2 # - fix pdf gen or disable it: No fo2pdf processor installed, skip PDF generation
3 # - replace pam_cracklib.so with pam_pwquality.so (backwards compatible with its options), comes with pam-pam_pwquality package
4 # - pam_tally, pam_tally2 are deprecated in favor of pam_faillock
5 # NOTE: https://github.com/linux-pam/linux-pam/releases/download/v%{version}/Linux-PAM-%{version}-docs.tar.xz
6 # is not needed here: it contains documentation in target formats (HTML, PDF) built from sources included in main tarball
9 %bcond_without doc # documentation
10 %bcond_with prelude # Prelude IDS support (in libpam)
11 %bcond_without cracklib # (deprecated) cracklib module
12 %bcond_without tally # (deprecated) tally/tally2 modules
13 %bcond_without selinux # SELinux support
14 %bcond_without audit # Linux Auditing library support
16 %define pam_pld_version 1.1.2-1
17 Summary: Pluggable Authentication Modules: modular, incremental authentication
18 Summary(de.UTF-8): Einsteckbare Authentifizierungsmodule: modulare, inkrementäre Authentifizierung
19 Summary(es.UTF-8): Módulos de autentificación plugables (PAM)
20 Summary(fr.UTF-8): PAM : Pluggable Authentication Modules: modular, incremental authentication
21 Summary(pl.UTF-8): Modularny system uwierzytelniania
22 Summary(pt_BR.UTF-8): Módulos de autenticação plugáveis (PAM)
23 Summary(ru.UTF-8): Интструмент, обеспечивающий аутентификацию для приложений
24 Summary(tr.UTF-8): Modüler, artımsal doğrulama birimleri
25 Summary(uk.UTF-8): Інструмент, що забезпечує аутентифікацію для програм
30 # The library is BSD licensed with option to relicense as GPLv2+
31 # - this option is redundant as the BSD license allows that anyway.
32 # pam_timestamp, pam_loginuid, and pam_console modules are GPLv2+.
33 License: BSD and GPL v2+
35 Source0: https://github.com/linux-pam/linux-pam/releases/download/v%{version}/Linux-PAM-%{version}.tar.xz
36 # Source0-md5: 39fca0523bccec6af4b63b5322276c84
37 Source2: ftp://ftp.pld-linux.org/software/pam/%{name}-pld-%{pam_pld_version}.tar.gz
38 # Source2-md5: f9ec6fcafcf1801bf318e60040244f2e
40 Source4: system-auth.pamd
41 Source5: config-util.pamd
42 Source6: %{name}_selinux_check.pamd
43 Source7: system-auth.5
44 Source8: config-util.5
45 Source9: %{name}.tmpfiles
46 Source10: postlogin.pamd
47 Patch0: %{name}-pld-modules.patch
48 Patch1: %{name}_console-lex-static.patch
49 Patch2: %{name}-tally-fail-close.patch
50 Patch3: %{name}-mkhomedir-notfound.patch
51 Patch4: %{name}-db-gdbm.patch
52 Patch5: %{name}-exec-failok.patch
53 Patch6: pam_console_pam_tty.patch
54 URL: http://www.linux-pam.org/
55 %{?with_audit:BuildRequires: audit-libs-devel >= 1.6.9}
56 BuildRequires: autoconf >= 2.61
57 BuildRequires: automake
59 %{?with_cracklib:BuildRequires: cracklib-devel >= 2.8.3}
61 # gdbm due to db pulling libpthread
62 BuildRequires: gdbm-devel >= 1.8.3-7
63 BuildRequires: gettext-tools >= 0.18.3
64 BuildRequires: glibc-devel >= 6:2.10.1
65 BuildRequires: libnsl-devel
66 %{?with_prelude:BuildRequires: libprelude-devel >= 0.9.0}
67 %{?with_selinux:BuildRequires: libselinux-devel >= 2.1.9}
68 BuildRequires: libtirpc-devel
69 BuildRequires: libtool >= 2:2
70 BuildRequires: libxcrypt-devel
71 %{?with_audit:BuildRequires: linux-libc-headers >= 2.6.23.1}
72 BuildRequires: pkgconfig
73 BuildRequires: tar >= 1:1.22
75 BuildRequires: zlib-devel
77 BuildRequires: docbook-dtd412-xml
78 BuildRequires: docbook-dtd43-xml
79 BuildRequires: docbook-dtd44-xml
80 BuildRequires: docbook-style-xsl >= 1.69.1
83 BuildRequires: libxml2-progs
