sys-libs/pam: version bump to 1.3.0 #582034

2 files changed, 197 insertions, 0 deletions

diff --git a/sys-libs/pam/Manifest b/sys-libs/pam/Manifest
index 598cac701dfb..7af91e3161c7 100644
--- a/sys-libs/pam/Manifest
+++ b/sys-libs/pam/Manifest
@@ -1,2 +1,4 @@
 DIST Linux-PAM-1.2.0-docs.tar.bz2 490586 SHA256 3bc9ae398f759e372dbf4065ceed2df8b1ac5ab62c6688cb5f7849ce773df2c3 SHA512 028b7f9d6b0a5cf38f063e0f82ac3d0955e1e41d77c9f3fc803363d9ea710d71366e0a91f31b418cac397bb6639442de908fa00f02cd94cf612496d1b43c7e4c WHIRLPOOL 9a329b610d840c904050b2261e5ce34ac54232b0c7d51c12ee45c9e758ab6659ea8562e032fa9815c2beab0cfa1ea455dbfbf3cdef39d30d299a8bc5286f7a14
 DIST Linux-PAM-1.2.1.tar.bz2 1279523 SHA256 342b1211c0d3b203a7df2540a5b03a428a087bd8a48c17e49ae268f992b334d9 SHA512 4572aa1eaf5a1312410c74b5ed055b2592c5efe2bb82f59981da4e9e93555ad40aee3a89f446d9dc6c6af79efc04c33f739f66db9edc07e02479475a14e426da WHIRLPOOL 562917945b3b3a407955cc5bf5cd251ff7e257a94055d7cfbf06d5c2619b58d61624f16848de3512ddf61636ad8618315de3f7bd8e4e51b3b7d109adfa212c8a
+DIST Linux-PAM-1.3.0-docs.tar.bz2 492805 SHA256 8610b48703f036f6755c1d2bd8bcdeaddd9d99a1631f2d7668ec69b444d972a0 SHA512 b6b8497e6a4307b3f9a2af1c74456a0577b848cbc5417fb88fabe305b67ca022a6bcf632d68faaaacc701cdcf6254ec196707551a1ea70985cdde6add68bbbfe WHIRLPOOL a98b28c020de3170f2437b396176efc900683ea2ea85cb3db48306a944595f2d371cce95ee1233a874faa1fb55a06fcbe58068da7a2cc190c93809473938c821
+DIST Linux-PAM-1.3.0.tar.bz2 1302820 SHA256 241aed1ef522f66ed672719ecf2205ec513fd0075ed80cda8e086a5b1a01d1bb SHA512 4a89ca4b6f4676107aca4018f7c11addf03495266b209cb11c913f8b5d191d9a1f72197715dcf2a69216b4036de88780bcbbb5a8652e386910d71ba1b6282e42 WHIRLPOOL bb8615c8296eda83a784ffd9e9fc5ad6d401f18b8769f7859a4b94f5782decdbde7a66dc5e22e960fe723943e1562b2f5fa55e64f4836188cf57a7631edb8dcb
diff --git a/sys-libs/pam/pam-1.3.0.ebuild b/sys-libs/pam/pam-1.3.0.ebuild
new file mode 100644
index 000000000000..f4306d180d64
--- /dev/null
+++ b/sys-libs/pam/pam-1.3.0.ebuild
@@ -0,0 +1,195 @@
+# Copyright 1999-2016 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="5"
+
+inherit libtool multilib multilib-minimal eutils pam toolchain-funcs flag-o-matic db-use fcaps
+
+MY_PN="Linux-PAM"
+MY_P="${MY_PN}-${PV}"
+
+DESCRIPTION="Linux-PAM (Pluggable Authentication Modules)"
+HOMEPAGE="http://www.linux-pam.org/ https://fedorahosted.org/linux-pam/"
+SRC_URI="http://www.linux-pam.org/library/${MY_P}.tar.bz2
+	http://www.linux-pam.org/library/${MY_P}-docs.tar.bz2"
+
+LICENSE="|| ( BSD GPL-2 )"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-linux ~ia64-linux ~x86-linux"
+IUSE="audit berkdb cracklib debug nis nls +pie selinux test vim-syntax"
+
+RDEPEND="nls? ( >=virtual/libintl-0-r1[${MULTILIB_USEDEP}] )
+	cracklib? ( >=sys-libs/cracklib-2.9.1-r1[${MULTILIB_USEDEP}] )
+	audit? ( >=sys-process/audit-2.2.2[${MULTILIB_USEDEP}] )
+	selinux? ( >=sys-libs/libselinux-2.2.2-r4[${MULTILIB_USEDEP}] )
+	berkdb? ( >=sys-libs/db-4.8.30-r1:=[${MULTILIB_USEDEP}] )
+	nis? ( >=net-libs/libtirpc-0.2.4-r2[${MULTILIB_USEDEP}] )"
+DEPEND="${RDEPEND}
+	>=sys-devel/libtool-2
+	>=sys-devel/flex-2.5.39-r1[${MULTILIB_USEDEP}]
+	nls? ( sys-devel/gettext )
+	nis? ( >=virtual/pkgconfig-0-r1[${MULTILIB_USEDEP}] )"
+PDEPEND="sys-auth/pambase
+	vim-syntax? ( app-vim/pam-syntax )"
+RDEPEND="${RDEPEND}
+	!<sys-apps/openrc-0.11.8
+	!sys-auth/openpam
+	!sys-auth/pam_userdb"
+
+S="${WORKDIR}/${MY_P}"
+
+check_old_modules() {
+	local retval="0"
+
+	if sed -e 's:#.*::' "${EROOT}"/etc/pam.d/* 2>/dev/null | fgrep -q pam_stack.so; then
+		eerror ""
+		eerror "Your current setup is using the pam_stack module."
