From: Paolo Bonzini <pbonzini@redhat.com>
To: qemu-devel@nongnu.org
Cc: "Daniel P . Berrangé" <berrange@redhat.com>
Subject: [PULL 08/28] configure, meson: convert pam detection to meson
Date: Fri, 25 Jun 2021 16:18:02 +0200 [thread overview]
Message-ID: <20210625141822.1368639-9-pbonzini@redhat.com> (raw)
In-Reply-To: <20210625141822.1368639-1-pbonzini@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
authz/meson.build | 2 +-
configure | 38 ++++----------------------------------
meson.build | 31 ++++++++++++++++++++++++++-----
meson_options.txt | 2 ++
tests/unit/meson.build | 2 +-
5 files changed, 34 insertions(+), 41 deletions(-)
diff --git a/authz/meson.build b/authz/meson.build
index 88fa7769cb..42a1ec0ff6 100644
--- a/authz/meson.build
+++ b/authz/meson.build
@@ -6,4 +6,4 @@ authz_ss.add(files(
'simple.c',
))
-authz_ss.add(when: ['CONFIG_AUTH_PAM', pam], if_true: files('pamacct.c'))
+authz_ss.add(when: pam, if_true: files('pamacct.c'))
diff --git a/configure b/configure
index 3d36eea55f..237e99c3d0 100755
--- a/configure
+++ b/configure
@@ -407,7 +407,7 @@ tls_priority="NORMAL"
gnutls="auto"
nettle="auto"
gcrypt="auto"
-auth_pam="$default_feature"
+auth_pam="auto"
vte="$default_feature"
virglrenderer="$default_feature"
tpm="$default_feature"
@@ -1383,9 +1383,9 @@ for opt do
;;
--enable-gcrypt) gcrypt="enabled"
;;
- --disable-auth-pam) auth_pam="no"
+ --disable-auth-pam) auth_pam="disabled"
;;
- --enable-auth-pam) auth_pam="yes"
+ --enable-auth-pam) auth_pam="enabled"
;;
--enable-rdma) rdma="yes"
;;
@@ -2799,33 +2799,6 @@ EOF
fi
fi
-##########################################
-# PAM probe
-
-if test "$auth_pam" != "no"; then
- cat > $TMPC <<EOF
-#include <security/pam_appl.h>
-#include <stdio.h>
-int main(void) {
- const char *service_name = "qemu";
- const char *user = "frank";
- const struct pam_conv pam_conv = { 0 };
- pam_handle_t *pamh = NULL;
- pam_start(service_name, user, &pam_conv, &pamh);
- return 0;
-}
-EOF
- if compile_prog "" "-lpam" ; then
- auth_pam=yes
- else
- if test "$auth_pam" = "yes"; then
- feature_not_found "PAM" "Install PAM development package"
- else
- auth_pam=no
- fi
- fi
-fi
-
##########################################
# VTE probe
@@ -5540,9 +5513,6 @@ if test "$gdbus_codegen" != "" ; then
echo "GDBUS_CODEGEN=$gdbus_codegen" >> $config_host_mak
fi
echo "CONFIG_TLS_PRIORITY=\"$tls_priority\"" >> $config_host_mak
-if test "$auth_pam" = "yes" ; then
- echo "CONFIG_AUTH_PAM=y" >> $config_host_mak
-fi
if test "$have_broken_size_max" = "yes" ; then
echo "HAVE_BROKEN_SIZE_MAX=y" >> $config_host_mak
fi
@@ -6251,7 +6221,7 @@ if test "$skip_meson" = no; then
-Dcurl=$curl -Dglusterfs=$glusterfs -Dbzip2=$bzip2 -Dlibiscsi=$libiscsi \
-Dlibnfs=$libnfs -Diconv=$iconv -Dcurses=$curses -Dlibudev=$libudev\
-Drbd=$rbd -Dlzo=$lzo -Dsnappy=$snappy -Dlzfse=$lzfse \
- -Dgnutls=$gnutls -Dnettle=$nettle -Dgcrypt=$gcrypt \
+ -Dgnutls=$gnutls -Dnettle=$nettle -Dgcrypt=$gcrypt -Dauth_pam=$auth_pam \
-Dzstd=$zstd -Dseccomp=$seccomp -Dvirtfs=$virtfs -Dcap_ng=$cap_ng \
-Dattr=$attr -Ddefault_devices=$default_devices \
-Ddocs=$docs -Dsphinx_build=$sphinx_build -Dinstall_blobs=$blobs \