84 BuildRequires: libxslt-progs
87 Requires: %{name}-libs = %{epoch}:%{version}-%{release}
88 %{?with_audit:Requires: audit-libs >= 1.0.8}
90 Requires: crypt(blowfish)
91 Requires: glibc >= 6:2.5-0.5
92 %{?with_selinux:Requires: libselinux >= 2.1.9}
93 %{?with_cracklib:Requires: pam-pam_cracklib = %{epoch}:%{version}-%{release}}
94 %{?with_tally:Requires: pam-pam_tally = %{epoch}:%{version}-%{release}}
96 Suggests: pam-pam_pwquality
97 Suggests: pam-pam_userdb = %{epoch}:%{version}-%{release}
99 Obsoletes: pam-pam_opie
100 Obsoletes: pam-pam_pwdb
101 Obsoletes: pam-pam_radius
102 Obsoletes: pam-pam_skey
103 Obsoletes: pam-pam_tcpd
106 Conflicts: dev < 3.4-4
107 Conflicts: pam < 0:0.80.1-2
108 Conflicts: udev < 1:138-5
109 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
111 %define _sbindir /sbin
114 PAM (Pluggable Authentication Modules) is a powerful, flexible,
115 extensible authentication system which allows the system administrator
116 to configure authentication services individually for every
117 pam-compliant application without recompiling any of the applications.
119 %description -l de.UTF-8
120 PAM (Pluggable Authentication Modules) ist ein leistungsfähiges,
121 flexibles und erweiterbares Authentifizierungssystem, mit dem der
122 Systemverwalter Authentifizierungs-Dienste individuell für jede
123 pam-kompatible Anwendung konfigurieren kann, ohne diese neu
124 kompilieren zu müssen.
126 %description -l es.UTF-8
127 PAM (Módulos de Autenticación Plugables) es un potente, flexible y
128 extensible sistema de autentificación, que permite al administrador
129 del sistema configurar servicios de autentificación individualmente
130 para cada aplicación pam compatible, sin la necesidad de recompilar
131 cualquier una de las aplicaciones.
133 %description -l fr.UTF-8
134 PAM (Pluggable Authentication Modules) est un systéme
135 d'authentification puissant, souple et extensible permettant à
136 l'administrateur système de configurer les individuellement les
137 services d'authentification pour chaque application conforme à PAM,
138 sans recompiler aucune application.
140 %description -l pl.UTF-8
141 PAM (Pluggable Authentication Modules) jest silnym i łatwo
142 dostosowywalnym do potrzeb systemem uwierzytelniania, który umożliwia
143 administratorowi indywidualne konfigurowanie poszczególnych usług,
144 które są dostosowane i skonsolidowane z bibliotekami PAM, bez
145 późniejszej ich rekompilacji w momencie zmiany sposobu
146 uwierzytelniania tychże usług.
148 %description -l pt_BR.UTF-8
149 PAM (Módulos de Autenticação Plugáveis) é um poderoso, flexível e
150 extensível sistema de autenticação, que permite o administrador do
151 sistema configurar serviços de autenticação individualmente para cada
152 aplicação pam compatível, sem necessidade de recompilar qualquer uma
155 %description -l uk.UTF-8
156 PAM (Pluggable Authentication Modules) - це потужна, гнучка, здатна до
157 розширення система аутентикації, яка дозволяє системному
158 адміністратору налагоджувати севіси авторизації доступу (аутентикації)
159 індивідуально для кожної pam-сумісної програми без необхідності
160 перекомпіляції самої програми. Це базовий механізм аутентикації в PLD
163 %description -l tr.UTF-8
164 PAM (Pluggable Authentication Modules) sistem yöneticilerinin
165 uygulamalardan herhangi birini yeniden derlemeksizin bütün PAM uyumlu
166 uygulamalar için doğrulama hizmetlerini ayarlamalarına yardımcı olan,
167 güclü, esnek ve kapsamlı bir doğrulama sistemidir.
169 %description -l ru.UTF-8
170 PAM (Pluggable Authentication Modules) - это мощная, гибкая,
171 расширяемая система аутентикации, позволяющая системному
172 администратору конфигурировать сервисы авторизации доступа
173 (аутентикации) индивидуально для каждой pam-совместимой программы без
174 необходимости перекомпилляции самой программы. Это базовый механизм
175 аутентикации в PLD Linux.
178 Summary: PAM libraries
179 Summary(pl.UTF-8): Moduły PAM
186 %description libs -l pl.UTF-8
190 Summary: PAM header files
191 Summary(pl.UTF-8): Pliki nagłówkowe i dokumentacja programisty do PAM
192 Summary(pt_BR.UTF-8): Bibliotecas e arquivos de inclusão para desenvolvimento com PAM
193 Summary(ru.UTF-8): Библиотеки разработчика для PAM
194 Summary(uk.UTF-8): Бібліотеки програміста для PAM
195 Group: Development/Libraries
196 Requires: %{name}-libs = %{epoch}:%{version}-%{release}
197 %{?with_audit:Requires: audit-libs-devel >= 1.0.8}
198 Requires: filesystem >= 3.0-11
201 Header files for developing PAM based applications.
203 %description devel -l pl.UTF-8
204 Pliki nagłówkowe i dokumentacja programisty do PAM.
206 %description devel -l pt_BR.UTF-8
207 Bibliotecas e arquivos de inclusão para desenvolvimento com PAM
209 %description devel -l ru.UTF-8
210 Этот пакет содержит хедеры и библиотеки разработчика для PAM.
212 %description devel -l uk.UTF-8
213 Цей пакет містить хедери та бібліотеки програміста для PAM.
216 Summary: PAM static libraries
217 Summary(pl.UTF-8): Biblioteki statyczne PAM
218 Summary(ru.UTF-8): Статические библиотеки разработчика для PAM
219 Summary(uk.UTF-8): Статичні бібліотеки програміста для PAM
220 Group: Development/Libraries
221 Requires: %{name}-devel = %{epoch}:%{version}-%{release}
224 PAM static libraries.
226 %description static -l pl.UTF-8
227 Biblioteki statyczne PAM.
229 %description static -l ru.UTF-8
230 Этот пакет содержит статические библиотеки разработчика для PAM.
232 %description static -l uk.UTF-8
233 Цей пакет містить статичні бібліотеки програміста для PAM.
235 %package pam_cracklib
236 Summary: PAM module to check the password against dictionary words
237 Summary(pl.UTF-8): Moduł PAM do sprawdzania haseł względem słów ze słownika
239 Requires: %{name}-libs = %{epoch}:%{version}-%{release}
240 Requires: cracklib >= 2.8.3
241 Requires: cracklib-dicts >= 2.8.3
243 %description pam_cracklib
244 PAM module to check the password against dictionary words.
246 %description pam_cracklib -l pl.UTF-8
247 Moduł PAM do sprawdzania haseł względem słów ze słownika.
250 Summary: PAM module - SELinux support
251 Summary(pl.UTF-8): Moduł PAM pozwalający na zmianę kontekstów SELinuksa
253 Requires: %{name}-libs = %{epoch}:%{version}-%{release}
254 Requires: libselinux >= 2.1.9
256 %description pam_selinux
257 PAM module - SELinux support.
259 %description pam_selinux -l pl.UTF-8
260 Moduł PAM pozwalający na zmianę kontekstów SELinuksa.
263 Summary: PAM module to check login counts (tallying)
264 Summary(pl.UTF-8): Moduł PAM do sprawdzania liczby logowań
266 Requires: %{name}-libs = %{epoch}:%{version}-%{release}
268 %description pam_tally
269 This module maintains a count of attempted accesses, can reset count
270 on success, can deny access if too many attempts fail.
