%define _sbindir /sbin %define _sysconfdir /etc Summary: A security tool which provides authentication for applications. Name: pam Version: 1.1.2 Release: 1ark License: GPL or BSD Group: System Environment/Base Source0: ftp://ftp.kernel.org/pub/linux/libs/pam/library/Linux-PAM-%{version}.tar.bz2 Source2: https://fedorahosted.org/releases/p/a/pam-redhat/pam-redhat-0.99.10-1.tar.bz2 Source5: other.pamd Source6: system-auth.pamd Source7: config-util.pamd Source8: dlopen.sh Patch1: pam-0.99.7.0-redhat-modules.patch Patch34: pam-0.99.2.1-dbpam.patch Patch100: pam-console-extradevs.patch BuildRoot: %{_tmppath}/%{name}-root Requires: initscripts >= 3.94 Obsoletes: pamconfig Prereq: grep, sed, coreutils, /sbin/ldconfig BuildPrereq: autoconf bison flex glib-devel sed cracklib cracklib-dicts BuildPrereq: perl xauth URL: http://www.us.kernel.org/pub/linux/libs/pam/index.html %track prog %name = { version = %version url = ftp://ftp.kernel.org/pub/linux/libs/pam/library/ regex = Linux-PAM-(__VER__).tar.bz2 } prog %name-fedora-extensions = { version = 0.99.9-1 url = http://fedorahosted.org/releases/p/a/pam-redhat/ regex = pam-redhat-(__VER__).tar.bz2 } %description PAM (Pluggable Authentication Modules) is a system security tool that allows system administrators to set authentication policy without having to recompile programs that handle authentication. %package extra Group: Servers Summary: Additional PAM authentication modules Requires: %name = %version-%release %description extra Additional PAM authentication modules. %package devel Group: Development/Libraries Summary: Files needed for developing PAM-aware applications and modules for PAM. Requires: %name = %{version}-%{release} %description devel PAM (Pluggable Authentication Modules) is a system security tool that allows system administrators to set authentication policy without having to recompile programs that handle authentication. This package contains header files and static libraries used for building both PAM-aware applications and modules for use with PAM. %prep %setup -q -n Linux-PAM-%{version} -a 2 cp $RPM_SOURCE_DIR/other.pamd . cp $RPM_SOURCE_DIR/system-auth.pamd . cp $RPM_SOURCE_DIR/config-util.pamd . # Get rid of fedora extras that have been merged into pam, # move in the rest of them rm -rf pam-redhat-*/pam_tally2 pam-redhat-*/pam_timestamp mv pam-redhat-*/* modules rm -rf pam-redhat-* %patch1 -p1 -b .redhat-modules~ %patch34 -p1 -b .dbpam~ %patch100 -p1 -b .extradevs~ mkdir doc/txt for readme in modules/pam_*/README ; do cp -f ${readme} doc/txt/README.`dirname ${readme} | sed -e 's|^modules/||'` done libtoolize --force aclocal -I m4 autoheader automake -a --foreign autoconf %build CFLAGS="-fPIC $RPM_OPT_FLAGS" ; export CFLAGS topdir=`pwd`/pam-instroot test -d ${topdir} || mkdir ${topdir} test -d ${topdir}/include || mkdir ${topdir}/include test -d ${topdir}/%{_lib} || mkdir ${topdir}/%{_lib} touch modules/pam_namespace/namespace.init CPPFLAGS=-I${topdir}/include ; export CPPFLAGS export LIBNAME="%{_lib}" LDFLAGS="-L${topdir}/%{_lib} -Wl,-O2,--enable-new-dtags" ; export LDFLAGS %configure \ --libdir=/%{_lib} \ --includedir=%_includedir/security \ --enable-static-libpam \ --enable-isadir=../../%{_lib}/security \ --with-xauth="`which xauth`" \ --disable-selinux # Building ps docs fails on x86_64... Workaround until fixed make || ( touch doc/ps/pam.ps && make ) %install rm -rf $RPM_BUILD_ROOT # Install the binaries, libraries, and modules. make install DESTDIR="$RPM_BUILD_ROOT" LDCONFIG=: # Install default configuration files. install -d -m 755 $RPM_BUILD_ROOT%{_sysconfdir}/pam.d install -m 644 other.pamd $RPM_BUILD_ROOT%{_sysconfdir}/pam.d/other install -m 644 system-auth.pamd $RPM_BUILD_ROOT%{_sysconfdir}/pam.d/system-auth install -m 644 config-util.pamd $RPM_BUILD_ROOT%{_sysconfdir}/pam.d/config-util install -m 600 /dev/null $RPM_BUILD_ROOT%{_sysconfdir}/security/opasswd # Forcibly strip binaries. strip $RPM_BUILD_ROOT%{_sbindir}/* ||: # Remove docs for modules we exclude from the files manifest. #rm doc/*/*pam_timestamp* # Install man pages. install -d -m 755 $RPM_BUILD_ROOT%{_mandir}/man{3,5,8} install -m 644 doc/man/*.3 $RPM_BUILD_ROOT%{_mandir}/man3/ install -m 644 doc/man/*.8 $RPM_BUILD_ROOT%{_mandir}/man8/ # Make sure every module subdirectory gave us a module. Yes, this is hackish. # FIXME figure out why pam_radius isn't being built rm -rf modules/pam_selinux modules/pam_radius modules/pam_tally2 modules/pam_sepermit modules/pam_tty_audit for dir in modules/pam_* ; do if [ -d ${dir} ] ; then if ! ls -1 $RPM_BUILD_ROOT/%{_lib}/security/`basename ${dir}`*.so ; then echo ERROR `basename ${dir}` did not build a module. exit 1 fi fi done # Copy devel files mkdir -p $RPM_BUILD_ROOT%_libdir cd $RPM_BUILD_ROOT/%_lib for i in *.so; do FILE=`ls -1 $i.*.*.*` ln -s /%_lib/$FILE $RPM_BUILD_ROOT%_libdir/$i done cd - for phase in auth acct passwd session ; do ln -sf pam_unix.so $RPM_BUILD_ROOT/%{_lib}/security/pam_unix_${phase}.so done # Duplicate doc file sets. rm -fr $RPM_BUILD_ROOT/usr/doc/Linux-PAM $RPM_BUILD_ROOT/usr/share/doc/pam # Create /lib/security in case it isn't the same as /%{_lib}/security. install -m755 -d $RPM_BUILD_ROOT/lib/security # Remove non-ISO-639 locales rm -rf $RPM_BUILD_ROOT%_datadir/locale/sr@latin %find_lang Linux-PAM %clean #rm -rf $RPM_BUILD_ROOT %post /sbin/ldconfig if [ ! -f /etc/shadow ] ; then /bin/sed -i -e 's| shadow||g' /etc/pam.d/system-auth fi # Create /root/.xauth/export if [ ! -d /root/.xauth ]; then mkdir -p /root/.xauth fi if [ ! -e /root/.xauth/export ]; then echo root > /root/.xauth/export else if ! /bin/grep -q root /root/.xauth/export >& /dev/null ; then echo root >> /root/.xauth/export fi fi %postun -p /sbin/ldconfig %files -f Linux-PAM.lang %defattr(-,root,root) %dir /etc/pam.d %config(noreplace) /etc/pam.d/other %config(noreplace) /etc/pam.d/system-auth %config(noreplace) /etc/pam.d/config-util %doc Copyright %doc doc/html doc/ps doc/txts doc/pdf %doc doc/specs/rfc86.0.txt /%_lib/libpam.so* /%_lib/libpamc.so* /%_lib/libpam_misc.so* %_libdir/libpamc.so %_libdir/libpam_misc.so %_libdir/libpam.so %_sbindir/pam_console_apply %_sbindir/pam_tally %_sbindir/pam_timestamp_check %_sbindir/unix_chkpwd %if "%_lib" != "lib" %dir /lib/security %endif %dir /%_lib/security /%_lib/security/pam_access.so /%_lib/security/pam_chroot.so /%_lib/security/pam_console.so /%_lib/security/pam_deny.so /%_lib/security/pam_env.so /%_lib/security/pam_filter.so /%_lib/security/pam_ftp.so /%_lib/security/pam_group.so /%_lib/security/pam_issue.so /%_lib/security/pam_lastlog.so /%_lib/security/pam_limits.so /%_lib/security/pam_listfile.so /%_lib/security/pam_localuser.so /%_lib/security/pam_mkhomedir.so /sbin/mkhomedir_helper /%_lib/security/pam_motd.so /%_lib/security/pam_nologin.so /%_lib/security/pam_permit.so /%_lib/security/pam_rootok.so /%_lib/security/pam_securetty.so /%_lib/security/pam_shells.so /%_lib/security/pam_succeed_if.so /%_lib/security/pam_unix.so /%_lib/security/pam_unix_acct.so /%_lib/security/pam_unix_auth.so /%_lib/security/pam_unix_passwd.so /%_lib/security/pam_unix_session.so /%_lib/security/pam_warn.so /%_lib/security/pam_xauth.so /%_lib/security/pam_filter %dir %{_sysconfdir}/security %dir %{_sysconfdir}/security/console.apps %dir %{_sysconfdir}/security/console.perms.d %config(noreplace) %{_sysconfdir}/security/console.handlers %config(noreplace) %{_sysconfdir}/security/access.conf %config(noreplace) %{_sysconfdir}/security/chroot.conf %config(noreplace) %{_sysconfdir}/security/console.perms %config(noreplace) %{_sysconfdir}/security/console.perms.d/50-default.perms %config(noreplace) %{_sysconfdir}/security/group.conf %config(noreplace) %{_sysconfdir}/security/limits.conf %config(noreplace) %{_sysconfdir}/security/pam_env.conf %dir /var/run/console %{_mandir}/man5/* %{_mandir}/man8/* %files devel %defattr(-,root,root) %{_includedir}/security/ %{_mandir}/man3/* %files extra %defattr(-,root,root) %_sysconfdir/security/namespace.* /%_lib/security/pam_cracklib.so /%_lib/security/pam_echo.so /%_lib/security/pam_time.so /%_lib/security/pam_timestamp.so /%_lib/security/pam_tally.so /%_lib/security/pam_debug.so /%_lib/security/pam_mail.so /%_lib/security/pam_loginuid.so /%_lib/security/pam_postgresok.so /%_lib/security/pam_stress.so /%_lib/security/pam_umask.so /%_lib/security/pam_userdb.so /%_lib/security/pam_wheel.so /%_lib/security/pam_exec.so /%_lib/security/pam_faildelay.so /%_lib/security/pam_keyinit.so /%_lib/security/pam_namespace.so /%_lib/security/pam_pwhistory.so /%_lib/security/pam_rhosts.so /%_lib/security/pam_tally2.so /sbin/pam_tally2 /sbin/unix_update %config(noreplace) %{_sysconfdir}/security/time.conf %config(noreplace) %{_sysconfdir}/security/opasswd %changelog * Thu Oct 7 2010 Bernhard Rosenkraenzer <bero@arklinux.org> 1.1.2-1ark - 1.1.2 - Build for db-5.1 * Fri May 7 2010 Bernhard Rosenkraenzer <bero@arklinux.org> 1.1.1-2ark - Fix bogus authconfig dep * Thu Apr 15 2010 Bernhard Rosenkraenzer <bero@arklinux.org> 1.1.1-1ark - 1.1.1 - db 5.0 * Mon Nov 23 2009 Bernhard Rosenkraenzer <bero@arklinux.org> 1.1.0-1ark - 1.1.0 - db 4.8 * Wed Jun 17 2009 Bernhard Rosenkraenzer <bero@arklinux.org> 1.0.92-1ark - 1.0.92 * Mon Mar 16 2009 Bernhard Rosenkraenzer <bero@arklinux.org> 1.0.91-1ark - 1.0.91 * Tue Jan 6 2009 Bernhard Rosenkraenzer <bero@arklinux.org> 1.0.3-2ark - Remove non-ISO-639 locales * Tue Dec 30 2008 Bernhard Rosenkraenzer <bero@arklinux.org> 1.0.3-1ark - 1.0.3 * Tue Aug 14 2007 Bernhard Rosenkraenzer <bero@arklinux.org> 0.99.5.0-2ark - Drop building the internal db -- it wasn't used anywhere anyway * Sun Aug 27 2006 Bernhard Rosenkraenzer <bero@arklinux.org> 0.99.5.0-1ark - 0.99.5.0 - Move pam_userdb to -extras * Mon Jan 16 2006 Bernhard Rosenkraenzer <bero@arklinux.org> 0.99.2.1-3ark - Don't require cracklib in core modules * Sat Jan 7 2006 Bernhard Rosenkraenzer <bero@arklinux.org> 0.99.2.1-2ark - Fix generation of %_libdir/*.so symlinks if soname != version number * Fri Dec 30 2005 Bernhard Rosenkraenzer <bero@arklinux.org> 0.99.2.1-1ark - 0.99.2.1 - Remove pam_pwdb, it has been obsolete for ages. * Tue Oct 4 2005 Bernhard Rosenkraenzer <bero@arklinux.org> 0.80-1ark - 0.80 - db 4.3.29 * Tue May 10 2005 Bernhard Rosenkraenzer <bero@arklinux.org> 0.79-1ark - 0.79 - db 4.3.28 * Mon Jan 3 2005 Bernhard Rosenkraenzer <bero@arklinux.org> 0.78-2ark - Fix system-auth file * Mon Dec 27 2004 Bernhard Rosenkraenzer <bero@arklinux.org> 0.78-1ark - 0.78 - Update internal db to 4.3.27 * Sun Dec 12 2004 Bernhard Rosenkraenzer <bero@arklinux.org> 0.77-9ark - Make it compile with db4 4.3.x * Sun Aug 15 2004 Bernhard Rosenkraenzer <bero@arklinux.org> 0.77-8ark - Fix "Authentication information cannot be recovered" error when trying to change the root password without using cracklib * Mon Aug 2 2004 Bernhard Rosenkraenzer <bero@arklinux.org> 0.77-7ark - Move pam_limits back to core (out of extra) to fix su * Sat Jul 24 2004 Bernhard Rosenkraenzer <bero@arklinux.org> 0.77-6ark - Move some modules to a separate package to avoid bloat and dependency bloat (cracklib etc) * Sat Mar 20 2004 Bernhard Rosenkraenzer <bero@arklinux.org> 0.77-5ark - Rebuild for db4 4.2.52-2ark * Wed Jan 21 2004 Bernhard Rosenkraenzer <bero@arklinux.org> 0.77-4ark - Rebuild w/ db4 4.2 * Wed Nov 19 2003 Sergio Visinoni <piffio@arklinux.org> 0.77-3ark - Fix %%post (and /s390 myself) * Wed Nov 19 2003 Sergio Visinoni <piffio@arklinux.org> 0.77-2ark - Create the /root/.xauth/export file needed to fix apt and kapabilities invocation in a super user mode konsole * Fri Nov 7 2003 Bernhard Rosenkraenzer <bero@arklinux.org> 0.77-1ark - Update - Remove pam_smbpass stuff for now, it doesn't work * Wed Nov 5 2003 Bernhard Rosenkraenzer <bero@arklinux.org> 0.75-32.9ark - lib64-ify * Mon May 19 2003 Bernhard Rosenkraenzer <bero@arklinux.org> 0.75-32.8ark - Change permissions on ALSA specific sound devices in pam_console * Mon Mar 10 2003 David Sainty <saint@arklinux.org> 0.75-32.7ark - Change loopback console perms to 666 from 660 * Mon Mar 10 2003 David Sainty <saint@arklinux.org> 0.75-32.6ark - Change cdrom,floppy,ls120,zip console perms to 666 - Add loopback console perms support for cdbakeoven * Thu Feb 06 2003 Sergio Visinoni <piffio@arklinux.org> 0.75-32.5ark - Fix glib dependency * Wed Oct 9 2002 Bernhard Rosenkraenzer <bero@arklinux.org> 0.75-32.4ark - Fix build with automake >= 1.6 - Fix build with bison 1.50 * Mon Aug 26 2002 Ark Linux Team <arklinux@arklinux.org> 0.75-32.3ark - automated rebuild * Sun Aug 04 2002 David Sainty <saint@saint.li> 0.75-32.2ark - change system-auth pam file to support smbpasswd and require samba * Thu Jul 25 2002 David Sainty <saint@saint.li> 0.75-32.1ark - fix all scd0 and sg0 console.perms for cdbakeoven, etc