summaryrefslogtreecommitdiff
path: root/meta/recipes-extended/pam
AgeCommit message (Collapse)AuthorFiles
2017-03-21meta: replace uses of bb.data.expand(VARNAME, d) with d.expand(VARNAME)Joshua Lock1
bb.data.expand(x, d) is deprecated API. [YOCTO #10678] Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2016-12-16meta: remove True option to getVar callsJoshua Lock1
getVar() now defaults to expanding by default, thus remove the True option from getVar() calls with a regex search and replace. Search made with the following regex: getVar ?\(( ?[^,()]*), True\) Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2016-06-02libpam: update dependency listMaxin B. John1
Depend only on bison-native as configure script is checking only for bison binary and libpam itself doesn't need target bison. Add libxml2-native for deterministic build (it detects xmlcatalog and xmllint) Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2016-05-30libpam: update to 1.3.0Maxin B. John4
1.2.1 -> 1.3.0 Remove upstreamed patch: a) pam-no-innetgr.patch Refreshed the following patches for 1.3.0: a) crypt_configure.patch b) pam-unix-nullok-secure.patch Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2016-03-10libpam: define limits.conf as CONFFILES of package libpam-runtimeZhixiong Chi1
Based as security reason, the system must limit users to simultaneous system logins, or a site-defined number. To avoid overwriting the /etc/security/limits.conf file after upgrading this rpm package, we will define the file as CONFFILES of package libpam-runtime. Signed-off-by: Zhixiong Chi <Zhixiong.Chi@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-12-16meta: Drop now pointless manual -dbg packagingRichard Purdie1
With the autodebug package generation logic, specifically setting FILES_${PN}-dbg isn't needed in most cases, we can remove them. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-12-12libpam: Fix build with muslKhem Raj3
Define strndupa if not available in libc additionally fix headers to explicitly needed include files which glibc was including indirectly Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2015-10-24libpam: Fix build with uclibcKhem Raj2
libpam needs to adjust for posix utmpx uclibc now disables utmp Change-Id: Ibcb7cb621527f318eb8b6e2741647ccb4c6bb39c Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2015-08-09libpam: Fix patch broken during upgradeRichard Purdie1
"0x200" became "0200" during the upgrade to libpam 1.2.1 in: http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/?id=88dd997d9941b63ae9eead6690ecf2b785c0740c and this broke the IMAGE_FEATURES like debug-tweaks. I've converted all the values to octal here to match the original header file convention and make it clearer. [YOCTO #8033] Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-07-20libpam: Upgrade v1.1.6 -> v1.2.1Amarnath Valluri8
Dropped upstreamed patches(commit-id): - add-checks-for-crypt-returning-NULL.patch(8dc056c) - destdirfix.patch(d7e6b92) - libpam-fix-for-CVE-2010-4708.patch(4c430f6) Dropped backported patches(commit-id): - pam_timestamp-fix-potential-directory-traversal-issu.patch(9dcead8) - reflect-the-enforce_for_root-semantics-change-in-pam.patch(bd07ad3) Forward ported patches: - pam-unix-nullok-secure.patch - crypt_configure.patch Signed-off-by: Amarnath Valluri <amarnath.valluri@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2015-06-08libpam: Fix wrong crypt library detectionKhem Raj2
Surfaced when building with musl This details are in patch headers Enabel innetgr.patch for musl as well Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2014-12-03libpam: avoid overwritting editable files during package updatingJian Liu1
Use CONFFILES to mark editable files as such, /etc/pam.d/common-session /etc/pam.d/common-auth /etc/pam.d/common-password /etc/pam.d/common-session-noninteractive /etc/pam.d/common-account If there is no %config micro before the file name in the spec file, this file will be overwritten after updating package. This will make our settings lost. Signed-off-by: Jian Liu <jian.liu@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2014-11-25libpam: Stop a QA WARNING when building multlib versionYue Tao1
