From: Kang Kai <Kai.Kang@windriver.com>
To: <openembedded-core@lists.openembedded.org>
Subject: Re: [PATCH 09/10] shadow: update pam related configure files
Date: Fri, 22 Jul 2011 11:16:16 +0800 [thread overview]
Message-ID: <4E28EB80.1030804@windriver.com> (raw)
In-Reply-To: <08642C66-37F6-40C2-BCE7-45668EAA0B58@dominion.thruhere.net>
On 2011年07月21日 16:58, Koen Kooi wrote:
> Op 21 jul. 2011, om 10:00 heeft Kang Kai het volgende geschreven:
>
>> From: Kang Kai<kai.kang@windriver.com>
>>
>> add shadow-update-pam-conf.patch to update the pam related configure files
>> in Yocto way rather than Fedora.
> I'm not entirely sure, but do the updated conf files need something like http://cgit.openembedded.org/cgit.cgi/openembedded-core/commit/?id=b90e9c2318fc421f37c57788ece54ce791a90b62 as well?
ok, I'll check the commits for module selinux
>
>
>> Signed-off-by: Kang Kai<kai.kang@windriver.com>
>> ---
>> .../shadow/files/shadow-update-pam-conf.patch | 175 ++++++++++++++++++++
>> meta/recipes-extended/shadow/shadow_4.1.4.3.bb | 5 +-
>> 2 files changed, 178 insertions(+), 2 deletions(-)
>> create mode 100644 meta/recipes-extended/shadow/files/shadow-update-pam-conf.patch
>>
>> diff --git a/meta/recipes-extended/shadow/files/shadow-update-pam-conf.patch b/meta/recipes-extended/shadow/files/shadow-update-pam-conf.patch
>> new file mode 100644
>> index 0000000..33789f5
>> --- /dev/null
>> +++ b/meta/recipes-extended/shadow/files/shadow-update-pam-conf.patch
>> @@ -0,0 +1,175 @@
>> +The system-auth in the configure files is from Fedora which put all the 4 pam type rules
>> +in one file.
>> +In yocto it obey the way with Debian/Ubuntu, and the names are common-auth, common-account,
>> +common-password and common-session.
>> +So update them in Yocto way.
>> +
>> +Upstream-Status: Pending
>> +
>> +Signed-off-by: Kang Kai<kai.kang@windriver.com>
>> +
>> +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/chage shadow-4.1.4.3/etc/pam.d/chage
>> +--- shadow-4.1.4.3/etc/pam.d.orig/chage 2011-07-20 19:02:27.384844958 +0800
>> ++++ shadow-4.1.4.3/etc/pam.d/chage 2011-07-20 19:03:08.964844958 +0800
>> +@@ -1,4 +1,4 @@
>> + #%PAM-1.0
>> + auth sufficient pam_rootok.so
>> + account required pam_permit.so
>> +-password include system-auth
>> ++password include common-password
>> +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/chfn shadow-4.1.4.3/etc/pam.d/chfn
>> +--- shadow-4.1.4.3/etc/pam.d.orig/chfn 2011-07-20 19:02:27.384844958 +0800
>> ++++ shadow-4.1.4.3/etc/pam.d/chfn 2011-07-20 19:03:17.804844958 +0800
>> +@@ -1,4 +1,4 @@
>> + #%PAM-1.0
>> + auth sufficient pam_rootok.so
>> + account required pam_permit.so
>> +-password include system-auth
>> ++password include common-password
>> +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/chgpasswd shadow-4.1.4.3/etc/pam.d/chgpasswd
>> +--- shadow-4.1.4.3/etc/pam.d.orig/chgpasswd 2011-07-20 19:02:27.384844958 +0800
>> ++++ shadow-4.1.4.3/etc/pam.d/chgpasswd 2011-07-20 19:03:26.544844958 +0800
>> +@@ -1,4 +1,4 @@
>> + #%PAM-1.0
>> + auth sufficient pam_rootok.so
>> + account required pam_permit.so
>> +-password include system-auth
>> ++password include common-password
>> +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/chpasswd shadow-4.1.4.3/etc/pam.d/chpasswd
