]>
Commit | Line | Data |
---|---|---|
c9ad1aae | 1 | # |
d11ce12e | 2 | # Conditional build: |
b4afc5a5 | 3 | %bcond_without doc # don't build documentation |
7f8ab60d | 4 | %bcond_with prelude # build with Prelude IDS support |
846d8fdc | 5 | %bcond_without selinux # build without SELinux support |
84871244 | 6 | %bcond_without audit # build with Linux Auditing library support |
37dd6f95 | 7 | |
48ec83cd | 8 | %define pam_pld_version 1.1.2-1 |
abb00f9e | 9 | Summary: Pluggable Authentication Modules: modular, incremental authentication |
b7025e7f ER |
10 | Summary(de.UTF-8): Einsteckbare Authentifizierungsmodule: modulare, inkrementäre Authentifizierung |
11 | Summary(es.UTF-8): Módulos de autentificación plugables (PAM) | |
12 | Summary(fr.UTF-8): PAM : Pluggable Authentication Modules: modular, incremental authentication | |
13 | Summary(pl.UTF-8): Modularny system uwierzytelniania | |
14 | Summary(pt_BR.UTF-8): Módulos de autenticação plugáveis (PAM) | |
15 | Summary(ru.UTF-8): Интструмент, обеспечивающий аутентификацию для приложений | |
16 | Summary(tr.UTF-8): Modüler, artımsal doğrulama birimleri | |
17 | Summary(uk.UTF-8): Інструмент, що забезпечує аутентифікацію для програм | |
abb00f9e | 18 | Name: pam |
fb2a2b11 | 19 | Version: 1.1.5 |
ae776dc1 | 20 | Release: 7 |
e6e4b559 | 21 | Epoch: 1 |
c96a8fe2 | 22 | License: GPL or BSD |
abb00f9e | 23 | Group: Base |
fb2a2b11 JR |
24 | #Source0: http://ftp.kernel.org/pub/linux/libs/pam/library/Linux-PAM-%{version}.tar.bz2 |
25 | Source0: https://fedorahosted.org/releases/l/i/linux-pam/Linux-PAM-%{version}.tar.bz2 | |
26 | # Source0-md5: 927ee5585bdec5256c75117e9348aa47 | |
9d102401 JR |
27 | #xSource1: http://ftp.kernel.org/pub/linux/libs/pam/library/Linux-PAM-%{version}.tar.bz2.sign |
28 | # xSource1-md5: 2435d4a23aaf871bcec436f863b0de6c | |
c9ad1aae | 29 | Source2: ftp://ftp.pld-linux.org/software/pam/%{name}-pld-%{pam_pld_version}.tar.gz |
48ec83cd | 30 | # Source2-md5: f9ec6fcafcf1801bf318e60040244f2e |
7f8ab60d JR |
31 | Source3: other.pamd |
32 | Source4: system-auth.pamd | |
33 | Source5: config-util.pamd | |
c9ad1aae | 34 | Source6: %{name}_selinux_check.pamd |
7f8ab60d JR |
35 | Source7: system-auth.5 |
36 | Source8: config-util.5 | |
664ca91d | 37 | Source9: %{name}.tmpfiles |
7f8ab60d | 38 | Patch0: %{name}-pld-modules.patch |
57fed07b JR |
39 | Patch1: %{name}-cracklib-enforce.patch |
40 | Patch2: %{name}-tally-fail-close.patch | |
41 | Patch3: %{name}-mkhomedir-notfound.patch | |
42 | Patch4: %{name}-db-gdbm.patch | |
43 | Patch5: %{name}-exec-failok.patch | |
83b3eeca | 44 | URL: http://www.kernel.org/pub/linux/libs/pam/ |
85c2b5f9 | 45 | %{?with_audit:BuildRequires: audit-libs-devel >= 1.6.9} |
ce3569c4 | 46 | BuildRequires: autoconf >= 2.61 |
b8f360f2 | 47 | BuildRequires: automake |
1dc7ef6b | 48 | BuildRequires: bison |
234dfb8e | 49 | BuildRequires: cracklib-devel >= 2.8.3 |
b81508df | 50 | # gdbm due to db pulling libpthread |
de5c0104 | 51 | BuildRequires: flex |
c9ad1aae | 52 | BuildRequires: gdbm-devel >= 1.8.3-7 |
ce3569c4 | 53 | BuildRequires: gettext-devel >= 0.15 |
57fed07b | 54 | BuildRequires: glibc-devel >= 6:2.10.1 |
8ea60c4a | 55 | BuildRequires: glibc-misc |
ce3569c4 | 56 | %{?with_prelude:BuildRequires: libprelude-devel >= 0.9.0} |
7f8ab60d | 57 | %{?with_selinux:BuildRequires: libselinux-devel >= 1.33.2} |
ce3569c4 | 58 | #BuildRequires: libtirpc-devel |
0a855cc1 | 59 | BuildRequires: libtool >= 2:1.5 |
ce3569c4 | 60 | BuildRequires: libxcrypt-devel |
3895445c | 61 | %{?with_audit:BuildRequires: linux-libc-headers >= 2.6.23.1} |
62 | BuildRequires: zlib-devel | |
b4afc5a5 | 63 | %if %{with doc} |
57fed07b | 64 | BuildRequires: docbook-dtd412-xml |
7f8ab60d JR |
65 | BuildRequires: docbook-dtd43-xml |
66 | BuildRequires: docbook-dtd44-xml | |
67 | BuildRequires: docbook-style-xsl >= 1.69.1 | |
84871244 JR |
68 | # For building PDFs |
69 | #BuildRequires: fop | |
7f8ab60d JR |
70 | BuildRequires: libxml2-progs |
71 | BuildRequires: libxslt-progs | |
72 | BuildRequires: w3m | |
b4afc5a5 | 73 | %endif |
fe9df33a | 74 | Requires: %{name}-libs = %{epoch}:%{version}-%{release} |
234dfb8e | 75 | Requires: /usr/bin/make |
c9ad1aae | 76 | Requires: awk |
c2cd7c7d | 77 | Provides: pam-pld |
73954d99 | 78 | Obsoletes: pam-doc |
c9ad1aae ER |
79 | Obsoletes: pam_make |
80 | Obsoletes: pamconfig | |
81 | Conflicts: dev < 3.4-4 | |
82 | Conflicts: udev < 1:138-5 | |
28fa39c9 | 83 | BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n) |
f0f219ac | 84 | |
37dd6f95 ER |
85 | %define _sbindir /sbin |
86 | ||
f0f219ac | 87 | %description |
faaf5eea | 88 | PAM (Pluggable Authentication Modules) is a powerful, flexible, |
89 | extensible authentication system which allows the system administrator | |
90 | to configure authentication services individually for every | |
91 | pam-compliant application without recompiling any of the applications. | |
f0f219ac | 92 | |
e2cbb18f JR |
93 | %description -l de.UTF-8 |
94 | PAM (Pluggable Authentication Modules) ist ein leistungsfähiges, | |
faaf5eea | 95 | flexibles und erweiterbares Authentifizierungssystem, mit dem der |
e2cbb18f | 96 | Systemverwalter Authentifizierungs-Dienste individuell für jede |
faaf5eea | 97 | pam-kompatible Anwendung konfigurieren kann, ohne diese neu |
e2cbb18f | 98 | kompilieren zu müssen. |
f0f219ac | 99 | |
e2cbb18f JR |
100 | %description -l es.UTF-8 |
101 | PAM (Módulos de Autenticación Plugables) es un potente, flexible y | |
102 | extensible sistema de autentificación, que permite al administrador | |
103 | del sistema configurar servicios de autentificación individualmente | |
104 | para cada aplicación pam compatible, sin la necesidad de recompilar | |
8797d11d JB |
105 | cualquier una de las aplicaciones. |
106 | ||
e2cbb18f JR |
107 | %description -l fr.UTF-8 |
108 | PAM (Pluggable Authentication Modules) est un systéme | |
109 | d'authentification puissant, souple et extensible permettant à | |
110 | l'administrateur système de configurer les individuellement les | |
111 | services d'authentification pour chaque application conforme à PAM, | |
faaf5eea | 112 | sans recompiler aucune application. |
ac46f43b | 113 | |
e2cbb18f JR |
114 | %description -l pl.UTF-8 |
115 | PAM (Pluggable Authentication Modules) jest silnym i łatwo | |
116 | dostosowywalnym do potrzeb systemem uwierzytelniania, który umożliwia | |
117 | administratorowi indywidualne konfigurowanie poszczególnych usług, | |
118 | które są dostosowane i skonsolidowane z bibliotekami PAM, bez | |
119 | późniejszej ich rekompilacji w momencie zmiany sposobu | |
120 | uwierzytelniania tychże usług. | |
b1babe47 | 121 | |
e2cbb18f JR |
122 | %description -l pt_BR.UTF-8 |
123 | PAM (Módulos de Autenticação Plugáveis) é um poderoso, flexível e | |
124 | extensível sistema de autenticação, que permite o administrador do | |
125 | sistema configurar serviços de autenticação individualmente para cada | |
126 | aplicação pam compatível, sem necessidade de recompilar qualquer uma | |
127 | das aplicações. | |
51c8ab2d | 128 | |
e2cbb18f JR |
129 | %description -l uk.UTF-8 |
130 | PAM (Pluggable Authentication Modules) - це потужна, гнучка, здатна до | |
131 | розширення система аутентикації, яка дозволяє системному | |
132 | адміністратору налагоджувати севіси авторизації доступу (аутентикації) | |
133 | індивідуально для кожної pam-сумісної програми без необхідності | |
134 | перекомпіляції самої програми. Це базовий механізм аутентикації в PLD | |
b440fddc | 135 | Linux. |
136 | ||
e2cbb18f JR |
137 | %description -l tr.UTF-8 |
138 | PAM (Pluggable Authentication Modules) sistem yöneticilerinin | |
139 | uygulamalardan herhangi birini yeniden derlemeksizin bütün PAM uyumlu | |
140 | uygulamalar için doğrulama hizmetlerini ayarlamalarına yardımcı olan, | |
141 | güclü, esnek ve kapsamlı bir doğrulama sistemidir. | |
51c8ab2d | 142 | |
e2cbb18f JR |
143 | %description -l ru.UTF-8 |
144 | PAM (Pluggable Authentication Modules) - это мощная, гибкая, | |
145 | расширяемая система аутентикации, позволяющая системному | |
146 | администратору конфигурировать сервисы авторизации доступа | |
147 | (аутентикации) индивидуально для каждой pam-совместимой программы без | |
148 | необходимости перекомпилляции самой программы. Это базовый механизм | |
149 | аутентикации в PLD Linux. | |
b440fddc | 150 | |
fe9df33a ER |
151 | %package libs |
152 | Summary: PAM modules and libraries | |
b7025e7f | 153 | Summary(pl.UTF-8): Moduły i biblioteki PAM |
fe9df33a | 154 | Group: Libraries |
234dfb8e | 155 | Requires(triggerpostun): sed >= 4.0 |
c9ad1aae | 156 | %{?with_audit:Requires: audit-libs >= 1.0.8} |
234dfb8e JR |
157 | Requires: cracklib >= 2.8.3 |
158 | Requires: cracklib-dicts >= 2.8.3 | |
57fed07b | 159 | Requires: crypt(blowfish) |
5a893416 | 160 | Requires: gdbm >= 1.8.3-7 |
53ffe07e | 161 | Requires: glibc >= 6:2.5-0.5 |
7f8ab60d | 162 | %{?with_selinux:Requires: libselinux >= 1.33.2} |
3806fd76 JB |
163 | Obsoletes: pam-pam_opie |
164 | Obsoletes: pam-pam_pwdb | |
165 | Obsoletes: pam-pam_radius | |
166 | Obsoletes: pam-pam_skey | |
167 | Obsoletes: pam-pam_tcpd | |
c9ad1aae | 168 | Conflicts: pam < 0:0.80.1-2 |
fe9df33a ER |
169 | |
170 | %description libs | |
171 | Core PAM modules and libraries. | |
172 | ||
e2cbb18f JR |
173 | %description libs -l pl.UTF-8 |
174 | Moduły i biblioteki PAM. | |
b96eca5e | 175 | |
ac46f43b | 176 | %package devel |
abb00f9e | 177 | Summary: PAM header files |
b7025e7f ER |
178 | Summary(pl.UTF-8): Pliki nagłówkowe i dokumentacja programisty do PAM |
179 | Summary(pt_BR.UTF-8): Bibliotecas e arquivos de inclusão para desenvolvimento com PAM | |
180 | Summary(ru.UTF-8): Библиотеки разработчика для PAM | |
181 | Summary(uk.UTF-8): Бібліотеки програміста для PAM | |
0bb742f7 | 182 | Group: Development/Libraries |
846d8fdc | 183 | Requires: %{name} = %{epoch}:%{version}-%{release} |
15909b27 | 184 | %{?with_audit:Requires: audit-libs-devel >= 1.0.8} |
a3ffb3a4 | 185 | Requires: filesystem >= 3.0-11 |
ac46f43b JR |
186 | |
187 | %description devel | |
188 | Header files for developing PAM based applications. | |
f0f219ac | 189 | |
e2cbb18f JR |
190 | %description devel -l pl.UTF-8 |
191 | Pliki nagłówkowe i dokumentacja programisty do PAM. | |
ac46f43b | 192 | |
e2cbb18f JR |
193 | %description devel -l pt_BR.UTF-8 |
194 | Bibliotecas e arquivos de inclusão para desenvolvimento com PAM | |
51c8ab2d | 195 | |
e2cbb18f JR |
196 | %description devel -l ru.UTF-8 |
197 | Этот пакет содержит хедеры и библиотеки разработчика для PAM. | |
b440fddc | 198 | |
e2cbb18f JR |
199 | %description devel -l uk.UTF-8 |
200 | Цей пакет містить хедери та бібліотеки програміста для PAM. | |
b440fddc | 201 | |
ac46f43b | 202 | %package static |
abb00f9e | 203 | Summary: PAM static libraries |
b7025e7f ER |
204 | Summary(pl.UTF-8): Biblioteki statyczne PAM |
