sinjuginas/rpm-build
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

tree-wide: make sure PAM modules under /usr are treated correctly

Browse Source 
Various routines in this project have special treatment for PAM modules.
Let's look for PAM modules at %_libdir/security in addition to
/%_lib/security.

Link: https://altlinux.org/Usrmerge
This commit is contained in:
Arseny Maslennikov 2024-10-14 17:00:00 +03:00
parent 791342d3a3
commit 5f1b9706df
3 changed files with 12 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
scripts/brp-cleanup.in
View File

@ -79,7 +79,7 @@ s,^[[:space:]]*\(#\?\)[[:space:]]*\(-\?auth\|account\|session\)[[:space:]]\+,\1\
s,^[[:space:]]*\(#\?\)[[:space:]]*\(-account\|-session\|-\?password\)[[:space:]]\+,\1\2 ,
s,^[[:space:]]*\(#\?[[:space:]]*-\?\(auth\|account\|password\|session\)[[:space:]]\+\)\(include\)[[:space:]]\+,\1\3 ,
s,^[[:space:]]*\(#\?[[:space:]]*-\?\(auth\|account\|password\|session\)[[:space:]]\+\)\(required\|requisite\|sufficient\|optional\|substack\|\[[^]]\+\]\)[[:space:]]\+,\1\3 ,
s,\([[:space:]]\)/lib\(64\)\?/security/\(pam_\),\1\3,g
s,\([[:space:]]\)\(/usr\)\?/lib\(64\)\?/security/\(pam_\),\1\4,g
s,\([[:space:]]\)required[[:space:]]\+pam_stack.so[[:space:]]\+service=,\1substack ,g
' --
fi

12
scripts/lib.prov.in
View File

@ -24,7 +24,7 @@ dump_ld_config='@RPMCONFIGDIR@/dump_ld_config'
[ -n "${RPM_LIBDIR-}" ] || RPM_LIBDIR=`rpm --eval %_libdir`
[ -n "${RPM_LIB-}" ] || RPM_LIB=`rpm --eval %_lib`
DEF_RPM_FINDPROV_LIB_PATH="/$RPM_LIB $RPM_LIBDIR $("$dump_ld_config")"
DEF_RPM_FINDPROV_LIB_PATH="$RPM_LIBDIR /$RPM_LIB $("$dump_ld_config")"
[ -z "${RPM_BUILD_ROOT-}" ] ||
DEF_RPM_FINDPROV_LIB_PATH="$("$dump_ld_config" '' "$RPM_BUILD_ROOT") $DEF_RPM_FINDPROV_LIB_PATH"
DEF_RPM_FINDPROV_LIB_PATH="$(IFS="$IFS:"; echo '' $DEF_RPM_FINDPROV_LIB_PATH '')"
@ -42,7 +42,9 @@ LibProv()
# Check library location.
[ -n "$dir" ] && [ -n "$basename" ] || return 0
[ "$dir" = "/$RPM_LIB/security" ] || [ -z "${RPM_FINDPROV_LIB_PATH##* $dir *}" ] || return 0
[ "$dir" = "$RPM_LIBDIR/security" ] \
|| [ "$dir" = "/$RPM_LIB/security" ] \
|| [ -z "${RPM_FINDPROV_LIB_PATH##* $dir *}" ] || return 0
# Obtain objdump info.
local dump
@ -52,10 +54,12 @@ LibProv()
fi
# Special case for PAM plugins.
if [ "$dir" = "/$RPM_LIB/security" ]; then
case "$dir" in
"$RPM_LIBDIR/security" | "/$RPM_LIB/security")
printf 'PAM(%s)\n' "$basename"
return 0
fi
;;
esac
local soname suffix braces
soname=$(printf %s\\n "$dump" |sed -ne 's/^[[:space:]]*SONAME[[:space:]]\+\([^[:space:]]\+\)[[:space:]]*$/\1/p')

6
scripts/pam.req.in
View File

@ -37,10 +37,10 @@ fi
[ -f "${RPM_LIBDIR-}/libpam.so" ] ||:
# pam_module.so
sed -n 's#^[[:space:]]*\(account\|auth\|password\|session\)[[:space:]]\+\(requisite\|required\|sufficient\|optional\|\[[^]]\+\]\)[[:space:]]\+\(/lib[0-9]*/security/\)\?\([^.[:space:]]\+\.so\)\($\|[[:space:]].*\)#PAM(\4'${PAM_SO_SUFFIX-}')#pg' <"$file" |sort -u
sed -n 's#^[[:space:]]*\(account\|auth\|password\|session\)[[:space:]]\+\(requisite\|required\|sufficient\|optional\|\[[^]]\+\]\)[[:space:]]\+\(\(/usr\)\?/lib[0-9]*/security/\)\?\([^.[:space:]]\+\.so\)\($\|[[:space:]].*\)#PAM(\5'${PAM_SO_SUFFIX-}')#pg' <"$file" |sort -u
# pam_module.so*
sed -n 's#^[[:space:]]*\(account\|auth\|password\|session\)[[:space:]]\+\(requisite\|required\|sufficient\|optional\|\[[^]]\+\]\)[[:space:]]\+\(/lib[0-9]*/security/\)\?\([^.[:space:]]\+\.so[^[:space:]]\+\).*#PAM(\4)#pg' <"$file" |sort -u
sed -n 's#^[[:space:]]*\(account\|auth\|password\|session\)[[:space:]]\+\(requisite\|required\|sufficient\|optional\|\[[^]]\+\]\)[[:space:]]\+\(\(/usr\)\?/lib[0-9]*/security/\)\?\([^.[:space:]]\+\.so[^[:space:]]\+\).*#PAM(\5)#pg' <"$file" |sort -u
# libpam(optional_module)
sed -n 's/^[[:space:]]*-.*/libpam(optional_module)/p' <"$file" |sort -u
@ -52,4 +52,4 @@ sed -n 's#^[[:space:]]*\(account\|auth\|password\|session\)[[:space:]]\+\(includ
sed -n 's#^[[:space:]]*\(account\|auth\|password\|session\)[[:space:]]\+\(include\|substack\)[[:space:]]\+\(/etc/pam\.d/\)\?\([^[:space:]]\+\).*#pam'${PAM_NAME_SUFFIX-}'(\4)#pg' <"$file" |sort -u
# pam(config) via pam_stack
sed -n 's#^[[:space:]]*\(account\|auth\|password\|session\)[[:space:]]\+\(requisite\|required\|sufficient\|optional\|\[[^]]\+\]\)[[:space:]]\+\(/lib[0-9]*/security/\)\?pam_stack\.so[[:space:]]\+service=\([^[:space:]]\+\).*#pam(\4)#pg' <"$file" |sort -u
sed -n 's#^[[:space:]]*\(account\|auth\|password\|session\)[[:space:]]\+\(requisite\|required\|sufficient\|optional\|\[[^]]\+\]\)[[:space:]]\+\(\(/usr\)\?/lib[0-9]*/security/\)\?pam_stack\.so[[:space:]]\+service=\([^[:space:]]\+\).*#pam(\5)#pg' <"$file" |sort -u