[OE-core] [PATCH 09/10] shadow: update pam related configure files

[Kang Kai]

On 2011年07月21日 16:58, Koen Kooi wrote:
> Op 21 jul. 2011, om 10:00 heeft Kang Kai het volgende geschreven:
>
>> From: Kang Kai<kai.kang at windriver.com>
>>
>> add shadow-update-pam-conf.patch to update the pam related configure files
>> in Yocto way rather than Fedora.
> I'm not entirely sure, but do the updated conf files need something like http://cgit.openembedded.org/cgit.cgi/openembedded-core/commit/?id=b90e9c2318fc421f37c57788ece54ce791a90b62 as well?

ok, I'll check the commits for module selinux

>
>
>> Signed-off-by: Kang Kai<kai.kang at windriver.com>
>> ---
>> .../shadow/files/shadow-update-pam-conf.patch      |  175 ++++++++++++++++++++
>> meta/recipes-extended/shadow/shadow_4.1.4.3.bb     |    5 +-
>> 2 files changed, 178 insertions(+), 2 deletions(-)
>> create mode 100644 meta/recipes-extended/shadow/files/shadow-update-pam-conf.patch
>>
>> diff --git a/meta/recipes-extended/shadow/files/shadow-update-pam-conf.patch b/meta/recipes-extended/shadow/files/shadow-update-pam-conf.patch
>> new file mode 100644
>> index 0000000..33789f5
>> --- /dev/null
>> +++ b/meta/recipes-extended/shadow/files/shadow-update-pam-conf.patch
>> @@ -0,0 +1,175 @@
>> +The system-auth in the configure files is from Fedora which put all the 4 pam type rules
>> +in one file.
>> +In yocto it obey the way with Debian/Ubuntu, and the names are common-auth, common-account,
>> +common-password and common-session.
>> +So update them in Yocto way.
>> +
>> +Upstream-Status: Pending
>> +
>> +Signed-off-by: Kang Kai<kai.kang at windriver.com>
>> +
>> +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/chage shadow-4.1.4.3/etc/pam.d/chage
>> +--- shadow-4.1.4.3/etc/pam.d.orig/chage	2011-07-20 19:02:27.384844958 +0800
>> ++++ shadow-4.1.4.3/etc/pam.d/chage	2011-07-20 19:03:08.964844958 +0800
>> +@@ -1,4 +1,4 @@
>> + #%PAM-1.0
>> + auth		sufficient	pam_rootok.so
>> + account		required	pam_permit.so
>> +-password	include		system-auth
>> ++password	include		common-password
>> +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/chfn shadow-4.1.4.3/etc/pam.d/chfn
>> +--- shadow-4.1.4.3/etc/pam.d.orig/chfn	2011-07-20 19:02:27.384844958 +0800
>> ++++ shadow-4.1.4.3/etc/pam.d/chfn	2011-07-20 19:03:17.804844958 +0800
>> +@@ -1,4 +1,4 @@
>> + #%PAM-1.0
>> + auth		sufficient	pam_rootok.so
>> + account		required	pam_permit.so
>> +-password	include		system-auth
>> ++password	include		common-password
>> +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/chgpasswd shadow-4.1.4.3/etc/pam.d/chgpasswd
>> +--- shadow-4.1.4.3/etc/pam.d.orig/chgpasswd	2011-07-20 19:02:27.384844958 +0800
>> ++++ shadow-4.1.4.3/etc/pam.d/chgpasswd	2011-07-20 19:03:26.544844958 +0800
>> +@@ -1,4 +1,4 @@
>> + #%PAM-1.0
>> + auth		sufficient	pam_rootok.so
>> + account		required	pam_permit.so
>> +-password	include		system-auth
>> ++password	include		common-password
>> +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/chpasswd shadow-4.1.4.3/etc/pam.d/chpasswd
>> +--- shadow-4.1.4.3/etc/pam.d.orig/chpasswd	2011-07-20 19:02:27.384844958 +0800
>> ++++ shadow-4.1.4.3/etc/pam.d/chpasswd	2011-07-20 19:03:42.724844958 +0800
>> +@@ -1,4 +1,4 @@
>> + #%PAM-1.0
>> + auth		sufficient	pam_rootok.so
>> + account		required	pam_permit.so
>> +-password	include		system-auth
>> ++password	include		common-password
>> +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/chsh shadow-4.1.4.3/etc/pam.d/chsh
>> +--- shadow-4.1.4.3/etc/pam.d.orig/chsh	2011-07-20 19:02:27.384844958 +0800
>> ++++ shadow-4.1.4.3/etc/pam.d/chsh	2011-07-20 19:03:51.524844958 +0800
>> +@@ -1,4 +1,4 @@
>> + #%PAM-1.0
>> + auth		sufficient	pam_rootok.so
>> + account		required	pam_permit.so
>> +-password	include		system-auth
>> ++password	include		common-password
>> +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/groupadd shadow-4.1.4.3/etc/pam.d/groupadd
