]>
Commit | Line | Data |
---|---|---|
1 | # TODO | |
2 | # - man -l pam_mount.8 | perl -pe 's/.\cH//g' >pam_mount.txt; | |
3 | # man: invalid option -- 'l' | |
4 | # man, version 1.6f | |
5 | %define modulename pam_mount | |
6 | Summary: A PAM module that can mount remote volumes for a user session | |
7 | Summary(pl.UTF-8): Moduł PAM, pozwalający montować zdalne zasoby na czas sesji użytkownika | |
8 | Name: pam-%{modulename} | |
9 | Version: 1.18 | |
10 | Release: 2 | |
11 | Epoch: 0 | |
12 | License: LGPL | |
13 | Group: Base | |
14 | Source0: http://dl.sourceforge.net/pam-mount/%{modulename}-%{version}.tar.bz2 | |
15 | # Source0-md5: 209a0e73d1b71e4fc724f2f3be695119 | |
16 | URL: http://pam-mount.sourceforge.net/ | |
17 | BuildRequires: autoconf | |
18 | BuildRequires: automake | |
19 | BuildRequires: glib2-devel | |
20 | BuildRequires: libHX-devel | |
21 | BuildRequires: libtool | |
22 | BuildRequires: libxml2-devel | |
23 | BuildRequires: openssl-devel >= 0.9.7d | |
24 | BuildRequires: pam-devel | |
25 | BuildRequires: pkgconfig | |
26 | BuildRequires: zlib-devel | |
27 | Obsoletes: pam_mount | |
28 | BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n) | |
29 | ||
30 | %description | |
31 | This module is aimed to environments with SMB (Samba or Windows NT) | |
32 | and/or NCP (Netware or Mars-NWE) servers that Unix users want or need | |
33 | to access, and some users have / every user has private volumes in | |
34 | that servers. The module also supports mounting home directories using | |
35 | loopback encrypted filesystems (see also | |
36 | http://www.tldp.org/HOWTO/Loopback-Encrypted-Filesystem-HOWTO.html). | |
37 | - Every user can access his/her own volumes | |
38 | - The user needs to type the password just once (at login) (*) | |
39 | - The mouting process is transparent to the users | |
40 | - There is no need to keep the login passwords in any additional file | |
41 | - The volumes are unmount upon logout, so it saves system resources, | |
42 | avoiding the need of listing every every possibly useful remote volume | |
43 | in /etc/fstab or in an automount/supermount config file. This is also | |
44 | necessary for securing encrypted filesystems. | |
45 | ||
46 | (*) Obviously, the user password in the Unix system and in the remote | |
47 | servers must be the same ;) | |
48 | ||
49 | Pam_mount "understands" SMB, NCP, and encrypted loopback volumes, but | |
50 | this can be extended very easily. | |
51 | ||
52 | %description -l pl.UTF-8 | |
53 | Przeznaczeniem tego modułu są środowiska z protokołem SMB (Samba lub | |
54 | Windows NT) i/lub NCP (Netware lub Mars-NWE), w których użytkownicy | |
55 | chcą lub potrzebują indywidualnych zasobów. Moduł ten wspiera także | |
56 | montowanie katalogów domowych z zaszyfrowanych systemów plików przy | |
57 | użyciu loopbacka (zobacz także: | |
58 | http://www.tldp.org/HOWTO/Loopback-Encrypted-Filesystem-HOWTO.html). | |
59 | - każdy użytkownik ma dostęp do swoich zasobów | |
