From: Kang Kai <Kai.Kang@windriver.com>
To: <openembedded-core@lists.openembedded.org>
Subject: Re: [PATCH 09/10] shadow: update pam related configure files
Date: Fri, 22 Jul 2011 11:16:16 +0800 [thread overview]
Message-ID: <4E28EB80.1030804@windriver.com> (raw)
In-Reply-To: <08642C66-37F6-40C2-BCE7-45668EAA0B58@dominion.thruhere.net>
On 2011年07月21日 16:58, Koen Kooi wrote:
> Op 21 jul. 2011, om 10:00 heeft Kang Kai het volgende geschreven:
>
>> From: Kang Kai<kai.kang@windriver.com>
>>
>> add shadow-update-pam-conf.patch to update the pam related configure files
>> in Yocto way rather than Fedora.
> I'm not entirely sure, but do the updated conf files need something like http://cgit.openembedded.org/cgit.cgi/openembedded-core/commit/?id=b90e9c2318fc421f37c57788ece54ce791a90b62 as well?
ok, I'll check the commits for module selinux
>
>
>> Signed-off-by: Kang Kai<kai.kang@windriver.com>
>> ---
>> .../shadow/files/shadow-update-pam-conf.patch | 175 ++++++++++++++++++++
>> meta/recipes-extended/shadow/shadow_4.1.4.3.bb | 5 +-
>> 2 files changed, 178 insertions(+), 2 deletions(-)
>> create mode 100644 meta/recipes-extended/shadow/files/shadow-update-pam-conf.patch
>>
>> diff --git a/meta/recipes-extended/shadow/files/shadow-update-pam-conf.patch b/meta/recipes-extended/shadow/files/shadow-update-pam-conf.patch
>> new file mode 100644
>> index 0000000..33789f5
>> --- /dev/null
>> +++ b/meta/recipes-extended/shadow/files/shadow-update-pam-conf.patch
>> @@ -0,0 +1,175 @@
>> +The system-auth in the configure files is from Fedora which put all the 4 pam type rules
>> +in one file.
>> +In yocto it obey the way with Debian/Ubuntu, and the names are common-auth, common-account,
>> +common-password and common-session.
>> +So update them in Yocto way.
>> +
>> +Upstream-Status: Pending
>> +
>> +Signed-off-by: Kang Kai<kai.kang@windriver.com>
>> +
>> +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/chage shadow-4.1.4.3/etc/pam.d/chage
>> +--- shadow-4.1.4.3/etc/pam.d.orig/chage 2011-07-20 19:02:27.384844958 +0800
>> ++++ shadow-4.1.4.3/etc/pam.d/chage 2011-07-20 19:03:08.964844958 +0800
>> +@@ -1,4 +1,4 @@
>> + #%PAM-1.0
>> + auth sufficient pam_rootok.so
>> + account required pam_permit.so
>> +-password include system-auth
>> ++password include common-password
>> +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/chfn shadow-4.1.4.3/etc/pam.d/chfn
>> +--- shadow-4.1.4.3/etc/pam.d.orig/chfn 2011-07-20 19:02:27.384844958 +0800
>> ++++ shadow-4.1.4.3/etc/pam.d/chfn 2011-07-20 19:03:17.804844958 +0800
>> +@@ -1,4 +1,4 @@
>> + #%PAM-1.0
>> + auth sufficient pam_rootok.so
>> + account required pam_permit.so
>> +-password include system-auth
>> ++password include common-password
>> +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/chgpasswd shadow-4.1.4.3/etc/pam.d/chgpasswd
>> +--- shadow-4.1.4.3/etc/pam.d.orig/chgpasswd 2011-07-20 19:02:27.384844958 +0800
>> ++++ shadow-4.1.4.3/etc/pam.d/chgpasswd 2011-07-20 19:03:26.544844958 +0800
>> +@@ -1,4 +1,4 @@
>> + #%PAM-1.0
>> + auth sufficient pam_rootok.so
>> + account required pam_permit.so
>> +-password include system-auth
>> ++password include common-password
>> +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/chpasswd shadow-4.1.4.3/etc/pam.d/chpasswd
