]>
Commit | Line | Data |
---|---|---|
39c2efed ER |
1 | # TODO |
2 | # - check and package docs: https://fedorahosted.org/releases/l/i/linux-pam/Linux-PAM-1.1.8-docs.tar.bz2 | |
62c4d422 | 3 | # - fix pdf gen or disable it: No fo2pdf processor installed, skip PDF generation |
c9ad1aae | 4 | # |
d11ce12e | 5 | # Conditional build: |
b4afc5a5 | 6 | %bcond_without doc # don't build documentation |
b378d3bb | 7 | %bcond_with prelude # build with Prelude IDS support (in libpam) |
846d8fdc | 8 | %bcond_without selinux # build without SELinux support |
84871244 | 9 | %bcond_without audit # build with Linux Auditing library support |
37dd6f95 | 10 | |
48ec83cd | 11 | %define pam_pld_version 1.1.2-1 |
abb00f9e | 12 | Summary: Pluggable Authentication Modules: modular, incremental authentication |
b7025e7f ER |
13 | Summary(de.UTF-8): Einsteckbare Authentifizierungsmodule: modulare, inkrementäre Authentifizierung |
14 | Summary(es.UTF-8): Módulos de autentificación plugables (PAM) | |
15 | Summary(fr.UTF-8): PAM : Pluggable Authentication Modules: modular, incremental authentication | |
16 | Summary(pl.UTF-8): Modularny system uwierzytelniania | |
17 | Summary(pt_BR.UTF-8): Módulos de autenticação plugáveis (PAM) | |
18 | Summary(ru.UTF-8): Интструмент, обеспечивающий аутентификацию для приложений | |
19 | Summary(tr.UTF-8): Modüler, artımsal doğrulama birimleri | |
20 | Summary(uk.UTF-8): Інструмент, що забезпечує аутентифікацію для програм | |
abb00f9e | 21 | Name: pam |
9ad2659b | 22 | Version: 1.3.0 |
b9a4dc19 | 23 | Release: 2 |
e6e4b559 | 24 | Epoch: 1 |
c96a8fe2 | 25 | License: GPL or BSD |
abb00f9e | 26 | Group: Base |
d9e597ca | 27 | Source0: http://www.linux-pam.org/library/Linux-PAM-%{version}.tar.bz2 |
9ad2659b ER |
28 | # Source0-md5: da4b2289b7cfb19583d54e9eaaef1c3a |
29 | Source1: http://www.linux-pam.org/library/Linux-PAM-%{version}-docs.tar.bz2 | |
30 | # Source1-md5: 30fa7fa696a5b3b8d2c3c41d9373a8f3 | |
c9ad1aae | 31 | Source2: ftp://ftp.pld-linux.org/software/pam/%{name}-pld-%{pam_pld_version}.tar.gz |
48ec83cd | 32 | # Source2-md5: f9ec6fcafcf1801bf318e60040244f2e |
7f8ab60d JR |
33 | Source3: other.pamd |
34 | Source4: system-auth.pamd | |
35 | Source5: config-util.pamd | |
c9ad1aae | 36 | Source6: %{name}_selinux_check.pamd |
7f8ab60d JR |
37 | Source7: system-auth.5 |
38 | Source8: config-util.5 | |
664ca91d | 39 | Source9: %{name}.tmpfiles |
024572d7 | 40 | Source10: postlogin.pamd |
7f8ab60d | 41 | Patch0: %{name}-pld-modules.patch |
57fed07b JR |
42 | Patch2: %{name}-tally-fail-close.patch |
43 | Patch3: %{name}-mkhomedir-notfound.patch | |
44 | Patch4: %{name}-db-gdbm.patch | |
45 | Patch5: %{name}-exec-failok.patch | |
3c20be82 | 46 | Patch6: update-motd.patch |
d9e597ca | 47 | URL: http://www.linux-pam.org/ |
85c2b5f9 | 48 | %{?with_audit:BuildRequires: audit-libs-devel >= 1.6.9} |
ce3569c4 | 49 | BuildRequires: autoconf >= 2.61 |
b8f360f2 | 50 | BuildRequires: automake |
1dc7ef6b | 51 | BuildRequires: bison |
234dfb8e | 52 | BuildRequires: cracklib-devel >= 2.8.3 |
b81508df | 53 | # gdbm due to db pulling libpthread |
de5c0104 | 54 | BuildRequires: flex |
c9ad1aae | 55 | BuildRequires: gdbm-devel >= 1.8.3-7 |
8d4d959f | 56 | BuildRequires: gettext-tools >= 0.18.3 |
57fed07b | 57 | BuildRequires: glibc-devel >= 6:2.10.1 |
ce3569c4 | 58 | %{?with_prelude:BuildRequires: libprelude-devel >= 0.9.0} |
818d8684 | 59 | %{?with_selinux:BuildRequires: libselinux-devel >= 2.1.9} |
c044e6be JB |
60 | BuildRequires: libtirpc-devel |
61 | BuildRequires: libtool >= 2:2 | |
ce3569c4 | 62 | BuildRequires: libxcrypt-devel |
3895445c | 63 | %{?with_audit:BuildRequires: linux-libc-headers >= 2.6.23.1} |
c53831dc | 64 | BuildRequires: pkgconfig |
3895445c | 65 | BuildRequires: zlib-devel |
b4afc5a5 | 66 | %if %{with doc} |
57fed07b | 67 | BuildRequires: docbook-dtd412-xml |
7f8ab60d JR |
68 | BuildRequires: docbook-dtd43-xml |
69 | BuildRequires: docbook-dtd44-xml | |
70 | BuildRequires: docbook-style-xsl >= 1.69.1 | |
84871244 JR |
71 | # For building PDFs |
72 | #BuildRequires: fop | |
7f8ab60d JR |
73 | BuildRequires: libxml2-progs |
74 | BuildRequires: libxslt-progs | |
75 | BuildRequires: w3m | |
b4afc5a5 | 76 | %endif |
fe9df33a | 77 | Requires: %{name}-libs = %{epoch}:%{version}-%{release} |
25846ece | 78 | %{?with_audit:Requires: audit-libs >= 1.0.8} |
c9ad1aae | 79 | Requires: awk |
25846ece ER |
80 | Requires: cracklib >= 2.8.3 |
81 | Requires: cracklib-dicts >= 2.8.3 | |
82 | Requires: crypt(blowfish) | |
25846ece | 83 | Requires: glibc >= 6:2.5-0.5 |
818d8684 | 84 | %{?with_selinux:Requires: libselinux >= 2.1.9} |
eb400e74 | 85 | Suggests: make |
22604a87 | 86 | Suggests: pam-pam_userdb = %{epoch}:%{version}-%{release} |
73954d99 | 87 | Obsoletes: pam-doc |
25846ece ER |
88 | Obsoletes: pam-pam_opie |
89 | Obsoletes: pam-pam_pwdb | |
90 | Obsoletes: pam-pam_radius | |
91 | Obsoletes: pam-pam_skey | |
92 | Obsoletes: pam-pam_tcpd | |
c9ad1aae ER |
93 | Obsoletes: pam_make |
94 | Obsoletes: pamconfig | |
95 | Conflicts: dev < 3.4-4 | |
25846ece | 96 | Conflicts: pam < 0:0.80.1-2 |
c9ad1aae | 97 | Conflicts: udev < 1:138-5 |
28fa39c9 | 98 | BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n) |
f0f219ac | 99 | |
37dd6f95 ER |
100 | %define _sbindir /sbin |
101 | ||
f0f219ac | 102 | %description |
faaf5eea | 103 | PAM (Pluggable Authentication Modules) is a powerful, flexible, |
104 | extensible authentication system which allows the system administrator | |
105 | to configure authentication services individually for every | |
106 | pam-compliant application without recompiling any of the applications. | |
f0f219ac | 107 | |
e2cbb18f JR |
108 | %description -l de.UTF-8 |
109 | PAM (Pluggable Authentication Modules) ist ein leistungsfähiges, | |
faaf5eea | 110 | flexibles und erweiterbares Authentifizierungssystem, mit dem der |
e2cbb18f | 111 | Systemverwalter Authentifizierungs-Dienste individuell für jede |
faaf5eea | 112 | pam-kompatible Anwendung konfigurieren kann, ohne diese neu |
e2cbb18f | 113 | kompilieren zu müssen. |
f0f219ac | 114 | |
e2cbb18f JR |
115 | %description -l es.UTF-8 |
116 | PAM (Módulos de Autenticación Plugables) es un potente, flexible y | |
117 | extensible sistema de autentificación, que permite al administrador | |
118 | del sistema configurar servicios de autentificación individualmente | |
119 | para cada aplicación pam compatible, sin la necesidad de recompilar | |
8797d11d JB |
120 | cualquier una de las aplicaciones. |
121 | ||
e2cbb18f JR |
122 | %description -l fr.UTF-8 |
123 | PAM (Pluggable Authentication Modules) est un systéme | |
124 | d'authentification puissant, souple et extensible permettant à | |
125 | l'administrateur système de configurer les individuellement les | |
126 | services d'authentification pour chaque application conforme à PAM, | |
faaf5eea | 127 | sans recompiler aucune application. |
ac46f43b | 128 | |
e2cbb18f JR |
129 | %description -l pl.UTF-8 |
130 | PAM (Pluggable Authentication Modules) jest silnym i łatwo | |
131 | dostosowywalnym do potrzeb systemem uwierzytelniania, który umożliwia | |
132 | administratorowi indywidualne konfigurowanie poszczególnych usług, | |
133 | które są dostosowane i skonsolidowane z bibliotekami PAM, bez | |
134 | późniejszej ich rekompilacji w momencie zmiany sposobu | |
135 | uwierzytelniania tychże usług. | |
b1babe47 | 136 | |
e2cbb18f JR |
137 | %description -l pt_BR.UTF-8 |
138 | PAM (Módulos de Autenticação Plugáveis) é um poderoso, flexível e | |
139 | extensível sistema de autenticação, que permite o administrador do | |
140 | sistema configurar serviços de autenticação individualmente para cada | |
