Openembedded Core Discussions
 help / color / mirror / Atom feed
* [PATCH 0/3] Adding patches to support pam
@ 2011-07-26 10:08 Xiaofeng Yan
  2011-07-26 10:08 ` [PATCH 1/3] openssh: Support PAM Xiaofeng Yan
                   ` (4 more replies)
  0 siblings, 5 replies; 6+ messages in thread
From: Xiaofeng Yan @ 2011-07-26 10:08 UTC (permalink / raw)
  To: openembedded-core

Hi Saul & Richard,

I modified my patches about how to whitespace and tab in .bb file according to your suggestion.

Pull URL: git://git.pokylinux.org/poky-contrib.git
  Branch: xiaofeng/pam
  Browse: http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=xiaofeng/pam

Thanks,
    Xiaofeng Yan <xiaofeng.yan@windriver.com>
---


Xiaofeng Yan (3):
  openssh: Support PAM
  dropbear: Support pam
  polkit: Support pam

 .../openssh/openssh-5.8p2/sshd                     |   10 ++++++++
 meta/recipes-connectivity/openssh/openssh_5.8p2.bb |   13 +++++++++-
 meta/recipes-core/dropbear/dropbear.inc            |    8 ++++++-
 .../dropbear/dropbear/dropbear-enable-pam.patch    |   22 +++++++++++++++++++
 meta/recipes-core/dropbear/dropbear_0.52.bb        |    2 +-
 .../polkit/polkit-0.101/polkit-1_pam.patch         |   23 ++++++++++++++++++++
 meta/recipes-extended/polkit/polkit_0.101.bb       |    7 ++++-
 7 files changed, 79 insertions(+), 6 deletions(-)
 create mode 100644 meta/recipes-connectivity/openssh/openssh-5.8p2/sshd
 create mode 100644 meta/recipes-core/dropbear/dropbear/dropbear-enable-pam.patch
 create mode 100644 meta/recipes-extended/polkit/polkit-0.101/polkit-1_pam.patch




^ permalink raw reply	[flat|nested] 6+ messages in thread
* [PATCH 1/3] openssh: Support PAM
  2011-07-26 10:08 [PATCH 0/3] Adding patches to support pam Xiaofeng Yan
@ 2011-07-26 10:08 ` Xiaofeng Yan
  2011-07-26 10:08 ` [PATCH 2/3] dropbear: Support pam Xiaofeng Yan
                   ` (3 subsequent siblings)
  4 siblings, 0 replies; 6+ messages in thread
From: Xiaofeng Yan @ 2011-07-26 10:08 UTC (permalink / raw)
  To: openembedded-core

Adding configuration file "sshd" in /etc/pam.d/ for supporting pam.

Signed-off-by: Xiaofeng Yan <xiaofeng.yan@windriver.com>
---
 .../openssh/openssh-5.8p2/sshd                     |   10 ++++++++++
 meta/recipes-connectivity/openssh/openssh_5.8p2.bb |   13 +++++++++++--
 2 files changed, 21 insertions(+), 2 deletions(-)
 create mode 100644 meta/recipes-connectivity/openssh/openssh-5.8p2/sshd

diff --git a/meta/recipes-connectivity/openssh/openssh-5.8p2/sshd b/meta/recipes-connectivity/openssh/openssh-5.8p2/sshd
new file mode 100644
index 0000000..4882e58
--- /dev/null
+++ b/meta/recipes-connectivity/openssh/openssh-5.8p2/sshd
@@ -0,0 +1,10 @@
+#%PAM-1.0
+
+auth       include      common-auth
+account    required     pam_nologin.so
+account    include      common-account
+password   include      common-password
+session    optional     pam_keyinit.so force revoke
+session    include      common-session
+session    required     pam_loginuid.so
+
diff --git a/meta/recipes-connectivity/openssh/openssh_5.8p2.bb b/meta/recipes-connectivity/openssh/openssh_5.8p2.bb
index e23069c..89b011d 100644
--- a/meta/recipes-connectivity/openssh/openssh_5.8p2.bb
+++ b/meta/recipes-connectivity/openssh/openssh_5.8p2.bb
@@ -7,7 +7,7 @@ SECTION = "console/network"
 LICENSE = "BSD"
 LIC_FILES_CHKSUM = "file://LICENCE;md5=bae9a689be41581503bcf95d8fb42c4e"
 
-PR = "r0"
+PR = "r1"
 
 DEPENDS = "zlib openssl"
 DEPENDS += "${@base_contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}"
@@ -23,7 +23,9 @@ SRC_URI = "ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar.
            file://sshd_config \
            file://ssh_config \
            file://init \
-          "
+           ${@base_contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)}"
+
+PAM_SRC_URI = "file://sshd"
 SRC_URI[md5sum] = "0541579adf9d55abb15ef927048d372e"
 SRC_URI[sha256sum] = "5c35ec7c966ce05cc4497ac59c0b54a556e55ae7368165cc8c4129694654f314"
 
@@ -58,6 +60,13 @@ do_compile_append () {
 }
 
 do_install_append () {
+	for i in ${DISTRO_FEATURES};
+	do
+		if [ ${i} = "pam" ];  then
+			install -d ${D}${sysconfdir}/pam.d
+			install -m 0755 ${WORKDIR}/sshd ${D}${sysconfdir}/pam.d/sshd
+		fi
+	done
 	install -d ${D}${sysconfdir}/init.d
 	install -m 0755 ${WORKDIR}/init ${D}${sysconfdir}/init.d/sshd
 	mv ${D}${bindir}/scp ${D}${bindir}/scp.${PN}
-- 
1.7.0.4




^ permalink raw reply related	[flat|nested] 6+ messages in thread
* [PATCH 2/3] dropbear: Support pam
  2011-07-26 10:08 [PATCH 0/3] Adding patches to support pam Xiaofeng Yan
  2011-07-26 10:08 ` [PATCH 1/3] openssh: Support PAM Xiaofeng Yan
@ 2011-07-26 10:08 ` Xiaofeng Yan
  2011-07-26 10:08 ` [PATCH 3/3] polkit: " Xiaofeng Yan
                   ` (2 subsequent siblings)
  4 siblings, 0 replies; 6+ messages in thread
From: Xiaofeng Yan @ 2011-07-26 10:08 UTC (permalink / raw)
  To: openembedded-core

I make a patch and some changes in dropbear.inc for supporting pam.
- Enable pam in configure
- Modify file option.h to open pam supporting

Signed-off-by: Xiaofeng Yan <xiaofeng.yan@windriver.com>
---
 meta/recipes-core/dropbear/dropbear.inc            |    8 ++++++-
 .../dropbear/dropbear/dropbear-enable-pam.patch    |   22 ++++++++++++++++++++
 meta/recipes-core/dropbear/dropbear_0.52.bb        |    2 +-
 3 files changed, 30 insertions(+), 2 deletions(-)
 create mode 100644 meta/recipes-core/dropbear/dropbear/dropbear-enable-pam.patch

diff --git a/meta/recipes-core/dropbear/dropbear.inc b/meta/recipes-core/dropbear/dropbear.inc
index 1b51e1a..0298361 100644
--- a/meta/recipes-core/dropbear/dropbear.inc
+++ b/meta/recipes-core/dropbear/dropbear.inc
@@ -9,13 +9,17 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=3a5b0c2f0d0c49dfde9558ae2036683c"
 
 DEPENDS = "zlib"
 RPROVIDES = "ssh sshd"
+DEPENDS += "${@base_contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}"
 
 SRC_URI = "http://matt.ucc.asn.au/dropbear/releases/dropbear-${PV}.tar.gz \
 	         file://urandom-xauth-changes-to-options.h.patch \
 	         file://configure.patch \
 	         file://fix-2kb-keys.patch \
 	         file://allow-nopw.patch;apply=no \
-	         file://init"
+	         file://init \
+                 ${@base_contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} "
+
+PAM_SRC_URI = "file://dropbear-enable-pam.patch"
 
 inherit autotools update-rc.d
 
@@ -28,6 +32,8 @@ LD = "${CC}"
 SBINCOMMANDS = "dropbear dropbearkey dropbearconvert"
 BINCOMMANDS = "dbclient ssh scp"
 EXTRA_OEMAKE = 'MULTI=1 SCPPROGRESS=1 PROGRAMS="${SBINCOMMANDS} ${BINCOMMANDS}"'
+EXTRA_OECONF += "\
+ ${@base_contains('DISTRO_FEATURES', 'pam', '--enable-pam', '--disable-pam', d)}"
 