>> +--- shadow-4.1.4.3/etc/pam.d.orig/chpasswd 2011-07-20 19:02:27.384844958 +0800
>> ++++ shadow-4.1.4.3/etc/pam.d/chpasswd 2011-07-20 19:03:42.724844958 +0800
>> +@@ -1,4 +1,4 @@
>> + #%PAM-1.0
>> + auth sufficient pam_rootok.so
>> + account required pam_permit.so
>> +-password include system-auth
>> ++password include common-password
>> +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/chsh shadow-4.1.4.3/etc/pam.d/chsh
>> +--- shadow-4.1.4.3/etc/pam.d.orig/chsh 2011-07-20 19:02:27.384844958 +0800
>> ++++ shadow-4.1.4.3/etc/pam.d/chsh 2011-07-20 19:03:51.524844958 +0800
>> +@@ -1,4 +1,4 @@
>> + #%PAM-1.0
>> + auth sufficient pam_rootok.so
>> + account required pam_permit.so
>> +-password include system-auth
>> ++password include common-password
>> +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/groupadd shadow-4.1.4.3/etc/pam.d/groupadd
>> +--- shadow-4.1.4.3/etc/pam.d.orig/groupadd 2011-07-20 19:02:27.384844958 +0800
>> ++++ shadow-4.1.4.3/etc/pam.d/groupadd 2011-07-20 19:04:08.124844958 +0800
>> +@@ -1,4 +1,4 @@
>> + #%PAM-1.0
>> + auth sufficient pam_rootok.so
>> + account required pam_permit.so
>> +-password include system-auth
>> ++password include common-password
>> +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/groupdel shadow-4.1.4.3/etc/pam.d/groupdel
>> +--- shadow-4.1.4.3/etc/pam.d.orig/groupdel 2011-07-20 19:02:27.384844958 +0800
>> ++++ shadow-4.1.4.3/etc/pam.d/groupdel 2011-07-20 19:04:26.114844958 +0800
>> +@@ -1,4 +1,4 @@
>> + #%PAM-1.0
>> + auth sufficient pam_rootok.so
>> + account required pam_permit.so
>> +-password include system-auth
>> ++password include common-password
>> +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/groupmems shadow-4.1.4.3/etc/pam.d/groupmems
>> +--- shadow-4.1.4.3/etc/pam.d.orig/groupmems 2011-07-20 19:02:27.384844958 +0800
>> ++++ shadow-4.1.4.3/etc/pam.d/groupmems 2011-07-20 19:04:35.074844958 +0800
>> +@@ -1,4 +1,4 @@
>> + #%PAM-1.0
>> + auth sufficient pam_rootok.so
>> + account required pam_permit.so
>> +-password include system-auth
>> ++password include common-password
>> +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/groupmod shadow-4.1.4.3/etc/pam.d/groupmod
>> +--- shadow-4.1.4.3/etc/pam.d.orig/groupmod 2011-07-20 19:02:27.384844958 +0800
>> ++++ shadow-4.1.4.3/etc/pam.d/groupmod 2011-07-20 19:04:44.864844958 +0800
>> +@@ -1,4 +1,4 @@
>> + #%PAM-1.0
>> + auth sufficient pam_rootok.so
>> + account required pam_permit.so
>> +-password include system-auth
>> ++password include common-password
>> +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/login shadow-4.1.4.3/etc/pam.d/login
>> +--- shadow-4.1.4.3/etc/pam.d.orig/login 2011-07-20 19:02:27.384844958 +0800
>> ++++ shadow-4.1.4.3/etc/pam.d/login 2011-07-20 19:05:36.924844958 +0800
>> +@@ -1,11 +1,11 @@
>> + #%PAM-1.0
>> + auth required pam_securetty.so
>> +-auth include system-auth
>> ++auth include common-auth
>> + account required pam_nologin.so
>> +-account include system-auth
>> +-password include system-auth
>> ++account include common-account
>> ++password include common-password
>> + session required pam_selinux.so close
>> +-session include system-auth
