Merge branch 'org.openembedded.dev' of git.openembedded.org:openembedded into org.openembedded.dev

22 files changed, 639 insertions, 2 deletions

diff --git a/recipes/pam/libpam-1.1.0/disable_modules_uclibc.patch b/recipes/pam/libpam-1.1.0/disable_modules_uclibc.patch
new file mode 100644
index 0000000000..14cc60aacd
--- /dev/null
+++ b/recipes/pam/libpam-1.1.0/disable_modules_uclibc.patch
@@ -0,0 +1,16 @@
+Index: Linux-PAM-1.1.0/modules/Makefile.am
+===================================================================
+--- Linux-PAM-1.1.0.orig/modules/Makefile.am	2008-11-28 15:29:12.000000000 +0100
++++ Linux-PAM-1.1.0/modules/Makefile.am	2009-11-24 22:28:13.248314306 +0100
+@@ -7,9 +7,9 @@
+ 	pam_group pam_issue pam_keyinit pam_lastlog pam_limits \
+ 	pam_listfile pam_localuser pam_loginuid pam_mail \
+ 	pam_mkhomedir pam_motd pam_namespace pam_nologin \
+-	pam_permit pam_pwhistory pam_rhosts pam_rootok pam_securetty \
++	pam_permit pam_rhosts pam_rootok pam_securetty \
+ 	pam_selinux pam_sepermit pam_shells pam_stress \
+-	pam_succeed_if pam_tally pam_tally2 pam_time pam_timestamp \
++	pam_succeed_if pam_tally pam_tally2 pam_time \
+ 	pam_tty_audit pam_umask \
+ 	pam_unix pam_userdb pam_warn pam_wheel pam_xauth
+ 
diff --git a/recipes/pam/libpam-1.1.0/fix_disabled_nls.patch b/recipes/pam/libpam-1.1.0/fix_disabled_nls.patch
new file mode 100644
index 0000000000..6c51752e21
--- /dev/null
+++ b/recipes/pam/libpam-1.1.0/fix_disabled_nls.patch
@@ -0,0 +1,13 @@
+Index: Linux-PAM-1.1.0/modules/pam_lastlog/pam_lastlog.c
+===================================================================
+--- Linux-PAM-1.1.0.orig/modules/pam_lastlog/pam_lastlog.c	2009-11-24 21:47:00.208561627 +0100
++++ Linux-PAM-1.1.0/modules/pam_lastlog/pam_lastlog.c	2009-11-24 21:47:27.385225592 +0100
+@@ -471,7 +471,7 @@
+ 		failed),
+ 	    failed);
+ #else
+-	if (daysleft == 1)
++	if (failed == 1)
+ 	    retval = asprintf(&line,
+ 		_("There was %d failed login attempt since the last successful login."),
+ 		failed);
diff --git a/recipes/pam/libpam-1.1.0/pam-disable-nis-on-uclibc.patch b/recipes/pam/libpam-1.1.0/pam-disable-nis-on-uclibc.patch
new file mode 100644
index 0000000000..258166cc52
--- /dev/null
+++ b/recipes/pam/libpam-1.1.0/pam-disable-nis-on-uclibc.patch
@@ -0,0 +1,251 @@
+Index: Linux-PAM-1.0.2/Makefile.in
+===================================================================
+--- Linux-PAM-1.0.2.orig/Makefile.in	2008-08-29 01:14:12.000000000 -0700
++++ Linux-PAM-1.0.2/Makefile.in	2009-09-04 01:06:22.571466501 -0700
+@@ -71,8 +71,7 @@
+   distclean-recursive maintainer-clean-recursive
+ ETAGS = etags
+ CTAGS = ctags
+-DIST_SUBDIRS = libpam tests libpamc libpam_misc modules po conf doc \
+-	examples xtests
++DIST_SUBDIRS = libpam libpamc libpam_misc modules po conf
+ DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ distdir = $(PACKAGE)-$(VERSION)
+ top_distdir = $(distdir)
+@@ -244,8 +243,8 @@
+ top_builddir = @top_builddir@
+ top_srcdir = @top_srcdir@
+ AUTOMAKE_OPTIONS = 1.9 gnu dist-bzip2 check-news
+-@STATIC_MODULES_FALSE@SUBDIRS = libpam tests libpamc libpam_misc modules po conf doc examples xtests
+-@STATIC_MODULES_TRUE@SUBDIRS = modules libpam libpamc libpam_misc tests po conf doc examples xtests
++@STATIC_MODULES_FALSE@SUBDIRS = libpam libpamc libpam_misc modules po conf
++@STATIC_MODULES_TRUE@SUBDIRS = modules libpam libpamc libpam_misc po conf
+ CLEANFILES = *~
+ M4_FILES = m4/codeset.m4 m4/gettext.m4 m4/glibc21.m4 m4/glibc2.m4 \
+ 	m4/iconv.m4 m4/intdiv0.m4 m4/intmax.m4 m4/inttypes_h.m4 \
+Index: Linux-PAM-1.0.2/modules/pam_access/pam_access.c
+===================================================================
+--- Linux-PAM-1.0.2.orig/modules/pam_access/pam_access.c	2007-12-07 07:40:01.000000000 -0800
++++ Linux-PAM-1.0.2/modules/pam_access/pam_access.c	2009-09-04 01:06:22.575455835 -0700
+@@ -41,7 +41,11 @@
+ #include <errno.h>
+ #include <ctype.h>
+ #include <sys/utsname.h>
++
++#ifdef NIS
+ #include <rpcsvc/ypclnt.h>
++#endif
++
+ #include <arpa/inet.h>
+ #include <netdb.h>
+ #include <sys/socket.h>
+@@ -479,8 +483,9 @@
+   char *mydomain = NULL;
+   int retval;
+ 
++#ifdef NIS
+   yp_get_default_domain(&mydomain);
+-
++#endif
+ 
+   retval = innetgr (netgroup, machine, user, mydomain);
+   if (debug == YES)
+Index: Linux-PAM-1.0.2/modules/pam_unix/Makefile.am
+===================================================================
+--- Linux-PAM-1.0.2.orig/modules/pam_unix/Makefile.am	2008-02-29 07:22:03.000000000 -0800
++++ Linux-PAM-1.0.2/modules/pam_unix/Makefile.am	2009-09-04 01:09:46.519457167 -0700
+@@ -32,7 +32,7 @@
+ 
+ securelib_LTLIBRARIES = pam_unix.la
+ 
+-noinst_HEADERS = md5.h support.h yppasswd.h bigcrypt.h passverify.h
++noinst_HEADERS = md5.h support.h bigcrypt.h passverify.h
+ 
+ sbin_PROGRAMS = unix_chkpwd unix_update
+ 
+@@ -40,7 +40,7 @@
+ 
+ pam_unix_la_SOURCES = bigcrypt.c pam_unix_acct.c \
+ 	pam_unix_auth.c pam_unix_passwd.c pam_unix_sess.c support.c \
+-	passverify.c yppasswd_xdr.c md5_good.c md5_broken.c
++	passverify.c md5_good.c md5_broken.c
+ 
+ bigcrypt_SOURCES = bigcrypt.c bigcrypt_main.c
+ bigcrypt_CFLAGS = $(AM_CFLAGS)
+Index: Linux-PAM-1.0.2/modules/pam_unix/Makefile.in
+===================================================================
+--- Linux-PAM-1.0.2.orig/modules/pam_unix/Makefile.in	2008-08-29 01:14:10.000000000 -0700
++++ Linux-PAM-1.0.2/modules/pam_unix/Makefile.in	2009-09-04 01:13:42.939510044 -0700
+@@ -74,7 +74,7 @@
+ pam_unix_la_DEPENDENCIES =
+ am_pam_unix_la_OBJECTS = bigcrypt.lo pam_unix_acct.lo pam_unix_auth.lo \
+ 	pam_unix_passwd.lo pam_unix_sess.lo support.lo passverify.lo \
+-	yppasswd_xdr.lo md5_good.lo md5_broken.lo
++	md5_good.lo md5_broken.lo
+ pam_unix_la_OBJECTS = $(am_pam_unix_la_OBJECTS)
+ pam_unix_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
+ 	$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+@@ -310,10 +310,10 @@
+ 	@LIBCRYPT@ @LIBSELINUX@
+ 
+ securelib_LTLIBRARIES = pam_unix.la
+-noinst_HEADERS = md5.h support.h yppasswd.h bigcrypt.h passverify.h
++noinst_HEADERS = md5.h support.h bigcrypt.h passverify.h
+ pam_unix_la_SOURCES = bigcrypt.c pam_unix_acct.c \
+ 	pam_unix_auth.c pam_unix_passwd.c pam_unix_sess.c support.c \
+-	passverify.c yppasswd_xdr.c md5_good.c md5_broken.c
++	passverify.c md5_good.c md5_broken.c
+ 
+ bigcrypt_SOURCES = bigcrypt.c bigcrypt_main.c
+ bigcrypt_CFLAGS = $(AM_CFLAGS)