>> +--- shadow-4.1.4.3/etc/pam.d.orig/chpasswd 2011-07-20 19:02:27.384844958 +0800
>> ++++ shadow-4.1.4.3/etc/pam.d/chpasswd 2011-07-20 19:03:42.724844958 +0800
>> +@@ -1,4 +1,4 @@
>> + #%PAM-1.0
>> + auth sufficient pam_rootok.so
>> + account required pam_permit.so
>> +-password include system-auth
>> ++password include common-password
>> +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/chsh shadow-4.1.4.3/etc/pam.d/chsh
>> +--- shadow-4.1.4.3/etc/pam.d.orig/chsh 2011-07-20 19:02:27.384844958 +0800
>> ++++ shadow-4.1.4.3/etc/pam.d/chsh 2011-07-20 19:03:51.524844958 +0800
>> +@@ -1,4 +1,4 @@
>> + #%PAM-1.0
>> + auth sufficient pam_rootok.so
>> + account required pam_permit.so
>> +-password include system-auth
>> ++password include common-password
>> +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/groupadd shadow-4.1.4.3/etc/pam.d/groupadd
>> +--- shadow-4.1.4.3/etc/pam.d.orig/groupadd 2011-07-20 19:02:27.384844958 +0800
>> ++++ shadow-4.1.4.3/etc/pam.d/groupadd 2011-07-20 19:04:08.124844958 +0800
>> +@@ -1,4 +1,4 @@
>> + #%PAM-1.0
>> + auth sufficient pam_rootok.so
>> + account required pam_permit.so
>> +-password include system-auth
>> ++password include common-password
>> +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/groupdel shadow-4.1.4.3/etc/pam.d/groupdel
>> +--- shadow-4.1.4.3/etc/pam.d.orig/groupdel 2011-07-20 19:02:27.384844958 +0800
>> ++++ shadow-4.1.4.3/etc/pam.d/groupdel 2011-07-20 19:04:26.114844958 +0800
>> +@@ -1,4 +1,4 @@
>> + #%PAM-1.0
>> + auth sufficient pam_rootok.so
>> + account required pam_permit.so
>> +-password include system-auth
>> ++password include common-password
>> +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/groupmems shadow-4.1.4.3/etc/pam.d/groupmems
>> +--- shadow-4.1.4.3/etc/pam.d.orig/groupmems 2011-07-20 19:02:27.384844958 +0800
>> ++++ shadow-4.1.4.3/etc/pam.d/groupmems 2011-07-20 19:04:35.074844958 +0800
>> +@@ -1,4 +1,4 @@
>> + #%PAM-1.0
>> + auth sufficient pam_rootok.so
>> + account required pam_permit.so
>> +-password include system-auth
>> ++password include common-password
>> +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/groupmod shadow-4.1.4.3/etc/pam.d/groupmod
>> +--- shadow-4.1.4.3/etc/pam.d.orig/groupmod 2011-07-20 19:02:27.384844958 +0800
>> ++++ shadow-4.1.4.3/etc/pam.d/groupmod 2011-07-20 19:04:44.864844958 +0800
>> +@@ -1,4 +1,4 @@
>> + #%PAM-1.0
>> + auth sufficient pam_rootok.so
>> + account required pam_permit.so
>> +-password include system-auth
>> ++password include common-password
>> +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/login shadow-4.1.4.3/etc/pam.d/login
>> +--- shadow-4.1.4.3/etc/pam.d.orig/login 2011-07-20 19:02:27.384844958 +0800
>> ++++ shadow-4.1.4.3/etc/pam.d/login 2011-07-20 19:05:36.924844958 +0800
>> +@@ -1,11 +1,11 @@
>> + #%PAM-1.0
>> + auth required pam_securetty.so
>> +-auth include system-auth
>> ++auth include common-auth
>> + account required pam_nologin.so
>> +-account include system-auth
>> +-password include system-auth
>> ++account include common-account
>> ++password include common-password
>> + session required pam_selinux.so close
>> +-session include system-auth
