#!/bin/bash ulimit -s unlimited shopt -s extglob # pam.SlackBuild # Heavily based on the original Slackware build scripts, # Modified by Stuart Winter for Slackware ARM. # # Copyright 2010 Vincent Batts, vbatts@hashbangbash.com # Copyright 2010, 2011 Patrick J. Volkerding, Sebeka, Minnesota, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is # permitted provided that the following conditions are met: # # 1. Redistributions of this script must retain the above copyright # notice, this list of conditions and the following disclaimer. # # THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED # WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF # MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO # EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, # PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; # OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, # WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. # Record toolchain & other info for the build log: slackbuildinfo # Paths to skeleton port's source & real Slackware source tree: slackset_var_cwds # Temporary build locations: export TMPBUILD=$TMP/build-$PKGNAM export PKG=$TMP/package-$PKGNAM mkpkgdirs # Delete & re-create temporary directories then cd into $TMPBUILD # Set some variables using values from the Slackware upstream scripts: pushd $CWD XSB=$CWD/$PKGNAM.SlackBuild [ ! -x $XSB ] && { echo "ERROR: Cannot find x86 SlackBuild for ${PKGNAM}!" ; exit 1; } for upstreamvar in \ SRCNAM \ PAMRHVER \ ; do eval $( egrep "^${upstreamvar}=" $XSB ) echo "Upstream variable: ${upstreamvar} version $( eval $( echo "echo \$${upstreamvar}" ) )" done popd # Extract source: tar xvvf $CWD/$SRCNAM-$VERSION.tar.!(*sign|*asc|*sig) cd $SRCNAM-*/ || exit 1 slackhousekeeping # Better take the Red Hat added modules and patches, because that's very # likely to be the most standard as far as PAM goes: tar xvf $CWD/pam-redhat-$PAMRHVER.tar.?z || exit 1 for file in CHANGELOG COPYING README ; do mv pam-redhat-$PAMRHVER/${file}* ./${file}.pam-redhat done # Add additional PAM modules from Red Hat: for file in pam-redhat-$PAMRHVER/* ; do if [ ! -d modules/$(basename $file) ]; then echo "Moving module directory $(basename $file)." mv $file modules else echo "$(basename $file) already exists in modules/, not moving!" fi done # NOTE: Linux-PAM-1.4.0 already ships with most of these applied: #zcat $CWD/fedora-patches/pam-1.3.1-redhat-modules.patch.gz | patch -p1 --verbose || exit 1 #zcat $CWD/fedora-patches/pam-1.4.0-redhat-modules.patch.gz | patch -p1 --verbose || exit 1 zcat $CWD/fedora-patches/pam-1.5.0-redhat-modules.patch.gz | patch -p1 --verbose || exit 1 #zcat $CWD/fedora-patches/pam-1.3.1-noflex.patch.gz | patch -p1 --verbose || exit 1 #zcat $CWD/fedora-patches/pam-1.1.3-nouserenv.patch.gz | patch -p1 --verbose || exit 1 zcat $CWD/fedora-patches/pam-1.1.6-limits-user.patch.gz | patch -p1 --verbose || exit 1 #zcat $CWD/fedora-patches/pam-1.1.8-full-relro.patch.gz | patch -p1 --verbose || exit 1 #zcat $CWD/fedora-patches/pam-1.3.0-pwhistory-helper.patch.gz | patch -p1 --verbose || exit 1 #zcat $CWD/fedora-patches/pam-1.1.8-audit-user-mgmt.patch.gz | patch -p1 --verbose || exit 1 zcat $CWD/fedora-patches/pam-1.3.0-unix-nomsg.patch.gz | patch -p1 --verbose || exit 1 #zcat $CWD/fedora-patches/pam-1.3.1-coverity.patch.gz | patch -p1 --verbose || exit 1 #zcat $CWD/fedora-patches/pam-1.3.1-unix-remove-obsolete-_unix_read_password-prototype.patch.gz | patch -p1 --verbose || exit 1 #zcat $CWD/fedora-patches/pam-1.3.1-unix-bcrypt_b.patch.gz | patch -p1 --verbose || exit 1 #zcat $CWD/fedora-patches/pam-1.3.1-unix-gensalt-autoentropy.patch.gz | patch -p1 --verbose || exit 1 #zcat $CWD/fedora-patches/pam-1.3.1-unix-crypt_checksalt.patch.gz | patch -p1 --verbose || exit 1 #zcat $CWD/fedora-patches/pam-1.3.1-unix-yescrypt.patch.gz | patch -p1 --verbose || exit 1 #zcat $CWD/fedora-patches/pam-1.3.1-unix-no-fallback.patch.gz | patch -p1 --verbose || exit 1 #zcat $CWD/fedora-patches/pam-1.3.1-motd-multiple-paths.patch.gz | patch -p1 --verbose || exit 1 #zcat $CWD/fedora-patches/pam-1.3.1-unix-checksalt_syslog.patch.gz | patch -p1 --verbose || exit 1 #zcat $CWD/fedora-patches/pam-1.3.1-unix-fix_checksalt_syslog.patch.gz | patch -p1 --verbose || exit 1 # Improve the comments in /etc/environment: zcat $CWD/patches/pam.etc.environment.better.comments.diff.gz | patch -p1 --verbose || exit 1 # Configure: autoreconf -ivf || exit 1 CFLAGS="$SLKCFLAGS" \ CXXFLAGS="$SLKCFLAGS" \ ./configure \ --prefix=/ \ --libdir=/lib${LIBDIRSUFFIX} \ --sysconfdir=/etc \ --includedir=/usr/include/security \ --enable-securedir=/lib${LIBDIRSUFFIX}/security \ --datarootdir=/usr/share \ --localstatedir=/var \ --mandir=/usr/man \ --docdir=/usr/doc/$PKGNAM-$VERSION \ --disable-regenerate-docu \ --disable-audit \ --disable-prelude \ --disable-rpath \ --disable-selinux \ --disable-static \ --host=${SLK_ARCH_HOST} \ --build=${SLK_ARCH_BUILD} || failconfig # Make these man pages or the build falls over later xmlto man modules/pam_faillock/faillock.8.xml -o modules/pam_faillock/ xmlto man modules/pam_faillock/pam_faillock.8.xml -o modules/pam_faillock/ xmlto man modules/pam_pwhistory/pwhistory_helper.8.xml -o modules/pam_pwhistory/ make -C po update-gmo # Build: make $NUMJOBS || make || failmake # Install into package framework: make install DESTDIR=$PKG || failinstall # The ones in /lib${LIBDIRSUFFIX}/security won't be picked up by # the packaging function: rm -f $PKG/lib${LIBDIRSUFFIX}/security/*.la # This package can own the /etc/pam.d/ directory mkdir -p $PKG/etc/pam.d # Don't clobber config files: find $PKG/etc -type f -exec mv {} {}.new \; # Add extra symlinks added by pam.spec: ( cd $PKG/lib${LIBDIRSUFFIX}/security for type in acct auth passwd session ; do ln -sf pam_unix.so pam_unix_${type}.so done ) # Add documentation: mkdir -vpm755 $PKG/usr/doc/$PKGNAM-$VERSION cp -fav \ AUTHORS COPYING* Copyright NEWS README* \ $PKG/usr/doc/$PKGNAM-$VERSION rm -f $PKG/usr/doc/$PKGNAM-$VERSION/index.html changelogliposuction ChangeLog $PKGNAM $VERSION # Trim down a "ChangeLog" file changelogliposuction CHANGELOG $PKGNAM $VERSION # Trim down a "ChangeLog" file # Apply generic Slackware packaging policies: cd $PKG slackstripall # strip all .a archives and all ELFs #slackstriprpaths # strip rpaths slack_delete_lafiles # delete usr/lib{,64}/*.la slackgzpages -i # compress man & info pages and delete usr/info/dir slackslack # set standard Slackware file/dir permissions and ownerships slackdesc # install slack-desc and doinst.sh # Append config statements to the install/doinst.sh: ( cd $PKG for i in $(find etc -type f -name "*.new") ; do echo "config $i" >> $PKG/install/doinst.sh ; done ) # This is a pam helper that can only be called from pam chown root:root $PKG/sbin/unix_chkpwd chmod 6755 $PKG/sbin/unix_chkpwd slackmp -p # run makepkg -p -l y -c n # Perform any final checks on the package: cd $PKG slackhlinks # search for any hard links