+		eerror "This module is deprecated and no longer supported, and since version"
+		eerror "0.99 is no longer installed, nor provided by any other package."
+		eerror "The package will be built (to allow binary package builds), but will"
+		eerror "not be installed."
+		eerror "Please replace pam_stack usage with proper include directive usage,"
+		eerror "following the PAM Upgrade guide at the following URL"
+		eerror "  https://www.gentoo.org/proj/en/base/pam/upgrade-0.99.xml"
+		eerror ""
+
+		retval=1
+	fi
+
+	if sed -e 's:#.*::' "${EROOT}"/etc/pam.d/* 2>/dev/null | egrep -q 'pam_(pwdb|console)'; then
+		eerror ""
+		eerror "Your current setup is using one or more of the following modules,"
+		eerror "that are not built or supported anymore:"
+		eerror "pam_pwdb, pam_console"
+		eerror "If you are in real need for these modules, please contact the maintainers"
+		eerror "of PAM through https://bugs.gentoo.org/ providing information about its"
+		eerror "use cases."
+		eerror "Please also make sure to read the PAM Upgrade guide at the following URL:"
+		eerror "  https://www.gentoo.org/proj/en/base/pam/upgrade-0.99.xml"
+		eerror ""
+
+		retval=1
+	fi
+
+	return ${retval}
+}
+
+pkg_pretend() {
+	# do not error out, this is just a warning, one could build a binpkg
+	# with old modules enabled.
+	check_old_modules
+}
+
+src_prepare() {
+	# Fix non-POSIX shell code.
+	# https://fedorahosted.org/linux-pam/ticket/60
+	sed -i \
+		-e '/ test /s:==:=:' \
+		configure || die
+	elibtoolize
+}
+
+multilib_src_configure() {
+	# Do not let user's BROWSER setting mess us up. #549684
+	unset BROWSER
+
+	# Disable automatic detection of libxcrypt; we _don't_ want the
+	# user to link libxcrypt in by default, since we won't track the
+	# dependency and allow to break PAM this way.
+	export ac_cv_header_xcrypt_h=no
+
+	local myconf=(
+		--docdir='$(datarootdir)'/doc/${PF}
+		--htmldir='$(docdir)/html'
+		--libdir='$(prefix)'/$(get_libdir)
+		--enable-securedir="${EPREFIX}"/$(get_libdir)/security
+		--enable-isadir='.' #464016
+		$(use_enable nls)
+		$(use_enable selinux)
+		$(use_enable cracklib)
+		$(use_enable audit)
+		$(use_enable debug)
+		$(use_enable berkdb db)
+		$(use_enable nis)
+		$(use_enable pie)
+		--with-db-uniquename=-$(db_findver sys-libs/db)
+		--disable-prelude
+	)
+
+	ECONF_SOURCE=${S} \
+	econf "${myconf[@]}"
+}
+
+multilib_src_compile() {
+	emake sepermitlockdir="${EPREFIX}/run/sepermit"
+}
+
+multilib_src_install() {
+	emake DESTDIR="${D}" install \
+		sepermitlockdir="${EPREFIX}/run/sepermit"
+
+	local prefix
+	if multilib_is_native_abi; then
+		prefix=
+		gen_usr_ldscript -a pam pamc pam_misc
+	else
+		prefix=/usr
+	fi
+
+	# create extra symlinks just in case something depends on them...
+	local lib
+	for lib in pam pamc pam_misc; do
+		if ! [[ -f "${ED}"${prefix}/$(get_libdir)/lib${lib}$(get_libname) ]]; then
+			dosym lib${lib}$(get_libname 0) ${prefix}/$(get_libdir)/lib${lib}$(get_libname)
+		fi
+	done
+}
+
+DOCS=( CHANGELOG ChangeLog README AUTHORS Copyright NEWS )
+
+multilib_src_install_all() {
+	einstalldocs
+	prune_libtool_files --all
+
+	docinto modules
+	local dir
+	for dir in modules/pam_*; do
+		newdoc "${dir}"/README README."$(basename "${dir}")"
+	done
+
+	if use selinux; then
+		dodir /usr/lib/tmpfiles.d
+		cat - > "${D}"/usr/lib/tmpfiles.d/${CATEGORY}:${PN}:${SLOT}.conf <<EOF
+d /run/sepermit 0755 root root
+EOF
+	fi
+}
+
+pkg_preinst() {
+	check_old_modules || die "deprecated PAM modules still used"
+}
+
+pkg_postinst() {
+	ewarn "Some software with pre-loaded PAM libraries might experience"
+	ewarn "warnings or failures related to missing symbols and/or versions"
+	ewarn "after any update. While unfortunate this is a limit of the"
+	ewarn "implementation of PAM and the software, and it requires you to"
+	ewarn "restart the software manually after the update."
+	ewarn ""
+	ewarn "You can get a list of such software running a command like"
+	ewarn "  lsof / | egrep -i 'del.*libpam\\.so'"
+	ewarn ""
+	ewarn "Alternatively, simply reboot your system."
+	if [[ -x "${EROOT}"/var/log/tallylog ]] ; then
+		elog ""
+		elog "Because of a bug present up to version 1.1.1-r2, you have"
+		elog "an executable /var/log/tallylog file. You can safely"
+		elog "correct it by running the command"
+		elog "  chmod -x /var/log/tallylog"
+		elog ""
+	fi
+
+	# The pam_unix module needs to check the password of the user which requires
+	# read access to /etc/shadow only.
+	fcaps cap_dac_override sbin/unix_chkpwd
+}