205 | Summary(ru.UTF-8): Статические библиотеки разработчика для PAM | |
206 | Summary(uk.UTF-8): Статичні бібліотеки програміста для PAM | |
0bb742f7 | 207 | Group: Development/Libraries |
846d8fdc | 208 | Requires: %{name}-devel = %{epoch}:%{version}-%{release} |
ac46f43b JR |
209 | |
210 | %description static | |
211 | PAM static libraries. | |
b1babe47 | 212 | |
e2cbb18f | 213 | %description static -l pl.UTF-8 |
ac46f43b | 214 | Biblioteki statyczne PAM. |
b1babe47 | 215 | |
e2cbb18f JR |
216 | %description static -l ru.UTF-8 |
217 | Этот пакет содержит статические библиотеки разработчика для PAM. | |
b440fddc | 218 | |
e2cbb18f JR |
219 | %description static -l uk.UTF-8 |
220 | Цей пакет містить статичні бібліотеки програміста для PAM. | |
b440fddc | 221 | |
1fbc0597 JR |
222 | %package pam_selinux |
223 | Summary: PAM module - SELinux support | |
b7025e7f | 224 | Summary(pl.UTF-8): Moduł PAM pozwalający na zmianę kontekstów SELinuksa |
1fbc0597 JR |
225 | Group: Base |
226 | ||
227 | %description pam_selinux | |
228 | PAM module - SELinux support. | |
229 | ||
e2cbb18f JR |
230 | %description pam_selinux -l pl.UTF-8 |
231 | Moduł PAM pozwalający na zmianę kontekstów SELinuksa. | |
1fbc0597 | 232 | |
f0f219ac | 233 | %prep |
7f8ab60d | 234 | %setup -q -a2 -n Linux-PAM-%{version} |
3d3421d5 | 235 | %patch0 -p1 |
a80f72fe | 236 | %patch1 -p1 |
7f8ab60d JR |
237 | %patch2 -p1 |
238 | %patch3 -p1 | |
239 | %patch4 -p1 | |
240 | %patch5 -p1 | |
e523043b | 241 | |
ac46f43b | 242 | %build |
7796f9da | 243 | %{__libtoolize} |
fc1ef364 | 244 | %{__aclocal} -I m4 |
7796f9da | 245 | %{__autoconf} |
246 | %{__autoheader} | |
247 | %{__automake} | |
7edd7783 | 248 | %configure \ |
7f8ab60d JR |
249 | --enable-static \ |
250 | --enable-shared \ | |
251 | --libdir=/%{_lib} \ | |
252 | --includedir=%{_includedir}/security \ | |
253 | --enable-isadir=../../%{_lib}/security \ | |
b81508df | 254 | --enable-db=gdbm \ |
1fbc0597 JR |
255 | %{!?with_selinux:--disable-selinux} \ |
256 | %{!?with_prelude:--disable-prelude} \ | |
7f8ab60d | 257 | %{!?with_audit:--disable-audit} |
c894cd9b | 258 | |
7f8ab60d JR |
259 | # we must explicitely update-gmo as we patch a po file |
260 | %{__make} -C po update-gmo | |
0c9926ce MB |
261 | %{__make} \ |
262 | DEFS="-DHAVE_CONFIG_H -D_GNU_SOURCE" | |
f0f219ac | 263 | |
264 | %install | |
4587144c | 265 | rm -rf $RPM_BUILD_ROOT |
e58dd313 | 266 | install -d $RPM_BUILD_ROOT{%{_libdir},/etc/pam.d,/var/{log,run/sepermit}} \ |
664ca91d | 267 | $RPM_BUILD_ROOT/usr/lib/tmpfiles.d |
4d13ca23 | 268 | |
4be82bfe JB |
269 | %{__make} install \ |
270 | DESTDIR=$RPM_BUILD_ROOT | |
4d13ca23 | 271 | |
848c50ae | 272 | %if %{with selinux} |
7f8ab60d JR |
273 | install modules/pam_selinux/.libs/pam_selinux_check $RPM_BUILD_ROOT%{_sbindir} |
274 | install modules/pam_selinux/pam_selinux_check.8 $RPM_BUILD_ROOT%{_mandir}/man8 | |
f9ad2164 | 275 | install %{SOURCE6} $RPM_BUILD_ROOT/etc/pam.d/pam_selinux_check |
848c50ae | 276 | %endif |
7f8ab60d | 277 | |
664ca91d JR |
278 | install %{SOURCE9} $RPM_BUILD_ROOT/usr/lib/tmpfiles.d/%{name}.conf |
279 | ||
c9ad1aae | 280 | install -d doc/txts |
7f8ab60d JR |
281 | for r in modules/pam_*/README ; do |
282 | cp -f $r doc/txts/README.$(basename $(dirname $r)) | |
283 | done | |
c9ad1aae | 284 | install -d doc/html |
7f8ab60d JR |
285 | cp -f doc/index.html doc/html/ |
286 | ||
287 | # fix PAM/pam man page | |
288 | echo ".so PAM.8" > $RPM_BUILD_ROOT%{_mandir}/man8/pam.8 | |
f0f219ac | 289 | |
157b3e1c | 290 | :> $RPM_BUILD_ROOT/etc/security/opasswd |
b43d0a9b | 291 | :> $RPM_BUILD_ROOT/etc/security/blacklist |
