PAM Integration: Difference between revisions
(Created page with 'For Yocto 1.1 we are working to ensure that PAM (Pluggable Authentication Module) support is consistent and enabled in recipes where it is applicable. ==== Recipes with PAM sup…') |
Xiaofeng Yan (talk | contribs) |
||
Line 6: | Line 6: | ||
* at | * at | ||
** enable pam option, it can pass compiling. | |||
diff --git a/meta/recipes-extended/at/at-3.1.12/configure-add-enable-pam.patch b/meta/recipes-extended/at/at-3.1.12/configure-add-enable-pam.patch | |||
new file mode 100644 | |||
index 0000000..f5efb1b | |||
--- /dev/null | |||
+++ b/meta/recipes-extended/at/at-3.1.12/configure-add-enable-pam.patch | |||
@@ -0,0 +1,23 @@ | |||
+--- at-3.1.12/configure.ac 2011-06-23 14:51:03.653572945 +0800 | |||
++++ at-3.1.12/configure.ac.new 2011-06-27 16:12:14.903572945 +0800 | |||
+@@ -81,10 +81,18 @@ | |||
+ AC_FUNC_VPRINTF | |||
+ AC_FUNC_GETLOADAVG | |||
+ AC_CHECK_FUNCS(getcwd mktime strftime setreuid setresuid sigaction waitpid) | |||
++ | |||
++AC_ARG_WITH([pam], | |||
++ [AS_HELP_STRING([--without-pam], [without PAM support])]) | |||
++ | |||
++if test "x$with_pam" != xno; then | |||
+ AC_CHECK_HEADERS(security/pam_appl.h, [ | |||
+ PAMLIB="-lpam" | |||
+- AC_DEFINE(HAVE_PAM, 1, [Define to 1 for PAM support]) | |||
+-]) | |||
++ AC_DEFINE(HAVE_PAM, 1, [Define to 1 for PAM support])], | |||
++ [if test "x$with_pam" = xyes; then | |||
++ AC_MSG_ERROR([PAM selected but security/pam_misc.h not found]) | |||
++ fi]) | |||
++fi | |||
+ | |||
+ dnl Checking for programs | |||
+ | |||
diff --git a/meta/recipes-extended/at/at_3.1.12.bb b/meta/recipes-extended/at/at_3.1.12.bb | |||
index 3a94497..25ebf50 100644 | |||
--- a/meta/recipes-extended/at/at_3.1.12.bb | |||
+++ b/meta/recipes-extended/at/at_3.1.12.bb | |||
@@ -4,10 +4,11 @@ the system load levels drop to a particular level." | |||
SECTION = "base" | |||
LICENSE="GPLv2+" | |||
LIC_FILES_CHKSUM = "file://COPYING;md5=4325afd396febcb659c36b49533135d4" | |||
-DEPENDS = "flex libpam initscripts" | |||
+DEPENDS = "flex libpam initscripts \ | |||
+ ${@base_contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}" | |||
RCONFLICTS_${PN} = "atd" | |||
RREPLACES_${PN} = "atd" | |||
-PR = "r4" | |||
+PR = "r5" | |||
SRC_URI = "${DEBIAN_MIRROR}/main/a/at/at_${PV}.orig.tar.gz \ | |||
file://configure.patch \ | |||
@@ -17,7 +18,8 @@ SRC_URI = "${DEBIAN_MIRROR}/main/a/at/at_${PV}.orig.tar.gz \ | |||
file://posixtm.c \ | |||
file://posixtm.h \ | |||
file://file_replacement_with_gplv2.patch \ | |||
- file://S99at" | |||
+ file://S99at \ | |||
+ file://configure-add-enable-pam.patch" | |||
SRC_URI[md5sum] = "1e67991776148fb319fd77a2e599a765" | |||
SRC_URI[sha256sum] = "7c55c6ab4fbe8add9e68f31b2b0ebf3fe805c9a4e7cfb2623a3d8a4789cc18f3" | |||
@@ -26,7 +28,8 @@ EXTRA_OECONF += "ac_cv_path_SENDMAIL=/bin/true \ | |||
--with-daemon_username=root \ | |||
--with-daemon_groupname=root \ | |||
--with-jobdir=/var/spool/at/jobs \ | |||
- --with-atspool=/var/spool/at/spool" | |||
+ --with-atspool=/var/spool/at/spool \ | |||
+ ${@base_contains('DISTRO_FEATURES', 'pam', '--with-pam', '--without-pam', d)} " | |||
inherit autotools | |||
* consolekit | * consolekit | ||
* cronie | * cronie |
Revision as of 09:01, 1 July 2011
For Yocto 1.1 we are working to ensure that PAM (Pluggable Authentication Module) support is consistent and enabled in recipes where it is applicable.
Recipes with PAM support
The following recipes were identified to have PAM support (some already implemented) on 2011-06-27:
- at
- enable pam option, it can pass compiling.
diff --git a/meta/recipes-extended/at/at-3.1.12/configure-add-enable-pam.patch b/meta/recipes-extended/at/at-3.1.12/configure-add-enable-pam.patch new file mode 100644 index 0000000..f5efb1b --- /dev/null +++ b/meta/recipes-extended/at/at-3.1.12/configure-add-enable-pam.patch @@ -0,0 +1,23 @@ +--- at-3.1.12/configure.ac 2011-06-23 14:51:03.653572945 +0800 ++++ at-3.1.12/configure.ac.new 2011-06-27 16:12:14.903572945 +0800 +@@ -81,10 +81,18 @@ + AC_FUNC_VPRINTF + AC_FUNC_GETLOADAVG + AC_CHECK_FUNCS(getcwd mktime strftime setreuid setresuid sigaction waitpid) ++ ++AC_ARG_WITH([pam], ++ [AS_HELP_STRING([--without-pam], [without PAM support])]) ++ ++if test "x$with_pam" != xno; then + AC_CHECK_HEADERS(security/pam_appl.h, [ + PAMLIB="-lpam" +- AC_DEFINE(HAVE_PAM, 1, [Define to 1 for PAM support]) +-]) ++ AC_DEFINE(HAVE_PAM, 1, [Define to 1 for PAM support])], ++ [if test "x$with_pam" = xyes; then ++ AC_MSG_ERROR([PAM selected but security/pam_misc.h not found]) ++ fi]) ++fi + + dnl Checking for programs + diff --git a/meta/recipes-extended/at/at_3.1.12.bb b/meta/recipes-extended/at/at_3.1.12.bb index 3a94497..25ebf50 100644 --- a/meta/recipes-extended/at/at_3.1.12.bb +++ b/meta/recipes-extended/at/at_3.1.12.bb @@ -4,10 +4,11 @@ the system load levels drop to a particular level."
SECTION = "base" LICENSE="GPLv2+" LIC_FILES_CHKSUM = "file://COPYING;md5=4325afd396febcb659c36b49533135d4"
-DEPENDS = "flex libpam initscripts" +DEPENDS = "flex libpam initscripts \ + ${@base_contains('DISTRO_FEATURES', 'pam', 'libpam', , d)}"
RCONFLICTS_${PN} = "atd" RREPLACES_${PN} = "atd"
-PR = "r4" +PR = "r5"
SRC_URI = "${DEBIAN_MIRROR}/main/a/at/at_${PV}.orig.tar.gz \ file://configure.patch \
@@ -17,7 +18,8 @@ SRC_URI = "${DEBIAN_MIRROR}/main/a/at/at_${PV}.orig.tar.gz \
file://posixtm.c \ file://posixtm.h \ file://file_replacement_with_gplv2.patch \
- file://S99at" + file://S99at \ + file://configure-add-enable-pam.patch"
SRC_URI[md5sum] = "1e67991776148fb319fd77a2e599a765" SRC_URI[sha256sum] = "7c55c6ab4fbe8add9e68f31b2b0ebf3fe805c9a4e7cfb2623a3d8a4789cc18f3"
@@ -26,7 +28,8 @@ EXTRA_OECONF += "ac_cv_path_SENDMAIL=/bin/true \
--with-daemon_username=root \ --with-daemon_groupname=root \ --with-jobdir=/var/spool/at/jobs \
- --with-atspool=/var/spool/at/spool" + --with-atspool=/var/spool/at/spool \ + ${@base_contains('DISTRO_FEATURES', 'pam', '--with-pam', '--without-pam', d)} "
inherit autotools
- consolekit
- cronie
- cups
- dropbear
- gnome-keyring
- libcap
- libuser
- mc
- openssh
- polkit
- screen
- shadow
- sudo
- util-linux
Note also:
- The busybox box login has a option to use pam, but we use tinylogin's login right now (tinylogin also provides the su command)
- gettext has a example file use pam in source code, I think it is just a example and don't need care
- sysvinit has a patch contrib/notify-pam-dead.patch for /sbin/init to use pam , and it doesn't patched right now. And the package doesn't provide pam related configure option either.
- In xserver-xf86-lite source code subdir os/utils checks #ifdef USE_PAM but there are no configure-time options for PAM.