 DISTRO_TYPE = "${@base_contains("IMAGE_FEATURES", "debug-tweaks", "debug", "",d)}"
 
diff --git a/meta/recipes-core/dropbear/dropbear/dropbear-enable-pam.patch b/meta/recipes-core/dropbear/dropbear/dropbear-enable-pam.patch
new file mode 100644
index 0000000..004d773
--- /dev/null
+++ b/meta/recipes-core/dropbear/dropbear/dropbear-enable-pam.patch
@@ -0,0 +1,22 @@
+dropbear: We need modify file option.h besides enabling pam in \
+configure if we want dropbear to support pam.
+
+Upstream-Status: Pending
+
+Signed-off-by: Xiaofeng Yan <xiaofeng.yan@windriver.com>
+
+--- a/options.h	2011-07-12 13:27:39.008819183 +0800
++++ b/options.h.new	2011-07-12 13:37:37.780819308 +0800
+@@ -149,9 +149,9 @@
+  * but there's an interface via a PAM module - don't bother using it otherwise.
+  * You can't enable both PASSWORD and PAM. */
+ 
+-#define ENABLE_SVR_PASSWORD_AUTH
++//#define ENABLE_SVR_PASSWORD_AUTH
+ /* PAM requires ./configure --enable-pam */
+-/*#define ENABLE_SVR_PAM_AUTH*/
++#define ENABLE_SVR_PAM_AUTH
+ #define ENABLE_SVR_PUBKEY_AUTH
+ 
+ /* Wether to ake public key options in authorized_keys file into account */
+
diff --git a/meta/recipes-core/dropbear/dropbear_0.52.bb b/meta/recipes-core/dropbear/dropbear_0.52.bb
index 78d6cf1..4013c65 100644
--- a/meta/recipes-core/dropbear/dropbear_0.52.bb
+++ b/meta/recipes-core/dropbear/dropbear_0.52.bb
@@ -3,4 +3,4 @@ require dropbear.inc
 SRC_URI[md5sum] = "1c69ec674481d7745452f68f2ea5597e"
 SRC_URI[sha256sum] = "e3a2ca49ed85ce562240c0ac06e2f72826d7e52a83e80d91c067c8b97bf5c108"
 
-PR = "r2"
+PR = "r3"
-- 
1.7.0.4




^ permalink raw reply related	[flat|nested] 6+ messages in thread
* [PATCH 3/3] polkit: Support pam
  2011-07-26 10:08 [PATCH 0/3] Adding patches to support pam Xiaofeng Yan
  2011-07-26 10:08 ` [PATCH 1/3] openssh: Support PAM Xiaofeng Yan
  2011-07-26 10:08 ` [PATCH 2/3] dropbear: Support pam Xiaofeng Yan
@ 2011-07-26 10:08 ` Xiaofeng Yan
  2011-07-26 16:37 ` [PATCH 0/3] Adding patches to support pam Scott Garman
  2011-07-28  0:17 ` Saul Wold
  4 siblings, 0 replies; 6+ messages in thread
From: Xiaofeng Yan @ 2011-07-26 10:08 UTC (permalink / raw)
  To: openembedded-core

Modify configuration "polkit-1" in /etc/pam.d/ for supporting pam.