diff --git a/meson.build b/meson.build
index d4ce2ca57b..d3025e05fc 100644
--- a/meson.build
+++ b/meson.build
@@ -325,10 +325,6 @@ if have_system or have_tools
pixman = dependency('pixman-1', required: have_system, version:'>=0.21.8',
method: 'pkg-config', kwargs: static_kwargs)
endif
-pam = not_found
-if 'CONFIG_AUTH_PAM' in config_host
- pam = cc.find_library('pam')
-endif
libaio = cc.find_library('aio', required: false)
zlib = dependency('zlib', required: true, kwargs: static_kwargs)
linux_io_uring = not_found
@@ -907,6 +903,31 @@ if get_option('vnc').enabled()
endif
endif
+pam = not_found
+if not get_option('auth_pam').auto() or have_system
+ pam = cc.find_library('pam', has_headers: ['security/pam_appl.h'],
+ required: get_option('auth_pam'),
+ kwargs: static_kwargs)
+endif
+if pam.found() and not cc.links('''
+ #include <stddef.h>
+ #include <security/pam_appl.h>
+ int main(void) {
+ const char *service_name = "qemu";
+ const char *user = "frank";
+ const struct pam_conv pam_conv = { 0 };
+ pam_handle_t *pamh = NULL;
+ pam_start(service_name, user, &pam_conv, &pamh);
+ return 0;
+ }''', dependencies: pam)
+ pam = not_found
+ if get_option('auth_pam').enabled()
+ error('could not link libpam')
+ else
+ warning('could not link libpam, disabling')
+ endif
+endif
+
snappy = not_found
if not get_option('snappy').auto() or have_system
snappy = cc.find_library('snappy', has_headers: ['snappy-c.h'],
@@ -2729,7 +2750,7 @@ summary_info += {'VTE support': config_host.has_key('CONFIG_VTE')}
# TODO: add back version
summary_info += {'slirp support': slirp_opt == 'disabled' ? false : slirp_opt}
summary_info += {'libtasn1': tasn1.found()}
-summary_info += {'PAM': config_host.has_key('CONFIG_AUTH_PAM')}
+summary_info += {'PAM': pam.found()}
summary_info += {'iconv support': iconv.found()}
summary_info += {'curses support': curses.found()}
# TODO: add back version
diff --git a/meson_options.txt b/meson_options.txt
index 343ffffb7c..ac6e90da07 100644
--- a/meson_options.txt
+++ b/meson_options.txt
@@ -52,6 +52,8 @@ option('multiprocess', type: 'feature', value: 'auto',
option('attr', type : 'feature', value : 'auto',
description: 'attr/xattr support')
+option('auth_pam', type : 'feature', value : 'auto',
+ description: 'PAM access control')
option('brlapi', type : 'feature', value : 'auto',
description: 'brlapi character device driver')
option('bzip2', type : 'feature', value : 'auto',
diff --git a/tests/unit/meson.build b/tests/unit/meson.build
index 4c1ebc06ac..3e0504dd21 100644
--- a/tests/unit/meson.build
+++ b/tests/unit/meson.build
@@ -94,7 +94,7 @@ if have_block
'test-io-channel-tls': ['io-channel-helpers.c', 'crypto-tls-x509-helpers.c', 'pkix_asn1_tab.c',
tasn1, io, crypto, gnutls]}
endif
- if 'CONFIG_AUTH_PAM' in config_host
+ if pam.found()
tests += {'test-authz-pam': [authz]}
endif
if xts == 'private'
--
2.31.1
next prev parent reply other threads:[~2021-06-25 14:22 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-06-25 14:17 [PULL v2 00/28] Misc (including block file-posix) for 2021-06-23 Paolo Bonzini
2021-06-25 14:17 ` [PULL 01/28] target/i386: kvm: add support for TSC scaling Paolo Bonzini
2021-06-25 14:17 ` [PULL 02/28] meson: drop unused CONFIG_GCRYPT_HMAC Paolo Bonzini
2021-06-25 14:17 ` [PULL 03/28] configure: drop unused variables for xts Paolo Bonzini
2021-06-25 14:17 ` [PULL 04/28] meson: remove preadv from summary Paolo Bonzini
2021-06-25 14:17 ` [PULL 05/28] tests: remove QCRYPTO_HAVE_TLS_TEST_SUPPORT Paolo Bonzini
2021-06-25 14:18 ` [PULL 06/28] configure, meson: convert crypto detection to meson Paolo Bonzini
2021-06-25 14:18 ` [PULL 07/28] configure, meson: convert libtasn1 " Paolo Bonzini
2021-06-25 14:18 ` Paolo Bonzini [this message]
2021-06-25 14:18 ` [PULL 09/28] configure, meson: convert libusb " Paolo Bonzini
2021-06-25 14:18 ` [PULL 10/28] configure, meson: convert libcacard " Paolo Bonzini
2021-06-25 14:18 ` [PULL 11/28] configure, meson: convert libusbredir " Paolo Bonzini
2021-06-25 14:18 ` [PULL 12/28] KVM: Fix dirty ring mmap incorrect size due to renaming accident Paolo Bonzini
2021-06-25 14:18 ` [PULL 13/28] file-posix: fix max_iov for /dev/sg devices Paolo Bonzini
2021-06-25 14:18 ` [PULL 14/28] scsi-generic: pass max_segments via max_iov field in BlockLimits Paolo Bonzini
2021-06-25 14:18 ` [PULL 15/28] osdep: provide ROUND_DOWN macro Paolo Bonzini
2021-06-29 4:12 ` Philippe Mathieu-Daudé
2021-06-25 14:18 ` [PULL 16/28] block-backend: align max_transfer to request alignment Paolo Bonzini
2021-06-25 14:18 ` [PULL 17/28] block: add max_hw_transfer to BlockLimits Paolo Bonzini
2021-06-25 14:18 ` [PULL 18/28] file-posix: try BLKSECTGET on block devices too, do not round to power of 2 Paolo Bonzini
2021-09-06 14:24 ` Halil Pasic
2021-09-22 19:51 ` Halil Pasic
2021-09-23 9:18 ` Recent qemu patch results in aio failures with host DASD disks resulting in guest I/O errors Christian Borntraeger
2021-09-23 10:57 ` [PULL 18/28] file-posix: try BLKSECTGET on block devices too, do not round to power of 2 Paolo Bonzini
2021-09-23 12:13 ` Halil Pasic
2021-09-23 13:02 ` Paolo Bonzini
2021-06-25 14:18 ` [PULL 19/28] block: feature detection for host block support Paolo Bonzini
2021-06-25 14:18 ` [PULL 20/28] block: check for sys/disk.h Paolo Bonzini
2021-06-25 14:18 ` [PULL 21/28] block: try BSD disk size ioctls one after another Paolo Bonzini
2021-06-25 14:18 ` [PULL 22/28] block: detect DKIOCGETBLOCKCOUNT/SIZE before use Paolo Bonzini
2021-06-25 14:18 ` [PULL 23/28] file-posix: handle EINTR during ioctl Paolo Bonzini
2021-06-25 14:18 ` [PULL 24/28] machine: move dies from X86MachineState to CpuTopology Paolo Bonzini
2021-06-25 14:18 ` [PULL 25/28] machine: move common smp_parse code to caller Paolo Bonzini
2021-06-25 14:18 ` [PULL 26/28] machine: add error propagation to mc->smp_parse Paolo Bonzini
2021-06-25 14:18 ` [PULL 27/28] machine: pass QAPI struct " Paolo Bonzini
2021-06-25 14:18 ` [PULL 28/28] machine: reject -smp dies!=1 for non-PC machines Paolo Bonzini
2021-06-29 8:37 ` [PULL v2 00/28] Misc (including block file-posix) for 2021-06-23 Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210625141822.1368639-9-pbonzini@redhat.com \
--to=pbonzini@redhat.com \
--cc=berrange@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).