| Age | Commit message (Collapse) | Author |
|---|
|
Since we dont use prelude in OE, we just disable autodetection of
prelude in the libpam configuration.
Seems like an old bug:
http://lists.openembedded.org/pipermail/openembedded-devel/2012-March/083804.html
Signed-off-by: David Nyström <david.nystrom@enea.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
So that sysvinit images don't warn on every login only add it to common-session
if systemd is a DISTRO_FEATURE.
[ YOCTO #3805 ]
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
We do not want libpam to build using audit just
because it happens to be lying around, so we
create PACKAGECONFIG[] data to give us explicit
control.
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
To be secure, change behavior of the OTHER entries to warn and deny
access to everything by stating pam_deny.so on all services.
Signed-off-by: Ming Liu <ming.liu@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
Debian patch to add a new 'nullok_secure' option to pam_unix, which
accepts users with null passwords only when the applicant is connected
from a tty listed in /etc/securetty.
The original pam_unix.so was configured with nullok_secure in
meta/recipes-extended/pam/libpam/pam.d/common-auth, but no such code
exists actually.
The patch set comes from:
http://patch-tracker.debian.org/patch/series/view/pam/1.1.3-7.1/054_pam_security_abstract_securetty_handling
http://patch-tracker.debian.org/patch/series/view/pam/1.1.3-7.1/055_pam_unix_nullok_secure
Signed-off-by: Ming Liu <ming.liu@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
* missing dependency on pkgconfig-native was causing
that PKG_CHECK_MODULES(DBUS, dbus-1) stayed unexpanded in
configure script:
checking for dbm_store in -lndbm... no
libpam/1.1.6-r2/Linux-PAM-1.1.6/configure:
line 14217: syntax error near unexpected token `libtirpc,'
libpam/1.1.6-r2/Linux-PAM-1.1.6/configure:
line 14217: ` PKG_CHECK_MODULES(libtirpc, libtirpc,'
Configure failed. The contents of all config.log files follows to aid
debugging
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
Change default for user_readenv to 0 and document the
new default for user_readenv.
This fix from:
http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/modules/pam_env
/pam_env.c?r1=1.22&r2=1.23&view=patch
http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/modules/pam_env
/pam_env.8.xml?r1=1.7&r2=1.8&view=patch
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Remove the wildcard from the SRC_URI. This causes problems when you .bbappend
and add a FILESEXTRAPATHS entry. The unpack task may be unable to find the
files to unpack leading to an error.
Avoid wildcards at all costs...
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Backport patches from linux-pam git repo to fix test case
tst-pam_pwhistory1 failure.
[YOCTO #4107]
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This make screen/tmux/etc work as intended.
Signed-off-by: Martin Donnelly <martin.donnelly@ge.com>
Signed-off-by: Koen Kooi <koen@dominion.thruhere.net>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fix the following warning:
WARNING: QA Issue: lib32-libpam: Files/directories were installed but not shipped
/usr/sbin/unix_chkpwd
/usr/sbin/pam_tally2
/usr/sbin/mkhomedir_helper
/usr/sbin/unix_update
/usr/sbin/pam_timestamp_check
/usr/sbin/pam_tally
Signed-off-by: Constantin Musca <constantinx.musca@intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
* bitbake uses PACKAGES_DYNAMIC as regexp
^ could make matching faster (and it will be more clear that we're expecting regexp not glob)
* made all those last '-' optional, use .* (or nothing)
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Drop include-sys-resource.patch already fixed upstream
LIC_FILE_CHKSUM change is due to deletion of space in
COPYING file see
http://git.fedorahosted.org/cgit/linux-pam.git/commit/COPYING?id=1814aec611a5f9e03eceee81237ad3a3f51c954a
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
I was checking ways to make incremental builds faster so I started using
sstate-cache and SSTATE_MIRRORS. But this gave me some nasty bug:
| Collected errors:
| * satisfy_dependencies_for: Cannot satisfy the following dependencies
for php-cgi:
| * libtirpc1 (>= 0.2.2) *
| * opkg_install_cmd: Cannot install package php-cgi.
I checked details:
In my previous build libtirpc got built before libpam so libpam found it
and linked. As a result packages depend on libtirpc1 but as there is no
such build dependency sstate handling code did not used libtirpc copy...
Signed-off-by: Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
It is considered good practice to use the build system provided
variables instead of directly specify hardcoded paths.
Signed-off-by: Javier Martinez Canillas <javier@dowhile0.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The bb and os modules are always imported so having these extra import calls
are a waste of space/execution time. They also set a bad example for people
copy and pasting code so clean them up.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
pam_unix_acct.c: In function '_unix_run_verify_binary':
pam_unix_acct.c:97:19: error: storage size of 'rlim' isn't known
pam_unix_acct.c:106:19: error: 'RLIMIT_NOFILE' undeclared (first use in
this function)
pam_unix_acct.c:106:19: note: each undeclared identifier is reported
only once for each function it appears in
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
sed \
-e 's:bb.data.\(expand([^,()]*\), *\([^) ]*\) *):\2.\1):g' \
-i `grep -ril bb.data.expand *`
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The libpam's has an error when generating the rootfs:
chmod: cannot access `/usr/sbin/unix_chkpwd': No such file or directory
This is because the following code in libpam_1.1.5.bb:
pkg_postinst_pam-plugin-unix () {
# below is necessary to allow unix_chkpwd get user info from shadow file
# on lsb images
chmod 4755 ${sbindir}/unix_chkpwd
}
This is to set the setuid permission for unix_chkpwd (the lsb test
requires this), but it lacks a "${D}", and we can do this in the install
stage.
[YOCTO #2049]
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Dont use autotools, it really not so autoconf like.
the configure script gets updated with every release of zlib
and we overwrite that. Instead use the upstream provided
configure
copyright year was changed in zlib.h which caused change in
LIC_FILE_CHECKSUM
fix.inverted.LFS.logic.patch is already applied upstream so drop it
Drop the configure.ac and Makefile.am scripts since we do not
autoreconf anymore and do not inherit autotools anymore
Bump PR for depending recipes so a rebuild it ensues so that
they dont depend on .la anymore
and add missing dependencies discovered during incremental
build
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
Updated HOMEPAGE, BUGTRACKER, and SRC_URI fields to reflect new
project hosting.
Cleaned up some of the metadata ordering.
Signed-off-by: Scott Garman <scott.a.garman@intel.com>
|
|
This is the result of running the following over the metadata:
sed \
-e 's:bb.data.\(setVar([^,()]*,[^,()]*\), *\([^ )]*\) *):\2.\1):g' \
-e 's:bb.data.\(setVarFlag([^,()]*,[^,()]*,[^,()]*\), *\([^) ]*\) *):\2.\1):g' \
-e 's:bb.data.\(getVar([^,()]*\), *\([^(), ]*\) *,\([^)]*\)):\2.\1,\3):g' \
-e 's:bb.data.\(getVarFlag([^,()]*,[^,()]*\), *\([^(), ]*\) *,\([^)]*\)):\2.\1,\3):g' \
-e 's:bb.data.\(getVarFlag([^,()]*,[^,()]*\), *\([^() ]*\) *):\2.\1):g' \
-e 's:bb.data.\(getVar([^,()]*\), *\([^) ]*\) *):\2.\1):g' \
-i `grep -ril bb.data *`
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
flex-native is required for building libpam. Although this dependency
is now fulfilled indirectly through bison recipe, having an explicit one
would be preferable.
Signed-off-by: Andrew Gabbasov <andrew_gabbasov@mentor.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
[YOCTO #1252]
While pam_unix.so required by an application on lsb image, it will need to
call the unix_chkpwd to get userinfo from shadow file. This fix get a normal
user could read shadow file via unix_chkpwd.
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
|
|
| ERROR: QA Issue: non debug package contains .debug directory: libpam-xtests path /work/armv7a-angstrom-linux-gnueabi/libpam-1.1.4-r0/packages-split/libpam-xtests/usr/share/Linux-PAM/xtests/.debug/tst-pam_dispatch4
Signed-off-by: Koen Kooi <koen@dominion.thruhere.net>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Update libpam to 1.1.4, and add dependecy cracklib because run xtexts will
need pam-plugin-cracklib.
There are some additional checks under subdirectory xtests and make it
as a subpackage libpam-xtests.
Signed-off-by: Kang Kai <kai.kang@windriver.com>
|
|
Add Upstream-Status tag to patches for the following recipes:
openssh
dbus-glib
expat
opensp
sgml-common
at
cpio (GPLv3 version)
libpam
icu
Signed-off-by: Scott Garman <scott.a.garman@intel.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
In mirrors.bbclass we point into /pub but we don't in bitbake.conf.
All uses of KERNELORG_MIRROR look into /pub anyhow, so lets make
use of that.
Signed-off-by: Tom Rini <tom_rini@mentor.com>
|
|
Signed-off-by: Tom Rini <tom_rini@mentor.com>
|
|
* Removed obsolete crossbinary patch
* Added source checksums
* Added LIC_FILES_CHKSUM and SUMMARY entries
Signed-off-by: Scott Garman <scott.a.garman@intel.com>
|
|
Add COPYING file and copyright information in pam_loginuid.c checksum to bb file
Signed-off-by: Mei Lei <lei.mei@intel.com>
|
|
Signed-off-by: Richard Purdie <rpurdie@linux.intel.com>
|
David Nyström
Ross Burton
Joe Slater
Ming Liu
Martin Jansa
Wenzong Fan
Mark Hatle
Kai Kang
Richard Purdie
Koen Kooi
Constantin Musca
Khem Raj
Marcin Juszkiewicz
Javier Martinez Canillas
Robert Yang
Scott Garman
Andrew Gabbasov
Tom Rini
Mei Lei
Richard Purdie