>> +--- shadow-4.1.4.3/etc/pam.d.orig/groupadd	2011-07-20 19:02:27.384844958 +0800
>> ++++ shadow-4.1.4.3/etc/pam.d/groupadd	2011-07-20 19:04:08.124844958 +0800
>> +@@ -1,4 +1,4 @@
>> + #%PAM-1.0
>> + auth		sufficient	pam_rootok.so
>> + account		required	pam_permit.so
>> +-password	include		system-auth
>> ++password	include		common-password
>> +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/groupdel shadow-4.1.4.3/etc/pam.d/groupdel
>> +--- shadow-4.1.4.3/etc/pam.d.orig/groupdel	2011-07-20 19:02:27.384844958 +0800
>> ++++ shadow-4.1.4.3/etc/pam.d/groupdel	2011-07-20 19:04:26.114844958 +0800
>> +@@ -1,4 +1,4 @@
>> + #%PAM-1.0
>> + auth		sufficient	pam_rootok.so
>> + account		required	pam_permit.so
>> +-password	include		system-auth
>> ++password	include		common-password
>> +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/groupmems shadow-4.1.4.3/etc/pam.d/groupmems
>> +--- shadow-4.1.4.3/etc/pam.d.orig/groupmems	2011-07-20 19:02:27.384844958 +0800
>> ++++ shadow-4.1.4.3/etc/pam.d/groupmems	2011-07-20 19:04:35.074844958 +0800
>> +@@ -1,4 +1,4 @@
>> + #%PAM-1.0
>> + auth		sufficient	pam_rootok.so
>> + account		required	pam_permit.so
>> +-password	include		system-auth
>> ++password	include		common-password
>> +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/groupmod shadow-4.1.4.3/etc/pam.d/groupmod
>> +--- shadow-4.1.4.3/etc/pam.d.orig/groupmod	2011-07-20 19:02:27.384844958 +0800
>> ++++ shadow-4.1.4.3/etc/pam.d/groupmod	2011-07-20 19:04:44.864844958 +0800
>> +@@ -1,4 +1,4 @@
>> + #%PAM-1.0
>> + auth		sufficient	pam_rootok.so
>> + account		required	pam_permit.so
>> +-password	include		system-auth
>> ++password	include		common-password
>> +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/login shadow-4.1.4.3/etc/pam.d/login
>> +--- shadow-4.1.4.3/etc/pam.d.orig/login	2011-07-20 19:02:27.384844958 +0800
>> ++++ shadow-4.1.4.3/etc/pam.d/login	2011-07-20 19:05:36.924844958 +0800
>> +@@ -1,11 +1,11 @@
>> + #%PAM-1.0
>> + auth		required	pam_securetty.so
>> +-auth		include		system-auth
>> ++auth		include		common-auth
>> + account		required	pam_nologin.so
>> +-account		include		system-auth
>> +-password	include		system-auth
>> ++account		include		common-account
>> ++password	include		common-password
>> + session		required	pam_selinux.so close
>> +-session		include		system-auth
>> ++session		include		common-session
>> + session		required	pam_loginuid.so
>> + session		optional	pam_console.so
>> + session		required	pam_selinux.so open
>> +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/newusers shadow-4.1.4.3/etc/pam.d/newusers
>> +--- shadow-4.1.4.3/etc/pam.d.orig/newusers	2011-07-20 19:02:27.384844958 +0800
>> ++++ shadow-4.1.4.3/etc/pam.d/newusers	2011-07-20 19:05:49.344844958 +0800
>> +@@ -1,4 +1,4 @@
>> + #%PAM-1.0
>> + auth		sufficient	pam_rootok.so
>> + account		required	pam_permit.so
>> +-password	include		system-auth
>> ++password	include		common-password
>> +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/passwd shadow-4.1.4.3/etc/pam.d/passwd
>> +--- shadow-4.1.4.3/etc/pam.d.orig/passwd	2011-07-20 19:02:27.384844958 +0800
>> ++++ shadow-4.1.4.3/etc/pam.d/passwd	2011-07-20 19:06:29.014844958 +0800
>> +@@ -1,4 +1,4 @@
>> + #%PAM-1.0
>> +-auth		include		system-auth
>> +-account		include		system-auth
>> +-password	include		system-auth
>> ++auth		include		common-auth
>> ++account		include		common-account
>> ++password	include		common-password
>> +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/su shadow-4.1.4.3/etc/pam.d/su
>> +--- shadow-4.1.4.3/etc/pam.d.orig/su	2011-07-20 19:02:27.384844958 +0800
>> ++++ shadow-4.1.4.3/etc/pam.d/su	2011-07-20 19:07:07.584844958 +0800
>> +@@ -4,10 +4,10 @@
>> + #auth		sufficient	pam_wheel.so trust use_uid
>> + # Uncomment the following line to require a user to be in the "wheel" group.