9e64e40d | 292 | |
7f8ab60d | 293 | :> $RPM_BUILD_ROOT/var/log/tallylog |
508c2464 | 294 | |
1107ace3 | 295 | mv -f $RPM_BUILD_ROOT/%{_lib}/lib*.a $RPM_BUILD_ROOT%{_libdir} |
508c2464 | 296 | |
c1d4fb20 | 297 | cd $RPM_BUILD_ROOT/%{_lib} |
a1307506 | 298 | for f in lib*.la ; do |
1107ace3 | 299 | sed -e 's|/%{_lib}/libpam|%{_libdir}/libpam|g' $f > $RPM_BUILD_ROOT%{_libdir}/$f |
a1307506 | 300 | rm -f $f |
2a5c157a | 301 | sed -i -e "s|libdir='/%{_lib}|libdir='%{_libdir}|g" $RPM_BUILD_ROOT%{_libdir}/$f |
a1307506 | 302 | done |
c1d4fb20 AM |
303 | ln -sf /%{_lib}/$(echo libpam.so.*.*.*) $RPM_BUILD_ROOT%{_libdir}/libpam.so |
304 | ln -sf /%{_lib}/$(echo libpam_misc.so.*.*.*) $RPM_BUILD_ROOT%{_libdir}/libpam_misc.so | |
305 | ln -sf /%{_lib}/$(echo libpamc.so.*.*.*) $RPM_BUILD_ROOT%{_libdir}/libpamc.so | |
7f8ab60d | 306 | cd - |
8ab52661 | 307 | |
7f8ab60d JR |
308 | install %{SOURCE3} $RPM_BUILD_ROOT/etc/pam.d/other |
309 | install %{SOURCE4} $RPM_BUILD_ROOT/etc/pam.d/system-auth | |
310 | install %{SOURCE5} $RPM_BUILD_ROOT/etc/pam.d/config-util | |
7f8ab60d JR |
311 | |
312 | install %{SOURCE7} $RPM_BUILD_ROOT%{_mandir}/man5/system-auth.5 | |
313 | install %{SOURCE8} $RPM_BUILD_ROOT%{_mandir}/man5/config-util.5 | |
c38ff42d | 314 | |
b81508df JR |
315 | # Make sure every module subdirectory gave us a module. Yes, this is hackish. |
316 | for dir in modules/pam_* ; do | |
df8313a3 | 317 | %if %{without selinux} |
f9ad2164 | 318 | [ ${dir} = "modules/pam_selinux" ] && continue |
85c2b5f9 | 319 | [ ${dir} = "modules/pam_sepermit" ] && continue |
6d7d9335 JK |
320 | %endif |
321 | %if %{without audit} | |
322 | [ ${dir} = "modules/pam_tty_audit" ] && continue | |
f9ad2164 | 323 | %endif |
b81508df JR |
324 | if [ -d ${dir} ] ; then |
325 | if ! ls -1 $RPM_BUILD_ROOT/%{_lib}/security/`basename ${dir}`*.so ; then | |
326 | echo ERROR `basename ${dir}` did not build a module. | |
327 | exit 1 | |
328 | fi | |
329 | fi | |
330 | done | |
331 | ||
332 | for module in $RPM_BUILD_ROOT/%{_lib}/security/pam*.so ; do | |
333 | # Check for module problems. Specifically, check that every module we just | |
334 | # installed can actually be loaded by a minimal PAM-aware application. | |
335 | if ! env LD_LIBRARY_PATH=$RPM_BUILD_ROOT/%{_lib} \ | |
336 | ./dlopen.sh -ldl -lpam -L$RPM_BUILD_ROOT/%{_lib} ${module} ; then | |
337 | echo ERROR module: ${module} cannot be loaded. | |
338 | exit 1 | |
339 | fi | |
b81508df JR |
340 | done |
341 | ||
aae9c5e1 | 342 | # useless - shut up check-files |
c1d4fb20 | 343 | rm -f $RPM_BUILD_ROOT/%{_lib}/security/*.{la,a} |
a738676c | 344 | rm -f $RPM_BUILD_ROOT/%{_lib}/lib*.so |
7f8ab60d | 345 | rm -rf $RPM_BUILD_ROOT%{_datadir}/doc/Linux-PAM |
fe9df33a | 346 | |
df8313a3 | 347 | %if %{without selinux} |
fe9df33a ER |
348 | rm -rf $RPM_BUILD_ROOT{/%{_lib}/security/pam_selinux.so,%{_sbindir}/pam_selinux_check,%{_mandir}/man8/pam_selinux*.8*} |
349 | %endif | |
aae9c5e1 | 350 | |
7f8ab60d JR |
351 | %find_lang Linux-PAM |
352 | ||
abb00f9e | 353 | %clean |
4587144c | 354 | rm -rf $RPM_BUILD_ROOT |
abb00f9e | 355 | |
5d252f91 | 356 | %triggerpostun libs -- %{name}-libs < 0.99.7.1 |
db255670 | 357 | for f in $(grep -l "\(pam_make\|pam_homedir\)" /etc/pam.d/*); do |
a1307506 JR |
358 | case "$f" in |
359 | *rpmorig|*rpmnew|*rpmsave|*~|*.orig) | |
360 | continue | |
361 | ;; | |
362 | *) | |
234dfb8e JR |
363 | cp -f "$f" "$f.rpmorig" |
364 | sed -i -e 's/pam_make\.so \(.*\)/pam_exec.so failok seteuid \/usr\/bin\/make -C \1/g' \ | |
365 | -e 's/pam_homedir\.so/pam_mkhomedir.so/g' "$f" | |
a1307506 JR |