Signed-off-by: Xiaofeng Yan <xiaofeng.yan@windriver.com>
---
 .../polkit/polkit-0.101/polkit-1_pam.patch         |   23 ++++++++++++++++++++
 meta/recipes-extended/polkit/polkit_0.101.bb       |    7 ++++-
 2 files changed, 28 insertions(+), 2 deletions(-)
 create mode 100644 meta/recipes-extended/polkit/polkit-0.101/polkit-1_pam.patch

diff --git a/meta/recipes-extended/polkit/polkit-0.101/polkit-1_pam.patch b/meta/recipes-extended/polkit/polkit-0.101/polkit-1_pam.patch
new file mode 100644
index 0000000..74647ef
--- /dev/null
+++ b/meta/recipes-extended/polkit/polkit-0.101/polkit-1_pam.patch
@@ -0,0 +1,23 @@
+polkit: No system-auth in OE-Core, we can use common-* in place of it.
+
+Upstream-Status:Inappropriate [configuration]
+
+Signed-off-by: Xiaofeng Yan <xiaofeng.yan@windriver.com>
+
+--- a/configure.ac	2011-03-04 02:26:20.000000000 +0800
++++ b/configure.ac.new	2011-07-18 10:14:12.516818852 +0800
+@@ -350,10 +350,10 @@
+     PAM_FILE_INCLUDE_PASSWORD=system
+     PAM_FILE_INCLUDE_SESSION=system
+ else
+-   PAM_FILE_INCLUDE_AUTH=system-auth
+-   PAM_FILE_INCLUDE_ACCOUNT=system-auth
+-   PAM_FILE_INCLUDE_PASSWORD=system-auth
+-   PAM_FILE_INCLUDE_SESSION=system-auth
++   PAM_FILE_INCLUDE_AUTH=common-auth
++   PAM_FILE_INCLUDE_ACCOUNT=common-account
++   PAM_FILE_INCLUDE_PASSWORD=common-password
++   PAM_FILE_INCLUDE_SESSION=common-session
+ fi
+ 
+ AC_SUBST(PAM_FILE_INCLUDE_AUTH)
diff --git a/meta/recipes-extended/polkit/polkit_0.101.bb b/meta/recipes-extended/polkit/polkit_0.101.bb
index 6769914..56ceca4 100644
--- a/meta/recipes-extended/polkit/polkit_0.101.bb
+++ b/meta/recipes-extended/polkit/polkit_0.101.bb
@@ -7,8 +7,11 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=155db86cdbafa7532b41f390409283eb \
                     file://docs/polkit/html/license.html;md5=07ddbf5f29e44c80c99be19c1690ec1f"
 
 SRC_URI = "http://hal.freedesktop.org/releases/polkit-${PV}.tar.gz \
-           file://introspection.patch"
-PR = "r0"
+           file://introspection.patch \
+           ${@base_contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)}"
+
+PAM_SRC_URI = "file://polkit-1_pam.patch"
+PR = "r1"
 DEPENDS = "libpam expat dbus-glib eggdbus intltool"
 RDEPENDS_${PN} = "libpam"
 EXTRA_OECONF = "--with-authfw=pam --with-os-type=moblin --disable-man-pages --disable-gtk-doc --disable-introspection"
-- 
1.7.0.4




^ permalink raw reply related	[flat|nested] 6+ messages in thread
* Re: [PATCH 0/3] Adding patches to support pam
  2011-07-26 10:08 [PATCH 0/3] Adding patches to support pam Xiaofeng Yan
                   ` (2 preceding siblings ...)
  2011-07-26 10:08 ` [PATCH 3/3] polkit: " Xiaofeng Yan
@ 2011-07-26 16:37 ` Scott Garman
  2011-07-28  0:17 ` Saul Wold
  4 siblings, 0 replies; 6+ messages in thread
From: Scott Garman @ 2011-07-26 16:37 UTC (permalink / raw)
  To: openembedded-core

On 07/26/2011 03:08 AM, Xiaofeng Yan wrote:
> Hi Saul&  Richard,
>
> I modified my patches about how to whitespace and tab in .bb file according to your suggestion.

Acked-by: Scott Garman <scott.a.garman@intel.com>

for this patch series.

Thank you Yan!