141 | aplicação pam compatível, sem necessidade de recompilar qualquer uma | |
142 | das aplicações. | |
51c8ab2d | 143 | |
e2cbb18f JR |
144 | %description -l uk.UTF-8 |
145 | PAM (Pluggable Authentication Modules) - це потужна, гнучка, здатна до | |
146 | розширення система аутентикації, яка дозволяє системному | |
147 | адміністратору налагоджувати севіси авторизації доступу (аутентикації) | |
148 | індивідуально для кожної pam-сумісної програми без необхідності | |
149 | перекомпіляції самої програми. Це базовий механізм аутентикації в PLD | |
b440fddc | 150 | Linux. |
151 | ||
e2cbb18f JR |
152 | %description -l tr.UTF-8 |
153 | PAM (Pluggable Authentication Modules) sistem yöneticilerinin | |
154 | uygulamalardan herhangi birini yeniden derlemeksizin bütün PAM uyumlu | |
155 | uygulamalar için doğrulama hizmetlerini ayarlamalarına yardımcı olan, | |
156 | güclü, esnek ve kapsamlı bir doğrulama sistemidir. | |
51c8ab2d | 157 | |
e2cbb18f JR |
158 | %description -l ru.UTF-8 |
159 | PAM (Pluggable Authentication Modules) - это мощная, гибкая, | |
160 | расширяемая система аутентикации, позволяющая системному | |
161 | администратору конфигурировать сервисы авторизации доступа | |
162 | (аутентикации) индивидуально для каждой pam-совместимой программы без | |
163 | необходимости перекомпилляции самой программы. Это базовый механизм | |
164 | аутентикации в PLD Linux. | |
b440fddc | 165 | |
fe9df33a | 166 | %package libs |
25846ece ER |
167 | Summary: PAM libraries |
168 | Summary(pl.UTF-8): Moduły PAM | |
fe9df33a | 169 | Group: Libraries |
234dfb8e | 170 | Requires(triggerpostun): sed >= 4.0 |
fe9df33a ER |
171 | |
172 | %description libs | |
25846ece | 173 | PAM libraries. |
fe9df33a | 174 | |
e2cbb18f | 175 | %description libs -l pl.UTF-8 |
25846ece | 176 | Moduły PAM. |
b96eca5e | 177 | |
ac46f43b | 178 | %package devel |
abb00f9e | 179 | Summary: PAM header files |
b7025e7f ER |
180 | Summary(pl.UTF-8): Pliki nagłówkowe i dokumentacja programisty do PAM |
181 | Summary(pt_BR.UTF-8): Bibliotecas e arquivos de inclusão para desenvolvimento com PAM | |
182 | Summary(ru.UTF-8): Библиотеки разработчика для PAM | |
183 | Summary(uk.UTF-8): Бібліотеки програміста для PAM | |
0bb742f7 | 184 | Group: Development/Libraries |
846d8fdc | 185 | Requires: %{name} = %{epoch}:%{version}-%{release} |
15909b27 | 186 | %{?with_audit:Requires: audit-libs-devel >= 1.0.8} |
a3ffb3a4 | 187 | Requires: filesystem >= 3.0-11 |
ac46f43b JR |
188 | |
189 | %description devel | |
190 | Header files for developing PAM based applications. | |
f0f219ac | 191 | |
e2cbb18f JR |
192 | %description devel -l pl.UTF-8 |
193 | Pliki nagłówkowe i dokumentacja programisty do PAM. | |
ac46f43b | 194 | |
e2cbb18f JR |
195 | %description devel -l pt_BR.UTF-8 |
196 | Bibliotecas e arquivos de inclusão para desenvolvimento com PAM | |
51c8ab2d | 197 | |
e2cbb18f JR |
198 | %description devel -l ru.UTF-8 |
199 | Этот пакет содержит хедеры и библиотеки разработчика для PAM. | |
b440fddc | 200 | |
e2cbb18f JR |
201 | %description devel -l uk.UTF-8 |
202 | Цей пакет містить хедери та бібліотеки програміста для PAM. | |
b440fddc | 203 | |
ac46f43b | 204 | %package static |
abb00f9e | 205 | Summary: PAM static libraries |
b7025e7f ER |
206 | Summary(pl.UTF-8): Biblioteki statyczne PAM |
207 | Summary(ru.UTF-8): Статические библиотеки разработчика для PAM | |
208 | Summary(uk.UTF-8): Статичні бібліотеки програміста для PAM | |
0bb742f7 | 209 | Group: Development/Libraries |
846d8fdc | 210 | Requires: %{name}-devel = %{epoch}:%{version}-%{release} |
ac46f43b JR |
211 | |
212 | %description static | |
213 | PAM static libraries. | |
b1babe47 | 214 | |
e2cbb18f | 215 | %description static -l pl.UTF-8 |
ac46f43b | 216 | Biblioteki statyczne PAM. |
b1babe47 | 217 | |
e2cbb18f JR |
218 | %description static -l ru.UTF-8 |
