core/pam/PKGBUILD

#
# Core Packages for Chakra, part of chakraos.org
#

pkgname=pam
pkgver=1.1.8
pkgrel=3
pkgdesc="PAM (Pluggable Authentication Modules) library"
arch=('x86_64')
license=('GPL2')
url="http://www.kernel.org/pub/linux/libs/pam/"
depends=('glibc' 'db' 'cracklib' 'libtirpc')
makedepends=('flex' 'w3m' 'docbook-xml>=4.4' 'docbook-xsl')
backup=(etc/security/{access.conf,group.conf,limits.conf,namespace.conf,namespace.init,pam_env.conf,time.conf} etc/pam.d/other etc/default/passwd etc/environment)
source=("https://fedorahosted.org/releases/l/i/linux-pam/Linux-PAM-$pkgver.tar.bz2"
        #http://www.kernel.org/pub/linux/libs/pam/library/Linux-PAM-$pkgver.tar.bz2
        "pam_unix2-glibc216.patch"
        # file below should have been at https://build.opensuse.org/package/show/Linux-PAM/pam-modules
        #"pam_unix2-2.9.1.tar.bz2" # actually now from Arch
        "ftp://ftp.archlinux.org/other/pam_unix2/pam_unix2-2.9.1.tar.bz2"
        pam-1.1.8-cve-2013-7041.patch
        pam-1.1.8-cve-2014-2583.patch
        other)
md5sums=('35b6091af95981b1b2cd60d813b5e4ee'
         'dac109f68e04a4df37575fda6001ea17'
         'da6a46e5f8cd3eaa7cbc4fc3a7e2b555'
         '653661bea920de3bb2713bb85b408bc2'
         '144ea8e2f9d49a0f4021027ca2c1558f'
         'ac4900287a767654a3e8d9251a43f5e4')
options=('!emptydirs')

prepare() {
  cd $srcdir/Linux-PAM-$pkgver
  # fix CVEs in pam
  patch -Np1 -i  "${srcdir}/pam-1.1.8-cve-2013-7041.patch"
  patch -Np1 -i  "${srcdir}/pam-1.1.8-cve-2014-2583.patch"

  # fix pam_unix2 building
  cd $srcdir/pam_unix2-2.9.1
  patch -Np1 -i "../pam_unix2-glibc216.patch"
}

build() {
  cd $srcdir/Linux-PAM-$pkgver
  ./configure --libdir=/usr/lib --sbindir=/usr/sbin
  make

  cd $srcdir/pam_unix2-2.9.1
  # modify flags to build against the pam compiled here, not a system lib.
  ./configure \
      CFLAGS="$CFLAGS -I$srcdir/Linux-PAM-$pkgver/libpam/include/" \
      LDFLAGS="$LDFLAGS -L$srcdir/Linux-PAM-$pkgver/libpam/.libs/" \
      --libdir=/usr/lib \
      --sbindir=/usr/sbin
  make
}

package() {
  cd $srcdir/Linux-PAM-$pkgver
  make DESTDIR=$pkgdir SCONFIGDIR=/etc/security install
  install -D -m644 ../other $pkgdir/etc/pam.d/other

  # build pam_unix2 module
  # source ftp://ftp.suse.com/pub/people/kukuk/pam/pam_unix2
  cd $srcdir/pam_unix2-2.9.1
  make DESTDIR=$pkgdir install

  # add the realtime permissions for audio users
  sed -i 's|# End of file||' $pkgdir/etc/security/limits.conf
  cat >>$pkgdir/etc/security/limits.conf <<_EOT
*               -       rtprio          0
*               -       nice            0
@audio          -       rtprio          65
@audio          -       nice           -10
@audio          -       memlock         40000
_EOT

  # fix some missing symlinks from old pam for compatibility
  cd $pkgdir/usr/lib/security
  ln -s pam_unix.so pam_unix_acct.so
  ln -s pam_unix.so pam_unix_auth.so
  ln -s pam_unix.so pam_unix_passwd.so
  ln -s pam_unix.so pam_unix_session.so

  # set unix_chkpwd uid
  chmod +s $pkgdir/usr/sbin/unix_chkpwd
}
pam update, glibc dep 2011-05-23 11:35:28 +08:00			`#`
rebuild pam, added 2 security patches 2014-07-03 06:21:05 +08:00			`# Core Packages for Chakra, part of chakraos.org`
pam update, glibc dep 2011-05-23 11:35:28 +08:00			`#`
2010-03-13 23:25:19 +08:00
			`pkgname=pam`
pam: updated to 1.1.8 2014-02-27 04:02:05 +08:00			`pkgver=1.1.8`
/bin and /sbin move 2014-09-27 12:12:32 +08:00			`pkgrel=3`
2010-03-13 23:25:19 +08:00			`pkgdesc="PAM (Pluggable Authentication Modules) library"`
db, expat update group, apr-util, libsasl rebuild, pam update, perl, python2, ruby rebuild 2013-02-17 14:14:44 +08:00			`arch=('x86_64')`
2010-03-13 23:25:19 +08:00			`license=('GPL2')`
			`url="http://www.kernel.org/pub/linux/libs/pam/"`
pam update for mkinitcpio trials 2012-06-04 06:12:02 +08:00			`depends=('glibc' 'db' 'cracklib' 'libtirpc')`
			`makedepends=('flex' 'w3m' 'docbook-xml>=4.4' 'docbook-xsl')`
2010-03-13 23:25:19 +08:00			`backup=(etc/security/{access.conf,group.conf,limits.conf,namespace.conf,namespace.init,pam_env.conf,time.conf} etc/pam.d/other etc/default/passwd etc/environment)`
db, expat update group, apr-util, libsasl rebuild, pam update, perl, python2, ruby rebuild 2013-02-17 14:14:44 +08:00			`source=("https://fedorahosted.org/releases/l/i/linux-pam/Linux-PAM-$pkgver.tar.bz2"`
pam update for mkinitcpio trials 2012-06-04 06:12:02 +08:00			`#http://www.kernel.org/pub/linux/libs/pam/library/Linux-PAM-$pkgver.tar.bz2`
openssl group: rebuild pam because of libtirpc update, needed new pam_unix to compile with current glibc 2013-07-21 02:29:32 +08:00			`"pam_unix2-glibc216.patch"`
			`# file below should have been at https://build.opensuse.org/package/show/Linux-PAM/pam-modules`
rebuild pam, added 2 security patches 2014-07-03 06:21:05 +08:00			`#"pam_unix2-2.9.1.tar.bz2" # actually now from Arch`
			`"ftp://ftp.archlinux.org/other/pam_unix2/pam_unix2-2.9.1.tar.bz2"`
			`pam-1.1.8-cve-2013-7041.patch`
			`pam-1.1.8-cve-2014-2583.patch`
			`other)`
pam: updated to 1.1.8 2014-02-27 04:02:05 +08:00			`md5sums=('35b6091af95981b1b2cd60d813b5e4ee'`
openssl group: rebuild pam because of libtirpc update, needed new pam_unix to compile with current glibc 2013-07-21 02:29:32 +08:00			`'dac109f68e04a4df37575fda6001ea17'`
			`'da6a46e5f8cd3eaa7cbc4fc3a7e2b555'`
rebuild pam, added 2 security patches 2014-07-03 06:21:05 +08:00			`'653661bea920de3bb2713bb85b408bc2'`
			`'144ea8e2f9d49a0f4021027ca2c1558f'`
pam: updated to 1.1.8 2014-02-27 04:02:05 +08:00			`'ac4900287a767654a3e8d9251a43f5e4')`
			`options=('!emptydirs')`

			`prepare() {`
rebuild pam, added 2 security patches 2014-07-03 06:21:05 +08:00			`cd $srcdir/Linux-PAM-$pkgver`
			`# fix CVEs in pam`
			`patch -Np1 -i "${srcdir}/pam-1.1.8-cve-2013-7041.patch"`
			`patch -Np1 -i "${srcdir}/pam-1.1.8-cve-2014-2583.patch"`
/bin and /sbin move 2014-09-27 12:12:32 +08:00
			`# fix pam_unix2 building`
pam: updated to 1.1.8 2014-02-27 04:02:05 +08:00			`cd $srcdir/pam_unix2-2.9.1`
/bin and /sbin move 2014-09-27 12:12:32 +08:00			`patch -Np1 -i "../pam_unix2-glibc216.patch"`
pam: updated to 1.1.8 2014-02-27 04:02:05 +08:00			`}`
2010-03-13 23:25:19 +08:00
			`build() {`
			`cd $srcdir/Linux-PAM-$pkgver`
/bin and /sbin move 2014-09-27 12:12:32 +08:00			`./configure --libdir=/usr/lib --sbindir=/usr/sbin`
pam update for mkinitcpio trials 2012-06-04 06:12:02 +08:00			`make`

openssl group: rebuild pam because of libtirpc update, needed new pam_unix to compile with current glibc 2013-07-21 02:29:32 +08:00			`cd $srcdir/pam_unix2-2.9.1`
/bin and /sbin move 2014-09-27 12:12:32 +08:00			`# modify flags to build against the pam compiled here, not a system lib.`
pam: updated to 1.1.8 2014-02-27 04:02:05 +08:00			`./configure \`
/bin and /sbin move 2014-09-27 12:12:32 +08:00			`CFLAGS="$CFLAGS -I$srcdir/Linux-PAM-$pkgver/libpam/include/" \`
			`LDFLAGS="$LDFLAGS -L$srcdir/Linux-PAM-$pkgver/libpam/.libs/" \`
			`--libdir=/usr/lib \`
			`--sbindir=/usr/sbin`
pam update for mkinitcpio trials 2012-06-04 06:12:02 +08:00			`make`
			`}`

			`package() {`
			`cd $srcdir/Linux-PAM-$pkgver`
/bin and /sbin move 2014-09-27 12:12:32 +08:00			`make DESTDIR=$pkgdir SCONFIGDIR=/etc/security install`
2010-03-13 23:25:19 +08:00			`install -D -m644 ../other $pkgdir/etc/pam.d/other`
pam update for mkinitcpio trials 2012-06-04 06:12:02 +08:00
2010-03-13 23:25:19 +08:00			`# build pam_unix2 module`
			`# source ftp://ftp.suse.com/pub/people/kukuk/pam/pam_unix2`
openssl group: rebuild pam because of libtirpc update, needed new pam_unix to compile with current glibc 2013-07-21 02:29:32 +08:00			`cd $srcdir/pam_unix2-2.9.1`
2010-03-13 23:25:19 +08:00			`make DESTDIR=$pkgdir install`
pam update for mkinitcpio trials 2012-06-04 06:12:02 +08:00
2010-03-13 23:25:19 +08:00			`# add the realtime permissions for audio users`
			`sed -i 's\|# End of file\|\|' $pkgdir/etc/security/limits.conf`
			`cat >>$pkgdir/etc/security/limits.conf <<_EOT`
			`* - rtprio 0`
			`* - nice 0`
			`@audio - rtprio 65`
			`@audio - nice -10`
			`@audio - memlock 40000`
			`_EOT`
pam update for mkinitcpio trials 2012-06-04 06:12:02 +08:00
2010-03-13 23:25:19 +08:00			`# fix some missing symlinks from old pam for compatibility`
pam update for mkinitcpio trials 2012-06-04 06:12:02 +08:00			`cd $pkgdir/usr/lib/security`
2010-03-13 23:25:19 +08:00			`ln -s pam_unix.so pam_unix_acct.so`
			`ln -s pam_unix.so pam_unix_auth.so`
			`ln -s pam_unix.so pam_unix_passwd.so`
			`ln -s pam_unix.so pam_unix_session.so`
pam update for mkinitcpio trials 2012-06-04 06:12:02 +08:00
2010-03-13 23:25:19 +08:00			`# set unix_chkpwd uid`
/bin and /sbin move 2014-09-27 12:12:32 +08:00			`chmod +s $pkgdir/usr/sbin/unix_chkpwd`
2010-03-13 23:25:19 +08:00			`}`