272 %description pam_tally -l pl.UTF-8
273 Ten moduł utrzymuje licznik prób logowań, może zerować licznik przy
274 udanym logowaniu, może też blokować dostęp przy zbyt wielu
278 Summary: PAM module - authenticate against GDBM database
279 Summary(pl.UTF-8): Moduł PAM do uwierzytelniania względem bazy danych GDBM
281 Requires: %{name}-libs = %{epoch}:%{version}-%{release}
282 Requires: gdbm >= 1.8.3-7
284 %description pam_userdb
285 pam_userdb - PAM module to authenticate against GDBM database.
287 %description pam_userdb -l pl.UTF-8
288 pam_userdb - moduł PAM służący do uwierzytelniania względem bazy
292 %setup -q -a2 -n Linux-PAM-%{version}
312 --includedir=%{_includedir}/security \
313 %{!?with_audit:--disable-audit} \
314 %{?with_cracklib:--enable-cracklib} \
316 %{!?with_doc:--disable-regenerate-docu} \
317 --enable-isadir=../../%{_lib}/security \
318 %{!?with_prelude:--disable-prelude} \
319 %{!?with_selinux:--disable-selinux} \
320 %{?with_tally:--enable-tally} \
321 %{?with_tally:--enable-tally2}
323 # we must explicitely update-gmo as we patch a po file
324 %{__make} -C po update-gmo
326 DEFS="-DHAVE_CONFIG_H -D_GNU_SOURCE"
329 rm -rf $RPM_BUILD_ROOT
330 install -d $RPM_BUILD_ROOT{%{_libdir},/etc/pam.d,/usr/lib/pam.d,/var/{log,run/sepermit}} \
331 $RPM_BUILD_ROOT%{systemdtmpfilesdir}
334 DESTDIR=$RPM_BUILD_ROOT \
335 servicedir=%{systemdunitdir}
338 install -p modules/pam_selinux/.libs/pam_selinux_check $RPM_BUILD_ROOT%{_sbindir}
339 cp -p modules/pam_selinux/pam_selinux_check.8 $RPM_BUILD_ROOT%{_mandir}/man8
340 cp -p %{SOURCE6} $RPM_BUILD_ROOT/etc/pam.d/pam_selinux_check
343 cp -p %{SOURCE9} $RPM_BUILD_ROOT%{systemdtmpfilesdir}/%{name}.conf
346 for r in modules/pam_*/README; do
347 cp -pf $r doc/txts/README.$(basename $(dirname $r))
349 %{__rm} doc/txts/README.pam_userdb
350 %{__rm} doc/txts/README.pam_cracklib
352 cp -pf doc/index.html doc/html/
354 # fix PAM/pam man page
355 echo ".so PAM.8" > $RPM_BUILD_ROOT%{_mandir}/man8/pam.8
357 :> $RPM_BUILD_ROOT/etc/security/opasswd
358 :> $RPM_BUILD_ROOT/etc/security/blacklist
361 :> $RPM_BUILD_ROOT/var/log/tallylog
364 %{__mv} $RPM_BUILD_ROOT/%{_lib}/lib*.a $RPM_BUILD_ROOT%{_libdir}
366 cd $RPM_BUILD_ROOT/%{_lib}
367 for f in lib*.la ; do
368 %{__sed} -e 's|/%{_lib}/libpam|%{_libdir}/libpam|g' \
369 -e "s|libdir='/%{_lib}|libdir='%{_libdir}|g" $f > $RPM_BUILD_ROOT%{_libdir}/$f
372 ln -sf /%{_lib}/$(echo libpam.so.*.*.*) $RPM_BUILD_ROOT%{_libdir}/libpam.so
373 ln -sf /%{_lib}/$(echo libpam_misc.so.*.*.*) $RPM_BUILD_ROOT%{_libdir}/libpam_misc.so
374 ln -sf /%{_lib}/$(echo libpamc.so.*.*.*) $RPM_BUILD_ROOT%{_libdir}/libpamc.so
377 cp -p %{SOURCE3} $RPM_BUILD_ROOT/etc/pam.d/other
378 cp -p %{SOURCE4} $RPM_BUILD_ROOT/etc/pam.d/system-auth
379 cp -p %{SOURCE5} $RPM_BUILD_ROOT/etc/pam.d/config-util
380 cp -p %{SOURCE10} $RPM_BUILD_ROOT/etc/pam.d/postlogin
382 cp -p %{SOURCE7} $RPM_BUILD_ROOT%{_mandir}/man5/system-auth.5
383 cp -p %{SOURCE8} $RPM_BUILD_ROOT%{_mandir}/man5/config-util.5
385 # Make sure every module subdirectory gave us a module. Yes, this is hackish.