366 | ;; |
367 | esac | |
368 | done | |
369 | if [ -d /var/lock/console -a -d /var/run/console ]; then | |
75f2161e | 370 | cp -a /var/lock/console/* /var/run/console/ 2> /dev/null |
234dfb8e | 371 | rm -rf /var/lock/console |
a1307506 | 372 | fi |
5d252f91 | 373 | |
37dd6f95 ER |
374 | %triggerin -- cronie,vixie-cron,hc-cron,fcron,mcron |
375 | # restart crond if pam is upgraded | |
376 | # (crond is linked with old libpam but tries to open modules linked with new libpam) | |
377 | if [ "$1" != 1 ]; then | |
378 | %service -q crond restart | |
379 | fi | |
d2d4c3b4 | 380 | exit 0 |
37dd6f95 | 381 | |
15d8e9b5 JR |
382 | %triggerpostun -- %{name} < 1:1.1.5-5 |
383 | # We want it added for painless upgarde even if it mean log pollution for non-systemd | |
384 | # enabled systems, | |
385 | # If this module is not present on systemd enabled system then `systemctl restart sshd.service` | |
386 | # will kill all sessions. | |
387 | if ! grep -qs pam_systemd /etc/pam.d/system-auth; then | |
eb64f1e9 | 388 | echo "-session optional pam_systemd.so" >>/etc/pam.d/system-auth |
15d8e9b5 JR |
389 | fi |
390 | ||
00005501 PZ |
391 | %post -p <lua> |
392 | fh, error = io.open("/var/log/tallylog") | |
b8423a52 | 393 | if fh ~= nil then |
00005501 PZ |
394 | io.close(fh) |
395 | else | |
396 | fh = io.open("/var/log/tallylog", "w+") | |
397 | io.close(fh) | |
398 | posix.chmod("/var/log/tallylog", "rw-------") | |
399 | end | |
0607c402 | 400 | |
fe9df33a ER |
401 | %post libs -p /sbin/ldconfig |
402 | %postun libs -p /sbin/ldconfig | |
96ffe39f | 403 | |
7f8ab60d | 404 | %files -f Linux-PAM.lang |
abb00f9e | 405 | %defattr(644,root,root,755) |
a738676c | 406 | %doc AUTHORS CHANGELOG ChangeLog Copyright NEWS doc/txts/README* |
fe9df33a | 407 | %if %{with doc} |
a738676c | 408 | %doc doc/specs/*.txt doc/sag/Linux-PAM_*.txt doc/{sag,}/html |
fe9df33a | 409 | %endif |
c9ad1aae ER |
410 | %dir /etc/pam.d |
411 | %dir /etc/security/console.apps | |
412 | %dir /etc/security/console.perms.d | |
413 | %dir /var/run/console | |
664ca91d | 414 | /usr/lib/tmpfiles.d/%{name}.conf |
b81508df | 415 | %config(noreplace) %verify(not md5 mtime size) /etc/environment |
b2c6cf13 ER |
416 | %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/other |
417 | %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/system-auth | |
7f8ab60d | 418 | %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/config-util |
b2c6cf13 | 419 | %config(noreplace) %verify(not md5 mtime size) /etc/security/access.conf |
b43d0a9b | 420 | %config(noreplace) %verify(not md5 mtime size) /etc/security/blacklist |
b81508df JR |
421 | %config(noreplace) %verify(not md5 mtime size) /etc/security/console.handlers |
422 | %config(noreplace) %verify(not md5 mtime size) /etc/security/console.perms | |
b2c6cf13 ER |
423 | %config(noreplace) %verify(not md5 mtime size) /etc/security/group.conf |
424 | %config(noreplace) %verify(not md5 mtime size) /etc/security/limits.conf | |
b81508df JR |
425 | %config(noreplace) %verify(not md5 mtime size) /etc/security/namespace.conf |
426 | %attr(755,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/security/namespace.init | |
427 | %config(noreplace) %verify(not md5 mtime size) /etc/security/pam_env.conf | |
b2c6cf13 | 428 | %config(noreplace) %verify(not md5 mtime size) /etc/security/time.conf |
e6a1f162 ER |
429 | %config(noreplace) %verify(not md5 mtime size) /etc/security/trigram |
430 | %config(noreplace) %verify(not md5 mtime size) /etc/security/trigram.en | |
e8c63aa7 | 431 | %config(noreplace) %verify(not md5 mtime size) /etc/security/trigram.de |