+@@ -465,7 +465,6 @@
+ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/unix_update-md5_good.Po@am__quote@
+ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/unix_update-passverify.Po@am__quote@
+ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/unix_update-unix_update.Po@am__quote@
+-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/yppasswd_xdr.Plo@am__quote@
+ 
+ .c.o:
+ @am__fastdepCC_TRUE@	$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
+Index: Linux-PAM-1.0.2/modules/pam_unix/pam_unix_passwd.c
+===================================================================
+--- Linux-PAM-1.0.2.orig/modules/pam_unix/pam_unix_passwd.c	2008-02-29 07:22:03.000000000 -0800
++++ Linux-PAM-1.0.2/modules/pam_unix/pam_unix_passwd.c	2009-09-04 01:06:22.579455994 -0700
+@@ -55,8 +55,11 @@
+ #include <sys/time.h>
+ #include <sys/stat.h>
+ #include <rpc/rpc.h>
++
++#ifdef NIS
+ #include <rpcsvc/yp_prot.h>
+ #include <rpcsvc/ypclnt.h>
++#endif
+ 
+ #include <signal.h>
+ #include <errno.h>
+@@ -77,7 +80,10 @@
+ #include <security/pam_ext.h>
+ #include <security/pam_modutil.h>
+ 
++#ifdef NIS
+ #include "yppasswd.h"
++#endif
++
+ #include "md5.h"
+ #include "support.h"
+ #include "passverify.h"
+@@ -105,6 +111,7 @@
+ 
+ static char *getNISserver(pam_handle_t *pamh)
+ {
++#ifdef NIS
+ 	char *master;
+ 	char *domainname;
+ 	int port, err;
+@@ -131,6 +138,9 @@
+ 		return NULL;
+ 	}
+ 	return master;
++#else
++	return NULL;
++#endif
+ }
+ 
+ #ifdef WITH_SELINUX
+@@ -301,6 +311,7 @@
+ 
+ 	if (on(UNIX_NIS, ctrl) && _unix_comesfromsource(pamh, forwho, 0, 1)) {
+ 	    if ((master=getNISserver(pamh)) != NULL) {
++#ifdef NIS
+ 		struct timeval timeout;
+ 		struct yppasswd yppwd;
+ 		CLIENT *clnt;
+@@ -362,6 +373,7 @@
+ #ifdef DEBUG
+ 		sleep(5);
+ #endif
++#endif
+ 	    } else {
+ 		    retval = PAM_TRY_AGAIN;
+ 	    }
+Index: Linux-PAM-1.0.2/modules/pam_unix/support.c
+===================================================================
+--- Linux-PAM-1.0.2.orig/modules/pam_unix/support.c	2008-01-23 07:35:13.000000000 -0800
++++ Linux-PAM-1.0.2/modules/pam_unix/support.c	2009-09-04 01:06:22.579455994 -0700
+@@ -19,7 +19,10 @@
+ #include <ctype.h>
+ #include <syslog.h>
+ #include <sys/resource.h>
++
++#ifdef NIS
+ #include <rpcsvc/ypclnt.h>
++#endif
+ 
+ #include <security/_pam_macros.h>
+ #include <security/pam_modules.h>
+@@ -266,6 +269,7 @@
+ 	if (!matched && nis) {
+ 		char *userinfo = NULL, *domain = NULL;
+ 		int len = 0, i;
++#ifdef NIS
+ 		len = yp_get_default_domain(&domain);
+ 		if (len == YPERR_SUCCESS) {
+ 			len = yp_bind(domain);
+@@ -280,6 +284,7 @@
+ 				matched = 1;
+ 			}
+ 		}
++#endif
+ 	}
+ 
+ 	if (matched && (ret != NULL)) {
+Index: Linux-PAM-1.0.2/modules/pam_unix/yppasswd.h
+===================================================================
+--- Linux-PAM-1.0.2.orig/modules/pam_unix/yppasswd.h	2000-06-20 15:12:08.000000000 -0700
++++ Linux-PAM-1.0.2/modules/pam_unix/yppasswd.h	2009-09-04 01:06:22.579455994 -0700
+@@ -13,6 +13,8 @@
+ #ifndef _YPPASSWD_H_
+ #define _YPPASSWD_H_
+ 
++#ifdef NIS
++
+ #define YPPASSWDPROG ((u_long)100009)
+ #define YPPASSWDVERS ((u_long)1)
+ #define YPPASSWDPROC_UPDATE ((u_long)1)
+@@ -48,4 +50,6 @@
+ bool_t xdr_xpasswd(XDR * xdrs, xpasswd * objp);
+ bool_t xdr_yppasswd(XDR * xdrs, yppasswd * objp);
+ 
++#endif
++
+ #endif	/* _YPPASSWD_H_ */
+Index: Linux-PAM-1.0.2/modules/pam_unix/yppasswd_xdr.c
+===================================================================
+--- Linux-PAM-1.0.2.orig/modules/pam_unix/yppasswd_xdr.c	2005-07-20 02:46:19.000000000 -0700
++++ Linux-PAM-1.0.2/modules/pam_unix/yppasswd_xdr.c	2009-09-04 01:06:22.579455994 -0700
+@@ -10,6 +10,8 @@
+  * editied manually.
+  */
+ 
++#ifdef NIS
++
+ #include "config.h"
+ 
+ #include <rpc/rpc.h>
+@@ -36,3 +38,5 @@
+ 	return xdr_string(xdrs, &objp->oldpass, ~0)
+ 	    && xdr_xpasswd(xdrs, &objp->newpw);
+ }
++
++#endif
+Index: Linux-PAM-1.0.2/po/POTFILES.in
+===================================================================
+--- Linux-PAM-1.0.2.orig/po/POTFILES.in	2008-02-13 06:39:41.000000000 -0800
++++ Linux-PAM-1.0.2/po/POTFILES.in	2009-09-04 01:06:22.579455994 -0700
+@@ -85,7 +85,6 @@
+ ./modules/pam_unix/passverify.c
+ ./modules/pam_unix/support.c
+ ./modules/pam_unix/unix_chkpwd.c
+-./modules/pam_unix/yppasswd_xdr.c
+ ./modules/pam_userdb/pam_userdb.c
+ ./modules/pam_warn/pam_warn.c
+ ./modules/pam_wheel/pam_wheel.c
diff --git a/recipes/pam/libpam-1.1.0/pam-nodocs.patch b/recipes/pam/libpam-1.1.0/pam-nodocs.patch
new file mode 100644
index 0000000000..895f0e182a
--- /dev/null
+++ b/recipes/pam/libpam-1.1.0/pam-nodocs.patch
@@ -0,0 +1,35 @@
+--- /tmp/Makefile.am	2008-09-05 15:16:21.000000000 +0200
++++ Linux-PAM-1.0.2/Makefile.am	2008-09-05 15:16:56.153198000 +0200
+@@ -5,9 +5,9 @@
+ AUTOMAKE_OPTIONS = 1.9 gnu dist-bzip2 check-news
+ 
+ if STATIC_MODULES
+-SUBDIRS = modules libpam libpamc libpam_misc tests po conf doc examples xtests
++SUBDIRS = modules libpam libpamc libpam_misc tests po conf examples xtests
+ else
+-SUBDIRS = libpam tests libpamc libpam_misc modules po conf doc examples xtests
++SUBDIRS = libpam tests libpamc libpam_misc modules po conf examples xtests
+ endif
+ 
+ CLEANFILES = *~
+@@ -28,19 +28,7 @@
+ 
+ ACLOCAL_AMFLAGS = -I m4
+ 
+-release: dist releasedocs
+-
+-release-docs: releasedocs
+-
+-releasedocs:
+-	rm -rf Linux-PAM-$(VERSION)
+-	mkdir -p Linux-PAM-$(VERSION)/doc
+-	make -C doc releasedocs
+-	tar zfc Linux-PAM-$(VERSION)-docs.tar.gz \
+-		Linux-PAM-$(VERSION)/doc
+-	tar jfc Linux-PAM-$(VERSION)-docs.tar.bz2 \
+-		Linux-PAM-$(VERSION)/doc
+-	rm -rf Linux-PAM-$(VERSION)
++release: dist 
+ 
+ xtests:
+ 	make -C xtests xtests
diff --git a/recipes/pam/libpam-base-files.bb b/recipes/pam/libpam-base-files.bb
new file mode 100644
index 0000000000..52d762202e
--- /dev/null
+++ b/recipes/pam/libpam-base-files.bb
@@ -0,0 +1,18 @@
+DESCRIPTION = "Linux-PAM authentication library for Linux. Base configuration files"
+
+SECTION = "libs"
+PRIORITY = "optional"
+LICENSE = "GPLv2"
+DEPENDS = ""
+RDEPENDS = "libpam"
+
+PR = "r2"
+
+SRC_URI = " \
+           file://pam.d/* \
+"
+
+do_install() {         
+          install -d ${D}${sysconfdir}/pam.d/     
+          install -m 0644 ${WORKDIR}/pam.d/* ${D}${sysconfdir}/pam.d/
+}
diff --git a/recipes/pam/libpam-base-files/pam.d/atd b/recipes/pam/libpam-base-files/pam.d/atd
new file mode 100644
index 0000000000..17ffb134d3
--- /dev/null
+++ b/recipes/pam/libpam-base-files/pam.d/atd
@@ -0,0 +1,10 @@
+#
+# The PAM configuration file for the at daemon
+#
+
+auth       required     pam_env.so
+auth       include      common-auth
+account    include      common-account
+password   include      common-password
+session    required     pam_limits.so
+session    include      common-session
diff --git a/recipes/pam/libpam-base-files/pam.d/common-account b/recipes/pam/libpam-base-files/pam.d/common-account
new file mode 100644
index 0000000000..316b17337b
--- /dev/null
+++ b/recipes/pam/libpam-base-files/pam.d/common-account
@@ -0,0 +1,25 @@
+#
+# /etc/pam.d/common-account - authorization settings common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of the authorization modules that define
+# the central access policy for use on the system.  The default is to
+# only deny service to users whose accounts are expired in /etc/shadow.
+#
+# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
+# To take advantage of this, it is recommended that you configure any
+# local modules either before or after the default block, and use
+# pam-auth-update to manage selection of other modules.  See
+# pam-auth-update(8) for details.
+#
+
+# here are the per-package modules (the "Primary" block)
+account	[success=1 new_authtok_reqd=done default=ignore]	pam_unix.so 
+# here's the fallback if no module succeeds
+account	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+account	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+# end of pam-auth-update config
diff --git a/recipes/pam/libpam-base-files/pam.d/common-auth b/recipes/pam/libpam-base-files/pam.d/common-auth
new file mode 100644
index 0000000000..460b69f198
--- /dev/null
+++ b/recipes/pam/libpam-base-files/pam.d/common-auth
@@ -0,0 +1,18 @@
+#
+# /etc/pam.d/common-auth - authentication settings common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of the authentication modules that define
+# the central authentication scheme for use on the system
+# (e.g., /etc/shadow, LDAP, Kerberos, etc.).  The default is to use the
+# traditional Unix authentication mechanisms.
+
+# here are the per-package modules (the "Primary" block)
+auth	[success=1 default=ignore]	pam_unix.so nullok_secure
+# here's the fallback if no module succeeds
+auth	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+auth	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
diff --git a/recipes/pam/libpam-base-files/pam.d/common-password b/recipes/pam/libpam-base-files/pam.d/common-password
new file mode 100644
index 0000000000..bc98f199b9
--- /dev/null
+++ b/recipes/pam/libpam-base-files/pam.d/common-password
@@ -0,0 +1,27 @@
+#
+# /etc/pam.d/common-password - password-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define the services to be
+# used to change user passwords.  The default is pam_unix.
+
+# Explanation of pam_unix options:
+#
+# The "sha512" option enables salted SHA512 passwords.  Without this option,
+# the default is Unix crypt.  Prior releases used the option "md5".
+#
+# The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
+# login.defs.
+#
+# See the pam_unix manpage for other options.
+
+# here are the per-package modules (the "Primary" block)
+password	[success=1 default=ignore]	pam_unix.so obscure sha512
+# here's the fallback if no module succeeds
+password	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+password	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+password	optional	pam_gnome_keyring.so 
diff --git a/recipes/pam/libpam-base-files/pam.d/common-session b/recipes/pam/libpam-base-files/pam.d/common-session
new file mode 100644
index 0000000000..2123967d15
--- /dev/null
+++ b/recipes/pam/libpam-base-files/pam.d/common-session
@@ -0,0 +1,20 @@
+#
+# /etc/pam.d/common-session - session-related modules common to all services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define tasks to be performed
+# at the start and end of sessions of *any* kind (both interactive and
+# non-interactive).
+#
+
+# here are the per-package modules (the "Primary" block)
+session	[default=1]			pam_permit.so
+# here's the fallback if no module succeeds
+session	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+session	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+session	required	pam_unix.so 
+session	optional			pam_ck_connector.so nox11
diff --git a/recipes/pam/libpam-base-files/pam.d/common-session-noninteractive b/recipes/pam/libpam-base-files/pam.d/common-session-noninteractive
new file mode 100644
index 0000000000..b110bb2b49
--- /dev/null
+++ b/recipes/pam/libpam-base-files/pam.d/common-session-noninteractive
@@ -0,0 +1,19 @@
+#
+# /etc/pam.d/common-session-noninteractive - session-related modules
+# common to all non-interactive services
+#
+# This file is included from other service-specific PAM config files,
+# and should contain a list of modules that define tasks to be performed
+# at the start and end of all non-interactive sessions.
+#
+
+# here are the per-package modules (the "Primary" block)
+session	[default=1]			pam_permit.so
+# here's the fallback if no module succeeds
+session	requisite			pam_deny.so
+# prime the stack with a positive return value if there isn't one already;
+# this avoids us returning an error just because nothing sets a success code
+# since the modules above will each just jump around
+session	required			pam_permit.so
+# and here are more per-package modules (the "Additional" block)
+session	required	pam_unix.so 
diff --git a/recipes/pam/libpam-base-files/pam.d/cron b/recipes/pam/libpam-base-files/pam.d/cron
new file mode 100644
index 0000000000..743c0ed31f
--- /dev/null
+++ b/recipes/pam/libpam-base-files/pam.d/cron
@@ -0,0 +1,11 @@
+#
+# The PAM configuration file for the cron daemon
+#
+
+auth       include      common-auth
+session    required     pam_env.so
+account    include      common-account
+session    include      common-session-noninteractive
+# Sets up user limits, please define limits for cron tasks
+# through /etc/security/limits.conf
+session    required   pam_limits.so
diff --git a/recipes/pam/libpam-base-files/pam.d/cups b/recipes/pam/libpam-base-files/pam.d/cups
new file mode 100644
index 0000000000..8e7f973a2c
--- /dev/null
+++ b/recipes/pam/libpam-base-files/pam.d/cups
@@ -0,0 +1,3 @@
+auth       include      common-auth
+account    include      common-account
+session    include      common-session
diff --git a/recipes/pam/libpam-base-files/pam.d/cvs b/recipes/pam/libpam-base-files/pam.d/cvs
new file mode 100644
index 0000000000..9627c4f7bf
--- /dev/null
+++ b/recipes/pam/libpam-base-files/pam.d/cvs
@@ -0,0 +1,12 @@
+#
+# /etc/pam.d/cvs - specify the PAM behaviour of CVS
+#
+
+# We fall back to the system default in /etc/pam.d/common-*
+
+auth       include      common-auth
+account    include      common-account
+
+# We don't use password or session modules at all
+# password   include      common-password
+# session    include      common-session
diff --git a/recipes/pam/libpam-base-files/pam.d/libcupsys2 b/recipes/pam/libpam-base-files/pam.d/libcupsys2
new file mode 100644
index 0000000000..8e7f973a2c
--- /dev/null
+++ b/recipes/pam/libpam-base-files/pam.d/libcupsys2
@@ -0,0 +1,3 @@
+auth       include      common-auth
+account    include      common-account
+session    include      common-session
diff --git a/recipes/pam/libpam-base-files/pam.d/other b/recipes/pam/libpam-base-files/pam.d/other
new file mode 100644
index 0000000000..6e40cd0c02
--- /dev/null
+++ b/recipes/pam/libpam-base-files/pam.d/other
@@ -0,0 +1,27 @@
+#
+# /etc/pam.d/other - specify the PAM fallback behaviour
+#
+# Note that this file is used for any unspecified service; for example
+#if /etc/pam.d/cron  specifies no session modules but cron calls
+#pam_open_session, the session module out of /etc/pam.d/other is
+#used.  
+
+#If you really want nothing to happen then use pam_permit.so or
+#pam_deny.so as appropriate.
+
+# We use pam_warn.so to generate syslog notes that the 'other'
+#fallback rules are being used (as a hint to suggest you should setup
+#specific PAM rules for the service and aid to debugging). We then 
+#fall back to the system default in /etc/pam.d/common-*
+
+auth       required     pam_warn.so
+auth       include      common-auth
+
+account    required     pam_warn.so
+account    include      common-account
+
+password   required     pam_warn.so
+password   include      common-password
+
+session    required     pam_warn.so
+session    include      common-session
diff --git a/recipes/pam/libpam-base-files/pam.d/polkit-1 b/recipes/pam/libpam-base-files/pam.d/polkit-1
new file mode 100644
index 0000000000..836b53d61a
--- /dev/null
+++ b/recipes/pam/libpam-base-files/pam.d/polkit-1
@@ -0,0 +1,6 @@
+#%PAM-1.0
+
+auth       include      common-auth
+account    include      common-account
+password   include      common-password
+session    include      common-session
diff --git a/recipes/pam/libpam-base-files/pam.d/ppp b/recipes/pam/libpam-base-files/pam.d/ppp
new file mode 100644
index 0000000000..aed08fd1b2
--- /dev/null
+++ b/recipes/pam/libpam-base-files/pam.d/ppp
@@ -0,0 +1,8 @@
+#%PAM-1.0
+# Information for the PPPD process with the 'login' option.
+
+auth       required     pam_nologin.so
+auth       include      common-auth
+account    include      common-account
+session    include      common-session
+
diff --git a/recipes/pam/libpam-base-files/pam.d/sesman b/recipes/pam/libpam-base-files/pam.d/sesman
new file mode 100644
index 0000000000..836b53d61a
--- /dev/null
+++ b/recipes/pam/libpam-base-files/pam.d/sesman
@@ -0,0 +1,6 @@
+#%PAM-1.0
+
+auth       include      common-auth
+account    include      common-account
+password   include      common-password
+session    include      common-session
diff --git a/recipes/pam/libpam-base-files/pam.d/sshd b/recipes/pam/libpam-base-files/pam.d/sshd
new file mode 100644
index 0000000000..c0028ff3cb
--- /dev/null
+++ b/recipes/pam/libpam-base-files/pam.d/sshd
@@ -0,0 +1,33 @@
+# PAM configuration for the Secure Shell service
+
+# Read environment variables from /etc/environment and
+# /etc/security/pam_env.conf.
+auth       required     pam_env.so # [1]
+
+# Standard Un*x authentication.
+auth       include      common-auth
+
+# Disallow non-root logins when /etc/nologin exists.
+account    required     pam_nologin.so
+
+# Uncomment and edit /etc/security/access.conf if you need to set complex
+# access limits that are hard to express in sshd_config.
+# account  required     pam_access.so
+
+# Standard Un*x authorization.
+account    include      common-accountt
+
+# Standard Un*x session setup and teardown.
+session    include      common-session
+
+# Print the message of the day upon successful login.
+session    optional     pam_motd.so # [1]
+
+# Print the status of the user's mailbox upon successful login.
+session    optional     pam_mail.so standard noenv # [1]
+
+# Set up user limits from /etc/security/limits.conf.
+session    required     pam_limits.so
+
+# Standard Un*x password updating.
+password   include      common-password
diff --git a/recipes/pam/libpam_1.0.2.bb b/recipes/pam/libpam_1.0.2.bb
index b288458e98..1ab7fa95f9 100644
--- a/recipes/pam/libpam_1.0.2.bb
+++ b/recipes/pam/libpam_1.0.2.bb
@@ -12,7 +12,10 @@ LICENSE = "GPLv2"
 
 DEPENDS = "flex flex-native"
 
-PR = "r4"
+# PAM is not a lot of use without configuration files and the plugins
+RRECOMMENDS_${PN} = "libpam-meta libpam-base-files"
+
+PR = "r5"
 
 # The project is actually called Linux-PAM but that gives
 # a bad OE package name because of the upper case characters
@@ -66,7 +69,6 @@ python populate_packages_prepend () {
 	bb.data.setVar('PACKAGES', ' '.join(packages), d)
 }
 
-
 do_stage() {
 	autotools_stage_all
 }
diff --git a/recipes/pam/libpam_1.1.0.bb b/recipes/pam/libpam_1.1.0.bb
new file mode 100644
index 0000000000..d974f4db4d
--- /dev/null
+++ b/recipes/pam/libpam_1.1.0.bb
@@ -0,0 +1,74 @@
+DESCRIPTION = "\
+PAM authentication library for Linux.  \
+Linux-PAM (Pluggable Authentication Modules for Linux) is a \
+library that enables the local system administrator to choose \
+how individual applications authenticate users. For an \
+overview of the Linux-PAM library see the Linux-PAM System \
+Administrators' Guide."
+HOMEPAGE = "http://kernel.org/pub/linux/libs/pam"
+SECTION = "libs"
+PRIORITY = "optional"
+LICENSE = "GPLv2"
+
+DEPENDS = "flex flex-native"
+
+# PAM is not a lot of use without configuration files and the plugins
+RRECOMMENDS_${PN} = "libpam-meta libpam-base-files"
+
+PR = "r1"
+
+# The project is actually called Linux-PAM but that gives
+# a bad OE package name because of the upper case characters
+pn = "Linux-PAM"
+p = "${pn}-${PV}"
+S = "${WORKDIR}/${p}"
+
+SRC_URI = "${KERNELORG_MIRROR}/pub/linux/libs/pam/library/${p}.tar.bz2 \
+           file://pam-nodocs.patch;patch=1 \
+           file://fix_disabled_nls.patch;patch=1 \
+          "
+
+UCLIBC_PATCHES = " file://pam-disable-nis-on-uclibc.patch;patch=1 \
+                   file://disable_modules_uclibc.patch;patch=1 \
+                 "
+
+SRC_URI_append_linux-uclibc = ${UCLIBC_PATCHES}
+SRC_URI_append_linux-uclibceabi = ${UCLIBC_PATCHES}
+
+inherit autotools gettext
+
+LEAD_SONAME = "libpam.so.*"
+
+# maintain the pam default layout
+EXTRA_OECONF += " --includedir=${includedir}/security"
+
+PACKAGES_DYNAMIC += " libpam-meta pam-plugin-*"
+
+python populate_packages_prepend () {
+	import os.path
+
+	pam_libdir = bb.data.expand('${libdir}/security', d)
+	pam_libdirdebug = bb.data.expand('${libdir}/security/.debug', d)
+	pam_filterdir = bb.data.expand('${libdir}/security/pam_filter', d)
+	do_split_packages(d, pam_libdir, '^pam(.*)\.so$', 'pam-plugin%s', 'PAM plugin for %s', extra_depends='')
+	do_split_packages(d, pam_libdir, '^pam(.*)\.la$', 'pam-plugin%s-dev', 'PAM plugin for %s dev', extra_depends='')
+	if os.path.exists(pam_libdirdebug):
+		do_split_packages(d, pam_libdirdebug, '^pam(.*)\.so$', 'pam-plugin%s-dbg', 'PAM plugin for %s debugging symbols', extra_depends='')
+	do_split_packages(d, pam_filterdir, '^(.*)$', 'pam-filter-%s', 'PAM filter for %s', extra_depends='')
+
+	pn = bb.data.getVar('PN', d, 1)
+	metapkg =  pn + '-meta'
+	bb.data.setVar('ALLOW_EMPTY_' + metapkg, "1", d)
+	bb.data.setVar('FILES_' + metapkg, "", d)
+	blacklist = [ pn + '-locale', pn + '-dev', pn + '-dbg', pn + '-doc' ]
+	metapkg_rdepends = []
+	packages = bb.data.getVar('PACKAGES', d, 1).split()
+	for pkg in packages[1:]:
+		if not pkg in blacklist and not pkg in metapkg_rdepends and not pkg.endswith('-dev') and not pkg.count('locale') and pkg.count('plugin'):
+			metapkg_rdepends.append(pkg)
+	bb.data.setVar('RDEPENDS_' + metapkg, ' '.join(metapkg_rdepends), d)
+	bb.data.setVar('DESCRIPTION_' + metapkg, pn + ' meta package', d)
+	packages.append(metapkg)
+	bb.data.setVar('PACKAGES', ' '.join(packages), d)
+}
+