>> ++session include common-session
>> + session required pam_loginuid.so
>> + session optional pam_console.so
>> + session required pam_selinux.so open
>> +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/newusers shadow-4.1.4.3/etc/pam.d/newusers
>> +--- shadow-4.1.4.3/etc/pam.d.orig/newusers 2011-07-20 19:02:27.384844958 +0800
>> ++++ shadow-4.1.4.3/etc/pam.d/newusers 2011-07-20 19:05:49.344844958 +0800
>> +@@ -1,4 +1,4 @@
>> + #%PAM-1.0
>> + auth sufficient pam_rootok.so
>> + account required pam_permit.so
>> +-password include system-auth
>> ++password include common-password
>> +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/passwd shadow-4.1.4.3/etc/pam.d/passwd
>> +--- shadow-4.1.4.3/etc/pam.d.orig/passwd 2011-07-20 19:02:27.384844958 +0800
>> ++++ shadow-4.1.4.3/etc/pam.d/passwd 2011-07-20 19:06:29.014844958 +0800
>> +@@ -1,4 +1,4 @@
>> + #%PAM-1.0
>> +-auth include system-auth
>> +-account include system-auth
>> +-password include system-auth
>> ++auth include common-auth
>> ++account include common-account
>> ++password include common-password
>> +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/su shadow-4.1.4.3/etc/pam.d/su
>> +--- shadow-4.1.4.3/etc/pam.d.orig/su 2011-07-20 19:02:27.384844958 +0800
>> ++++ shadow-4.1.4.3/etc/pam.d/su 2011-07-20 19:07:07.584844958 +0800
>> +@@ -4,10 +4,10 @@
>> + #auth sufficient pam_wheel.so trust use_uid
>> + # Uncomment the following line to require a user to be in the "wheel" group.
>> + auth required pam_wheel.so use_uid
>> +-auth include system-auth
>> +-account include system-auth
>> +-password include system-auth
>> ++auth include common-auth
>> ++account include common-account
>> ++password include common-password
>> + session required pam_selinux.so close
>> +-session include system-auth
>> ++session include common-session
>> + session required pam_selinux.so open multiple
>> + session optional pam_xauth.so
>> +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/useradd shadow-4.1.4.3/etc/pam.d/useradd
>> +--- shadow-4.1.4.3/etc/pam.d.orig/useradd 2011-07-20 19:02:27.384844958 +0800
>> ++++ shadow-4.1.4.3/etc/pam.d/useradd 2011-07-20 19:07:26.244844958 +0800
>> +@@ -1,4 +1,4 @@
>> + #%PAM-1.0
>> + auth sufficient pam_rootok.so
>> + account required pam_permit.so
>> +-password include system-auth
>> ++password include common-password
>> +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/userdel shadow-4.1.4.3/etc/pam.d/userdel
>> +--- shadow-4.1.4.3/etc/pam.d.orig/userdel 2011-07-20 19:02:27.384844958 +0800
>> ++++ shadow-4.1.4.3/etc/pam.d/userdel 2011-07-20 19:07:35.734844958 +0800
>> +@@ -1,4 +1,4 @@
>> + #%PAM-1.0
>> + auth sufficient pam_rootok.so
>> + account required pam_permit.so
>> +-password include system-auth
>> ++password include common-password
>> +diff -Nur shadow-4.1.4.3/etc/pam.d.orig/usermod shadow-4.1.4.3/etc/pam.d/usermod
>> +--- shadow-4.1.4.3/etc/pam.d.orig/usermod 2011-07-20 19:02:27.384844958 +0800
>> ++++ shadow-4.1.4.3/etc/pam.d/usermod 2011-07-20 19:07:42.024844958 +0800
>> +@@ -1,4 +1,4 @@
>> + #%PAM-1.0
>> + auth sufficient pam_rootok.so
>> + account required pam_permit.so
>> +-password include system-auth
>> ++password include common-password
>> diff --git a/meta/recipes-extended/shadow/shadow_4.1.4.3.bb b/meta/recipes-extended/shadow/shadow_4.1.4.3.bb
>> index 5731a26..0e6ba871 100644
>> --- a/meta/recipes-extended/shadow/shadow_4.1.4.3.bb
>> +++ b/meta/recipes-extended/shadow/shadow_4.1.4.3.bb
>> @@ -9,7 +9,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=08c553a87d4e51bbed50b20e0adcaede \
>>
>> DEPENDS = "${@base_contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}"
>> RDEPENDS_${PN} = "${@base_contains('DISTRO_FEATURES', 'pam', '${PAM_PLUGINS}', '', d)}"
>> -PR = "r2"
>> +PR = "r3"
>>
>> SRC_URI = "ftp://pkg-shadow.alioth.debian.org/pub/pkg-shadow/shadow-${PV}.tar.bz2 \
>> file://login_defs_pam.sed \
>> @@ -19,7 +19,8 @@ SRC_URI = "ftp://pkg-shadow.alioth.debian.org/pub/pkg-shadow/shadow-${PV}.tar.bz
>> file://shadow-4.1.3-dots-in-usernames.patch \
>> file://shadow-4.1.4.2-env-reset-keep-locale.patch \
>> file://shadow-4.1.4.2-groupmod-pam-check.patch \
>> - file://shadow-4.1.4.2-su_no_sanitize_env.patch"
>> + file://shadow-4.1.4.2-su_no_sanitize_env.patch \
>> + file://shadow-update-pam-conf.patch"
>>
>> SRC_URI[md5sum] = "b8608d8294ac88974f27b20f991c0e79"
>> SRC_URI[sha256sum] = "633f5bb4ea0c88c55f3642c97f9d25cbef74f82e0b4cf8d54e7ad6f9f9caa778"
>> --
>> 1.7.5.1.300.gc565c
>>
>>
>> _______________________________________________
>> Openembedded-core mailing list
>> Openembedded-core@lists.openembedded.org
>> http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core
>
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core
next prev parent reply other threads:[~2011-07-22 3:20 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-07-21 8:00 [PATCH 00/10] works of adding packages pam support Kang Kai
2011-07-21 8:00 ` [PATCH 01/10] libpam: update to 1.1.4 and add subpackage xtests Kang Kai
2011-07-21 8:00 ` [PATCH 02/10] dropbear: Support PAM Kang Kai
2011-07-21 8:54 ` Koen Kooi
2011-07-21 19:10 ` Khem Raj
2011-07-22 2:41 ` Kang Kai
2011-07-22 2:49 ` Khem Raj
2011-07-22 2:56 ` Kang Kai
2011-07-21 8:00 ` [PATCH 03/10] openssh: " Kang Kai
2011-07-21 8:55 ` Koen Kooi
2011-07-21 9:05 ` Phil Blundell
2011-07-21 8:00 ` [PATCH 04/10] polkit: " Kang Kai
2011-07-21 8:59 ` Koen Kooi
2011-07-21 9:49 ` Kang Kai
2011-07-21 9:59 ` Koen Kooi
2011-07-22 3:21 ` Kang Kai
2011-07-21 8:00 ` [PATCH 05/10] cups: add pam support Kang Kai
2011-07-21 8:00 ` [PATCH 06/10] screen: " Kang Kai
2011-07-21 8:00 ` [PATCH 07/10] sudo: " Kang Kai
2011-07-21 9:06 ` Phil Blundell
2011-07-21 9:42 ` Kang Kai
2011-07-21 8:00 ` [PATCH 08/10] cronie: enable PAM support for cronie Kang Kai
2011-07-21 8:00 ` [PATCH 09/10] shadow: update pam related configure files Kang Kai
2011-07-21 8:58 ` Koen Kooi
2011-07-22 3:16 ` Kang Kai [this message]
2011-07-21 8:00 ` [PATCH 10/10] at: enable pam support Kang Kai
2011-07-21 8:05 ` [PATCH 00/10] works of adding packages " Kang Kai
2011-07-21 8:53 ` Koen Kooi
2011-07-21 9:41 ` Kang Kai
2011-07-21 9:58 ` Koen Kooi
2011-07-21 17:02 ` Saul Wold
2011-07-22 2:18 ` Kang Kai
2011-07-22 3:10 ` Saul Wold
2011-07-22 3:14 ` Kang Kai
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4E28EB80.1030804@windriver.com \
--to=kai.kang@windriver.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox