR_APP) && make $(MAKETUNING)
- cd $(DIR_APP) && make install
-
+ cd $(DIR_APP) && meson setup \
+ --libdir=/usr/lib \
+ --sbindir=/lib/security \
+ -D securedir=/lib/security \
+ -D read-both-confs=true \
+ -D nis=disabled \
+ -D docs=disabled \
+ builddir/
+ cd $(DIR_APP) && ninja -C builddir/ $(MAKETUNING)
+ cd $(DIR_APP) && ninja -C builddir/ install
# Install configuration
- -mkdir -p /etc/pam.d
-
+ -mkdir -p /etc/pam.d
@rm -rf $(DIR_APP)
@$(POSTBUILD)
@@ -1479,6 +1479,14 @@ build_system() {
lfsmake2 openssl
lfsmake2 popt
lfsmake2 libedit
+ lfsmake2 expat
+ lfsmake2 libffi
+ lfsmake2 gdbm
+ lfsmake2 sqlite
+ lfsmake2 python3
+ lfsmake2 python3-setuptools
+ lfsmake2 ninja
+ lfsmake2 meson
lfsmake2 pam
lfsmake2 libcap
lfsmake2 libcap-ng
@@ -1501,22 +1509,14 @@ build_system() {
lfsmake2 iproute2
lfsmake2 screen
lfsmake2 elfutils
- lfsmake2 expat
lfsmake2 libconfig
lfsmake2 curl
lfsmake2 libarchive
lfsmake2 cmake
lfsmake2 json-c
lfsmake2 tcl
- lfsmake2 libffi
- lfsmake2 gdbm
- lfsmake2 sqlite
- lfsmake2 python3
- lfsmake2 python3-setuptools
lfsmake2 python3-MarkupSafe
lfsmake2 python3-Jinja2
- lfsmake2 ninja
- lfsmake2 meson
lfsmake2 kmod
lfsmake2 udev
lfsmake2 libusb