219 | Этот пакет содержит статические библиотеки разработчика для PAM. | |
b440fddc | 220 | |
e2cbb18f JR |
221 | %description static -l uk.UTF-8 |
222 | Цей пакет містить статичні бібліотеки програміста для PAM. | |
b440fddc | 223 | |
1fbc0597 JR |
224 | %package pam_selinux |
225 | Summary: PAM module - SELinux support | |
b7025e7f | 226 | Summary(pl.UTF-8): Moduł PAM pozwalający na zmianę kontekstów SELinuksa |
1fbc0597 | 227 | Group: Base |
818d8684 | 228 | Requires: libselinux >= 2.1.9 |
1fbc0597 JR |
229 | |
230 | %description pam_selinux | |
231 | PAM module - SELinux support. | |
232 | ||
e2cbb18f JR |
233 | %description pam_selinux -l pl.UTF-8 |
234 | Moduł PAM pozwalający na zmianę kontekstów SELinuksa. | |
1fbc0597 | 235 | |
e5de221b ER |
236 | %package pam_userdb |
237 | Summary: PAM module - authenticate against db database | |
238 | Group: Base | |
239 | Requires: gdbm >= 1.8.3-7 | |
240 | Conflicts: pam-libs < 1:1.1.8-3.1 | |
241 | ||
242 | %description pam_userdb | |
243 | pam_userdb - PAM module to authenticate against a Berkeley DB database | |
244 | ||
f0f219ac | 245 | %prep |
7f8ab60d | 246 | %setup -q -a2 -n Linux-PAM-%{version} |
3d3421d5 | 247 | %patch0 -p1 |
7f8ab60d JR |
248 | %patch2 -p1 |
249 | %patch3 -p1 | |
250 | %patch4 -p1 | |
251 | %patch5 -p1 | |
3c20be82 | 252 | %patch6 -p1 |
e523043b | 253 | |
ac46f43b | 254 | %build |
7796f9da | 255 | %{__libtoolize} |
fc1ef364 | 256 | %{__aclocal} -I m4 |
7796f9da | 257 | %{__autoconf} |
258 | %{__autoheader} | |
259 | %{__automake} | |
7edd7783 | 260 | %configure \ |
6dc76558 | 261 | ac_cv_path_FO2PDF= \ |
7f8ab60d JR |
262 | --enable-static \ |
263 | --enable-shared \ | |
264 | --libdir=/%{_lib} \ | |
265 | --includedir=%{_includedir}/security \ | |
266 | --enable-isadir=../../%{_lib}/security \ | |
b81508df | 267 | --enable-db=gdbm \ |
1fbc0597 JR |
268 | %{!?with_selinux:--disable-selinux} \ |
269 | %{!?with_prelude:--disable-prelude} \ | |
7f8ab60d | 270 | %{!?with_audit:--disable-audit} |
c894cd9b | 271 | |
7f8ab60d JR |
272 | # we must explicitely update-gmo as we patch a po file |
273 | %{__make} -C po update-gmo | |
0c9926ce MB |
274 | %{__make} \ |
275 | DEFS="-DHAVE_CONFIG_H -D_GNU_SOURCE" | |
f0f219ac | 276 | |
277 | %install | |
4587144c | 278 | rm -rf $RPM_BUILD_ROOT |
e58dd313 | 279 | install -d $RPM_BUILD_ROOT{%{_libdir},/etc/pam.d,/var/{log,run/sepermit}} \ |
0bc3c2f5 | 280 | $RPM_BUILD_ROOT%{systemdtmpfilesdir} |
4d13ca23 | 281 | |
4be82bfe JB |
282 | %{__make} install \ |
283 | DESTDIR=$RPM_BUILD_ROOT | |
4d13ca23 | 284 | |
848c50ae | 285 | %if %{with selinux} |
0bc3c2f5 ER |
286 | install -p modules/pam_selinux/.libs/pam_selinux_check $RPM_BUILD_ROOT%{_sbindir} |
287 | cp -p modules/pam_selinux/pam_selinux_check.8 $RPM_BUILD_ROOT%{_mandir}/man8 | |
288 | cp -p %{SOURCE6} $RPM_BUILD_ROOT/etc/pam.d/pam_selinux_check | |
848c50ae | 289 | %endif |
7f8ab60d | 290 | |
0bc3c2f5 | 291 | cp -p %{SOURCE9} $RPM_BUILD_ROOT%{systemdtmpfilesdir}/%{name}.conf |
664ca91d | 292 | |
c9ad1aae | 293 | install -d doc/txts |
e5de221b ER |
294 | for r in modules/pam_*/README; do |
295 | cp -pf $r doc/txts/README.$(basename $(dirname $r)) | |
7f8ab60d | 296 | done |
c044e6be | 297 | %{__rm} doc/txts/README.pam_userdb |
c9ad1aae | 298 | install -d doc/html |
e5de221b | 299 | cp -pf doc/index.html doc/html/ |
7f8ab60d JR |
300 | |
301 | # fix PAM/pam man page | |
302 | echo ".so PAM.8" > $RPM_BUILD_ROOT%{_mandir}/man8/pam.8 | |
f0f219ac | 303 | |
157b3e1c | 304 | :> $RPM_BUILD_ROOT/etc/security/opasswd |
b43d0a9b | 305 | :> $RPM_BUILD_ROOT/etc/security/blacklist |
9e64e40d | 306 | |
7f8ab60d | 307 | :> $RPM_BUILD_ROOT/var/log/tallylog |
508c2464 | 308 | |
c044e6be | 309 | %{__mv} $RPM_BUILD_ROOT/%{_lib}/lib*.a $RPM_BUILD_ROOT%{_libdir} |
508c2464 | 310 | |
c1d4fb20 | 311 | cd $RPM_BUILD_ROOT/%{_lib} |
a1307506 | 312 | for f in lib*.la ; do |
c044e6be JB |
313 | %{__sed} -e 's|/%{_lib}/libpam|%{_libdir}/libpam|g' \ |
314 | -e "s|libdir='/%{_lib}|libdir='%{_libdir}|g" $f > $RPM_BUILD_ROOT%{_libdir}/$f | |
315 | %{__rm} $f | |
a1307506 | 316 | done |
c1d4fb20 AM |
317 | ln -sf /%{_lib}/$(echo libpam.so.*.*.*) $RPM_BUILD_ROOT%{_libdir}/libpam.so |
318 | ln -sf /%{_lib}/$(echo libpam_misc.so.*.*.*) $RPM_BUILD_ROOT%{_libdir}/libpam_misc.so | |
319 | ln -sf /%{_lib}/$(echo libpamc.so.*.*.*) $RPM_BUILD_ROOT%{_libdir}/libpamc.so | |
7f8ab60d | 320 | cd - |
8ab52661 | 321 | |
0bc3c2f5 ER |
322 | cp -p %{SOURCE3} $RPM_BUILD_ROOT/etc/pam.d/other |
323 | cp -p %{SOURCE4} $RPM_BUILD_ROOT/etc/pam.d/system-auth | |
324 | cp -p %{SOURCE5} $RPM_BUILD_ROOT/etc/pam.d/config-util | |
024572d7 | 325 | cp -p %{SOURCE10} $RPM_BUILD_ROOT/etc/pam.d/postlogin |
7f8ab60d | 326 | |
0bc3c2f5 ER |
327 | cp -p %{SOURCE7} $RPM_BUILD_ROOT%{_mandir}/man5/system-auth.5 |
328 | cp -p %{SOURCE8} $RPM_BUILD_ROOT%{_mandir}/man5/config-util.5 | |
c38ff42d | 329 | |
b81508df JR |
330 | # Make sure every module subdirectory gave us a module. Yes, this is hackish. |
331 | for dir in modules/pam_* ; do | |
df8313a3 | 332 | %if %{without selinux} |
f9ad2164 | 333 | [ ${dir} = "modules/pam_selinux" ] && continue |
85c2b5f9 | 334 | [ ${dir} = "modules/pam_sepermit" ] && continue |
6d7d9335 JK |
335 | %endif |
336 | %if %{without audit} | |
337 | [ ${dir} = "modules/pam_tty_audit" ] && continue | |
f9ad2164 | 338 | %endif |
b81508df JR |
339 | if [ -d ${dir} ] ; then |
340 | if ! ls -1 $RPM_BUILD_ROOT/%{_lib}/security/`basename ${dir}`*.so ; then | |
341 | echo ERROR `basename ${dir}` did not build a module. | |
342 | exit 1 | |
343 | fi | |
344 | fi | |
345 | done | |
346 | ||
347 | for module in $RPM_BUILD_ROOT/%{_lib}/security/pam*.so ; do | |
348 | # Check for module problems. Specifically, check that every module we just | |
349 | # installed can actually be loaded by a minimal PAM-aware application. | |
350 | if ! env LD_LIBRARY_PATH=$RPM_BUILD_ROOT/%{_lib} \ | |
351 | ./dlopen.sh -ldl -lpam -L$RPM_BUILD_ROOT/%{_lib} ${module} ; then | |
352 | echo ERROR module: ${module} cannot be loaded. | |
353 | exit 1 | |
354 | fi | |
b81508df JR |
355 | done |
356 | ||
aae9c5e1 | 357 | # useless - shut up check-files |
c044e6be JB |
358 | %{__rm} $RPM_BUILD_ROOT/%{_lib}/security/*.{la,a} |
359 | %{__rm} $RPM_BUILD_ROOT/%{_lib}/lib*.so | |
360 | %{__rm} -r $RPM_BUILD_ROOT%{_docdir}/Linux-PAM | |
fe9df33a | 361 | |
df8313a3 | 362 | %if %{without selinux} |
fe9df33a ER |
363 | rm -rf $RPM_BUILD_ROOT{/%{_lib}/security/pam_selinux.so,%{_sbindir}/pam_selinux_check,%{_mandir}/man8/pam_selinux*.8*} |
364 | %endif | |
aae9c5e1 | 365 | |
7f8ab60d JR |
366 | %find_lang Linux-PAM |
367 | ||
abb00f9e | 368 | %clean |
4587144c | 369 | rm -rf $RPM_BUILD_ROOT |
abb00f9e | 370 | |
5d252f91 | 371 | %triggerpostun libs -- %{name}-libs < 0.99.7.1 |
db255670 | 372 | for f in $(grep -l "\(pam_make\|pam_homedir\)" /etc/pam.d/*); do |
a1307506 JR |
373 | case "$f" in |
374 | *rpmorig|*rpmnew|*rpmsave|*~|*.orig) | |
375 | continue | |
376 | ;; | |
377 | *) | |
234dfb8e JR |
378 | cp -f "$f" "$f.rpmorig" |
379 | sed -i -e 's/pam_make\.so \(.*\)/pam_exec.so failok seteuid \/usr\/bin\/make -C \1/g' \ | |
380 | -e 's/pam_homedir\.so/pam_mkhomedir.so/g' "$f" | |
a1307506 JR |
381 | ;; |
382 | esac | |
383 | done | |
384 | if [ -d /var/lock/console -a -d /var/run/console ]; then | |
75f2161e | 385 | cp -a /var/lock/console/* /var/run/console/ 2> /dev/null |
234dfb8e | 386 | rm -rf /var/lock/console |
a1307506 | 387 | fi |
5d252f91 | 388 | |
37dd6f95 ER |
389 | %triggerin -- cronie,vixie-cron,hc-cron,fcron,mcron |
390 | # restart crond if pam is upgraded | |
391 | # (crond is linked with old libpam but tries to open modules linked with new libpam) | |
392 | if [ "$1" != 1 ]; then | |