WARNING: QA Issue: lib64-libpam: Files/directories were installed but not shipped /usr/sbin/pam_console_apply Because the package name is changed to mlprefix-pam-plugin-console. The file must be appended to that item. Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Mark Hatle <mark.hatle@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2014-09-29libpam / xtests: remove bash dependencyWenzong Fan2
There's not bash specific syntax in the xtests scripts: $ cd Linux-PAM-1.1.6/xtests # replace /bin/bash to /bin/sh and check the bashisms: $ checkbashisms *.sh No output So the runtime dependency to bash could be removed. Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
2014-08-31libpam: remove MLPREFIX from PNRobert Yang1
The commit df3038768f59f7a0c814974ff674d4e59cbdfca4 changed 'libpam' to 'pn', then we don't need the "MLPREFIX + pn" any more, otherwise we would get the name like: "lib32-lib32-libpam-x", and the warn: WARNING: QA Issue: lib32-pam-plugin-access rdepends on lib32-lib32-libpam-suffix, but it isn't a build dependency? [build-deps] Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-08-31libpam: Fix multilib packagingOtavio Salvador1
The plugin runtime dependencies were not including the multilib prefix, fix it. Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-08-31libpam: Fix runtime providersOtavio Salvador1
The runtime providers were commented out. Removing the comment brings up a issue with the native renaming which has been workarounded disabling the runtime recommendation. This is indeed a workaround so a FIXME comment has been added to remind about it in case we someday move to native prefix. Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-08-28meta: fix RDEPNEDS for the test related pkgsRobert Yang1
Add bash, python or perl to the ptest pkgs to fix the RDEPENDS issues. Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-08-15libpam: Allow use during build and in SDKOtavio Salvador1
The recipe had libpam hardcoded in some places which were causing failures as the metadata renaming hooks does not change those, generating a broken dependencies list. This patch fixes those and add the native and nativesdk support. Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-06-17libpam: Security Advisory - CVE-2014-2583Yue Tao2
v2 changes: * update format for commit log * add Upstream-Status for patch Multiple directory traversal vulnerabilities in pam_timestamp.c in the pam_timestamp module for Linux-PAM (aka pam) 1.1.8 allow local users to create aribitrary files or possibly bypass authentication via a .. (dot dot) in the (1) PAM_RUSER value to the get_ruser function or (2) PAM_TTY value to the check_tty funtion, which is used by the format_timestamp_name function. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2583 Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-04-25Globally replace 'base_contains' calls with 'bb.utils.contains'Otavio Salvador1
The base_contains is kept as a compatibility method and we ought to not use it in OE-Core so we can remove it from base metadata in future. Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-04-09libpam: fix 64-bit pam plugins not installed when add to 32-bit imageHongxu Jia1
While the BSP is configured as a 64-bit kernel and 32-bit userspace, add a 64-bit version of libpam to the filesystem, there was a failure: ... | Computing transaction...error: Can't install pam-plugin-unix-1.1.6-r2@lib64_x86_64: no package provides libpam-lib64 | | Saving cache... ... While using 'lib64' as the multilib suffix of libpam RPROVIDES , the RPROVIDES was overridden by map_depends_variable in classextend.py. ... $RPROVIDES_lib64-libpam [2 operations] set data_smart.py:429 [finalize] " libpam-${baselib}" set classextend.py:71 [map_depends_variable]4532 "lib64-libpam" computed: "lib64-libpam" RPROVIDES_lib64-libpam="lib64-libpam" ... Rename the suffix could fix this issue. [YOCTO #4532] Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-04-01libpam: fix multilib packaging issue for pam-pluginsMing Liu1
libpam might miss ABI specific dependencies for pam-plugins-*, for RPM uses generic names to check the packages depending on it and doesn't consider the arch, which will lead to packaging issues in mulbilib build. pam_plugin_hook is added because the plugin packages are dynamically generated, so we need to manually process multilib names by add baselib to RPROVIDES/RDEPENDS as ABI specific tag. Signed-off-by: Ming Liu <ming.liu@windriver.com> I worked with Ming Liu on this particular issue. You may wonder why this is necessary let me attempt to explain the underlying causes. In deb/ipk on a multilib package, the package name has specific multilib references in it. I.e. the alternative libraries start with something like lib32-... This was done primarily because deb/ipk do not allow two packages with the same name (but different architectures) to be installed at the same time. So the name has to be unique. In RPM however, the names of the packages and matches with the architectures and if they are not the same we can do these multilib installs. This matches the behavior of other RPM based distributions and in many ways the tools people are used to working with RPM. For the most part this works fine in multilib configurations because additional per-file dependencies are added that capture the shared library dependencies with ABI specific information. This unfortunately fails in a few cases where plugins are dynamically loaded via dlopen -- such as libpam. One possible fix is simply to follow the deb/ipk package naming, but this causes a design advantage of rpm. When a package has a dependency on 'bash', we really don't care what bash is installed, only that -a- bash is installed. In the deb/ipk case, the lib32- packages would end up with a lib32-bash dependency and you could potentially end up with two 'bash' packages being installed. So the fix I recommended for the issue was to add the baselib path to the internal dependencies. Since we know that the libpam installed in 'lib' needs the modules that were compiled to also work with the 'lib' version of libpam. While the libpam in 'lib64' need the modules to work with the 'lib64' version of the plugins. Existing dependencies are preserved so there is no impact in the ipk/deb case, the RPM case is resolved as the additional dependency information is now present for the package manager to select the package we really want. If anyone else has a suggestion for an alternative fix, we're interested -- but this is the best answer we could come up with. (If any of the above should be added to the commit message, the YP bug, or documentation, please let me know and I'll make sure it gets added.) Signed-off-by: Mark Hatle <mark.hatle@windriver.com> [YOCTO #4532] Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-03-05recipes: bump PRsMartin Jansa1
* resolves following warnings: WARNING: Use of PRINC 17 was detected in the recipe meta-openembedded/meta-systemd/recipes-core/systemd/systemd-machine-units_1.0.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe meta-openembedded/meta-gpe/recipes-support/fbreader/fbreader_0.12.10.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe meta-openembedded/meta-gpe/recipes-support/fbreader/fbreader_git.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe meta-openembedded/meta-multimedia/recipes-multimedia/sox/sox_14.4.0.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe meta-openembedded/meta-oe/recipes-multimedia/mplayer/mplayer-common.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe meta-smartphone/meta-android/recipes-bsp/chroot-script/chroot-script_1.0.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe openembedded-core/meta/recipes-connectivity/avahi/avahi-ui_0.6.31.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe openembedded-core/meta/recipes-connectivity/bind/bind_9.8.1.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe openembedded-core/meta/recipes-core/systemd/systemd-serialgetty.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe openembedded-core/meta/recipes-core/sysvinit/sysvinit-inittab_2.88dsf.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe openembedded-core/meta/recipes-extended/screen/screen_4.0.3.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe openembedded-core/meta/recipes-extended/shadow/shadow-securetty_4.1.4.3.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe openembedded-core/meta/recipes-extended/shadow/shadow_4.1.4.3.