>> ++session include common-session
>> + session required pam_loginuid.so
>> + session optional pam_console.so
>> + session required pam_selinux.so open
>> +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/newusers shadow-4.1.4.3/etc/pam.d/newusers
>> +--- shadow-4.1.4.3/etc/pam.d.orig/newusers 2011-07-20 19:02:27.384844958 +0800
>> ++++ shadow-4.1.4.3/etc/pam.d/newusers 2011-07-20 19:05:49.344844958 +0800
>> +@@ -1,4 +1,4 @@
>> + #%PAM-1.0
>> + auth sufficient pam_rootok.so
>> + account required pam_permit.so
>> +-password include system-auth
>> ++password include common-password
>> +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/passwd shadow-4.1.4.3/etc/pam.d/passwd
>> +--- shadow-4.1.4.3/etc/pam.d.orig/passwd 2011-07-20 19:02:27.384844958 +0800
>> ++++ shadow-4.1.4.3/etc/pam.d/passwd 2011-07-20 19:06:29.014844958 +0800
>> +@@ -1,4 +1,4 @@
>> + #%PAM-1.0
>> +-auth include system-auth
>> +-account include system-auth
>> +-password include system-auth
>> ++auth include common-auth
>> ++account include common-account
>> ++password include common-password
>> +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/su shadow-4.1.4.3/etc/pam.d/su
>> +--- shadow-4.1.4.3/etc/pam.d.orig/su 2011-07-20 19:02:27.384844958 +0800
>> ++++ shadow-4.1.4.3/etc/pam.d/su 2011-07-20 19:07:07.584844958 +0800
>> +@@ -4,10 +4,10 @@
>> + #auth sufficient pam_wheel.so trust use_uid
>> + # Uncomment the following line to require a user to be in the "wheel" group.
>> + auth required pam_wheel.so use_uid
>> +-auth include system-auth
>> +-account include system-auth
>> +-password include system-auth
>> ++auth include common-auth
>> ++account include common-account
>> ++password include common-password
>> + session required pam_selinux.so close
>> +-session include system-auth
>> ++session include common-session
>> + session required pam_selinux.so open multiple
>> + session optional pam_xauth.so
>> +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/useradd shadow-4.1.4.3/etc/pam.d/useradd
>> +--- shadow-4.1.4.3/etc/pam.d.orig/useradd 2011-07-20 19:02:27.384844958 +0800
>> ++++ shadow-4.1.4.3/etc/pam.d/useradd 2011-07-20 19:07:26.244844958 +0800
>> +@@ -1,4 +1,4 @@
>> + #%PAM-1.0
>> + auth sufficient pam_rootok.so
>> + account required pam_permit.so
>> +-password include system-auth
>> ++password include common-password
>> +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/userdel shadow-4.1.4.3/etc/pam.d/userdel
>> +--- shadow-4.1.4.3/etc/pam.d.orig/userdel 2011-07-20 19:02:27.384844958 +0800
>> ++++ shadow-4.1.4.3/etc/pam.d/userdel 2011-07-20 19:07:35.734844958 +0800
>> +@@ -1,4 +1,4 @@
>> + #%PAM-1.0
>> + auth sufficient pam_rootok.so
>> + account required pam_permit.so
>> +-password include system-auth
>> ++password include common-password
>> +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/usermod shadow-4.1.4.3/etc/pam.d/usermod
>> +--- shadow-4.1.4.3/etc/pam.d.orig/usermod 2011-07-20 19:02:27.384844958 +0800
>> ++++ shadow-4.1.4.3/etc/pam.d/usermod 2011-07-20 19:07:42.024844958 +0800
>> +@@ -1,4 +1,4 @@
>> + #%PAM-1.0
>> + auth sufficient pam_rootok.so
>> + account required pam_permit.so
>> +-password include system-auth
>> ++password include common-password