393 | %service -q crond restart | |
394 | fi | |
d2d4c3b4 | 395 | exit 0 |
37dd6f95 | 396 | |
f1a6863d ER |
397 | %triggerpostun -- %{name} < 1:1.1.5-8 |
398 | # removed in 1.1.4 | |
399 | if grep -qs change_uid /etc/pam.d/system-auth; then | |
400 | %{__sed} -i -e '/session/ s/change_uid//' /etc/pam.d/system-auth | |
401 | fi | |
402 | ||
15d8e9b5 JR |
403 | # We want it added for painless upgarde even if it mean log pollution for non-systemd |
404 | # enabled systems, | |
405 | # If this module is not present on systemd enabled system then `systemctl restart sshd.service` | |
406 | # will kill all sessions. | |
407 | if ! grep -qs pam_systemd /etc/pam.d/system-auth; then | |
eb64f1e9 | 408 | echo "-session optional pam_systemd.so" >>/etc/pam.d/system-auth |
15d8e9b5 JR |
409 | fi |
410 | ||
00005501 PZ |
411 | %post -p <lua> |
412 | fh, error = io.open("/var/log/tallylog") | |
b8423a52 | 413 | if fh ~= nil then |
00005501 PZ |
414 | io.close(fh) |
415 | else | |
416 | fh = io.open("/var/log/tallylog", "w+") | |
417 | io.close(fh) | |
418 | posix.chmod("/var/log/tallylog", "rw-------") | |
419 | end | |
0607c402 | 420 | |
fe9df33a ER |
421 | %post libs -p /sbin/ldconfig |
422 | %postun libs -p /sbin/ldconfig | |
96ffe39f | 423 | |
7f8ab60d | 424 | %files -f Linux-PAM.lang |
abb00f9e | 425 | %defattr(644,root,root,755) |
a738676c | 426 | %doc AUTHORS CHANGELOG ChangeLog Copyright NEWS doc/txts/README* |
fe9df33a | 427 | %if %{with doc} |
a738676c | 428 | %doc doc/specs/*.txt doc/sag/Linux-PAM_*.txt doc/{sag,}/html |
fe9df33a | 429 | %endif |
c9ad1aae ER |
430 | %dir /etc/pam.d |
431 | %dir /etc/security/console.apps | |
432 | %dir /etc/security/console.perms.d | |
433 | %dir /var/run/console | |
3c20be82 | 434 | %{systemdtmpfilesdir}/%{name}.conf |
b81508df | 435 | %config(noreplace) %verify(not md5 mtime size) /etc/environment |
b2c6cf13 ER |
436 | %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/other |
437 | %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/system-auth | |
7f8ab60d | 438 | %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/config-util |
024572d7 | 439 | %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/postlogin |
b2c6cf13 | 440 | %config(noreplace) %verify(not md5 mtime size) /etc/security/access.conf |
b43d0a9b | 441 | %config(noreplace) %verify(not md5 mtime size) /etc/security/blacklist |
b81508df JR |
442 | %config(noreplace) %verify(not md5 mtime size) /etc/security/console.handlers |
443 | %config(noreplace) %verify(not md5 mtime size) /etc/security/console.perms | |
b2c6cf13 ER |
444 | %config(noreplace) %verify(not md5 mtime size) /etc/security/group.conf |
445 | %config(noreplace) %verify(not md5 mtime size) /etc/security/limits.conf | |
b81508df JR |
446 | %config(noreplace) %verify(not md5 mtime size) /etc/security/namespace.conf |
447 | %attr(755,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/security/namespace.init | |
448 | %config(noreplace) %verify(not md5 mtime size) /etc/security/pam_env.conf | |
b2c6cf13 | 449 | %config(noreplace) %verify(not md5 mtime size) /etc/security/time.conf |
e6a1f162 ER |
450 | %config(noreplace) %verify(not md5 mtime size) /etc/security/trigram |
451 | %config(noreplace) %verify(not md5 mtime size) /etc/security/trigram.en | |
e8c63aa7 | 452 | %config(noreplace) %verify(not md5 mtime size) /etc/security/trigram.de |
698e82b0 | 453 | %config(noreplace) %verify(not md5 mtime size) /etc/security/trigram.dk |
e8c63aa7 ER |
454 | %config(noreplace) %verify(not md5 mtime size) /etc/security/trigram.es |
455 | %config(noreplace) %verify(not md5 mtime size) /etc/security/trigram.fi | |
456 | %config(noreplace) %verify(not md5 mtime size) /etc/security/trigram.it | |
457 | %config(noreplace) %verify(not md5 mtime size) /etc/security/trigram.ja | |
458 | %config(noreplace) %verify(not md5 mtime size) /etc/security/trigram.no | |