386 for dir in modules/pam_* ; do
387 %if %{without selinux}
388 [ ${dir} = "modules/pam_selinux" ] && continue
389 [ ${dir} = "modules/pam_sepermit" ] && continue
392 [ ${dir} = "modules/pam_tty_audit" ] && continue
394 if [ -d ${dir} ] ; then
395 if ! ls -1 $RPM_BUILD_ROOT/%{_lib}/security/`basename ${dir}`*.so ; then
396 echo ERROR `basename ${dir}` did not build a module.
402 for module in $RPM_BUILD_ROOT/%{_lib}/security/pam*.so ; do
403 # Check for module problems. Specifically, check that every module we just
404 # installed can actually be loaded by a minimal PAM-aware application.
405 if ! env LD_LIBRARY_PATH=$RPM_BUILD_ROOT/%{_lib} \
406 ./dlopen.sh -ldl -lpam -L$RPM_BUILD_ROOT/%{_lib} ${module} ; then
407 echo ERROR module: ${module} cannot be loaded.
412 # useless - shut up check-files
413 %{__rm} $RPM_BUILD_ROOT/%{_lib}/security/*.{la,a}
414 %{__rm} $RPM_BUILD_ROOT/%{_lib}/lib*.so
415 %{__rm} -r $RPM_BUILD_ROOT%{_docdir}/Linux-PAM
420 cp -a doc/html rpm-doc/html
421 cp -a doc/sag/html rpm-doc/sag-html
422 cp -a doc/adg/html rpm-doc/adg-html
423 cp -a doc/mwg/html rpm-doc/mwg-html
426 %if %{without selinux}
427 rm -rf $RPM_BUILD_ROOT{/%{_lib}/security/pam_selinux.so,%{_sbindir}/pam_selinux_check,%{_mandir}/man8/pam_selinux*.8*}
433 rm -rf $RPM_BUILD_ROOT
435 %triggerpostun libs -- %{name}-libs < 0.99.7.1
436 for f in $(grep -l "\(pam_make\|pam_homedir\)" /etc/pam.d/*); do
438 *rpmorig|*rpmnew|*rpmsave|*~|*.orig)
442 cp -f "$f" "$f.rpmorig"
443 sed -i -e 's/pam_make\.so \(.*\)/pam_exec.so failok seteuid \/usr\/bin\/make -C \1/g' \
444 -e 's/pam_homedir\.so/pam_mkhomedir.so/g' "$f"
448 if [ -d /var/lock/console -a -d /var/run/console ]; then
449 cp -a /var/lock/console/* /var/run/console/ 2> /dev/null
450 rm -rf /var/lock/console
453 %triggerin -- cronie,vixie-cron,hc-cron,fcron,mcron
454 # restart crond if pam is upgraded
455 # (crond is linked with old libpam but tries to open modules linked with new libpam)
456 if [ "$1" != 1 ]; then
457 %service -q crond restart
461 %triggerpostun -- %{name} < 1:1.1.5-8
463 if grep -qs change_uid /etc/pam.d/system-auth; then
464 %{__sed} -i -e '/session/ s/change_uid//' /etc/pam.d/system-auth
467 # We want it added for painless upgarde even if it mean log pollution for non-systemd
469 # If this module is not present on systemd enabled system then `systemctl restart sshd.service`
470 # will kill all sessions.
