diff options
| -rw-r--r-- | ChangeLog | 13 | ||||
| -rw-r--r-- | Makefile.am | 4 | ||||
| -rw-r--r-- | NEWS | 1 | ||||
| -rw-r--r-- | README | 13 | ||||
| -rw-r--r-- | configure.in | 42 | ||||
| -rw-r--r-- | libpam/Makefile.am | 13 | ||||
| -rw-r--r-- | libpam/pam_static.c | 19 | ||||
| -rw-r--r-- | libpam/pam_static_modules.h | 128 | ||||
| -rw-r--r-- | libpam/pam_tokens.h | 8 | ||||
| -rw-r--r-- | m4/jh_path_xml_catalog.m4 | 54 | ||||
| -rw-r--r-- | modules/pam_exec/Makefile.am | 14 | ||||
| -rw-r--r-- | po/de.po | 8 |
12 files changed, 283 insertions, 34 deletions
@@ -14,6 +14,19 @@ * po/POTFILES.in: Add modules/pam_exec/pam_exec.c. * po/*.po: Merge new pam_exec strings. + * libpam/pam_static_modules.h: New. + * Makefile.am: Reorder subdirectories for static modules. + * configure.in: Add --enable-static-modules option. + * libpam/Makefile.am: Define WITH_SELINUX and WITH_PWDB if + necessary, add pam_static_modules.h, link against all PAM + module object files if STATIC_MODULES is defined. + * libpam/pam_static.c: Remove old _static_module* includes, + include pam_static_modules.h. + + * configure.in: Add checks for xsltproc, xmllint and docbook + xsl stylesheet. + * m4/jh_path_xml_catalog.m4: New. + 2006-01-22 Thorsten Kukuk <kukuk@thkukuk.de> * modules/pam_succeed_if/pam_succeed_if.c: Add support for diff --git a/Makefile.am b/Makefile.am index cd22d1b4..282d5f87 100644 --- a/Makefile.am +++ b/Makefile.am @@ -4,7 +4,11 @@ AUTOMAKE_OPTIONS = 1.8 gnu dist-bzip2 +if STATIC_MODULES +SUBDIRS = modules libpam libpamc libpam_misc po conf doc examples +else SUBDIRS = libpam libpamc libpam_misc modules po conf doc examples +endif CLEANFILES = *~ @@ -3,6 +3,7 @@ Linux-PAM NEWS -- history of user-visible changes. * Fix building of static variants of libpam, libpamc and libpam_misc * pam_listfile: Add support for password and session management * pam_exec: New PAM module to execute arbitary commands +* Fix building of a static libpam including all PAM modules Release 0.99.3.0 @@ -20,3 +20,16 @@ box may stop working..) That said, please report problems to the bug reporting database on sourceforge.net. + +If you do not wish to make the modules dynamically loadable, but +build a static libpam including all PAM modules, you have to call: + + ./configure --enable-static-modules + +In this case you cannot use pam_unix in the PAM config files instead you +have to use pam_unix_acct, pam_unix_auth, pam_unix_passwd and +pam_unix_session. + +To regenerate manual pages from the XML source files you need the +docbook-xsl stylesheets in version 1.69.1 or newer, older versions had +a bug which generates a broken layout. diff --git a/configure.in b/configure.in index a2620261..6a22b293 100644 --- a/configure.in +++ b/configure.in @@ -43,6 +43,22 @@ dnl Add security to include directory fi fi +dnl +dnl check if we should link everything static into libpam +dnl +AC_ARG_ENABLE(static-modules,AS_HELP_STRING([--enable-static-modules], + [do not make the modules dynamically loadable]), + STATIC_MODULES=$enableval,STATIC_MODULES=no) +if test "$STATIC_MODULES" != "no" ; then + CFLAGS="$CFLAGS -DPAM_STATIC" + AC_ENABLE_STATIC([yes]) + AC_ENABLE_SHARED([no]) +else +# per default don't build static libraries + AC_ENABLE_STATIC([no]) + AC_ENABLE_SHARED([yes]) +fi +AM_CONDITIONAL([STATIC_MODULES], [test "$STATIC_MODULES" != "no"]) dnl Checks for programs. AC_GNU_SOURCE @@ -52,17 +68,8 @@ AM_PROG_LEX AC_PROG_INSTALL AC_PROG_LN_S AC_PROG_MAKE_SET -# per default don't build static libraries -AC_DISABLE_STATIC AC_PROG_LIBTOOL -if test "$enable_static" = yes; then - CFLAGS="$CFLAGS -DPAM_STATIC" -fi -if test "$enable_shared" = yes; then - CFLAGS="$CFLAGS -DPAM_DYNAMIC" -fi - # Largefile support AC_SYS_LARGEFILE @@ -418,6 +425,23 @@ else fi AC_SUBST(PSER) +dnl +dnl Check for xsltproc +dnl +enable_man=yes +AC_PATH_PROG([XSLTPROC], [xsltproc]) +if test -z "$XSLTPROC"; then + enable_man=no +fi +AC_PATH_PROG([XMLLINT], [xmllint],[/bin/true]) +dnl check for DocBook DTD and stylesheets in the local catalog. +JH_CHECK_XML_CATALOG([-//OASIS//DTD DocBook XML V4.3//EN], + [DocBook XML DTD V4.3], [], enable_man=no) +JH_CHECK_XML_CATALOG([http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl], + [DocBook XSL Stylesheets], [], enable_man=no) +AM_CONDITIONAL(ENABLE_REGENERATE_MAN, test x$enable_man != xno) + + AM_GNU_GETTEXT_VERSION AM_GNU_GETTEXT([external]) diff --git a/libpam/Makefile.am b/libpam/Makefile.am index 4f60ad47..628ba5c5 100644 --- a/libpam/Makefile.am +++ b/libpam/Makefile.am @@ -4,6 +4,13 @@ AM_CFLAGS = -DDEFAULT_MODULE_PATH=\"$(SECUREDIR)/\" -DLIBPAM_COMPILE \ -I$(srcdir)/include $(LIBPRELUDE_CFLAGS) -DPAM_VERSION=\"$(VERSION)\" +if HAVE_LIBSELINUX + AM_CFLAGS += -D"WITH_SELINUX" +endif +if HAVE_LIBPWDB + AM_CFLAGS += -D"WITH_PWDB" +endif + AM_LDFLAGS = $(LIBPRELUDE_LIBS) @LIBDL@ CLEANFILES = *~ @@ -14,9 +21,13 @@ include_HEADERS = $(addprefix include/security/, _pam_compat.h _pam_macros.h _pa pam_appl.h pam_malloc.h pam_modules.h pam_ext.h pam_modutil.h) noinst_HEADERS = pam_prelude.h pam_private.h pam_tokens.h \ - pam_modutil_private.h + pam_modutil_private.h pam_static_modules.h libpam_la_LDFLAGS = -no-undefined -version-info 81:3:81 @LIBAUDIT@ +if STATIC_MODULES + libpam_la_LDFLAGS += `ls ../modules/pam_*/*.lo` \ + @LIBDB@ @LIBCRYPT@ @LIBNSL@ @LIBCRACK@ -lutil +endif if HAVE_VERSIONING libpam_la_LDFLAGS += -Wl,--version-script=$(srcdir)/libpam.map endif diff --git a/libpam/pam_static.c b/libpam/pam_static.c index 7ea4c81b..75f13414 100644 --- a/libpam/pam_static.c +++ b/libpam/pam_static.c @@ -14,24 +14,7 @@ #include "pam_private.h" -/* - * Need to include pointers to static modules; this was built by each - * of the modules that register... - */ - -#include "../modules/_static_module_list" - -/* - * and here is a structure that connects libpam to the above static - * modules - */ - -static struct pam_module *static_modules[] = { - -#include "../modules/_static_module_entry" - - NULL -}; +#include "pam_static_modules.h" /* * and now for the functions diff --git a/libpam/pam_static_modules.h b/libpam/pam_static_modules.h new file mode 100644 index 00000000..59d7407f --- /dev/null +++ b/libpam/pam_static_modules.h @@ -0,0 +1,128 @@ +/* + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, and the entire permission notice in its entirety, + * including the disclaimer of warranties. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior + * written permission. + * + * ALTERNATIVELY, this product may be distributed under the terms of + * the GNU Public License, in which case the provisions of the GPL are + * required INSTEAD OF the above restrictions. (This clause is + * necessary due to a potential bad interaction between the GPL and + * the restrictions contained in a BSD-style copyright.) + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED + * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +/* Pointers to static module data. */ + +extern struct pam_module _pam_access_modstruct; +extern struct pam_module _pam_cracklib_modstruct; +extern struct pam_module _pam_debug_modstruct; +extern struct pam_module _pam_deny_modstruct; +extern struct pam_module _pam_echo_modstruct; +extern struct pam_module _pam_env_modstruct; +extern struct pam_module _pam_exec_modstruct; +extern struct pam_module _pam_filter_modstruct; +extern struct pam_module _pam_ftp_modstruct; +extern struct pam_module _pam_group_modstruct; +extern struct pam_module _pam_issue_modstruct; +extern struct pam_module _pam_lastlog_modstruct; +extern struct pam_module _pam_limits_modstruct; +extern struct pam_module _pam_listfile_modstruct; +extern struct pam_module _pam_localuser_modstruct; +extern struct pam_module _pam_mail_modstruct; +extern struct pam_module _pam_mkhomedir_modstruct; +extern struct pam_module _pam_motd_modstruct; +extern struct pam_module _pam_nologin_modstruct; +extern struct pam_module _pam_permit_modstruct; +#ifdef WITH_PWDB +extern struct pam_module _pam_pwdb_modstruct; +#endif +extern struct pam_module _pam_rhosts_auth_modstruct; +extern struct pam_module _pam_rootok_modstruct; +extern struct pam_module _pam_securetty_modstruct; +#ifdef WITH_SELINUX +extern struct pam_module _pam_selinux_modstruct; +#endif +extern struct pam_module _pam_shells_modstruct; +extern struct pam_module _pam_stress_modstruct; +extern struct pam_module _pam_succeed_if_modstruct; +extern struct pam_module _pam_tally_modstruct; +extern struct pam_module _pam_time_modstruct; +extern struct pam_module _pam_umask_modstruct; +extern struct pam_module _pam_unix_acct_modstruct; +extern struct pam_module _pam_unix_auth_modstruct; +extern struct pam_module _pam_unix_passwd_modstruct; +extern struct pam_module _pam_unix_session_modstruct; +extern struct pam_module _pam_userdb_modstruct; +extern struct pam_module _pam_warn_modstruct; +extern struct pam_module _pam_wheel_modstruct; +extern struct pam_module _pam_xauth_modstruct; + +/* and here is a structure that connects libpam to the above static + modules. */ + +static struct pam_module *static_modules[] = { + &_pam_access_modstruct, + &_pam_cracklib_modstruct, + &_pam_debug_modstruct, + &_pam_deny_modstruct, + &_pam_echo_modstruct, + &_pam_env_modstruct, + &_pam_exec_modstruct, + &_pam_filter_modstruct, + &_pam_ftp_modstruct, + &_pam_group_modstruct, + &_pam_issue_modstruct, + &_pam_lastlog_modstruct, + &_pam_limits_modstruct, + &_pam_listfile_modstruct, + &_pam_localuser_modstruct, + &_pam_mail_modstruct, + &_pam_mkhomedir_modstruct, + &_pam_motd_modstruct, + &_pam_nologin_modstruct, + &_pam_permit_modstruct, +#ifdef WITH_PWDB + &_pam_pwdb_modstruct, +#endif + &_pam_rhosts_auth_modstruct, + &_pam_rootok_modstruct, + &_pam_securetty_modstruct, +#ifdef WITH_SELINUX + &_pam_selinux_modstruct, +#endif + &_pam_shells_modstruct, + &_pam_stress_modstruct, + &_pam_succeed_if_modstruct, + &_pam_tally_modstruct, + &_pam_time_modstruct, + &_pam_umask_modstruct, + &_pam_unix_acct_modstruct, + &_pam_unix_auth_modstruct, + &_pam_unix_passwd_modstruct, + &_pam_unix_session_modstruct, + &_pam_userdb_modstruct, + &_pam_warn_modstruct, + &_pam_wheel_modstruct, + &_pam_xauth_modstruct, + NULL +}; diff --git a/libpam/pam_tokens.h b/libpam/pam_tokens.h index fad30759..fcda7ec2 100644 --- a/libpam/pam_tokens.h +++ b/libpam/pam_tokens.h @@ -17,6 +17,9 @@ /* an array of actions */ +#ifndef LIBPAM_COMPILE +static +#endif const char * const _pam_token_actions[-_PAM_ACTION_UNDEF] = { "ignore", /* 0 */ "ok", /* -1 */ @@ -28,6 +31,9 @@ const char * const _pam_token_actions[-_PAM_ACTION_UNDEF] = { /* an array of possible return values */ +#ifndef LIBPAM_COMPILE +static +#endif const char * const _pam_token_returns[_PAM_RETURN_VALUES+1] = { "success", /* 0 */ "open_err", /* 1 */ @@ -41,7 +47,7 @@ const char * const _pam_token_returns[_PAM_RETURN_VALUES+1] = { "authinfo_unavail", /* 