diff options
Diffstat (limited to 'patches')
-rw-r--r-- | patches/packages/pam-1.6.0-x86_64-1_slack15.0.txt | 11 | ||||
-rw-r--r-- | patches/source/pam/doinst.sh | 14 | ||||
-rw-r--r-- | patches/source/pam/fedora-patches/pam-1.5.3-unix-nomsg.patch | 17 | ||||
-rw-r--r-- | patches/source/pam/fedora-patches/pam-1.6.0-noflex.patch | 24 | ||||
-rw-r--r-- | patches/source/pam/fedora-patches/pam-1.6.0-redhat-modules.patch | 24 | ||||
-rw-r--r-- | patches/source/pam/pam-redhat.url | 1 | ||||
-rwxr-xr-x | patches/source/pam/pam.SlackBuild | 224 | ||||
-rw-r--r-- | patches/source/pam/pam.url | 2 | ||||
-rw-r--r-- | patches/source/pam/patches/pam.etc.environment.better.comments.diff | 15 | ||||
-rw-r--r-- | patches/source/pam/patches/pam_namespace.SIZE_MAX.patch | 10 | ||||
-rw-r--r-- | patches/source/pam/slack-desc | 19 |
11 files changed, 361 insertions, 0 deletions
diff --git a/patches/packages/pam-1.6.0-x86_64-1_slack15.0.txt b/patches/packages/pam-1.6.0-x86_64-1_slack15.0.txt new file mode 100644 index 000000000..eeab92033 --- /dev/null +++ b/patches/packages/pam-1.6.0-x86_64-1_slack15.0.txt @@ -0,0 +1,11 @@ +pam: pam (Pluggable Authentication Modules) +pam: +pam: PAM = Pluggable Authentication Modules. Basically, it is a flexible +pam: mechanism for authenticating users. PAM provides a way to develop +pam: programs that are independent of authentication scheme. However, +pam: these programs will need "authentication modules" (and libpam) at +pam: run-time in order to work. +pam: +pam: Homepage: http://www.linux-pam.org/ +pam: +pam: diff --git a/patches/source/pam/doinst.sh b/patches/source/pam/doinst.sh new file mode 100644 index 000000000..e96721a14 --- /dev/null +++ b/patches/source/pam/doinst.sh @@ -0,0 +1,14 @@ + +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then + # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + diff --git a/patches/source/pam/fedora-patches/pam-1.5.3-unix-nomsg.patch b/patches/source/pam/fedora-patches/pam-1.5.3-unix-nomsg.patch new file mode 100644 index 000000000..3a8abbb1a --- /dev/null +++ b/patches/source/pam/fedora-patches/pam-1.5.3-unix-nomsg.patch @@ -0,0 +1,17 @@ +Index: Linux-PAM-1.5.3/modules/pam_unix/pam_unix_passwd.c +=================================================================== +--- Linux-PAM-1.5.3.orig/modules/pam_unix/pam_unix_passwd.c ++++ Linux-PAM-1.5.3/modules/pam_unix/pam_unix_passwd.c +@@ -678,12 +678,6 @@ pam_sm_chauthtok(pam_handle_t *pamh, int + return PAM_SUCCESS; + } else if (off(UNIX__IAMROOT, ctrl) || + (on(UNIX_NIS, ctrl) && _unix_comesfromsource(pamh, user, 0, 1))) { +- /* instruct user what is happening */ +- if (off(UNIX__QUIET, ctrl)) { +- retval = pam_info(pamh, _("Changing password for %s."), user); +- if (retval != PAM_SUCCESS) +- return retval; +- } + retval = pam_get_authtok(pamh, PAM_OLDAUTHTOK, &pass_old, NULL); + + if (retval != PAM_SUCCESS) { diff --git a/patches/source/pam/fedora-patches/pam-1.6.0-noflex.patch b/patches/source/pam/fedora-patches/pam-1.6.0-noflex.patch new file mode 100644 index 000000000..706841c9d --- /dev/null +++ b/patches/source/pam/fedora-patches/pam-1.6.0-noflex.patch @@ -0,0 +1,24 @@ +diff -up Linux-PAM-1.6.0/doc/Makefile.am.noflex Linux-PAM-1.6.0/doc/Makefile.am +--- Linux-PAM-1.6.0/doc/Makefile.am.noflex 2024-01-23 13:19:04.681955581 +0100 ++++ Linux-PAM-1.6.0/doc/Makefile.am 2024-01-23 13:19:49.740014426 +0100 +@@ -2,7 +2,7 @@ + # Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de> + # + +-SUBDIRS = man specs sag adg mwg ++SUBDIRS = man sag adg mwg + + CLEANFILES = *~ + DISTCLEANFILES = custom-html.xsl custom-man.xsl +diff -up Linux-PAM-1.6.0/Makefile.am.noflex Linux-PAM-1.6.0/Makefile.am +--- Linux-PAM-1.6.0/Makefile.am.noflex 2024-01-23 13:19:04.681955581 +0100 ++++ Linux-PAM-1.6.0/Makefile.am 2024-01-23 13:21:03.428109219 +0100 +@@ -4,7 +4,7 @@ + + AUTOMAKE_OPTIONS = 1.9 gnu dist-xz no-dist-gzip check-news + +-SUBDIRS = libpam tests libpamc libpam_misc modules po conf xtests ++SUBDIRS = libpam tests libpamc libpam_misc modules po doc xtests + + if HAVE_DOC + SUBDIRS += doc diff --git a/patches/source/pam/fedora-patches/pam-1.6.0-redhat-modules.patch b/patches/source/pam/fedora-patches/pam-1.6.0-redhat-modules.patch new file mode 100644 index 000000000..66aa8ff48 --- /dev/null +++ b/patches/source/pam/fedora-patches/pam-1.6.0-redhat-modules.patch @@ -0,0 +1,24 @@ +diff -up Linux-PAM-1.6.0/configure.ac.redhat-modules Linux-PAM-1.6.0/configure.ac +--- Linux-PAM-1.6.0/configure.ac.redhat-modules 2024-01-23 13:16:34.854753145 +0100 ++++ Linux-PAM-1.6.0/configure.ac 2024-01-23 13:17:52.855859922 +0100 +@@ -774,6 +774,8 @@ AC_CONFIG_FILES([Makefile libpam/Makefil + po/Makefile.in \ + Make.xml.rules \ + modules/Makefile \ ++ modules/pam_chroot/Makefile \ ++ modules/pam_postgresok/Makefile \ + modules/pam_access/Makefile \ + modules/pam_canonicalize_user/Makefile \ + modules/pam_debug/Makefile modules/pam_deny/Makefile \ +diff -up Linux-PAM-1.6.0/modules/Makefile.am.redhat-modules Linux-PAM-1.6.0/modules/Makefile.am +--- Linux-PAM-1.6.0/modules/Makefile.am.redhat-modules 2024-01-17 11:29:36.000000000 +0100 ++++ Linux-PAM-1.6.0/modules/Makefile.am 2024-01-23 13:16:34.855753147 +0100 +@@ -48,6 +48,8 @@ SUBDIRS := \ + pam_debug \ + pam_deny \ + pam_echo \ ++ pam_chroot \ ++ pam_postgresok \ + pam_env \ + pam_exec \ + pam_faildelay \ diff --git a/patches/source/pam/pam-redhat.url b/patches/source/pam/pam-redhat.url new file mode 100644 index 000000000..f83042c0a --- /dev/null +++ b/patches/source/pam/pam-redhat.url @@ -0,0 +1 @@ +https://pagure.io/pam-redhat diff --git a/patches/source/pam/pam.SlackBuild b/patches/source/pam/pam.SlackBuild new file mode 100755 index 000000000..d90a3d30c --- /dev/null +++ b/patches/source/pam/pam.SlackBuild @@ -0,0 +1,224 @@ +#!/bin/sh + +# Copyright 2010 Vincent Batts, vbatts@hashbangbash.com +# Copyright 2010, 2011, 2024 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +cd $(dirname $0) ; CWD=$(pwd) + +SRCNAM=Linux-PAM +PKGNAM=pam +PAMRHVER=${PAMRHVER:-$(echo pam-redhat-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +VERSION=${VERSION:-$(echo $SRCNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack15.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i586 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# If the variable PRINT_PACKAGE_NAME is set, then this script will report what +# the name of the created package would be, and then exit. This information +# could be useful to other scripts. +if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then + echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz" + exit 0 +fi + +NUMJOBS=${NUMJOBS:-" -j$(expr $(nproc) + 1) "} + +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PKGNAM + +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf $SRCNAM-$VERSION +tar xvf $CWD/$SRCNAM-$VERSION.tar.?z || exit 1 +cd $SRCNAM-$VERSION || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \+ -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \+ + +# Better take the Red Hat added modules and patches, because that's very +# likely to be the most standard as far as PAM goes: +tar xvf $CWD/pam-redhat-$PAMRHVER.tar.?z || exit 1 +for file in CHANGELOG COPYING README ; do + mv pam-redhat-$PAMRHVER/${file}* ./${file}.pam-redhat +done +# Add additional PAM modules from Red Hat: +for file in pam-redhat-$PAMRHVER/* ; do + if [ ! -d modules/$(basename $file) ]; then + echo "Moving module directory $(basename $file)." + mv $file modules + else + echo "$(basename $file) already exists in modules/, not moving!" + fi +done + +# Patches from the Fedora SRPM: +zcat $CWD/fedora-patches/pam-1.5.3-unix-nomsg.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/fedora-patches/pam-1.6.0-noflex.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/fedora-patches/pam-1.6.0-redhat-modules.patch.gz | patch -p1 --verbose || exit 1 + +# Improve the comments in /etc/environment: +zcat $CWD/patches/pam.etc.environment.better.comments.diff.gz | patch -p1 --verbose || exit 1 + +# Include stdint.h: +zcat $CWD/patches/pam_namespace.SIZE_MAX.patch.gz | patch -p1 --verbose || exit 1 + +autoreconf -ivf || exit 1 + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/ \ + --libdir=/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --includedir=/usr/include/security \ + --enable-securedir=/lib${LIBDIRSUFFIX}/security \ + --datarootdir=/usr/share \ + --localstatedir=/var \ + --mandir=/usr/man \ + --docdir=/usr/doc/$PKGNAM-$VERSION \ + --disable-regenerate-docu \ + --disable-audit \ + --disable-prelude \ + --disable-rpath \ + --disable-selinux \ + --disable-static \ + --enable-lastlog \ + --build=$ARCH-slackware-linux || exit 1 + +# Make these man pages or the build falls over later +xmlto man modules/pam_faillock/faillock.8.xml -o modules/pam_faillock/ +xmlto man modules/pam_faillock/pam_faillock.8.xml -o modules/pam_faillock/ +xmlto man modules/pam_pwhistory/pwhistory_helper.8.xml -o modules/pam_pwhistory/ + +make -C po update-gmo +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +# Don't ship .la files: +rm -f $PKG/{,usr/}lib${LIBDIRSUFFIX}/*.la + +# The ones in /lib${LIBDIRSUFFIX}/security can also go: +rm -f $PKG/lib${LIBDIRSUFFIX}/security/*.la + +# Add extra symlinks added by pam.spec: +( cd $PKG/lib${LIBDIRSUFFIX}/security + for type in acct auth passwd session ; do + ln -sf pam_unix.so pam_unix_${type}.so + done +) + +# This is a pam helper that can only be called from pam +chown root:root $PKG/sbin/unix_chkpwd +chmod 6755 $PKG/sbin/unix_chkpwd + +# This package can own the /etc/pam.d/ directory +mkdir -p $PKG/etc/pam.d + +# Relocate pkgconfig files: +if [ -d $PKG/lib${LIBDIRSUFFIX}/pkgconfig -a ! -d $PKG/usr/lib${LIBDIRSUFFIX}/pkgconfig ]; then + mkdir -p $PKG/usr/lib${LIBDIRSUFFIX} + mv $PKG/lib${LIBDIRSUFFIX}/pkgconfig $PKG/usr/lib${LIBDIRSUFFIX} +fi + +# Strip binaries: +( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null +) + +# Don't clobber config files: +find $PKG/etc -type f -exec mv {} {}.new \; + +# Compress and if needed symlink the man pages: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION +cp -a \ + AUTHORS COPYING* Copyright NEWS README* \ + $PKG/usr/doc/$PKGNAM-$VERSION + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi +if [ -r CHANGELOG ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION) + cat CHANGELOG | head -n 1000 > $DOCSDIR/CHANGELOG + touch -r CHANGELOG $DOCSDIR/CHANGELOG +fi +rm -f $PKG/usr/doc/$PKGNAM-$VERSION/index.html + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +# Append config statements to the install/doinst.sh: +( cd $PKG + for i in $(find etc -type f -name "*.new") ; do + echo "config $i" >> $PKG/install/doinst.sh ; + done +) + +cd $PKG +/sbin/makepkg -p -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz diff --git a/patches/source/pam/pam.url b/patches/source/pam/pam.url new file mode 100644 index 000000000..d9bd3667c --- /dev/null +++ b/patches/source/pam/pam.url @@ -0,0 +1,2 @@ +#http://www.linux-pam.org/library/Linux-PAM-1.5.3.tar.bz2 +https://github.com/linux-pam/linux-pam/releases diff --git a/patches/source/pam/patches/pam.etc.environment.better.comments.diff b/patches/source/pam/patches/pam.etc.environment.better.comments.diff new file mode 100644 index 000000000..6899e4c14 --- /dev/null +++ b/patches/source/pam/patches/pam.etc.environment.better.comments.diff @@ -0,0 +1,15 @@ +--- ./modules/pam_env/environment.orig 2017-02-10 04:10:15.000000000 -0600 ++++ ./modules/pam_env/environment 2020-01-02 14:40:48.793005303 -0600 +@@ -1,5 +1,10 @@ +-# +-# This file is parsed by pam_env module ++# /etc/environment ++# This file is parsed by pam_env module. ++# This file may contain environment variable settings that should be used ++# system-wide. Please note that it is not a script file and should only ++# contain assignment expressions, one per line. ++# The environment variables in this file will be loaded before those in other ++# files such as: /etc/profile, /etc/profile.d/*, ~/.profile, etc. + # + # Syntax: simple "KEY=VAL" pairs on separate lines + # diff --git a/patches/source/pam/patches/pam_namespace.SIZE_MAX.patch b/patches/source/pam/patches/pam_namespace.SIZE_MAX.patch new file mode 100644 index 000000000..0415461d9 --- /dev/null +++ b/patches/source/pam/patches/pam_namespace.SIZE_MAX.patch @@ -0,0 +1,10 @@ +--- ./modules/pam_namespace/pam_namespace.c.orig 2024-01-17 04:29:36.000000000 -0600 ++++ ./modules/pam_namespace/pam_namespace.c 2024-01-26 14:38:48.683016434 -0600 +@@ -38,6 +38,7 @@ + #include "pam_inline.h" + #include "pam_namespace.h" + #include "argv_parse.h" ++#include <stdint.h> + + /* --- evaluating all files in VENDORDIR/security/namespace.d and /etc/security/namespace.d --- */ + static const char *base_name(const char *path) diff --git a/patches/source/pam/slack-desc b/patches/source/pam/slack-desc new file mode 100644 index 000000000..7c0bcbbd9 --- /dev/null +++ b/patches/source/pam/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +pam: pam (Pluggable Authentication Modules) +pam: +pam: PAM = Pluggable Authentication Modules. Basically, it is a flexible +pam: mechanism for authenticating users. PAM provides a way to develop +pam: programs that are independent of authentication scheme. However, +pam: these programs will need "authentication modules" (and libpam) at +pam: run-time in order to work. +pam: +pam: Homepage: http://www.linux-pam.org/ +pam: +pam: |