698e82b0 | 432 | %config(noreplace) %verify(not md5 mtime size) /etc/security/trigram.dk |
e8c63aa7 ER |
433 | %config(noreplace) %verify(not md5 mtime size) /etc/security/trigram.es |
434 | %config(noreplace) %verify(not md5 mtime size) /etc/security/trigram.fi | |
435 | %config(noreplace) %verify(not md5 mtime size) /etc/security/trigram.it | |
436 | %config(noreplace) %verify(not md5 mtime size) /etc/security/trigram.ja | |
437 | %config(noreplace) %verify(not md5 mtime size) /etc/security/trigram.no | |
438 | %config(noreplace) %verify(not md5 mtime size) /etc/security/trigram.pl | |
e6a1f162 | 439 | %config(noreplace) %verify(not md5 mtime size) /etc/security/console.perms.d/50-default.perms |
b2c6cf13 | 440 | %attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/security/opasswd |
fe9df33a | 441 | %attr(755,root,root) %{_bindir}/pam_pwgen |
57fed07b | 442 | %attr(755,root,root) %{_sbindir}/mkhomedir_helper |
7f8ab60d | 443 | %attr(755,root,root) %{_sbindir}/pam_console_apply |
fe9df33a | 444 | %attr(755,root,root) %{_sbindir}/pam_tally |
7f8ab60d JR |
445 | %attr(755,root,root) %{_sbindir}/pam_tally2 |
446 | %attr(755,root,root) %{_sbindir}/pam_timestamp_check | |
fe9df33a | 447 | %attr(755,root,root) %{_sbindir}/pwgen_trigram |
57fed07b JR |
448 | %attr(4755,root,root) %{_sbindir}/unix_chkpwd |
449 | %attr(4755,root,root) %{_sbindir}/unix_update | |
fe9df33a | 450 | %{_mandir}/man5/* |
7f8ab60d | 451 | %{_mandir}/man8/PAM.* |
57fed07b | 452 | %{_mandir}/man8/mkhomedir_helper.8* |
fe9df33a | 453 | %{_mandir}/man8/pam.* |
db255670 | 454 | %{_mandir}/man8/pam_* |
7f8ab60d | 455 | %{_mandir}/man8/unix_chkpwd* |
85c2b5f9 | 456 | %{_mandir}/man8/unix_update* |
db255670 ER |
457 | %exclude %{_mandir}/man8/pam_selinux*.8* |
458 | %exclude %{_mandir}/man8/pam_sepermit*.8* | |
c9ad1aae | 459 | %ghost %verify(not md5 mtime size) /var/log/tallylog |
fe9df33a ER |
460 | |
461 | %files libs | |
462 | %defattr(644,root,root,755) | |
a1307506 | 463 | %dir /%{_lib}/security/pam_filter |
a738676c JB |
464 | %attr(755,root,root) /%{_lib}/libpam.so.*.*.* |
465 | %attr(755,root,root) %ghost /%{_lib}/libpam.so.0 | |
466 | %attr(755,root,root) /%{_lib}/libpam_misc.so.*.*.* | |
467 | %attr(755,root,root) %ghost /%{_lib}/libpam_misc.so.0 | |
468 | %attr(755,root,root) /%{_lib}/libpamc.so.*.*.* | |
469 | %attr(755,root,root) %ghost /%{_lib}/libpamc.so.0 | |
3bc02d41 JB |
470 | %attr(755,root,root) /%{_lib}/security/pam_access.so |
471 | %attr(755,root,root) /%{_lib}/security/pam_console.so | |
472 | %attr(755,root,root) /%{_lib}/security/pam_cracklib.so | |
473 | %attr(755,root,root) /%{_lib}/security/pam_debug.so | |
474 | %attr(755,root,root) /%{_lib}/security/pam_deny.so | |
7f8ab60d | 475 | %attr(755,root,root) /%{_lib}/security/pam_echo.so |
3bc02d41 | 476 | %attr(755,root,root) /%{_lib}/security/pam_env.so |
7f8ab60d JR |
477 | %attr(755,root,root) /%{_lib}/security/pam_exec.so |
478 | %attr(755,root,root) /%{_lib}/security/pam_faildelay.so | |
3bc02d41 | 479 | %attr(755,root,root) /%{_lib}/security/pam_filter.so |
7f8ab60d | 480 | %attr(755,root,root) /%{_lib}/security/pam_filter/upperLOWER |
3bc02d41 JB |
481 | %attr(755,root,root) /%{_lib}/security/pam_ftp.so |
482 | %attr(755,root,root) /%{_lib}/security/pam_group.so | |
3bc02d41 | 483 | %attr(755,root,root) /%{_lib}/security/pam_issue.so |
7f8ab60d | 484 | %attr(755,root,root) /%{_lib}/security/pam_keyinit.so |
3bc02d41 JB |
485 | %attr(755,root,root) /%{_lib}/security/pam_lastlog.so |
486 | %attr(755,root,root) /%{_lib}/security/pam_limits.so | |
487 | %attr(755,root,root) /%{_lib}/security/pam_listfile.so | |