9 */ "user_unknown", /* 10 */ "maxtries", /* 11 */ - "new_authtok_reqd", /* 12 */ + "new_authtok_reqd", /* 12 */ "acct_expired", /* 13 */ "session_err", /* 14 */ "cred_unavail", /* 15 */ diff --git a/m4/jh_path_xml_catalog.m4 b/m4/jh_path_xml_catalog.m4 new file mode 100644 index 00000000..dd01f165 --- /dev/null +++ b/m4/jh_path_xml_catalog.m4 @@ -0,0 +1,54 @@ +# Checks the location of the XML Catalog +# Usage: +# JH_PATH_XML_CATALOG([ACTION-IF-FOUND], [ACTION-IF-NOT-FOUND]) +# Defines XMLCATALOG and XML_CATALOG_FILE substitutions +AC_DEFUN([JH_PATH_XML_CATALOG], +[ + # check for the presence of the XML catalog + AC_ARG_WITH([xml-catalog], + AC_HELP_STRING([--with-xml-catalog=CATALOG], + [path to xml catalog to use]),, + [with_xml_catalog=/etc/xml/catalog]) + jh_found_xmlcatalog=true + XML_CATALOG_FILE="$with_xml_catalog" + AC_SUBST([XML_CATALOG_FILE]) + AC_MSG_CHECKING([for XML catalog ($XML_CATALOG_FILE)]) + if test -f "$XML_CATALOG_FILE"; then + AC_MSG_RESULT([found]) + else + jh_found_xmlcatalog=false + AC_MSG_RESULT([not found]) + fi + + # check for the xmlcatalog program + AC_PATH_PROG(XMLCATALOG, xmlcatalog, no) + if test "x$XMLCATALOG" = xno; then + jh_found_xmlcatalog=false + fi + + if $jh_found_xmlcatalog; then + ifelse([$1],,[:],[$1]) + else + ifelse([$2],,[AC_MSG_ERROR([could not find XML catalog])],[$2]) + fi +]) + +# Checks if a particular URI appears in the XML catalog +# Usage: +# JH_CHECK_XML_CATALOG(URI, [FRIENDLY-NAME], [ACTION-IF-FOUND], [ACTION-IF-NOT-FOUND]) +AC_DEFUN([JH_CHECK_XML_CATALOG], +[ + AC_REQUIRE([JH_PATH_XML_CATALOG],[JH_PATH_XML_CATALOG(,[:])])dnl + AC_MSG_CHECKING([for ifelse([$2],,[$1],[$2]) in XML catalog]) + if $jh_found_xmlcatalog && \ + AC_RUN_LOG([$XMLCATALOG --noout "$XML_CATALOG_FILE" "$1" >&2]); then + AC_MSG_RESULT([found]) + ifelse([$3],,,[$3 +])dnl + else + AC_MSG_RESULT([not found]) + ifelse([$4],, + [AC_MSG_ERROR([could not find ifelse([$2],,[$1],[$2]) in XML catalog])], + [$4]) + fi +]) diff --git a/modules/pam_exec/Makefile.am b/modules/pam_exec/Makefile.am index 8310f3b6..e67013d1 100644 --- a/modules/pam_exec/Makefile.am +++ b/modules/pam_exec/Makefile.am @@ -4,9 +4,10 @@ CLEANFILES = *~ -EXTRA_DIST = README $(MANS) +EXTRA_DIST = README $(MANS) $(XMLS) man_MANS = pam_exec.8 +man_XMLS = pam_exec.8.xml securelibdir = $(SECUREDIR) secureconfdir = $(SCONFIGDIR) @@ -19,3 +20,14 @@ if HAVE_VERSIONING endif securelib_LTLIBRARIES = pam_exec.la + +if ENABLE_REGENERATE_MAN + +pam_exec.8: pam_exec.8.xml + $(XMLLINT) --nonet --xinclude --postvalid --noout $< + $(XSLTPROC) --nonet http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl $< + +#CLEANFILES += $(man_MANS) + +endif + @@ -8,7 +8,7 @@ msgstr "" "Project-Id-Version: Linux-PAM\n" "Report-Msgid-Bugs-To: http://sourceforge.net/projects/pam\n" "POT-Creation-Date: 2006-01-24 16:51+0100\n" -"PO-Revision-Date: 2005-12-12 17:55+01:00\n" +"PO-Revision-Date: 2006-01-25 00:18+01:00\n" "Last-Translator: Novell Language <language@novell.com>\n" "Language-Team: Novell Language <language@novell.com>\n" "MIME-Version: 1.0\n" @@ -18,17 +18,17 @@ msgstr "" #: modules/pam_exec/pam_exec.c:118 #, c-format msgid "%s failed: exit code %d" -msgstr "" +msgstr "%s schlug fehl: Fehlercode %d" #: modules/pam_exec/pam_exec.c:126 #, c-format msgid "%s failed: caught signal %d%s" -msgstr "" +msgstr "%s schlug fehl: Signal %d%s erhalten" #: modules/pam_exec/pam_exec.c:134 #, c-format msgid "%s failed: unknown status 0x%x" -msgstr "" +msgstr "%s schlug fehl: Unbekannter Status 0x%x" #: modules/pam_tally/pam_tally.c:738 msgid "Authentication error" |