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe openembedded-core/meta/recipes-graphics/libsdl/libsdl_1.2.15.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe openembedded-core/meta/recipes-graphics/packagegroups/packagegroup-core-x11-xserver.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe openembedded-core/meta/recipes-kernel/modutils-initscripts/modutils-initscripts.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe openembedded-core/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.25.bb (or one of its .bbappends) WARNING: Use of PRINC 1 was detected in the recipe openembedded-core/meta/recipes-support/libcap/libcap_2.22.bb (or one of its .bbappends) WARNING: Use of PRINC 11 was detected in the recipe openembedded-core/meta/recipes-bsp/keymaps/keymaps_1.0.bb (or one of its .bbappends) WARNING: Use of PRINC 11 was detected in the recipe openembedded-core/meta/recipes-core/systemd/systemd-compat-units.bb (or one of its .bbappends) WARNING: Use of PRINC 12 was detected in the recipe openembedded-core/meta/recipes-core/initscripts/initscripts_1.0.bb (or one of its .bbappends) WARNING: Use of PRINC 13 was detected in the recipe openembedded-core/meta/recipes-core/base-files/base-files_3.0.14.bb (or one of its .bbappends) WARNING: Use of PRINC 2 was detected in the recipe meta-openembedded/meta-oe/recipes-navigation/navit/navit_svn.bb (or one of its .bbappends) WARNING: Use of PRINC 2 was detected in the recipe meta-openembedded/meta-oe/recipes-support/lvm2/lvm2_2.02.97.bb (or one of its .bbappends) WARNING: Use of PRINC 2 was detected in the recipe openembedded-core/meta/recipes-connectivity/portmap/portmap_6.0.bb (or one of its .bbappends) WARNING: Use of PRINC 2 was detected in the recipe openembedded-core/meta/recipes-extended/pam/libpam_1.1.6.bb (or one of its .bbappends) WARNING: Use of PRINC 2 was detected in the recipe openembedded-core/meta/recipes-graphics/packagegroups/packagegroup-core-x11.bb (or one of its .bbappends) WARNING: Use of PRINC 3 was detected in the recipe meta-openembedded/meta-efl/recipes-efl/efl/entrance_svn.bb (or one of its .bbappends) WARNING: Use of PRINC 3 was detected in the recipe meta-openembedded/meta-oe/recipes-multimedia/mplayer/mplayer2_git.bb (or one of its .bbappends) WARNING: Use of PRINC 3 was detected in the recipe openembedded-core/meta/recipes-bsp/formfactor/formfactor_0.0.bb (or one of its .bbappends) WARNING: Use of PRINC 3 was detected in the recipe openembedded-core/meta/recipes-connectivity/avahi/avahi_0.6.31.bb (or one of its .bbappends) WARNING: Use of PRINC 3 was detected in the recipe openembedded-core/meta/recipes-connectivity/dhcp/dhcp_4.2.5-P1.bb (or one of its .bbappends) WARNING: Use of PRINC 3 was detected in the recipe openembedded-core/meta/recipes-core/init-ifupdown/init-ifupdown_1.0.bb (or one of its .bbappends) WARNING: Use of PRINC 3 was detected in the recipe openembedded-core/meta/recipes-graphics/xinput-calibrator/pointercal-xinput_0.0.bb (or one of its .bbappends) WARNING: Use of PRINC 5 was detected in the recipe meta-openembedded/meta-oe/recipes-core/meta/distro-feed-configs.bb (or one of its .bbappends) WARNING: Use of PRINC 5 was detected in the recipe openembedded-core/meta/recipes-connectivity/bluez/bluez4_4.101.bb (or one of its .bbappends) WARNING: Use of PRINC 6 was detected in the recipe openembedded-core/meta/recipes-core/packagegroups/packagegroup-base.bb (or one of its .bbappends) WARNING: Use of PRINC 6 was detected in the recipe openembedded-core/meta/recipes-core/packagegroups/packagegroup-core-boot.bb (or one of its .bbappends) WARNING: Use of PRINC 6 was detected in the recipe openembedded-core/meta/recipes-graphics/xorg-xserver/xserver-xf86-config_0.1.bb (or one of its .bbappends) WARNING: Use of PRINC 7 was detected in the recipe meta-openembedded/meta-oe/recipes-navigation/gpsd/gpsd_3.7.bb (or one of its .bbappends) WARNING: Use of PRINC 7 was detected in the recipe openembedded-core/meta/recipes-core/udev/udev-extraconf_1.0.bb (or one of its .bbappends) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2013-12-05classes/recipes: More optimal DISTRO_FEATURES referencesRichard Purdie1