>> diff --git a/meta/recipes-extended/shadow/shadow_4.1.4.3.bb b/meta/recipes-extended/shadow/shadow_4.1.4.3.bb
>> index 5731a26..0e6ba871 100644
>> --- a/meta/recipes-extended/shadow/shadow_4.1.4.3.bb
>> +++ b/meta/recipes-extended/shadow/shadow_4.1.4.3.bb
>> @@ -9,7 +9,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=08c553a87d4e51bbed50b20e0adcaede \
>>
>> DEPENDS = "${@base_contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}"
>> RDEPENDS_${PN} = "${@base_contains('DISTRO_FEATURES', 'pam', '${PAM_PLUGINS}', '', d)}"
>> -PR = "r2"
>> +PR = "r3"
>>
>> SRC_URI = "ftp://pkg-shadow.alioth.debian.org/pub/pkg-shadow/shadow-${PV}.tar.bz2 \
>> file://login_defs_pam.sed \
>> @@ -19,7 +19,8 @@ SRC_URI = "ftp://pkg-shadow.alioth.debian.org/pub/pkg-shadow/shadow-${PV}.tar.bz
>> file://shadow-4.1.3-dots-in-usernames.patch \
>> file://shadow-4.1.4.2-env-reset-keep-locale.patch \
>> file://shadow-4.1.4.2-groupmod-pam-check.patch \
>> - file://shadow-4.1.4.2-su_no_sanitize_env.patch"
>> + file://shadow-4.1.4.2-su_no_sanitize_env.patch \
>> + file://shadow-update-pam-conf.patch"
>>
>> SRC_URI[md5sum] = "b8608d8294ac88974f27b20f991c0e79"
>> SRC_URI[sha256sum] = "633f5bb4ea0c88c55f3642c97f9d25cbef74f82e0b4cf8d54e7ad6f9f9caa778"
>> --
>> 1.7.5.1.300.gc565c
>>
>>
>> _______________________________________________
>> Openembedded-core mailing list
>> Openembedded-core@lists.openembedded.org
>> http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core
>
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core
next prev parent reply other threads:[~2011-07-22 3:20 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-07-21 8:00 [PATCH 00/10] works of adding packages pam support Kang Kai
2011-07-21 8:00 ` [PATCH 01/10] libpam: update to 1.1.4 and add subpackage xtests Kang Kai
2011-07-21 8:00 ` [PATCH 02/10] dropbear: Support PAM Kang Kai
2011-07-21 8:54 ` Koen Kooi
2011-07-21 19:10 ` Khem Raj
2011-07-22 2:41 ` Kang Kai
2011-07-22 2:49 ` Khem Raj
2011-07-22 2:56 ` Kang Kai
2011-07-21 8:00 ` [PATCH 03/10] openssh: " Kang Kai
2011-07-21 8:55 ` Koen Kooi
2011-07-21 9:05 ` Phil Blundell
2011-07-21 8:00 ` [PATCH 04/10] polkit: " Kang Kai
2011-07-21 8:59 ` Koen Kooi
2011-07-21 9:49 ` Kang Kai
2011-07-21 9:59 ` Koen Kooi
2011-07-22 3:21 ` Kang Kai
2011-07-21 8:00 ` [PATCH 05/10] cups: add pam support Kang Kai
2011-07-21 8:00 ` [PATCH 06/10] screen: " Kang Kai
2011-07-21 8:00 ` [PATCH 07/10] sudo: " Kang Kai
2011-07-21 9:06 ` Phil Blundell
2011-07-21 9:42 ` Kang Kai
2011-07-21 8:00 ` [PATCH 08/10] cronie: enable PAM support for cronie Kang Kai
2011-07-21 8:00 ` [PATCH 09/10] shadow: update pam related configure files Kang Kai
2011-07-21 8:58 ` Koen Kooi
2011-07-22 3:16 ` Kang Kai [this message]
2011-07-21 8:00 ` [PATCH 10/10] at: enable pam support Kang Kai
2011-07-21 8:05 ` [PATCH 00/10] works of adding packages " Kang Kai
2011-07-21 8:53 ` Koen Kooi
2011-07-21 9:41 ` Kang Kai
2011-07-21 9:58 ` Koen Kooi
2011-07-21 17:02 ` Saul Wold
2011-07-22 2:18 ` Kang Kai
2011-07-22 3:10 ` Saul Wold
2011-07-22 3:14 ` Kang Kai
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4E28EB80.1030804@windriver.com \
--to=kai.kang@windriver.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.