>
> Pull URL: git://git.pokylinux.org/poky-contrib.git
>    Branch: xiaofeng/pam
>    Browse: http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=xiaofeng/pam
>
> Thanks,
>      Xiaofeng Yan<xiaofeng.yan@windriver.com>
> ---
>
>
> Xiaofeng Yan (3):
>    openssh: Support PAM
>    dropbear: Support pam
>    polkit: Support pam
>
>   .../openssh/openssh-5.8p2/sshd                     |   10 ++++++++
>   meta/recipes-connectivity/openssh/openssh_5.8p2.bb |   13 +++++++++-
>   meta/recipes-core/dropbear/dropbear.inc            |    8 ++++++-
>   .../dropbear/dropbear/dropbear-enable-pam.patch    |   22 +++++++++++++++++++
>   meta/recipes-core/dropbear/dropbear_0.52.bb        |    2 +-
>   .../polkit/polkit-0.101/polkit-1_pam.patch         |   23 ++++++++++++++++++++
>   meta/recipes-extended/polkit/polkit_0.101.bb       |    7 ++++-
>   7 files changed, 79 insertions(+), 6 deletions(-)
>   create mode 100644 meta/recipes-connectivity/openssh/openssh-5.8p2/sshd
>   create mode 100644 meta/recipes-core/dropbear/dropbear/dropbear-enable-pam.patch
>   create mode 100644 meta/recipes-extended/polkit/polkit-0.101/polkit-1_pam.patch
>
>
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core


-- 
Scott Garman
Embedded Linux Engineer - Yocto Project
Intel Open Source Technology Center



^ permalink raw reply	[flat|nested] 6+ messages in thread
* Re: [PATCH 0/3] Adding patches to support pam
  2011-07-26 10:08 [PATCH 0/3] Adding patches to support pam Xiaofeng Yan
                   ` (3 preceding siblings ...)
  2011-07-26 16:37 ` [PATCH 0/3] Adding patches to support pam Scott Garman
@ 2011-07-28  0:17 ` Saul Wold
  4 siblings, 0 replies; 6+ messages in thread
From: Saul Wold @ 2011-07-28  0:17 UTC (permalink / raw)
  To: Patches and discussions about the oe-core layer

On 07/26/2011 03:08 AM, Xiaofeng Yan wrote:
> Hi Saul&  Richard,
>
> I modified my patches about how to whitespace and tab in .bb file according to your suggestion.
>
> Pull URL: git://git.pokylinux.org/poky-contrib.git
>    Branch: xiaofeng/pam
>    Browse: http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=xiaofeng/pam
>
> Thanks,
>      Xiaofeng Yan<xiaofeng.yan@windriver.com>
> ---
>
>
> Xiaofeng Yan (3):
>    openssh: Support PAM
>    dropbear: Support pam
>    polkit: Support pam
>
>   .../openssh/openssh-5.8p2/sshd                     |   10 ++++++++
>   meta/recipes-connectivity/openssh/openssh_5.8p2.bb |   13 +++++++++-
>   meta/recipes-core/dropbear/dropbear.inc            |    8 ++++++-
>   .../dropbear/dropbear/dropbear-enable-pam.patch    |   22 +++++++++++++++++++
>   meta/recipes-core/dropbear/dropbear_0.52.bb        |    2 +-
>   .../polkit/polkit-0.101/polkit-1_pam.patch         |   23 ++++++++++++++++++++
>   meta/recipes-extended/polkit/polkit_0.101.bb       |    7 ++++-
>   7 files changed, 79 insertions(+), 6 deletions(-)
>   create mode 100644 meta/recipes-connectivity/openssh/openssh-5.8p2/sshd
>   create mode 100644 meta/recipes-core/dropbear/dropbear/dropbear-enable-pam.patch
>   create mode 100644 meta/recipes-extended/polkit/polkit-0.101/polkit-1_pam.patch
>
>
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core
>

Merged into oe-core

Thanks
	Sau!



^ permalink raw reply	[flat|nested] 6+ messages in thread
end of thread, other threads:[~2011-07-28  0:21 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2011-07-26 10:08 [PATCH 0/3] Adding patches to support pam Xiaofeng Yan
2011-07-26 10:08 ` [PATCH 1/3] openssh: Support PAM Xiaofeng Yan
2011-07-26 10:08 ` [PATCH 2/3] dropbear: Support pam Xiaofeng Yan
2011-07-26 10:08 ` [PATCH 3/3] polkit: " Xiaofeng Yan
2011-07-26 16:37 ` [PATCH 0/3] Adding patches to support pam Scott Garman
2011-07-28  0:17 ` Saul Wold

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox