Fix linux-pam

This involves: * Reordering the chunks linux-pam, acl, attr and libcap2 - this means moving them into the 'core' stratum, and fixing errors that occur because of the move. * Configuring pam correctly. * Fix acl failing to build in core. * Fix shadow to build against pam and reconfigure shadow to not do things covered by pam. * Fix tar not building - I am not sure what caused this to fail to build, but fixing it involved stopping it from trying to init submodules that were already checked out. Move linux-pam, acl, and attr into core and make shadow depend on them Change-Id: I1b00ca0158c31ce5f31c11fe60816434508a05a1
author: Jonathan Maw <jonathan.maw@codethink.co.uk> 2015-04-22 15:22:09 +0000
committer: Jonathan Maw <jonathan.maw@codethink.co.uk> 2015-04-27 12:35:05 +0000
commit: fda3df9834dfc55796085cb174b8c70de4e4dbb2 (patch)
tree: 32b5cdf9c412e03edab2d291debe9cf54d393b2a
parent: 71797241802b692f6be53b0aa4e5d61658c6792b (diff)
download: definitions-fda3df9834dfc55796085cb174b8c70de4e4dbb2.tar.gz
9 files changed, 222 insertions, 59 deletions
diff --git a/strata/core.morph b/strata/core.morph
index cfdc52eb..fbdda5ca 100644
--- a/strata/core.morph
+++ b/strata/core.morph
@@ -234,25 +234,55 @@ chunks:
   - autoconf-tarball
   - automake
   - libtool-tarball
-- name: util-linux
-  morph: strata/core/util-linux.morph
-  repo: upstream:util-linux
-  ref: b567c9cbc854a36da0a198e4dcc463e134d26a25
-  unpetrify-ref: v2.25.2
+- name: attr
+  morph: strata/core/attr.morph
+  repo: upstream:attr
+  ref: 4b005410f865895d4dcd56e2c135278a7a315877
+  unpetrify-ref: baserock/morph
+  build-depends:
+  - autoconf-tarball
+  - automake
+  - gettext-tarball
+  - libtool-tarball
+- name: acl
+  morph: strata/core/acl.morph
+  repo: upstream:acl
+  ref: f13e09bd54fd4a501c4952f002ed2752bdd9f93b
+  unpetrify-ref: v2.2.52
+  build-depends:
+  - autoconf-tarball
+  - automake
+  - gettext-tarball
+  - libtool-tarball
+  - attr
+- name: linux-pam
+  morph: strata/core/linux-pam.morph
+  repo: upstream:linux-pam
+  ref: b1521c97e73b10469f7b34c0571d51c647eca83c
+  unpetrify-ref: Linux-PAM-1.1.8
   build-depends:
   - autoconf-tarball
   - automake
   - gettext-tarball
-  - git
   - libtool-tarball
   - pkg-config
-- name: bc
-  repo: upstream:bc-tarball
-  ref: 0956d119432ff6a2e85bae1fa336df799cad70b0
+  - flex
+  - attr
+  - acl
+- name: libcap2
+  morph: strata/core/libcap2.morph
+  repo: upstream:libcap2
+  ref: 4f7cca1bc9c2a274edb39d351b65747010d3ba7b
   unpetrify-ref: baserock/morph
   build-depends:
-  - flex
-  - texinfo-tarball
+  - autoconf-tarball
+  - automake
+  - gettext-tarball
+  - libtool-tarball
+  - pkg-config
+  - attr
+  - acl
+  - linux-pam
 - name: shadow
   morph: strata/core/shadow.morph
   repo: upstream:shadow
@@ -264,6 +294,31 @@ chunks:
   - gettext-tarball
   - libtool-tarball
   - bison
+  - attr
+  - acl
+  - linux-pam
+  - libcap2
+- name: util-linux
+  morph: strata/core/util-linux.morph
+  repo: upstream:util-linux
+  ref: b567c9cbc854a36da0a198e4dcc463e134d26a25
+  unpetrify-ref: v2.25.2
+  build-depends:
+  - autoconf-tarball
+  - automake
+  - gettext-tarball
+  - git
+  - libtool-tarball
+  - pkg-config
+  - linux-pam
+  - shadow
+- name: bc
+  repo: upstream:bc-tarball
+  ref: 0956d119432ff6a2e85bae1fa336df799cad70b0
+  unpetrify-ref: baserock/morph
+  build-depends:
+  - flex
+  - texinfo-tarball
 - name: patch
   morph: strata/core/patch.morph
   repo: upstream:patch
diff --git a/strata/foundation/acl.morph b/strata/core/acl.morph
index c742d8ae..23f08c1f 100644
--- a/strata/foundation/acl.morph
+++ b/strata/core/acl.morph
@@ -3,4 +3,4 @@ kind: chunk
 build-commands:
 - make
 install-commands:
-- make DESTDIR="$DESTDIR" install-dev
+- make DESTDIR="$DESTDIR" install-lib install-dev
diff --git a/strata/foundation/attr.morph b/strata/core/attr.morph
index 46d0b9c0..46d0b9c0 100644
--- a/strata/foundation/attr.morph
+++ b/strata/core/attr.morph
diff --git a/strata/foundation/libcap2.morph b/strata/core/libcap2.morph
index 3e4f205e..3e4f205e 100644
--- a/strata/foundation/libcap2.morph
+++ b/strata/core/libcap2.morph
diff --git a/strata/core/linux-pam.morph b/strata/core/linux-pam.morph
new file mode 100644
index 00000000..6c4959b0
--- /dev/null
+++ b/strata/core/linux-pam.morph
@@ -0,0 +1,125 @@
+name: linux-pam
+kind: chunk
+build-system: autotools
+pre-configure-commands:
+- autoreconf -ivf
+configure-commands:
+- ./configure --prefix=/usr --libdir=/lib
+post-install-commands:
+- |
+  install -D -m 0644 /proc/self/fd/0 "$DESTDIR"/etc/pam.d/system-account <<'EOF'
+  #%PAM-1.0
+  # Empty passwords are allowed
+  account required pam_unix.so
+  EOF
+- |
+  install -D -m 0644 /proc/self/fd/0 "$DESTDIR"/etc/pam.d/system-auth <<'EOF'
+  #%PAM-1.0
+  # Empty passwords are allowed
+  auth required pam_unix.so nullok
+  EOF
+- |
+  install -D -m 0644 /proc/self/fd/0 "$DESTDIR"/etc/pam.d/system-passwd <<'EOF'
+  #%PAM-1.0
+  password required pam_unix.so sha512 shadow try_first_pass
+  EOF
+- |
+  install -D -m 0644 /proc/self/fd/0 "$DESTDIR"/etc/pam.d/system-session <<'EOF'
+  #%PAM-1.0
+  session required pam_unix.so
+  session optional pam_systemd.so
+  EOF
+- |
+  install -D -m 0644 /proc/self/fd/0 "$DESTDIR"/etc/pam.d/login <<'EOF'
+  #%PAM-1.0
+  # Set failure delay before next prompt to 3 seconds
+  auth      optional    pam_faildelay.so  delay=3000000
+  
+  # Check to make sure that the user is allowed to login
+  auth      requisite   pam_nologin.so
+  
+  # Check to make sure that root is allowed to login
+  # Disabled by default. You will need to create /etc/securetty
+  # file for this module to function. See man 5 securetty.
+  #auth      required    pam_securetty.so
+  
+  # Additional group memberships - disabled by default
+  #auth      optional    pam_group.so
+  
+  # include the default auth settings
+  auth      include     system-auth
+  
+  # check access for the user
+  account   required    pam_access.so
+  
+  # include the default account settings
+  account   include     system-account
+  
+  # Set default environment variables for the user
+  session   required    pam_env.so
+  
+  # Set resource limits for the user
+  session   required    pam_limits.so
+  
+  # Display date of last login - Disabled by default
+  #session   optional    pam_lastlog.so
+  
+  # Display the message of the day - Disabled by default
+  #session   optional    pam_motd.so
+  
+  # Check user's mail - Disabled by default
+  #session   optional    pam_mail.so      standard quiet
+  
+  # include the default session and password settings
+  session   include     system-session
+  password  include     system-passwd
+  EOF
+- |
+  install -D -m 0644 /proc/self/fd/0 "$DESTDIR"/etc/pam.d/passwd <<'EOF'
+  #%PAM-1.0
+  password include system-passwd
+  EOF
+- |
+  install -D -m 0644 /proc/self/fd/0 "$DESTDIR"/etc/pam.d/su <<'EOF'
+  #%PAM-1.0
+  # always allow root
+  auth      sufficient  pam_rootok.so
+  auth      include     system-auth
+  
+  # include the default account settings
+  account   include     system-account
+  
+  # Set default environment variables for the service user
+  session   required    pam_env.so
+  
+  # include system session defaults
+  session   include     system-session
+  EOF
+- |
+  install -D -m 0644 /proc/self/fd/0 "$DESTDIR"/etc/pam.d/chage <<'EOF'
+  #%PAM-1.0
+  # always allow root
+  auth      sufficient  pam_rootok.so
+  
+  # include system defaults for auth account and session
+  auth      include     system-auth
+  account   include     system-account
+  session   include     system-session
+  
+  # Always permit for authentication updates
+  password  required    pam_permit.so
+  EOF
+- |
+  for PROGRAM in chfn chgpasswd chpasswd chsh groupadd groupdel groupmems \
+                 groupmod newusers useradd userdel usermod
+  do
+    install -m 0644 "$DESTDIR/etc/pam.d/chage" "$DESTDIR/etc/pam.d/${PROGRAM}"
+  done
+- |
+  install -D -m 0644 /proc/self/fd/0 <<'EOF' "$DESTDIR"/etc/pam.d/other
+  #%PAM-1.0
+  auth     include system-auth
+  account  include system-account
+  password include system-passwd
+  session  include system-session
+  EOF
diff --git a/strata/core/shadow.morph b/strata/core/shadow.morph
index 6887a6b3..f75d0c51 100644
--- a/strata/core/shadow.morph
+++ b/strata/core/shadow.morph
@@ -2,4 +2,31 @@ name: shadow
 kind: chunk
 build-system: autotools
 configure-commands:
-- ./autogen.sh --with-selinux=no --sysconfdir=/etc
+- ./autogen.sh --with-selinux=no --sysconfdir=/etc --with-pam=yes
+post-install-commands:
+# Disable things handled by pam instead
+- rm "$DESTDIR/etc/limits"
+- rm "$DESTDIR/etc/login.access"
+- |
+  for OPTION in FAIL_DELAY \
+                FAILLOG_ENAB \
+                LASTLOG_ENAB \
+                MAIL_CHECK_ENAB \
+                OBSCURE_CHECKS_ENAB \
+                PORTTIME_CHECKS_ENAB \
+                QUOTAS_ENAB \
+                CONSOLE MOTD_FILE \
+                FTMP_FILE \
+                NOLOGINS_FILE \
+                ENV_HZ \
+                PASS_MIN_LEN \
+                SU_WHEEL_ONLY \
+                CRACKLIB_DICTPATH \
+                PASS_CHANGE_TRIES \
+                PASS_ALWAYS_WARN \
+                CHFN_AUTH \
+                ENCRYPT_METHOD \
+                ENVIRON_FILE
+  do
+    sed -i "s/^${OPTION}/# &/" "$DESTDIR/etc/login.defs"
+  done
diff --git a/strata/coreutils-common/tar.morph b/strata/coreutils-common/tar.morph
index d9ee3a36..17d6a597 100644
--- a/strata/coreutils-common/tar.morph
+++ b/strata/coreutils-common/tar.morph
@@ -2,7 +2,8 @@ name: tar
 kind: chunk
 build-system: autotools
 pre-configure-commands:
-- bash bootstrap --skip-po
+- rm .gitmodules
+- bash bootstrap --skip-po --gnulib-srcdir="$(pwd)/gnulib" --paxutils-srcdir="$(pwd)/paxutils"
 configure-commands:
 # Configure flag notes:
 # 1. Needed to run configure as root
diff --git a/strata/foundation.morph b/strata/foundation.morph
index 3de24fee..b90bf239 100644
--- a/strata/foundation.morph
+++ b/strata/foundation.morph
@@ -8,11 +8,6 @@ chunks:
   repo: upstream:bash-completion
   ref: 3085c7e12179817a02a611016606391295c69942
   unpetrify-ref: 2.1
-- name: attr
-  morph: strata/foundation/attr.morph
-  repo: upstream:attr
-  ref: 4b005410f865895d4dcd56e2c135278a7a315877
-  unpetrify-ref: baserock/morph
 - name: groff
   morph: strata/foundation/groff.morph
   repo: upstream:groff-git
@@ -28,13 +23,6 @@ chunks:
   repo: upstream:tz
   ref: a0782484f101ac55c916568bc1c490d7761fc904
   unpetrify-ref: 2015a
-- name: libcap2
-  morph: strata/foundation/libcap2.morph
-  repo: upstream:libcap2
-  ref: 4f7cca1bc9c2a274edb39d351b65747010d3ba7b
-  unpetrify-ref: baserock/morph
-  build-depends:
-  - attr
 - name: libffi
   morph: strata/foundation/libffi.morph
   repo: upstream:libffi
@@ -72,11 +60,6 @@ chunks:
   ref: 412eed473b557ed2172d81d76fa1e1f53c973a67
   build-depends:
   - libgpg-error
-- name: linux-pam
-  morph: strata/foundation/linux-pam.morph
-  repo: upstream:linux-pam
-  ref: b1521c97e73b10469f7b34c0571d51c647eca83c
-  unpetrify-ref: Linux-PAM-1.1.8
 - name: systemd
   morph: strata/foundation/systemd.morph
   repo: upstream:systemd
@@ -86,9 +69,7 @@ chunks:
   - dbus-pre
   - gobject-introspection
   - kmod
-  - libcap2
   - libgcrypt
-  - linux-pam
 - name: libusb
   repo: upstream:libusb
   ref: e11525c66c7dd2db466c8f5785ff0b37d6a99ec9
@@ -111,13 +92,6 @@ chunks:
   repo: upstream:fuse
   ref: d69e627e79862e2df4ff9ff1ddb0363c4520d8a8
   unpetrify-ref: baserock/morph
-- name: acl
-  morph: strata/foundation/acl.morph
-  repo: upstream:acl
-  ref: f13e09bd54fd4a501c4952f002ed2752bdd9f93b
-  unpetrify-ref: v2.2.52
-  build-depends:
-  - attr
 - name: e2fsprogs
   morph: strata/foundation/e2fsprogs.morph
   repo: upstream:e2fsprogs
@@ -129,8 +103,6 @@ chunks:
   ref: 563ff3b07d85517e3589a1f2e6f45a8265e3f071
   unpetrify-ref: v3.18.2
   build-depends:
-  - attr
-  - acl
   - lzo
   - e2fsprogs
 - name: dbus
@@ -153,8 +125,6 @@ chunks:
   repo: baserock:baserock/tbdiff
   ref: 47fb728f2432929868666afc915dbc5a64836c08
   unpetrify-ref: master
-  build-depends:
-  - attr
 - name: dbus-glib
   repo: upstream:dbus-glib
   ref: 397e8297d433547c9bf4150ddd2b9e0b4c39628c
diff --git a/strata/foundation/linux-pam.morph b/strata/foundation/linux-pam.morph
deleted file mode 100644
index 0dfbe759..00000000
--- a/strata/foundation/linux-pam.morph
+++ /dev/null
@@ -1,15 +0,0 @@
-name: linux-pam
-kind: chunk
-build-system: autotools
-pre-configure-commands:
-- autoreconf -ivf
-post-install-commands:
-# sudo command is expecting this file.
-- |
-  install -D -m 0644 /proc/self/fd/0 <<'EOF' "$DESTDIR"/etc/pam.d/other
-  #%PAM-1.0
-  auth            required        pam_unix.so
-  account         required        pam_unix.so
-  password        required        pam_unix.so
-  session         required        pam_unix.so
-  EOF
author	Jonathan Maw <jonathan.maw@codethink.co.uk>	2015-04-22 15:22:09 +0000
committer	Jonathan Maw <jonathan.maw@codethink.co.uk>	2015-04-27 12:35:05 +0000
commit	fda3df9834dfc55796085cb174b8c70de4e4dbb2 (patch)
tree	32b5cdf9c412e03edab2d291debe9cf54d393b2a
parent	71797241802b692f6be53b0aa4e5d61658c6792b (diff)
download	definitions-fda3df9834dfc55796085cb174b8c70de4e4dbb2.tar.gz