459 | %config(noreplace) %verify(not md5 mtime size) /etc/security/trigram.pl | |
e6a1f162 | 460 | %config(noreplace) %verify(not md5 mtime size) /etc/security/console.perms.d/50-default.perms |
b2c6cf13 | 461 | %attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/security/opasswd |
fe9df33a | 462 | %attr(755,root,root) %{_bindir}/pam_pwgen |
57fed07b | 463 | %attr(755,root,root) %{_sbindir}/mkhomedir_helper |
7f8ab60d | 464 | %attr(755,root,root) %{_sbindir}/pam_console_apply |
fe9df33a | 465 | %attr(755,root,root) %{_sbindir}/pam_tally |
7f8ab60d JR |
466 | %attr(755,root,root) %{_sbindir}/pam_tally2 |
467 | %attr(755,root,root) %{_sbindir}/pam_timestamp_check | |
fe9df33a | 468 | %attr(755,root,root) %{_sbindir}/pwgen_trigram |
57fed07b JR |
469 | %attr(4755,root,root) %{_sbindir}/unix_chkpwd |
470 | %attr(4755,root,root) %{_sbindir}/unix_update | |
b378d3bb JB |
471 | %{_mandir}/man5/access.conf.5* |
472 | %{_mandir}/man5/config-util.5* | |
473 | %{_mandir}/man5/console.apps.5* | |
474 | %{_mandir}/man5/console.handlers.5* | |
475 | %{_mandir}/man5/console.perms.5* | |
c044e6be | 476 | %{_mandir}/man5/environment.5* |
b378d3bb JB |
477 | %{_mandir}/man5/group.conf.5* |
478 | %{_mandir}/man5/limits.conf.5* | |
479 | %{_mandir}/man5/namespace.conf.5* | |
480 | %{_mandir}/man5/pam.conf.5* | |
481 | %{_mandir}/man5/pam.d.5* | |
482 | %{_mandir}/man5/pam_env.conf.5* | |
483 | %{_mandir}/man5/system-auth.5* | |
484 | %{_mandir}/man5/time.conf.5* | |
485 | %{_mandir}/man8/PAM.8* | |
57fed07b | 486 | %{_mandir}/man8/mkhomedir_helper.8* |
b378d3bb JB |
487 | %{_mandir}/man8/pam.8* |
488 | %{_mandir}/man8/pam_*.8* | |
489 | %{_mandir}/man8/unix_chkpwd.8* | |
490 | %{_mandir}/man8/unix_update.8* | |
24c8c941 | 491 | %if %{with selinux} |
db255670 | 492 | %exclude %{_mandir}/man8/pam_selinux*.8* |
b378d3bb | 493 | %exclude %{_mandir}/man8/pam_sepermit.8* |
81eb0561 | 494 | %endif |
e5de221b | 495 | %exclude %{_mandir}/man8/pam_userdb.8* |
c9ad1aae | 496 | %ghost %verify(not md5 mtime size) /var/log/tallylog |
fe9df33a | 497 | |
25846ece | 498 | # PAM modules |
3bc02d41 JB |
499 | %attr(755,root,root) /%{_lib}/security/pam_access.so |
500 | %attr(755,root,root) /%{_lib}/security/pam_console.so | |
501 | %attr(755,root,root) /%{_lib}/security/pam_cracklib.so | |
502 | %attr(755,root,root) /%{_lib}/security/pam_debug.so | |
503 | %attr(755,root,root) /%{_lib}/security/pam_deny.so | |
7f8ab60d | 504 | %attr(755,root,root) /%{_lib}/security/pam_echo.so |
3bc02d41 | 505 | %attr(755,root,root) /%{_lib}/security/pam_env.so |
7f8ab60d JR |
506 | %attr(755,root,root) /%{_lib}/security/pam_exec.so |
507 | %attr(755,root,root) /%{_lib}/security/pam_faildelay.so | |
3bc02d41 | 508 | %attr(755,root,root) /%{_lib}/security/pam_filter.so |
7f8ab60d | 509 | %attr(755,root,root) /%{_lib}/security/pam_filter/upperLOWER |
3bc02d41 JB |
510 | %attr(755,root,root) /%{_lib}/security/pam_ftp.so |
511 | %attr(755,root,root) /%{_lib}/security/pam_group.so | |
3bc02d41 | 512 | %attr(755,root,root) /%{_lib}/security/pam_issue.so |
7f8ab60d | 513 | %attr(755,root,root) /%{_lib}/security/pam_keyinit.so |
3bc02d41 JB |
514 | %attr(755,root,root) /%{_lib}/security/pam_lastlog.so |
515 | %attr(755,root,root) /%{_lib}/security/pam_limits.so | |
516 | %attr(755,root,root) /%{_lib}/security/pam_listfile.so | |
e1e49c86 | 517 | %attr(755,root,root) /%{_lib}/security/pam_localuser.so |
7f8ab60d | 518 | %attr(755,root,root) /%{_lib}/security/pam_loginuid.so |
3bc02d41 | 519 | %attr(755,root,root) /%{_lib}/security/pam_mail.so |
7f8ab60d | 520 | %attr(755,root,root) /%{_lib}/security/pam_mkhomedir.so |
3bc02d41 | 521 | %attr(755,root,root) /%{_lib}/security/pam_motd.so |
b81508df | 522 | %attr(755,root,root) /%{_lib}/security/pam_namespace.so |
3bc02d41 JB |