471 if ! grep -qs pam_systemd /etc/pam.d/system-auth; then
472 echo "-session optional pam_systemd.so" >>/etc/pam.d/system-auth
475 %post pam_tally -p <lua>
476 fh, error = io.open("/var/log/tallylog")
480 fh = io.open("/var/log/tallylog", "w+")
482 posix.chmod("/var/log/tallylog", "rw-------")
485 %post libs -p /sbin/ldconfig
486 %postun libs -p /sbin/ldconfig
488 %files -f Linux-PAM.lang
489 %defattr(644,root,root,755)
490 %doc AUTHORS CHANGELOG ChangeLog Copyright NEWS doc/txts/README*
492 %doc doc/specs/*.txt doc/sag/Linux-PAM_*.txt rpm-doc/{html,sag-html}
495 %dir /etc/security/console.apps
496 %dir /etc/security/console.perms.d
498 %dir /var/run/console
499 %{systemdtmpfilesdir}/%{name}.conf
500 %config(noreplace) %verify(not md5 mtime size) /etc/environment
501 %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/other
502 %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/system-auth
503 %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/config-util
504 %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/postlogin
505 %config(noreplace) %verify(not md5 mtime size) /etc/security/access.conf
506 %config(noreplace) %verify(not md5 mtime size) /etc/security/blacklist
507 %config(noreplace) %verify(not md5 mtime size) /etc/security/console.handlers
508 %config(noreplace) %verify(not md5 mtime size) /etc/security/console.perms
509 %config(noreplace) %verify(not md5 mtime size) /etc/security/faillock.conf
510 %config(noreplace) %verify(not md5 mtime size) /etc/security/group.conf
511 %config(noreplace) %verify(not md5 mtime size) /etc/security/limits.conf
512 %config(noreplace) %verify(not md5 mtime size) /etc/security/namespace.conf
513 %attr(755,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/security/namespace.init
514 %config(noreplace) %verify(not md5 mtime size) /etc/security/pam_env.conf
515 %config(noreplace) %verify(not md5 mtime size) /etc/security/time.conf
516 %config(noreplace) %verify(not md5 mtime size) /etc/security/trigram
517 %config(noreplace) %verify(not md5 mtime size) /etc/security/trigram.en
518 %config(noreplace) %verify(not md5 mtime size) /etc/security/trigram.de
519 %config(noreplace) %verify(not md5 mtime size) /etc/security/trigram.dk
520 %config(noreplace) %verify(not md5 mtime size) /etc/security/trigram.es
521 %config(noreplace) %verify(not md5 mtime size) /etc/security/trigram.fi
522 %config(noreplace) %verify(not md5 mtime size) /etc/security/trigram.it
523 %config(noreplace) %verify(not md5 mtime size) /etc/security/trigram.ja
524 %config(noreplace) %verify(not md5 mtime size) /etc/security/trigram.no
525 %config(noreplace) %verify(not md5 mtime size) /etc/security/trigram.pl
526 %config(noreplace) %verify(not md5 mtime size) /etc/security/console.perms.d/50-default.perms
527 %attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/security/opasswd
528 %attr(755,root,root) %{_bindir}/pam_pwgen
529 %attr(755,root,root) %{_sbindir}/faillock
530 %attr(755,root,root) %{_sbindir}/mkhomedir_helper
531 %attr(755,root,root) %{_sbindir}/pam_console_apply
532 %attr(755,root,root) %{_sbindir}/pam_namespace_helper
533 %attr(755,root,root) %{_sbindir}/pam_timestamp_check
534 %attr(755,root,root) %{_sbindir}/pwgen_trigram
535 %attr(4755,root,root) %{_sbindir}/unix_chkpwd
536 %attr(4755,root,root) %{_sbindir}/unix_update
537 %{systemdunitdir}/pam_namespace.service
538 %{_mandir}/man5/access.conf.5*
539 %{_mandir}/man5/config-util.5*
540 %{_mandir}/man5/console.apps.5*
541 %{_mandir}/man5/console.handlers.5*
542 %{_mandir}/man5/console.perms.5*
543 %{_mandir}/man5/environment.5*
544 %{_mandir}/man5/faillock.conf.5*
545 %{_mandir}/man5/group.conf.5*
546 %{_mandir}/man5/limits.conf.5*
547 %{_mandir}/man5/namespace.conf.5*
548 %{_mandir}/man5/pam.conf.5*
549 %{_mandir}/man5/pam.d.5*
550 %{_mandir}/man5/pam_env.conf.5*
551 %{_mandir}/man5/system-auth.5*
552 %{_mandir}/man5/time.conf.5*
553 %{_mandir}/man8/PAM.8*
554 %{_mandir}/man8/faillock.8*
555 %{_mandir}/man8/mkhomedir_helper.8*
556 %{_mandir}/man8/pam.8*
557 %{_mandir}/man8/pam_*.8*
558 %{_mandir}/man8/unix_chkpwd.8*
559 %{_mandir}/man8/unix_update.8*
561 %exclude %{_mandir}/man8/pam_cracklib.8*
564 %exclude %{_mandir}/man8/pam_selinux*.8*
565 %exclude %{_mandir}/man8/pam_sepermit.8*
567 %exclude %{_mandir}/man8/pam_userdb.8*
570 %attr(755,root,root) /%{_lib}/security/pam_access.so
571 %attr(755,root,root) /%{_lib}/security/pam_console.so
572 %attr(755,root,root) /%{_lib}/security/pam_debug.so
573 %attr(755,root,root) /%{_lib}/security/pam_deny.so
574 %attr(755,root,root) /%{_lib}/security/pam_echo.so
575 %attr(755,root,root) /%{_lib}/security/pam_env.so
576 %attr(755,root,root) /%{_lib}/security/pam_exec.so
577 %attr(755,root,root) /%{_lib}/security/pam_faildelay.so
578 %attr(755,root,root) /%{_lib}/security/pam_faillock.so
579 %attr(755,root,root) /%{_lib}/security/pam_filter.so
580 %attr(755,root,root) /%{_lib}/security/pam_filter/upperLOWER
581 %attr(755,root,root) /%{_lib}/security/pam_ftp.so
582 %attr(755,root,root) /%{_lib}/security/pam_group.so
583 %attr(755,root,root) /%{_lib}/security/pam_issue.so
584 %attr(755,root,root) /%{_lib}/security/pam_keyinit.so
585 %attr(755,root,root) /%{_lib}/security/pam_lastlog.so
586 %attr(755,root,root) /%{_lib}/security/pam_limits.so
587 %attr(755,root,root) /%{_lib}/security/pam_listfile.so
588 %attr(755,root,root) /%{_lib}/security/pam_localuser.so
589 %attr(755,root,root) /%{_lib}/security/pam_loginuid.so
590 %attr(755,root,root) /%{_lib}/security/pam_mail.so
591 %attr(755,root,root) /%{_lib}/security/pam_mkhomedir.so
592 %attr(755,root,root) /%{_lib}/security/pam_motd.so
593 %attr(755,root,root) /%{_lib}/security/pam_namespace.so
594 %attr(755,root,root) /%{_lib}/security/pam_nologin.so
595 %attr(755,root,root) /%{_lib}/security/pam_permit.so
596 %attr(755,root,root) /%{_lib}/security/pam_pwexport.so
597 %attr(755,root,root) /%{_lib}/security/pam_pwgen.so
598 %attr(755,root,root) /%{_lib}/security/pam_pwhistory.so