Using the contains function results in more optimal sstate checksums resulting in better cache reuse as we as more consistent code. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2013-09-24libpam: Avoid host contamination issue w. libpreludeDavid Nyström1
Since we dont use prelude in OE, we just disable autodetection of prelude in the libpam configuration. Seems like an old bug: http://lists.openembedded.org/pipermail/openembedded-devel/2012-March/083804.html Signed-off-by: David Nyström <david.nystrom@enea.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2013-09-20libpam: only use pam_systemd.so if systemd is enabledRoss Burton2
So that sysvinit images don't warn on every login only add it to common-session if systemd is a DISTRO_FEATURE. [ YOCTO #3805 ] Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2013-08-26libpam: add PACKAGECONFIG data concerning auditJoe Slater1
We do not want libpam to build using audit just because it happens to be lying around, so we create PACKAGECONFIG[] data to give us explicit control. Signed-off-by: Joe Slater <jslater@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
2013-07-31libpam: deny all services for the OTHER entriesMing Liu1
To be secure, change behavior of the OTHER entries to warn and deny access to everything by stating pam_deny.so on all services. Signed-off-by: Ming Liu <ming.liu@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
2013-07-22libpam: add a new 'nullok_secure' option support to pam_unixMing Liu3
Debian patch to add a new 'nullok_secure' option to pam_unix, which accepts users with null passwords only when the applicant is connected from a tty listed in /etc/securetty. The original pam_unix.so was configured with nullok_secure in meta/recipes-extended/pam/libpam/pam.d/common-auth, but no such code exists actually. The patch set comes from: http://patch-tracker.debian.org/patch/series/view/pam/1.1.3-7.1/054_pam_security_abstract_securetty_handling http://patch-tracker.debian.org/patch/series/view/pam/1.1.3-7.1/055_pam_unix_nullok_secure Signed-off-by: Ming Liu <ming.liu@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
2013-07-09libpam: inherit pkgconfigMartin Jansa1
* missing dependency on pkgconfig-native was causing that PKG_CHECK_MODULES(DBUS, dbus-1) stayed unexpanded in configure script: checking for dbm_store in -lndbm... no libpam/1.1.6-r2/Linux-PAM-1.1.6/configure: line 14217: syntax error near unexpected token `libtirpc,' libpam/1.1.6-r2/Linux-PAM-1.1.6/configure: line 14217: ` PKG_CHECK_MODULES(libtirpc, libtirpc,' Configure failed. The contents of all config.log files follows to aid debugging Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
2013-06-25libpam: check if PAM is enabled when buildingRoss Burton1
Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
2013-06-25libpam: fix whitespace in shell functionRoss Burton1
Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
2013-06-19libpam: Fix for CVE-2010-4708Wenzong Fan2
Change default for user_readenv to 0 and document the new default for user_readenv. This fix from: http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/modules/pam_env /pam_env.c?r1=1.22&r2=1.23&view=patch http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/modules/pam_env /pam_env.8.xml?r1=1.7&r2=1.8&view=patch Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2013-05-29libpam: Avoid wildcards in the SRC_URIMark Hatle1
Remove the wildcard from the SRC_URI. This causes problems when you .bbappend and add a FILESEXTRAPATHS entry. The unpack task may be unable to find the files to unpack leading to an error. Avoid wildcards at all costs... Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Mark Hatle <mark.hatle@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2013-04-17libpam: backport patches from upstreamKai Kang3
Backport patches from linux-pam git repo to fix test case tst-pam_pwhistory1 failure. [YOCTO #4107] Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2013-03-21pam: Fix case where ${B} != ${S}Richard Purdie2
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2013-01-20libpam: register PAM session with logindKoen Kooi1
This make screen/tmux/etc work as intended. Signed-off-by: Martin Donnelly <martin.donnelly@ge.com> Signed-off-by: Koen Kooi <koen@dominion.thruhere.net> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2013-01-04libpam: enable multilibConstantin Musca1
Fix the following warning: WARNING: QA Issue: lib32-libpam: Files/directories were installed but not shipped /usr/sbin/unix_chkpwd /usr/sbin/pam_tally2 /usr/sbin/mkhomedir_helper /usr/sbin/unix_update /usr/sbin/pam_timestamp_check /usr/sbin/pam_tally Signed-off-by: Constantin Musca <constantinx.musca@intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
2012-10-19PACKAGES_DYNAMIC: use regexp not globMartin Jansa1
* bitbake uses PACKAGES_DYNAMIC as regexp ^ could make matching faster (and it will be more clear that we're expecting regexp not glob) * made all those last '-' optional, use .* (or nothing) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2012-08-19libpam: Fix missing DESTDIR for a mkdir causing build failuresRichard Purdie2
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2012-08-19libpam: Update recipes from 1.1.5 -> 1.1.6Khem Raj2
Drop include-sys-resource.patch already fixed upstream LIC_FILE_CHKSUM change is due to deletion of space in COPYING file see http://git.fedorahosted.org/cgit/linux-pam.git/commit/COPYING?id=1814aec611a5f9e03eceee81237ad3a3f51c954a Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2012-08-06libpam: disable NIS to not link with libtirpc when it is availableMarcin Juszkiewicz1
I was checking ways to make incremental builds faster so I started using sstate-cache and SSTATE_MIRRORS. But this gave me some nasty bug: | Collected errors: | * satisfy_dependencies_for: Cannot satisfy the following dependencies for php-cgi: | * libtirpc1 (>= 0.2.2) * | * opkg_install_cmd: Cannot install package php-cgi. I checked details: In my previous build libtirpc got built before libpam so libpam found it and linked. As a result packages depend on libtirpc1 but as there is no such build dependency sstate handling code did not used libtirpc copy... Signed-off-by: Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2012-08-06libpam: use ${localstatedir} and ${sysconfdir} instead of /var and /etcJavier Martinez Canillas1
It is considered good practice to use the build system provided variables instead of directly specify hardcoded paths. Signed-off-by: Javier Martinez Canillas <javier@dowhile0.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2012-07-19Remove a number of unneeded import os/bb callsRichard Purdie1
The bb and os modules are always imported so having these extra import calls are a waste of space/execution time. They also set a bad example for people copy and pasting code so clean them up. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2012-07-19Convert tab indentation in python functions into four-spaceRichard Purdie1
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2012-07-17libpam: Fix build with eglibc 2.16Khem Raj2
pam_unix_acct.c: In function '_unix_run_verify_binary': pam_unix_acct.c:97:19: error: storage size of 'rlim' isn't known pam_unix_acct.c:106:19: error: 'RLIMIT_NOFILE' undeclared (first use in this function) pam_unix_acct.c:106:19: note: each undeclared identifier is reported only once for each function it appears in Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2012-03-05meta: Replace bb.data.expand(xxx, d) -> d.expand(xxx)Richard Purdie1
sed \ -e 's:bb.data.\(expand([^,()]*\), *\([^) ]*\) *):\2.\1):g' \ -i `grep -ril bb.data.expand *` Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2012-03-02V2 Fix libpam's chmodRobert Yang1
The libpam's has an error when generating the rootfs: chmod: cannot access `/usr/sbin/unix_chkpwd': No such file or directory This is because the following code in libpam_1.1.5.bb: pkg_postinst_pam-plugin-unix () { # below is necessary to allow unix_chkpwd get user info from shadow file # on lsb images chmod 4755 ${sbindir}/unix_chkpwd } This is to set the setuid permission for unix_chkpwd (the lsb test requires this), but it lacks a "${D}", and we can do this in the install stage. [YOCTO #2049] Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2012-02-21recipes: bump PR to rebuild .la files without libz.laMartin Jansa1
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>