523 | %attr(755,root,root) /%{_lib}/security/pam_nologin.so |
524 | %attr(755,root,root) /%{_lib}/security/pam_permit.so | |
7f8ab60d | 525 | %attr(755,root,root) /%{_lib}/security/pam_pwexport.so |
3bc02d41 | 526 | %attr(755,root,root) /%{_lib}/security/pam_pwgen.so |
57fed07b | 527 | %attr(755,root,root) /%{_lib}/security/pam_pwhistory.so |
3bc02d41 JB |
528 | %attr(755,root,root) /%{_lib}/security/pam_rhosts.so |
529 | %attr(755,root,root) /%{_lib}/security/pam_rootok.so | |
7f8ab60d | 530 | %attr(755,root,root) /%{_lib}/security/pam_rps.so |
3bc02d41 JB |
531 | %attr(755,root,root) /%{_lib}/security/pam_securetty.so |
532 | %attr(755,root,root) /%{_lib}/security/pam_shells.so | |
533 | %attr(755,root,root) /%{_lib}/security/pam_stress.so | |
e1e49c86 | 534 | %attr(755,root,root) /%{_lib}/security/pam_succeed_if.so |
7f8ab60d | 535 | %attr(755,root,root) /%{_lib}/security/pam_tally2.so |
3bc02d41 JB |
536 | %attr(755,root,root) /%{_lib}/security/pam_tally.so |
537 | %attr(755,root,root) /%{_lib}/security/pam_time.so | |
7f8ab60d | 538 | %attr(755,root,root) /%{_lib}/security/pam_timestamp.so |
6d7d9335 | 539 | %{?with_audit:%attr(755,root,root) /%{_lib}/security/pam_tty_audit.so} |
7f8ab60d | 540 | %attr(755,root,root) /%{_lib}/security/pam_umask.so |
3bc02d41 | 541 | %attr(755,root,root) /%{_lib}/security/pam_unix.so |
3bc02d41 JB |
542 | %attr(755,root,root) /%{_lib}/security/pam_warn.so |
543 | %attr(755,root,root) /%{_lib}/security/pam_wheel.so | |
544 | %attr(755,root,root) /%{_lib}/security/pam_xauth.so | |
f0f219ac | 545 | |
25846ece ER |
546 | %files libs |
547 | %defattr(644,root,root,755) | |
548 | %dir /%{_lib}/security/pam_filter | |
549 | %attr(755,root,root) /%{_lib}/libpam.so.*.*.* | |
550 | %attr(755,root,root) %ghost /%{_lib}/libpam.so.0 | |
551 | %attr(755,root,root) /%{_lib}/libpam_misc.so.*.*.* | |
552 | %attr(755,root,root) %ghost /%{_lib}/libpam_misc.so.0 | |
553 | %attr(755,root,root) /%{_lib}/libpamc.so.*.*.* | |
554 | %attr(755,root,root) %ghost /%{_lib}/libpamc.so.0 | |
555 | ||
f0f219ac | 556 | %files devel |
abb00f9e | 557 | %defattr(644,root,root,755) |
964f5d32 | 558 | %if %{with doc} |
a738676c | 559 | %doc doc/{adg,mwg}/Linux-PAM_*.txt doc/{adg,mwg,}/html |
964f5d32 | 560 | %endif |
a738676c JB |
561 | %attr(755,root,root) %{_libdir}/libpam.so |
562 | %attr(755,root,root) %{_libdir}/libpam_misc.so | |
563 | %attr(755,root,root) %{_libdir}/libpamc.so | |
564 | %{_libdir}/libpam.la | |
565 | %{_libdir}/libpam_misc.la | |
566 | %{_libdir}/libpamc.la | |
567 | %{_includedir}/security/_pam_*.h | |
568 | %{_includedir}/security/pam*.h | |
569 | %{_mandir}/man3/misc_conv.3* | |
570 | %{_mandir}/man3/pam*.3* | |
e523043b | 571 | |
ac46f43b | 572 | %files static |
051aeb4a | 573 | %defattr(644,root,root,755) |
98b63014 JR |
574 | %{_libdir}/libpam.a |
575 | %{_libdir}/libpamc.a | |
576 | %{_libdir}/libpam_misc.a | |
7c2f893c | 577 | |
1fbc0597 JR |
578 | %if %{with selinux} |
579 | %files pam_selinux | |
580 | %defattr(644,root,root,755) | |
1fbc0597 | 581 | %attr(755,root,root) /%{_lib}/security/pam_selinux.so |
85c2b5f9 | 582 | %attr(755,root,root) /%{_lib}/security/pam_sepermit.so |
1fbc0597 | 583 | %attr(755,root,root) %{_sbindir}/pam_selinux_check |
c9ad1aae ER |
584 | %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/pam_selinux_check |
585 | %config(noreplace) %verify(not md5 mtime size) /etc/security/sepermit.conf | |
b378d3bb | 586 | %{_mandir}/man5/sepermit.conf.5* |
1fbc0597 | 587 | %{_mandir}/man8/pam_selinux*.8* |
b378d3bb | 588 | %{_mandir}/man8/pam_sepermit.8* |
52c22c8a | 589 | %dir /var/run/sepermit |
1fbc0597 | 590 | %endif |
e5de221b ER |
591 | |
592 | %files pam_userdb | |
593 | %defattr(644,root,root,755) | |
594 | %doc modules/pam_userdb/README | |
595 | %attr(755,root,root) /%{_lib}/security/pam_userdb.so | |
596 | %{_mandir}/man8/pam_userdb.8* |