* [Buildroot] [PATCH 1/2] linux-pam: install default config
@ 2013-11-28 17:22 Gustavo Zacarias
2013-11-28 17:22 ` [Buildroot] [PATCH 2/2] util-linux: install PAM configuration files Gustavo Zacarias
2013-12-03 8:07 ` [Buildroot] [PATCH 1/2] linux-pam: install default config Peter Korsgaard
0 siblings, 2 replies; 3+ messages in thread
From: Gustavo Zacarias @ 2013-11-28 17:22 UTC (permalink / raw)
To: buildroot
Install default "other" configuration file that denies everything not
handled by other specific configurations.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
---
package/linux-pam/linux-pam.mk | 10 +++++++++-
package/linux-pam/other.pam | 7 +++++++
2 files changed, 16 insertions(+), 1 deletion(-)
create mode 100644 package/linux-pam/other.pam
diff --git a/package/linux-pam/linux-pam.mk b/package/linux-pam/linux-pam.mk
index 7d2cbd3..6aa83e1 100644
--- a/package/linux-pam/linux-pam.mk
+++ b/package/linux-pam/linux-pam.mk
@@ -1,7 +1,7 @@
################################################################################
#
# linux-pam
-#
+#
################################################################################
LINUX_PAM_VERSION = 1.1.8
@@ -26,4 +26,12 @@ ifeq ($(BR2_NEEDS_GETTEXT_IF_LOCALE),y)
LINUX_PAM_MAKE_OPT += LIBS=-lintl
endif
+# Install default pam config (deny everything)
+define LINUX_PAM_INSTALL_CONFIG
+ $(INSTALL) -m 0644 -D package/linux-pam/other.pam \
+ $(TARGET_DIR)/etc/pam.d/other
+endef
+
+LINUX_PAM_POST_INSTALL_TARGET_HOOKS += LINUX_PAM_INSTALL_CONFIG
+
$(eval $(autotools-package))
diff --git a/package/linux-pam/other.pam b/package/linux-pam/other.pam
new file mode 100644
index 0000000..a198aa2
--- /dev/null
+++ b/package/linux-pam/other.pam
@@ -0,0 +1,7 @@
+auth required pam_deny.so
+
+account required pam_deny.so
+
+password required pam_deny.so
+
+session required pam_deny.so
--
1.8.3.2
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [Buildroot] [PATCH 2/2] util-linux: install PAM configuration files
2013-11-28 17:22 [Buildroot] [PATCH 1/2] linux-pam: install default config Gustavo Zacarias
@ 2013-11-28 17:22 ` Gustavo Zacarias
2013-12-03 8:07 ` [Buildroot] [PATCH 1/2] linux-pam: install default config Peter Korsgaard
1 sibling, 0 replies; 3+ messages in thread
From: Gustavo Zacarias @ 2013-11-28 17:22 UTC (permalink / raw)
To: buildroot
Install PAM configuration files for su (with "su -" variant) and login
when the tools are enabled.
This finally fixes bug #5366 and now we can login with an util-linux
/bin/login.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
---
package/util-linux/login.pam | 11 +++++++++++
package/util-linux/su.pam | 13 +++++++++++++
package/util-linux/util-linux.mk | 14 ++++++++++++++
3 files changed, 38 insertions(+)
create mode 100644 package/util-linux/login.pam
create mode 100644 package/util-linux/su.pam
diff --git a/package/util-linux/login.pam b/package/util-linux/login.pam
new file mode 100644
index 0000000..1d9cd70
--- /dev/null
+++ b/package/util-linux/login.pam
@@ -0,0 +1,11 @@
+auth required pam_securetty.so
+auth required pam_unix.so nullok
+
+account required pam_unix.so
+
+password required pam_unix.so nullok
+
+session required pam_limits.so
+session required pam_env.so
+session required pam_unix.so
+session optional pam_lastlog.so
diff --git a/package/util-linux/su.pam b/package/util-linux/su.pam
new file mode 100644
index 0000000..f000c39
--- /dev/null
+++ b/package/util-linux/su.pam
@@ -0,0 +1,13 @@
+auth sufficient pam_rootok.so
+auth required pam_wheel.so use_uid
+auth required pam_env.so
+auth required pam_unix.so nullok
+
+account required pam_unix.so
+
+password required pam_unix.so nullok
+
+session required pam_limits.so
+session required pam_env.so
+session required pam_unix.so
+session optional pam_lastlog.so
diff --git a/package/util-linux/util-linux.mk b/package/util-linux/util-linux.mk
index a694f3d..0925ab3 100644
--- a/package/util-linux/util-linux.mk
+++ b/package/util-linux/util-linux.mk
@@ -98,6 +98,20 @@ endef
UTIL_LINUX_PRE_PATCH_HOOKS += UTIL_LINUX_DISABLE_TOOLS
endif
+# Install PAM configuration files
+ifeq ($(BR2_PACKAGE_UTIL_LINUX_LOGIN_UTILS),y)
+define UTIL_LINUX_INSTALL_PAMFILES
+ $(INSTALL) -m 0644 package/util-linux/login.pam \
+ $(TARGET_DIR)/etc/pam.d/login
+ $(INSTALL) -m 0644 package/util-linux/su.pam \
+ $(TARGET_DIR)/etc/pam.d/su
+ $(INSTALL) -m 0644 package/util-linux/su.pam \
+ $(TARGET_DIR)/etc/pam.d/su-l
+endef
+endif
+
+UTIL_LINUX_POST_INSTALL_TARGET_HOOKS += UTIL_LINUX_INSTALL_PAMFILES
+
$(eval $(autotools-package))
$(eval $(host-autotools-package))
--
1.8.3.2
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [Buildroot] [PATCH 1/2] linux-pam: install default config
2013-11-28 17:22 [Buildroot] [PATCH 1/2] linux-pam: install default config Gustavo Zacarias
2013-11-28 17:22 ` [Buildroot] [PATCH 2/2] util-linux: install PAM configuration files Gustavo Zacarias
@ 2013-12-03 8:07 ` Peter Korsgaard
1 sibling, 0 replies; 3+ messages in thread
From: Peter Korsgaard @ 2013-12-03 8:07 UTC (permalink / raw)
To: buildroot
>>>>> "Gustavo" == Gustavo Zacarias <gustavo@zacarias.com.ar> writes:
> Install default "other" configuration file that denies everything not
> handled by other specific configurations.
> Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Committed series, thanks.
--
Bye, Peter Korsgaard
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2013-12-03 8:07 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-11-28 17:22 [Buildroot] [PATCH 1/2] linux-pam: install default config Gustavo Zacarias
2013-11-28 17:22 ` [Buildroot] [PATCH 2/2] util-linux: install PAM configuration files Gustavo Zacarias
2013-12-03 8:07 ` [Buildroot] [PATCH 1/2] linux-pam: install default config Peter Korsgaard
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox