Re: Non-PAM Policycoreutils

[Timothy <timothy@diyab.net>]

[-- Attachment #1: Type: text/plain, Size: 1295 bytes --]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

Stephen Smalley wrote:
> On Thu, 2005-10-13 at 15:56 -0400, Timothy wrote:
> 
>>The crypt defined in unistd.h is only read if __USE_XOPEN is defined so
>>it's required or make will fail for non-pam builds because the function
>>authenticate_via_shadow_passwd uses crypt.  I tried to add that define
>>to the CFLAGS in the makefile but it does not see that it is defined for
>>some reason and still errors out.
> 
> 
> Hmm...actually, since it is wrapped by the #else for USE_PAM, it isn't a
> problem to have it in the .c file, but I noticed that the man page for
> crypt(3) on my system says to define _XOPEN_SOURCE instead of directly
> defining __USE_XOPEN (features.h enables the latter when the former is
> enabled).  Note that the former only has a single leading underscore,
> unlike the latter.  Does #define'ing _XOPEN_SOURCE work for you there
> instead of __USE_XOPEN?
> 

Just _XOPEN_SOURCE caused new errors but _XOPEN_SOURCE defined to 500
works.  New patch attached.

Timothy,

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFDTtuGSYq2KfPEK/gRA2etAJ43Z4KRzStnX5Z/CTd2q/VURf9PhgCffkGq
yAzwBdfbzgKWH/3WAm6Kjww=
=5PaU
-----END PGP SIGNATURE-----

[-- Attachment #2: policycoreutils-nopam.patch --]
[-- Type: text/plain, Size: 2526 bytes --]

--- policycoreutils/newrole/Makefile	2005-07-18 10:13:55.000000000 -0400
+++ policycoreutils-1.26.slack/newrole/Makefile	2005-10-04 02:22:03.000000000 -0400
@@ -4,10 +4,19 @@
 MANDIR ?= $(PREFIX)/share/man
 ETCDIR ?= $(DESTDIR)/etc
 LOCALEDIR = /usr/share/locale
+PAMH = $(shell ls /usr/include/security/pam_appl.h 2>/dev/null)
 
 CFLAGS ?= -Werror -Wall -W
-override CFLAGS += $(LDFLAGS) -I$(PREFIX)/include -DUSE_NLS -DUSE_PAM -DLOCALEDIR="\"$(LOCALEDIR)\"" -DPACKAGE="\"policycoreutils\""
-LDLIBS += -lselinux -lpam -lpam_misc -L$(PREFIX)/lib
+override CFLAGS += $(LDFLAGS) -I$(PREFIX)/include -DUSE_NLS -DLOCALEDIR="\"$(LOCALEDIR)\"" -DPACKAGE="\"policycoreutils\""
+LDLIBS += -lselinux -L$(PREFIX)/lib
+ifeq (${PAMH}, /usr/include/security/pam_appl.h)
+	override CFLAGS += -DUSE_PAM
+	LDLIBS += -lpam -lpam_misc
+else
+	override CFLAGS += -D_XOPEN_SOURCE=500
+	LDLIBS += -lcrypt
+endif
+
 
 TARGETS=$(patsubst %.c,%,$(wildcard *.c))
 
@@ -19,7 +28,10 @@
 	test -d $(MANDIR)/man1 || install -m 755 -d $(MANDIR)/man1
 	install -m 555 newrole $(BINDIR)
 	install -m 644 newrole.1 $(MANDIR)/man1/
+ifeq (${PAMH}, /usr/include/security/pam_appl.h)
+	test -d $(ETCDIR)/pam.d || install -m 755 -d $(ETCDIR)/pam.d
 	install -m 644 newrole.pamd $(ETCDIR)/pam.d/newrole
+endif
 
 clean:
 	rm -f $(TARGETS) *.o 
--- policycoreutils/run_init/Makefile	2005-07-18 10:13:56.000000000 -0400
+++ policycoreutils-1.26.slack/run_init/Makefile	2005-10-04 02:22:29.000000000 -0400
@@ -5,10 +5,18 @@
 MANDIR ?= $(PREFIX)/share/man
 ETCDIR ?= $(DESTDIR)/etc
 LOCALEDIR ?= /usr/share/locale
+PAMH = $(shell ls /usr/include/security/pam_appl.h 2>/dev/null)
 
 CFLAGS ?= -Werror -Wall -W
-override CFLAGS += -I$(PREFIX)/include -DUSE_NLS -DUSE_PAM -DLOCALEDIR="\"$(LOCALEDIR)\"" -DPACKAGE="\"policycoreutils\""
-LDLIBS += -lselinux -lpam -lpam_misc -L$(PREFIX)/lib
+override CFLAGS += -I$(PREFIX)/include -DUSE_NLS -DLOCALEDIR="\"$(LOCALEDIR)\"" -DPACKAGE="\"policycoreutils\""
+LDLIBS += -lselinux -L$(PREFIX)/lib
+ifeq (${PAMH}, /usr/include/security/pam_appl.h)
+	override CFLAGS += -DUSE_PAM
+	LDLIBS += -lpam -lpam_misc
+else
+	override CFLAGS += -D_XOPEN_SOURCE=500
+	LDLIBS += -lcrypt
+endif
 
 TARGETS=$(patsubst %.c,%,$(wildcard *.c))
 
@@ -25,7 +33,9 @@
 	install -m 555 open_init_pty $(SBINDIR)
 	install -m 644 run_init.8 $(MANDIR)/man8/
 	install -m 644 open_init_pty.8 $(MANDIR)/man8/
+ifeq (${PAMH}, /usr/include/security/pam_appl.h)
 	install -m 644 run_init.pamd $(ETCDIR)/pam.d/run_init
+endif
 
 clean:
 	-rm -f $(TARGETS) *.o