599 %attr(755,root,root) /%{_lib}/security/pam_rhosts.so
600 %attr(755,root,root) /%{_lib}/security/pam_rootok.so
601 %attr(755,root,root) /%{_lib}/security/pam_rps.so
602 %attr(755,root,root) /%{_lib}/security/pam_securetty.so
603 %attr(755,root,root) /%{_lib}/security/pam_setquota.so
604 %attr(755,root,root) /%{_lib}/security/pam_shells.so
605 %attr(755,root,root) /%{_lib}/security/pam_stress.so
606 %attr(755,root,root) /%{_lib}/security/pam_succeed_if.so
607 %attr(755,root,root) /%{_lib}/security/pam_time.so
608 %attr(755,root,root) /%{_lib}/security/pam_timestamp.so
609 %{?with_audit:%attr(755,root,root) /%{_lib}/security/pam_tty_audit.so}
610 %attr(755,root,root) /%{_lib}/security/pam_umask.so
611 %attr(755,root,root) /%{_lib}/security/pam_unix.so
612 %attr(755,root,root) /%{_lib}/security/pam_usertype.so
613 %attr(755,root,root) /%{_lib}/security/pam_warn.so
614 %attr(755,root,root) /%{_lib}/security/pam_wheel.so
615 %attr(755,root,root) /%{_lib}/security/pam_xauth.so
618 %defattr(644,root,root,755)
619 %dir /%{_lib}/security/pam_filter
620 %attr(755,root,root) /%{_lib}/libpam.so.*.*.*
621 %attr(755,root,root) %ghost /%{_lib}/libpam.so.0
622 %attr(755,root,root) /%{_lib}/libpam_misc.so.*.*.*
623 %attr(755,root,root) %ghost /%{_lib}/libpam_misc.so.0
624 %attr(755,root,root) /%{_lib}/libpamc.so.*.*.*
625 %attr(755,root,root) %ghost /%{_lib}/libpamc.so.0
628 %defattr(644,root,root,755)
630 %doc doc/{adg,mwg}/Linux-PAM_*.txt rpm-doc/{adg,mwg}-html
632 %attr(755,root,root) %{_libdir}/libpam.so
633 %attr(755,root,root) %{_libdir}/libpam_misc.so
634 %attr(755,root,root) %{_libdir}/libpamc.so
636 %{_libdir}/libpam_misc.la
637 %{_libdir}/libpamc.la
638 %{_includedir}/security/_pam_*.h
639 %{_includedir}/security/pam*.h
640 %{_mandir}/man3/misc_conv.3*
641 %{_mandir}/man3/pam*.3*
644 %defattr(644,root,root,755)
647 %{_libdir}/libpam_misc.a
651 %defattr(644,root,root,755)
652 %doc modules/pam_cracklib/README
653 %attr(755,root,root) /%{_lib}/security/pam_cracklib.so
654 %{_mandir}/man8/pam_cracklib.8*
659 %defattr(644,root,root,755)
660 %attr(755,root,root) /%{_lib}/security/pam_selinux.so
661 %attr(755,root,root) /%{_lib}/security/pam_sepermit.so
662 %attr(755,root,root) %{_sbindir}/pam_selinux_check
663 %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/pam_selinux_check
664 %config(noreplace) %verify(not md5 mtime size) /etc/security/sepermit.conf
665 %{_mandir}/man5/sepermit.conf.5*
666 %{_mandir}/man8/pam_selinux*.8*
667 %{_mandir}/man8/pam_sepermit.8*
668 %dir /var/run/sepermit
673 %defattr(644,root,root,755)
674 %attr(755,root,root) %{_sbindir}/pam_tally
675 %attr(755,root,root) %{_sbindir}/pam_tally2
676 %attr(755,root,root) /%{_lib}/security/pam_tally.so
677 %attr(755,root,root) /%{_lib}/security/pam_tally2.so
678 %ghost %verify(not md5 mtime size) /var/log/tallylog
682 %defattr(644,root,root,755)
683 %doc modules/pam_userdb/README
684 %attr(755,root,root) /%{_lib}/security/pam_userdb.so
685 %{_mandir}/man8/pam_userdb.8*