diff options
author | Jackie Huang <jackie.huang@windriver.com> | 2017-08-16 13:37:40 +0800 |
---|---|---|
committer | Martin Jansa <Martin.Jansa@gmail.com> | 2017-08-28 11:04:13 +0200 |
commit | f79465b9b4f56c87fb8a1635944cc18f3aa67c2a (patch) | |
tree | 185d6f7ab6c706e37b9c716a0a0ae8f6befa01af /meta-oe/recipes-extended/vlock/vlock-2.2.3 | |
parent | 3cf117715fa3c007c77a3603d702c808d36ce852 (diff) | |
download | meta-openembedded-f79465b9b4f56c87fb8a1635944cc18f3aa67c2a.tar.gz |
vlock: add new recipe
vlock is a program to lock one or more
sessions on the Linux console.
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Diffstat (limited to 'meta-oe/recipes-extended/vlock/vlock-2.2.3')
4 files changed, 166 insertions, 0 deletions
diff --git a/meta-oe/recipes-extended/vlock/vlock-2.2.3/disable_vlockrc.patch b/meta-oe/recipes-extended/vlock/vlock-2.2.3/disable_vlockrc.patch new file mode 100644 index 0000000000..ee0d074de8 --- /dev/null +++ b/meta-oe/recipes-extended/vlock/vlock-2.2.3/disable_vlockrc.patch @@ -0,0 +1,37 @@ +Upstream-Status: Inappropriate [configuration] + +written by: Jeff Polk <jeff.polk@windriver.com> +Signed-off-by: Jackie Huang <jackie.huang@windriver.com> + +Index: vlock-2.2.2/man/vlock.1 +=================================================================== +--- vlock-2.2.2.orig/man/vlock.1 2010-07-26 14:12:42.000000000 -0400 ++++ vlock-2.2.2/man/vlock.1 2010-07-26 14:13:06.000000000 -0400 +@@ -111,11 +111,6 @@ + to an invalid value or 0 no timeout is used. \fBWarning\fR: If this value is + too low, you may not be able to unlock your session. + .PP +-.SH FILES +-.B ~/.vlockrc +-.IP +-This file is read by \fBvlock\fR on startup if it exists. All the variables +-mentioned above can be set here. + .SH SECURITY + See the SECURITY file in the \fBvlock\fR distribution for more information. + .PP +Index: vlock-2.2.2/src/vlock.sh +=================================================================== +--- vlock-2.2.2.orig/src/vlock.sh 2010-07-26 14:12:32.000000000 -0400 ++++ vlock-2.2.2/src/vlock.sh 2010-07-26 14:13:33.000000000 -0400 +@@ -35,11 +35,6 @@ + + ${VLOCK_ENTER_PROMPT}" + +-# Read user settings. +-if [ -r "${HOME}/.vlockrc" ] ; then +- . "${HOME}/.vlockrc" +-fi +- + # "Compile" time variables. + VLOCK_MAIN="%PREFIX%/sbin/vlock-main" + VLOCK_VERSION="%VLOCK_VERSION%" diff --git a/meta-oe/recipes-extended/vlock/vlock-2.2.3/vlock-no_tally.patch b/meta-oe/recipes-extended/vlock/vlock-2.2.3/vlock-no_tally.patch new file mode 100644 index 0000000000..6e8a6a9fdc --- /dev/null +++ b/meta-oe/recipes-extended/vlock/vlock-2.2.3/vlock-no_tally.patch @@ -0,0 +1,107 @@ +Upstream-Status: Pending + +written by: Jeff Polk <jeff.polk@windriver.com> +Signed-off-by: Jackie Huang <jackie.huang@windriver.com> + +--- a/Makefile ++++ b/Makefile +@@ -126,6 +126,10 @@ ifeq ($(AUTH_METHOD),shadow) + vlock-main : override LDLIBS += $(CRYPT_LIB) + endif + ++ifneq ($(ENABLE_FAIL_COUNT),yes) ++vlock-main.o : override CFLAGS += -DNO_FAIL_COUNT ++endif ++ + ifeq ($(ENABLE_PLUGINS),yes) + vlock-main: plugins.o plugin.o module.o process.o script.o tsort.o list.o + # -rdynamic is needed so that the all plugin can access the symbols from console_switch.o +--- a/configure ++++ b/configure +@@ -44,6 +44,7 @@ Optional Features: + --enable-shadow enable shadow authentication [disabled] + --enable-root-password enable unlogging with root password [enabled] + --enable-debug enable debugging ++ --enable-fail-count enable failed login attempt summary [enabled] + + Additional configuration: + --with-scripts=SCRIPTS enable the named scripts [] +@@ -78,6 +79,9 @@ enable_feature() { + root-password) + ENABLE_ROOT_PASSWORD="$2" + ;; ++ fail-count) ++ ENABLE_FAIL_COUNT="$2" ++ ;; + pam|shadow) + if [ "$2" = "yes" ] ; then + if [ -n "$auth_method" ] && [ "$auth_method" != "$1" ] ; then +@@ -232,6 +232,7 @@ set_defaults() { + AUTH_METHOD="pam" + ENABLE_ROOT_PASSWORD="yes" + ENABLE_PLUGINS="yes" ++ ENABLE_FAIL_COUNT="yes" + SCRIPTS="" + + VLOCK_GROUP="vlock" +@@ -356,10 +356,14 @@ ENABLE_PLUGINS = ${ENABLE_PLUGINS} + # which plugins should be build + MODULES = ${MODULES} + # which scripts should be installed + SCRIPTS = ${SCRIPTS} + ++# display a summary of failed authentication attempts after successfully ++# unlocking? ++ENABLE_FAIL_COUNT = ${ENABLE_FAIL_COUNT} ++ + # root's group + ROOT_GROUP = ${ROOT_GROUP} + + # group for privileged plugins + VLOCK_GROUP = ${VLOCK_GROUP} +--- a/src/vlock-main.c ++++ b/src/vlock-main.c +@@ -111,7 +111,9 @@ static void restore_terminal(void) + (void) tcsetattr(STDIN_FILENO, TCSANOW, &term); + } + ++#ifdef ENABLE_FAIL_COUNT + static int auth_tries; ++#endif /* ENABLE_FAIL_COUNT */ + + static void auth_loop(const char *username) + { +@@ -181,7 +183,9 @@ static void auth_loop(const char *userna + } + #endif + ++#ifdef ENABLE_FAIL_COUNT + auth_tries++; ++#endif /* ENABLE_FAIL_COUNT */ + } + + /* Free timeouts memory. */ +@@ -189,11 +193,13 @@ static void auth_loop(const char *userna + free(prompt_timeout); + } + ++#ifdef ENABLE_FAIL_COUNT + void display_auth_tries(void) + { + if (auth_tries > 0) + fprintf(stderr, "%d failed authentication %s.\n", auth_tries, auth_tries > 1 ? "tries" : "try"); + } ++#endif /* ENABLE_FAIL_COUNT */ + + #ifdef USE_PLUGINS + static void call_end_hook(void) +@@ -216,7 +222,9 @@ int main(int argc, char *const argv[]) + if (username == NULL) + fatal_perror("vlock: could not get username"); + ++#ifdef ENABLE_FAIL_COUNT + ensure_atexit(display_auth_tries); ++#endif /* ENABLE_FAIL_COUNT */ + + #ifdef USE_PLUGINS + for (int i = 1; i < argc; i++) diff --git a/meta-oe/recipes-extended/vlock/vlock-2.2.3/vlock_pam b/meta-oe/recipes-extended/vlock/vlock-2.2.3/vlock_pam new file mode 100644 index 0000000000..a919682b0b --- /dev/null +++ b/meta-oe/recipes-extended/vlock/vlock-2.2.3/vlock_pam @@ -0,0 +1,3 @@ +# Use the default auth and account policies for vlock +auth include common-auth +account include common-account diff --git a/meta-oe/recipes-extended/vlock/vlock-2.2.3/vlock_pam_tally2_reset.patch b/meta-oe/recipes-extended/vlock/vlock-2.2.3/vlock_pam_tally2_reset.patch new file mode 100644 index 0000000000..4ce0abc71b --- /dev/null +++ b/meta-oe/recipes-extended/vlock/vlock-2.2.3/vlock_pam_tally2_reset.patch @@ -0,0 +1,19 @@ +Upstream-Status: Pending + +written by: Jeff Polk <jeff.polk@windriver.com> +Signed-off-by: Jackie Huang <jackie.huang@windriver.com> + +Index: vlock-2.2.2/src/auth-pam.c +=================================================================== +--- vlock-2.2.2.orig/src/auth-pam.c 2010-06-14 14:38:51.000000000 -0400 ++++ vlock-2.2.2/src/auth-pam.c 2010-06-14 14:39:12.000000000 -0400 +@@ -148,6 +148,9 @@ + + if (pam_status != PAM_SUCCESS) { + fprintf(stderr, "vlock: %s\n", pam_strerror(pamh, pam_status)); ++ } else { ++ pam_status = pam_acct_mgmt(pamh, 0); ++ if (pam_status == PAM_SUCCESS) pam_setcred(pamh, PAM_REINITIALIZE_CRED); + } + + end: |