e1e49c86 | 488 | %attr(755,root,root) /%{_lib}/security/pam_localuser.so |
7f8ab60d | 489 | %attr(755,root,root) /%{_lib}/security/pam_loginuid.so |
3bc02d41 | 490 | %attr(755,root,root) /%{_lib}/security/pam_mail.so |
7f8ab60d | 491 | %attr(755,root,root) /%{_lib}/security/pam_mkhomedir.so |
3bc02d41 | 492 | %attr(755,root,root) /%{_lib}/security/pam_motd.so |
b81508df | 493 | %attr(755,root,root) /%{_lib}/security/pam_namespace.so |
3bc02d41 JB |
494 | %attr(755,root,root) /%{_lib}/security/pam_nologin.so |
495 | %attr(755,root,root) /%{_lib}/security/pam_permit.so | |
7f8ab60d | 496 | %attr(755,root,root) /%{_lib}/security/pam_pwexport.so |
3bc02d41 | 497 | %attr(755,root,root) /%{_lib}/security/pam_pwgen.so |
57fed07b | 498 | %attr(755,root,root) /%{_lib}/security/pam_pwhistory.so |
3bc02d41 JB |
499 | %attr(755,root,root) /%{_lib}/security/pam_rhosts.so |
500 | %attr(755,root,root) /%{_lib}/security/pam_rootok.so | |
7f8ab60d | 501 | %attr(755,root,root) /%{_lib}/security/pam_rps.so |
3bc02d41 JB |
502 | %attr(755,root,root) /%{_lib}/security/pam_securetty.so |
503 | %attr(755,root,root) /%{_lib}/security/pam_shells.so | |
504 | %attr(755,root,root) /%{_lib}/security/pam_stress.so | |
e1e49c86 | 505 | %attr(755,root,root) /%{_lib}/security/pam_succeed_if.so |
7f8ab60d | 506 | %attr(755,root,root) /%{_lib}/security/pam_tally2.so |
3bc02d41 JB |
507 | %attr(755,root,root) /%{_lib}/security/pam_tally.so |
508 | %attr(755,root,root) /%{_lib}/security/pam_time.so | |
7f8ab60d | 509 | %attr(755,root,root) /%{_lib}/security/pam_timestamp.so |
6d7d9335 | 510 | %{?with_audit:%attr(755,root,root) /%{_lib}/security/pam_tty_audit.so} |
7f8ab60d | 511 | %attr(755,root,root) /%{_lib}/security/pam_umask.so |
3bc02d41 JB |
512 | %attr(755,root,root) /%{_lib}/security/pam_unix.so |
513 | %attr(755,root,root) /%{_lib}/security/pam_userdb.so | |
3bc02d41 JB |
514 | %attr(755,root,root) /%{_lib}/security/pam_warn.so |
515 | %attr(755,root,root) /%{_lib}/security/pam_wheel.so | |
516 | %attr(755,root,root) /%{_lib}/security/pam_xauth.so | |
f0f219ac | 517 | |
518 | %files devel | |
abb00f9e | 519 | %defattr(644,root,root,755) |
964f5d32 | 520 | %if %{with doc} |
a738676c | 521 | %doc doc/{adg,mwg}/Linux-PAM_*.txt doc/{adg,mwg,}/html |
964f5d32 | 522 | %endif |
a738676c JB |
523 | %attr(755,root,root) %{_libdir}/libpam.so |
524 | %attr(755,root,root) %{_libdir}/libpam_misc.so | |
525 | %attr(755,root,root) %{_libdir}/libpamc.so | |
526 | %{_libdir}/libpam.la | |
527 | %{_libdir}/libpam_misc.la | |
528 | %{_libdir}/libpamc.la | |
529 | %{_includedir}/security/_pam_*.h | |
530 | %{_includedir}/security/pam*.h | |
531 | %{_mandir}/man3/misc_conv.3* | |
532 | %{_mandir}/man3/pam*.3* | |
e523043b | 533 | |
ac46f43b | 534 | %files static |
051aeb4a | 535 | %defattr(644,root,root,755) |
98b63014 JR |
536 | %{_libdir}/libpam.a |
537 | %{_libdir}/libpamc.a | |
538 | %{_libdir}/libpam_misc.a | |
7c2f893c | 539 | |
1fbc0597 JR |
540 | %if %{with selinux} |
541 | %files pam_selinux | |
542 | %defattr(644,root,root,755) | |
1fbc0597 | 543 | %attr(755,root,root) /%{_lib}/security/pam_selinux.so |
85c2b5f9 | 544 | %attr(755,root,root) /%{_lib}/security/pam_sepermit.so |
1fbc0597 | 545 | %attr(755,root,root) %{_sbindir}/pam_selinux_check |
c9ad1aae ER |
546 | %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/pam_selinux_check |
547 | %config(noreplace) %verify(not md5 mtime size) /etc/security/sepermit.conf | |
1fbc0597 | 548 | %{_mandir}/man8/pam_selinux*.8* |
85c2b5f9 | 549 | %{_mandir}/man8/pam_sepermit*.8* |
52c22c8a | 550 | %dir /var/run/sepermit |
1fbc0597 | 551 | %endif |