>> + auth		required	pam_wheel.so use_uid
>> +-auth		include		system-auth
>> +-account		include		system-auth
>> +-password	include		system-auth
>> ++auth		include		common-auth
>> ++account		include		common-account
>> ++password	include		common-password
>> + session		required	pam_selinux.so close
>> +-session		include		system-auth
>> ++session		include		common-session
>> + session		required	pam_selinux.so open multiple
>> + session		optional	pam_xauth.so
>> +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/useradd shadow-4.1.4.3/etc/pam.d/useradd
>> +--- shadow-4.1.4.3/etc/pam.d.orig/useradd	2011-07-20 19:02:27.384844958 +0800
>> ++++ shadow-4.1.4.3/etc/pam.d/useradd	2011-07-20 19:07:26.244844958 +0800
>> +@@ -1,4 +1,4 @@
>> + #%PAM-1.0
>> + auth		sufficient	pam_rootok.so
>> + account		required	pam_permit.so
>> +-password	include		system-auth
>> ++password	include		common-password
>> +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/userdel shadow-4.1.4.3/etc/pam.d/userdel
>> +--- shadow-4.1.4.3/etc/pam.d.orig/userdel	2011-07-20 19:02:27.384844958 +0800
>> ++++ shadow-4.1.4.3/etc/pam.d/userdel	2011-07-20 19:07:35.734844958 +0800
>> +@@ -1,4 +1,4 @@
>> + #%PAM-1.0
>> + auth		sufficient	pam_rootok.so
>> + account		required	pam_permit.so
>> +-password	include		system-auth
>> ++password	include		common-password
>> +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/usermod shadow-4.1.4.3/etc/pam.d/usermod
>> +--- shadow-4.1.4.3/etc/pam.d.orig/usermod	2011-07-20 19:02:27.384844958 +0800
>> ++++ shadow-4.1.4.3/etc/pam.d/usermod	2011-07-20 19:07:42.024844958 +0800
>> +@@ -1,4 +1,4 @@
>> + #%PAM-1.0
>> + auth		sufficient	pam_rootok.so
>> + account		required	pam_permit.so
>> +-password	include		system-auth
>> ++password	include		common-password
>> diff --git a/meta/recipes-extended/shadow/shadow_4.1.4.3.bb b/meta/recipes-extended/shadow/shadow_4.1.4.3.bb
>> index 5731a26..0e6ba871 100644
>> --- a/meta/recipes-extended/shadow/shadow_4.1.4.3.bb
>> +++ b/meta/recipes-extended/shadow/shadow_4.1.4.3.bb
>> @@ -9,7 +9,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=08c553a87d4e51bbed50b20e0adcaede \
>>
>> DEPENDS = "${@base_contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}"
>> RDEPENDS_${PN} = "${@base_contains('DISTRO_FEATURES', 'pam', '${PAM_PLUGINS}', '', d)}"
>> -PR = "r2"
>> +PR = "r3"
>>
>> SRC_URI = "ftp://pkg-shadow.alioth.debian.org/pub/pkg-shadow/shadow-${PV}.tar.bz2 \
>>             file://login_defs_pam.sed \
>> @@ -19,7 +19,8 @@ SRC_URI = "ftp://pkg-shadow.alioth.debian.org/pub/pkg-shadow/shadow-${PV}.tar.bz
>>             file://shadow-4.1.3-dots-in-usernames.patch \
>>             file://shadow-4.1.4.2-env-reset-keep-locale.patch \
>>             file://shadow-4.1.4.2-groupmod-pam-check.patch \
>> -           file://shadow-4.1.4.2-su_no_sanitize_env.patch"
>> +           file://shadow-4.1.4.2-su_no_sanitize_env.patch \
>> +		   file://shadow-update-pam-conf.patch"
>>
>> SRC_URI[md5sum] = "b8608d8294ac88974f27b20f991c0e79"
>> SRC_URI[sha256sum] = "633f5bb4ea0c88c55f3642c97f9d25cbef74f82e0b4cf8d54e7ad6f9f9caa778"
>> -- 
>> 1.7.5.1.300.gc565c
>>
>>
>> _______________________________________________
>> Openembedded-core mailing list
>> Openembedded-core at lists.openembedded.org
>> http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core
>
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core at lists.openembedded.org
> http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core