###############################################################################
name = pam
-version = 1.1.6
+version = 1.3.0
release = 1
thisapp = Linux-PAM-%{version}
# This is the old location that might be revived in future
# source_dl = http://ftp.us.kernel.org/pub/linux/libs/pam/library/
-source_dl = https://fedorahosted.org/releases/l/i/linux-pam/
+source_dl = http://www.linux-pam.org/library/
build
requires
bison
cracklib-devel
flex
- libselinux-devel
end
+ export LD_LIBRARY_PATH = %{DIR_APP}/libpam/.libs
+
configure_options += \
--includedir=%{includedir}/security \
--docdir=/usr/share/doc/Linux-PAM-%{version} \
--enable-read-both-confs \
--disable-rpath
+ test
+ # Temporary copy our pam config files to the sysconfdir
+ # the chroot environment. They are required by various tests
+ # of the testsuite.
+ cp -avf %{DIR_SOURCE}/pam.d %{sysconfdir}
+
+ # Run the testsuite.
+ make check
+ end
+
install_cmds
#useradd -D -b /home
#sed -i 's/yes/no/' %{BUILDROOT}/etc/default/useradd
- mkdir -pv %{BUILDROOT}/etc/security
+ mkdir -pv %{BUILDROOT}%{sysconfdir}/security
install -v -m644 %{DIR_SOURCE}/pam_env.conf \
- %{BUILDROOT}/etc/security/pam_env.conf
+ %{BUILDROOT}%{sysconfdir}/security/pam_env.conf
# Included in setup package
- rm -f %{BUILDROOT}/etc/environment
+ rm -f %{BUILDROOT}%{sysconfdir}/environment
# Install man pages.
mkdir -pv %{BUILDROOT}%{mandir}/man5
packages
package %{name}
configfiles
- /etc/pam.d
+ %{sysconfdir}/pam.d
end
end
+++ /dev/null
-diff -up Linux-PAM-1.1.5/modules/pam_unix/pam_unix.8.xml.no-fallback Linux-PAM-1.1.5/modules/pam_unix/pam_unix.8.xml
---- Linux-PAM-1.1.5/modules/pam_unix/pam_unix.8.xml.no-fallback 2011-06-21 11:04:56.000000000 +0200
-+++ Linux-PAM-1.1.5/modules/pam_unix/pam_unix.8.xml 2012-05-09 11:54:34.442036404 +0200
-@@ -265,11 +265,10 @@
- <listitem>
- <para>
- When a user changes their password next,
-- encrypt it with the SHA256 algorithm. If the
-- SHA256 algorithm is not known to the <citerefentry>
-+ encrypt it with the SHA256 algorithm. The
-+ SHA256 algorithm must be supported by the <citerefentry>
- <refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
-- </citerefentry> function,
-- fall back to MD5.
-+ </citerefentry> function.
- </para>
- </listitem>
- </varlistentry>
-@@ -280,11 +279,10 @@
- <listitem>
- <para>
- When a user changes their password next,
-- encrypt it with the SHA512 algorithm. If the
-- SHA512 algorithm is not known to the <citerefentry>
-+ encrypt it with the SHA512 algorithm. The
-+ SHA512 algorithm must be supported by the <citerefentry>
- <refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
-- </citerefentry> function,
-- fall back to MD5.
-+ </citerefentry> function.
- </para>
- </listitem>
- </varlistentry>
-@@ -295,11 +293,10 @@
- <listitem>
- <para>
- When a user changes their password next,
-- encrypt it with the blowfish algorithm. If the
-- blowfish algorithm is not known to the <citerefentry>
-+ encrypt it with the blowfish algorithm. The
-+ blowfish algorithm must be supported by the <citerefentry>
- <refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
-- </citerefentry> function,
-- fall back to MD5.
-+ </citerefentry> function.
- </para>
- </listitem>
- </varlistentry>
-diff -up Linux-PAM-1.1.5/modules/pam_unix/passverify.c.no-fallback Linux-PAM-1.1.5/modules/pam_unix/passverify.c
---- Linux-PAM-1.1.5/modules/pam_unix/passverify.c.no-fallback 2012-05-09 11:48:12.409632377 +0200
-+++ Linux-PAM-1.1.5/modules/pam_unix/passverify.c 2012-05-09 11:48:36.953172291 +0200
-@@ -427,15 +427,14 @@ PAMH_ARG_DECL(char * create_password_has
- if (!sp || strncmp(algoid, sp, strlen(algoid)) != 0) {
- /* libxcrypt/libc doesn't know the algorithm, use MD5 */
- pam_syslog(pamh, LOG_ERR,
-- "Algo %s not supported by the crypto backend, "
-- "falling back to MD5\n",
-+ "Algo %s not supported by the crypto backend.\n",
- on(UNIX_BLOWFISH_PASS, ctrl) ? "blowfish" :
- on(UNIX_SHA256_PASS, ctrl) ? "sha256" :
- on(UNIX_SHA512_PASS, ctrl) ? "sha512" : algoid);
- if(sp) {
- memset(sp, '\0', strlen(sp));
- }
-- return crypt_md5_wrapper(password);
-+ return NULL;
- }
-
- return x_strdup(sp);