60 | - użytkownik musi wpisać swoje hasło tylko raz (przy logowaniu) (*) | |
61 | - proces montowania jest niewidzialny dla użytkownika | |
62 | - nie ma potrzeby trzymania hasła i loginu w żadnym dodatkowym pliku | |
63 | - katalogi są odmontowywane podczas wylogowania, co oszczędza zasoby | |
64 | systemowe, zabezpiecza przed koniecznością umieszczenia każdego | |
65 | potrzebnego zdalnego zasobu w /etc/fstab lub w konfiguracji | |
66 | automounta/supermounta. Jest to także konieczne do zabezpieczenia | |
67 | zaszyfrowanych systemów plików. | |
68 | ||
69 | (*) Oczywiście hasło na lokalnym i zdalnym systemie musi być | |
70 | identyczne ;) | |
71 | ||
72 | pam_mount "rozumie" SMB, NCP oraz zaszyfrowane systemy plików po | |
73 | loopbacku, ale może być rozszerzony w prosty sposób. | |
74 | ||
75 | %prep | |
76 | %setup -q -n %{modulename}-%{version} | |
77 | ||
78 | %build | |
79 | %{__libtoolize} | |
80 | %{__aclocal} -I m4 | |
81 | %{__autoconf} | |
82 | %{__autoheader} | |
83 | %{__automake} | |
84 | %configure \ | |
85 | --disable-static | |
86 | %{__make} | |
87 | ||
88 | %install | |
89 | rm -rf $RPM_BUILD_ROOT | |
90 | install -d $RPM_BUILD_ROOT{/etc/security,/sbin} | |
91 | ||
92 | %{__make} install \ | |
93 | moduledir=/%{_lib}/security \ | |
94 | DESTDIR=$RPM_BUILD_ROOT | |
95 | ||
96 | install config/pam_mount.conf.xml $RPM_BUILD_ROOT/etc/security | |
97 | ln -sf /sbin/mount.crypt $RPM_BUILD_ROOT%{_bindir}/mount.crypt | |
98 | ||
99 | rm -f $RPM_BUILD_ROOT/%{_lib}/security/pam_mount.la | |
100 | ||
101 | # void code on non-OpenBSD, besides broken | |
102 | rm -f $RPM_BUILD_ROOT{%{_bindir}/mount_ehd,%{_mandir}/man8/mount_ehd.8} | |
103 | ||
104 | %clean | |
105 | rm -rf $RPM_BUILD_ROOT | |
106 | ||
107 | %files | |
108 | %defattr(644,root,root,755) | |
109 | %attr(755,root,root) /%{_lib}/security/pam_mount.so | |
110 | %config(noreplace) %verify(not md5 mtime size) /etc/security/pam_mount.conf.xml | |
111 | %attr(755,root,root) /sbin/mount.crypt | |
112 | %attr(755,root,root) /sbin/mount.crypt_LUKS | |
113 | %attr(755,root,root) /sbin/mount.crypto_LUKS | |
114 | %attr(755,root,root) /sbin/mount.encfs13 | |
115 | %attr(755,root,root) /sbin/umount.crypt | |
116 | %attr(755,root,root) /sbin/umount.crypt_LUKS | |
117 | %attr(755,root,root) /sbin/umount.crypto_LUKS | |
118 | %attr(755,root,root) %{_bindir}/mount.crypt | |
119 | %attr(755,root,root) %{_bindir}/pmt-fd0ssh | |
120 | %attr(755,root,root) %{_bindir}/pmt-ofl | |
121 | %attr(755,root,root) %{_sbindir}/pmt-ehd | |
122 | %attr(755,root,root) %{_sbindir}/pmvarrun | |
123 | %{_mandir}/man1/pmt-fd0ssh.1* | |
124 | %{_mandir}/man5/pam_mount.conf.5* | |
125 | %{_mandir}/man8/mount.crypt.8* | |
126 | %{_mandir}/man8/mount.crypt_LUKS.8* | |
127 | %{_mandir}/man8/mount.crypto_LUKS.8* | |
128 | %{_mandir}/man8/pam_mount.8* | |
129 | %{_mandir}/man8/pmt-ehd.8* | |
130 | %{_mandir}/man8/pmvarrun.8* | |
131 | %{_mandir}/man8/umount.crypt.8* | |
132 | %{_mandir}/man8/umount.crypt_LUKS.8* | |
133 | %{_mandir}/man8/umount.crypto_LUKS.8* |